package cn.com.jit.ida.util.pki.pkcs;

import cn.com.jit.ida.util.pki.PKIException;
import cn.com.jit.ida.util.pki.Parser;
import cn.com.jit.ida.util.pki.asn1.ASN1Sequence;
import cn.com.jit.ida.util.pki.asn1.ASN1Set;
import cn.com.jit.ida.util.pki.asn1.DERBitString;
import cn.com.jit.ida.util.pki.asn1.DERObjectIdentifier;
import cn.com.jit.ida.util.pki.asn1.DERPrintableString;
import cn.com.jit.ida.util.pki.asn1.DERUTF8String;
import cn.com.jit.ida.util.pki.asn1.pkcs.PKCSObjectIdentifiers;
import cn.com.jit.ida.util.pki.asn1.pkcs.pkcs10.CertificationRequest;
import cn.com.jit.ida.util.pki.asn1.pkcs.pkcs10.CertificationRequestInfo;
import cn.com.jit.ida.util.pki.asn1.x509.AlgorithmIdentifier;
import cn.com.jit.ida.util.pki.asn1.x509.X509Name;
import cn.com.jit.ida.util.pki.asn1.x9.X9ObjectIdentifiers;
import cn.com.jit.ida.util.pki.cipher.JCrypto;
import cn.com.jit.ida.util.pki.cipher.JKey;
import cn.com.jit.ida.util.pki.cipher.Mechanism;
import cn.com.jit.ida.util.pki.cipher.Session;
import cn.com.jit.ida.util.pki.encoders.Base64;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.Enumeration;
import java.util.Hashtable;

/* loaded from: classes.dex */
public class PKCS10 {
    public static final String MD2_RSA = "MD2withRSAEncryption";
    public static final String MD5_RSA = "MD5withRSAEncryption";
    public static final String SHA1_DSA = "SHA1withDSA";
    public static final String SHA1_EC_DSA = "SHA1withECDSA";
    public static final String SHA1_RSA = "SHA1withRSAEncryption";
    public static final String SHA224_EC_DSA = "SHA224withECDSA";
    public static final String SHA256_EC_DSA = "SHA256withECDSA";
    public static final String SHA256_RSA = "SHA256withRSAEncryption";
    public static final String SHA384_RSA = "SHA384withRSAEncryption";
    public static final String SHA512_RSA = "SHA512withRSAEncryption";
    private Session session;
    private static Hashtable algs = new Hashtable();
    private static Hashtable oids = new Hashtable();
    public static boolean LoadedConfigFile = false;
    private String subject = null;
    private JKey pubKey = null;
    private ASN1Set attributes = null;
    private boolean needVerify = false;
    private X509Name xSub = null;

    static {
        algs.put("SHA1withRSAEncryption", PKCSObjectIdentifiers.sha1WithRSAEncryption);
        algs.put("MD5withRSAEncryption", PKCSObjectIdentifiers.md5WithRSAEncryption);
        algs.put("MD2withRSAEncryption", PKCSObjectIdentifiers.md2WithRSAEncryption);
        algs.put("SHA1withDSA", PKCSObjectIdentifiers.sha1WithDSA);
        algs.put("SHA1withECDSA", PKCSObjectIdentifiers.sha1WithECEncryption);
        algs.put("SHA224withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224);
        algs.put("SHA256withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256);
        algs.put("SHA256withRSAEncryption", PKCSObjectIdentifiers.sha256WithRSAEncryption);
        algs.put("SHA384withRSAEncryption", PKCSObjectIdentifiers.sha384WithRSAEncryption);
        algs.put("SHA512withRSAEncryption", PKCSObjectIdentifiers.sha512WithRSAEncryption);
        algs.put("SM3withSM2Encryption", PKCSObjectIdentifiers.sm2_with_sm3);
        oids.put(PKCSObjectIdentifiers.sha1WithRSAEncryption, new Mechanism("SHA1withRSAEncryption"));
        oids.put(PKCSObjectIdentifiers.md5WithRSAEncryption, new Mechanism("MD5withRSAEncryption"));
        oids.put(PKCSObjectIdentifiers.md2WithRSAEncryption, new Mechanism("MD2withRSAEncryption"));
        oids.put(PKCSObjectIdentifiers.sha1WithDSA, new Mechanism("SHA1withDSA"));
        oids.put(PKCSObjectIdentifiers.sha1WithECEncryption, new Mechanism("SHA1withECDSA"));
        oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, new Mechanism("SHA224withECDSA"));
        oids.put(X9ObjectIdentifiers.ecdsa_with_SHA256, new Mechanism("SHA256withECDSA"));
        oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, new Mechanism("SHA256withRSAEncryption"));
        oids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, new Mechanism("SHA384withRSAEncryption"));
        oids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, new Mechanism("SHA512withRSAEncryption"));
        oids.put(PKCSObjectIdentifiers.sm2_with_sm3, new Mechanism("SM3withSM2Encryption"));
    }

    public PKCS10(Session session) {
        this.session = null;
        if (session != null) {
            this.session = session;
        } else {
            try {
                this.session = JCrypto.getInstance().openSession(JCrypto.JSOFT_LIB);
            } catch (Exception e) {
            }
        }
    }

    public static void main(String[] strArr) {
        try {
            JCrypto jCrypto = JCrypto.getInstance();
            jCrypto.initialize(JCrypto.JSOFT_LIB, null);
            jCrypto.initialize(JCrypto.JSJY05B_LIB, null);
            jCrypto.openSession(JCrypto.JSOFT_LIB);
            PKCS10 pkcs10 = new PKCS10(null);
            FileInputStream fileInputStream = new FileInputStream("d:\\p10.req");
            byte[] bArr = new byte[fileInputStream.available()];
            fileInputStream.read(bArr);
            fileInputStream.close();
            pkcs10.load(bArr);
            pkcs10.checkSubRules();
            System.out.println("key len:" + pkcs10.getPubKey().getKey().length);
            System.out.println("PKCS10 success!");
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public boolean checkSubRules() throws Exception {
        Enumeration objects = ((ASN1Sequence) this.xSub.getDERObject()).getObjects();
        while (objects.hasMoreElements()) {
            ASN1Set aSN1Set = (ASN1Set) objects.nextElement();
            for (int i = 0; i < aSN1Set.size(); i++) {
                ASN1Sequence aSN1Sequence = (ASN1Sequence) aSN1Set.getObjectAt(i);
                if (X509Name.C.equals(aSN1Sequence.getObjectAt(0))) {
                    if (!(aSN1Sequence.getObjectAt(1) instanceof DERPrintableString)) {
                        return false;
                    }
                } else if (!(aSN1Sequence.getObjectAt(1) instanceof DERUTF8String)) {
                    return false;
                }
            }
        }
        return true;
    }

    public CertificationRequest generateCertificationRequest(String str, String str2, JKey jKey, ASN1Set aSN1Set, JKey jKey2) throws PKIException {
        this.subject = str2;
        this.pubKey = jKey;
        this.attributes = aSN1Set;
        X509Name x509Name = new X509Name(str2);
        DERObjectIdentifier dERObjectIdentifier = (DERObjectIdentifier) algs.get(str);
        if (dERObjectIdentifier == null) {
            throw new PKIException("8173", "产生P10申请书失败 不支持的签名算法 " + str);
        }
        if (str2 == null) {
            throw new PKIException("8173", "产生P10申请书失败 主题信息必须不为空");
        }
        if (jKey == null) {
            throw new PKIException("8173", "产生P10申请书失败 公钥必须不为空");
        }
        if (jKey2 == null) {
            throw new PKIException("8173", "产生P10申请书失败 签名私钥必须不为空");
        }
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(dERObjectIdentifier, null);
        CertificationRequestInfo certificationRequestInfo = new CertificationRequestInfo(x509Name, Parser.key2SPKI(jKey), aSN1Set);
        return new CertificationRequest(certificationRequestInfo, algorithmIdentifier, new DERBitString(this.session.sign((Mechanism) oids.get(dERObjectIdentifier), jKey2, Parser.writeDERObj2Bytes(certificationRequestInfo.getDERObject()))));
    }

    public byte[] generateCertificationRequestData_B64(String str, String str2, JKey jKey, ASN1Set aSN1Set, JKey jKey2) throws PKIException {
        return Base64.encode(Parser.writeDERObj2Bytes(generateCertificationRequest(str, str2, jKey, aSN1Set, jKey2).getDERObject()));
    }

    public byte[] generateCertificationRequestData_DER(String str, String str2, JKey jKey, ASN1Set aSN1Set, JKey jKey2) throws PKIException {
        return Parser.writeDERObj2Bytes(generateCertificationRequest(str, str2, jKey, aSN1Set, jKey2).getDERObject());
    }

    public ASN1Set getAttributes() {
        return this.attributes;
    }

    public JKey getPubKey() {
        return this.pubKey;
    }

    public String getSubject() {
        return this.subject;
    }

    public void load(CertificationRequest certificationRequest) throws PKIException {
        DERObjectIdentifier objectId = certificationRequest.getSignatureAlgorithm().getObjectId();
        Mechanism mechanism = (Mechanism) oids.get(objectId);
        if (mechanism == null) {
            throw new PKIException("8173", "产生P10申请书失败 不支持的签名算法 " + objectId.toString());
        }
        byte[] bytes = certificationRequest.getSignature().getBytes();
        CertificationRequestInfo certificationRequestInfo = certificationRequest.getCertificationRequestInfo();
        byte[] writeDERObj2Bytes = Parser.writeDERObj2Bytes(certificationRequestInfo.getDERObject());
        this.pubKey = Parser.SPKI2Key(certificationRequestInfo.getSubjectPublicKeyInfo());
        if (this.session.getCfgTag() != null) {
            this.needVerify = this.session.getCfgTag().isVerifyP10Signature();
        } else {
            this.needVerify = false;
        }
        if (this.needVerify && !this.session.verifySign(mechanism, this.pubKey, writeDERObj2Bytes, bytes)) {
            throw new PKIException("8174", "解析P10申请书失败 签名验证失败");
        }
        this.xSub = certificationRequestInfo.getSubject();
        this.subject = certificationRequestInfo.getSubject().toString();
        this.attributes = certificationRequestInfo.getAttributes();
    }

    public void load(byte[] bArr) throws PKIException {
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(new ByteArrayInputStream(bArr)));
        try {
            if (bufferedReader.readLine().toUpperCase().indexOf("BEGIN NEW CERTIFICATE REQUEST") != -1) {
                StringBuffer stringBuffer = new StringBuffer();
                while (true) {
                    String readLine = bufferedReader.readLine();
                    if (readLine != null && readLine.toUpperCase().indexOf("END NEW CERTIFICATE REQUEST") == -1) {
                        stringBuffer.append(readLine);
                    }
                }
                bArr = Base64.decode(Parser.convertBase64(stringBuffer.toString().getBytes()));
            } else if (Parser.isBase64Encode(bArr)) {
                bArr = Base64.decode(Parser.convertBase64(bArr));
            }
            try {
                if (bArr[0] != 48) {
                    throw new Exception();
                }
                load(new CertificationRequest((ASN1Sequence) Parser.writeBytes2DERObj(bArr)));
            } catch (Exception e) {
                throw new PKIException("8174", PKIException.PARSE_P10_ERR_DES, new Exception("The PKCS10 CertificationRequest content error."));
            }
        } catch (IOException e2) {
            throw new PKIException("8174", PKIException.PARSE_P10_ERR_DES, e2);
        }
    }
}
