package com.hebca.crypto.gs;

import android.content.Context;
import com.hebca.crypto.Cert;
import com.hebca.crypto.DN;
import com.hebca.crypto.Device;
import com.hebca.crypto.FileType;
import com.hebca.crypto.Provider;
import com.hebca.crypto.ProviderManager;
import com.hebca.crypto.config.CryptoConfigFactory;
import com.hebca.crypto.enroll.OnlineEnroll;
import com.hebca.crypto.util.DES;
import com.hebca.crypto.util.LogUtil;
import com.hebca.crypto.util.SysInfo;
import java.io.File;
import java.io.FileInputStream;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import org.json.JSONObject;
import org2.bouncycastle.a.b.b;
import org2.bouncycastle.a.e;
import org2.bouncycastle.c.f;
import org2.bouncycastle.c.l;
import org2.bouncycastle.c.p;
import org2.bouncycastle.c.q;
import org2.bouncycastle.c.x;
import org2.bouncycastle.i.a.a;
import org2.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: classes.dex */
public class CertManager {
    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
    private static final String DEFULT_PAGE = "http://hebcaonline.hebca.com:9001/Hebca/gsapp/mindex.html";
    private CheckCertResult checkResult;
    private Context context;
    private OnlineEnroll enroll;
    private ProviderManager manager;

    public CertManager(Context context) {
        this.context = context;
    }

    private boolean checkCertBind(Cert cert) {
        Device device = cert.getContainer().getDevice();
        device.logout();
        String[] enumData = device.enumData();
        if (enumData.length == 0) {
            return false;
        }
        for (String str : enumData) {
            if (str.equals("certBind.0.dat")) {
                device.login("123456");
                JSONObject jSONObject = new JSONObject(DES.decrypt(new String(device.readData("certBind"))));
                String deviceId = SysInfo.getDeviceId(this.context);
                if (jSONObject.has("deviceID") && jSONObject.get("deviceID").equals(deviceId) && jSONObject.has("certCN") && jSONObject.get("certCN").equals(cert.getSubjectDN().getItem(DN.GIVEN_NAME, 0))) {
                    return true;
                }
            }
        }
        return false;
    }

    private Cert checkCertByTax(String str) {
        int signCertCount = this.manager.getSignCertCount();
        for (int i = 0; i < signCertCount; i++) {
            Cert signCert = this.manager.getSignCert(i);
            if (signCert.getSubjectDN().getItem(DN.GS_DWSH, 0).equals(str)) {
                return signCert;
            }
        }
        return null;
    }

    private void downloadCert(String str) {
        Device createFileDeviceWithPKCS12 = ProviderManager.Factory.getInstance(this.context).createFileDeviceWithPKCS12(str, FileType.BKS, a.a(this.enroll.downloadCert(str, new StringBuilder(String.valueOf(this.enroll.getRandom(str))).toString()).getP12Cert()), "123456", ProviderManager.FileDevicePosition.Memory);
        LogUtil.debug("证书安装", "成功");
        String deviceId = SysInfo.getDeviceId(this.context);
        String item = createFileDeviceWithPKCS12.getSignCert(0).getSubjectDN().getItem(DN.GIVEN_NAME, 0);
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("deviceID", deviceId);
        jSONObject.put("certCN", item);
        createFileDeviceWithPKCS12.login("123456");
        createFileDeviceWithPKCS12.writeData("certBind", DES.encrypt(jSONObject.toString()).getBytes(), false);
        LogUtil.debug("证书绑定", "成功");
        downloadEncryptCert();
    }

    /* JADX WARN: Removed duplicated region for block: B:15:0x004e  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void downloadEncryptCert() {
        /*
            r5 = this;
            java.lang.String r0 = "加密证书"
            java.lang.String r1 = "开始下载"
            com.hebca.crypto.util.LogUtil.debug(r0, r1)
            com.hebca.crypto.enroll.OnlineEnroll r0 = r5.enroll
            java.lang.String r0 = r0.getCryptCert()
            r2 = 0
            java.io.FileOutputStream r1 = new java.io.FileOutputStream     // Catch: java.lang.Exception -> L47 java.lang.Throwable -> L5b
            java.lang.StringBuilder r3 = new java.lang.StringBuilder     // Catch: java.lang.Exception -> L47 java.lang.Throwable -> L5b
            android.content.Context r4 = r5.context     // Catch: java.lang.Exception -> L47 java.lang.Throwable -> L5b
            java.io.File r4 = r4.getFilesDir()     // Catch: java.lang.Exception -> L47 java.lang.Throwable -> L5b
            java.lang.String r4 = r4.getPath()     // Catch: java.lang.Exception -> L47 java.lang.Throwable -> L5b
            java.lang.String r4 = java.lang.String.valueOf(r4)     // Catch: java.lang.Exception -> L47 java.lang.Throwable -> L5b
            r3.<init>(r4)     // Catch: java.lang.Exception -> L47 java.lang.Throwable -> L5b
            java.lang.String r4 = "/hebcawebEncryptCert.cer"
            java.lang.StringBuilder r3 = r3.append(r4)     // Catch: java.lang.Exception -> L47 java.lang.Throwable -> L5b
            java.lang.String r3 = r3.toString()     // Catch: java.lang.Exception -> L47 java.lang.Throwable -> L5b
            r1.<init>(r3)     // Catch: java.lang.Exception -> L47 java.lang.Throwable -> L5b
            byte[] r0 = r0.getBytes()     // Catch: java.lang.Throwable -> L4a java.lang.Exception -> L5d
            r1.write(r0)     // Catch: java.lang.Throwable -> L4a java.lang.Exception -> L5d
            r1.close()
            java.lang.String r0 = "加密证书"
            java.lang.String r1 = "下载成功"
            com.hebca.crypto.util.LogUtil.debug(r0, r1)
            return
        L47:
            r0 = move-exception
            r1 = r2
        L49:
            throw r0     // Catch: java.lang.Throwable -> L4a
        L4a:
            r0 = move-exception
            r2 = r1
        L4c:
            if (r2 == 0) goto L51
            r2.close()
        L51:
            java.lang.String r1 = "加密证书"
            java.lang.String r2 = "下载成功"
            com.hebca.crypto.util.LogUtil.debug(r1, r2)
            throw r0
        L5b:
            r0 = move-exception
            goto L4c
        L5d:
            r0 = move-exception
            goto L49
        */
        throw new UnsupportedOperationException("Method not decompiled: com.hebca.crypto.gs.CertManager.downloadEncryptCert():void");
    }

    public CheckCertResult checkCert(String str, String str2) {
        this.enroll = new OnlineEnroll(this.context);
        this.checkResult = new CheckCertResult();
        this.manager = ProviderManager.Factory.getInstance(this.context);
        List createProviders = CryptoConfigFactory.getInstance(this.context).create(this.context, this.context.getAssets().open("crypto.xml")).createProviders();
        for (int i = 0; i < createProviders.size(); i++) {
            this.manager.addProvider((Provider) createProviders.get(i));
        }
        this.manager.initialize();
        this.manager.reset();
        this.manager.setContext(this.context);
        if (this.manager.getSignCertCount() == 0) {
            int checkCertExist = this.enroll.checkCertExist(str);
            if (checkCertExist == 0) {
                this.checkResult.setResult(0);
                this.checkResult.setMessage("http://hebcaonline.hebca.com:9001/Hebca/gsapp/mindex.html?ispt=" + str2 + "&gssh=" + str);
                return this.checkResult;
            }
            if (checkCertExist == 1) {
                downloadCert(str);
                this.checkResult.setResult(1);
                this.checkResult.setMessage("");
            }
        } else {
            Cert checkCertByTax = checkCertByTax(str);
            if (checkCertByTax == null) {
                int checkCertExist2 = this.enroll.checkCertExist(str);
                if (checkCertExist2 == 0) {
                    this.checkResult.setResult(0);
                    this.checkResult.setMessage("http://hebcaonline.hebca.com:9001/Hebca/gsapp/mindex.html?ispt=" + str2 + "&gssh=" + str);
                    return this.checkResult;
                }
                if (checkCertExist2 == 1) {
                    downloadCert(str);
                    this.checkResult.setResult(1);
                    this.checkResult.setMessage("");
                }
            } else {
                if (!new Date().after(checkCertByTax.getNotAfter())) {
                    if (checkCertBind(checkCertByTax)) {
                        this.checkResult.setResult(1);
                        this.checkResult.setMessage("");
                        return this.checkResult;
                    }
                    this.checkResult.setResult(-1);
                    this.checkResult.setMessage("该证书为非法证书,请重新申请");
                    return this.checkResult;
                }
                int checkCertExist3 = this.enroll.checkCertExist(str);
                if (checkCertExist3 != 2) {
                    if (checkCertExist3 == 3) {
                        this.checkResult.setResult(1);
                        this.checkResult.setMessage("");
                        return this.checkResult;
                    }
                    if (checkCertExist3 == 1) {
                        downloadCert(str);
                        this.checkResult.setResult(1);
                        this.checkResult.setMessage("");
                    }
                }
            }
        }
        return this.checkResult;
    }

    public byte[] signAndEncrypt(String str, byte[] bArr) {
        if (!new File(String.valueOf(this.context.getFilesDir().getPath()) + "/hebcawebEncryptCert.cer").exists()) {
            downloadEncryptCert();
        }
        if (this.manager == null) {
            this.manager = ProviderManager.Factory.getInstance(this.context);
            List createProviders = CryptoConfigFactory.getInstance(this.context).create(this.context, this.context.getAssets().open("crypto.xml")).createProviders();
            int i = 0;
            while (true) {
                int i2 = i;
                if (i2 >= createProviders.size()) {
                    break;
                }
                this.manager.addProvider((Provider) createProviders.get(i2));
                i = i2 + 1;
            }
            this.manager.initialize();
            this.manager.reset();
            this.manager.setContext(this.context);
        }
        this.manager.reset();
        this.manager.setContext(this.context);
        Cert checkCertByTax = checkCertByTax(str);
        if (checkCertByTax == null) {
            throw new Exception("证书不存在");
        }
        checkCertByTax.getContainer().getDevice().login("123456");
        l lVar = new l(bArr);
        e eVar = new e();
        org2.bouncycastle.g.a a2 = new org2.bouncycastle.g.a.a("SHA1withRSA").a(checkCertByTax.getContainer());
        q qVar = new q();
        qVar.a(new org2.bouncycastle.c.a.a(new org2.bouncycastle.g.b.a().a(BC).a()).a(new x(new b(eVar))).a(a2, new org2.bouncycastle.b.a.b(checkCertByTax.getX509Certificate())));
        ArrayList arrayList = new ArrayList();
        arrayList.add(checkCertByTax.getX509Certificate());
        qVar.a(new org2.bouncycastle.b.a.a(arrayList));
        p pVar = new p(lVar, qVar.a(q.f3507a, lVar, BC).b());
        f fVar = new f();
        FileInputStream fileInputStream = new FileInputStream(String.valueOf(this.context.getFilesDir().getPath()) + "/hebcawebEncryptCert.cer");
        byte[] bArr2 = new byte[fileInputStream.available()];
        fileInputStream.read(bArr2);
        fVar.a(Cert.Creator.create(this.context, new String(bArr2)).getX509Certificate());
        byte[] a3 = fVar.a(new l(a.a(pVar.b())), f.f3493a, BC).a();
        checkCertByTax.getContainer().getDevice().logout();
        return a3;
    }
}
