package cn.com.scca.sdk.msk.core;

import android.content.Context;
import android.os.Handler;
import android.os.Message;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import cn.com.scca.sdk.msk.CallBack;
import cn.com.scca.sdk.msk.MskApiTool;
import cn.com.scca.sdk.msk.enums.Errors;
import cn.com.scca.sdk.msk.enums.HashAlg;
import cn.com.scca.sdk.msk.enums.KeyType;
import cn.com.scca.sdk.msk.module.ApplyCertModle;
import cn.com.scca.sdk.msk.module.CSRReqDataBean;
import cn.com.scca.sdk.msk.module.CSRReturnDataBean;
import cn.com.scca.sdk.msk.module.DigitalEnvelope;
import cn.com.scca.sdk.msk.module.DnInfo;
import cn.com.scca.sdk.msk.module.ErrorInfo;
import cn.com.scca.sdk.msk.util.Global;
import cn.com.scca.sdk.msk.util.LogUtils;
import cn.com.scca.sdk.msk.util.SccaHttpsClient;
import com.itextpdf.text.pdf.security.SecurityConstants;
import com.tencent.open.SocialOperation;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.HashMap;
import sansec.saas.mobileshield.sdk.business.define.BusinessModel;
import sansec.saas.mobileshield.sdk.business.listener.BaseListener;
import sansec.saas.mobileshield.sdk.postinfo.define.PostModel;
import sansec.saas.mobileshield.sdk.postinfo.define.PostModelimpl;
import sansec.saas.mobileshield.sdk.postinfo.listener.ILoginReturnListener;

/* loaded from: classes.dex */
public class ApplyCert {
    private static final String testStr = "1";
    private ApplyCertModle applyCertModle;
    private CallBack<Boolean> callBack;
    private Context context;
    private final String dn;
    private HashAlg hashAlg;
    private KeyType keyType;
    private BusinessModel model;
    private String pin;
    private PostModel postModel;
    private String userFlag;

    /* loaded from: classes.dex */
    private abstract class BaseCertListener implements BaseListener, ILoginReturnListener {
        private BaseCertListener() {
        }

        public abstract ErrorInfo getErrorInfo(String str);

        @Override // sansec.saas.mobileshield.sdk.business.listener.BaseListener
        public void onError(String str) {
            ApplyCert.this.callBack.onError(getErrorInfo(str));
        }

        @Override // sansec.saas.mobileshield.sdk.postinfo.listener.ILoginReturnListener
        public void onSuccess() {
            throw new RuntimeException("Not Support!");
        }

        @Override // sansec.saas.mobileshield.sdk.business.listener.BaseListener
        public void onSuccess(String str) {
            throw new RuntimeException("Not Support!");
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class DecDataByEncCert extends BaseCertListener {
        CSRReturnDataBean response;

        public DecDataByEncCert(CSRReturnDataBean cSRReturnDataBean) {
            super();
            this.response = cSRReturnDataBean;
        }

        @Override // cn.com.scca.sdk.msk.core.ApplyCert.BaseCertListener
        public ErrorInfo getErrorInfo(String str) {
            ErrorInfo error = Errors.ApplyCertErrors.DecDataByEncCert.error(str);
            Log.e(Errors.ApplyCertErrors.class.getName(), error.getErrorInfo());
            return error;
        }

        @Override // cn.com.scca.sdk.msk.core.ApplyCert.BaseCertListener, sansec.saas.mobileshield.sdk.business.listener.BaseListener
        public void onSuccess(String str) {
            String str2;
            try {
                str2 = new String(Base64.decode(str, 2), "UTF-8");
            } catch (UnsupportedEncodingException e) {
                e.printStackTrace();
                str2 = "";
            }
            if (!str2.equals("1")) {
                onError("数据加解密校验失败");
                return;
            }
            String str3 = this.response.data.certBase64;
            new PostModelimpl(ApplyCert.this.context, MskApiTool.getConfig().getCompanyId(), MskApiTool.getConfig().getCompanySecretKey()).recordCert(ApplyCert.this.userFlag, 256, "SM2", 0, this.response.data.certSignBufKmc, str3, this.response.data.certKmcReq1, new SaveCertListener());
            this.response = null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class GenerateCsrListener extends BaseCertListener {
        private GenerateCsrListener() {
            super();
        }

        @Override // cn.com.scca.sdk.msk.core.ApplyCert.BaseCertListener
        public ErrorInfo getErrorInfo(String str) {
            ErrorInfo error = Errors.ApplyCertErrors.GenerCsr.error(str);
            Log.e(Errors.ApplyCertErrors.class.getName(), error.getErrorInfo());
            return error;
        }

        @Override // cn.com.scca.sdk.msk.core.ApplyCert.BaseCertListener, sansec.saas.mobileshield.sdk.business.listener.BaseListener
        public void onSuccess(String str) {
            LogUtils.debug("申请获取证书信息:" + str);
            try {
                ApplyCert.this.applyCert(str, new CallBack<CSRReturnDataBean>() { // from class: cn.com.scca.sdk.msk.core.ApplyCert.GenerateCsrListener.1
                    @Override // cn.com.scca.sdk.msk.CallBack
                    public void onError(ErrorInfo errorInfo) {
                        ApplyCert.this.callBack.onError(errorInfo);
                    }

                    @Override // cn.com.scca.sdk.msk.CallBack
                    public void onSuccess(CSRReturnDataBean cSRReturnDataBean) {
                        int i;
                        int i2;
                        if (cSRReturnDataBean == null || !"200".equals(cSRReturnDataBean.code)) {
                            ErrorInfo error = Errors.ApplyCertErrors.caSerCode.error(cSRReturnDataBean.msg);
                            ApplyCert.this.callBack.onError(error);
                            Log.e(Errors.ApplyCertErrors.class.getName(), error.getErrorInfo());
                            return;
                        }
                        try {
                            if (!ApplyCert.this.verifySignatureBySHA1(cSRReturnDataBean)) {
                                ErrorInfo error2 = Errors.ApplyCertErrors.verifyResSign.error(cSRReturnDataBean.data.signature);
                                ApplyCert.this.callBack.onError(error2);
                                Log.e(Errors.ApplyCertErrors.class.getName(), error2.getErrorInfo());
                                return;
                            }
                            if (TextUtils.isEmpty(cSRReturnDataBean.data.certKmcReq1)) {
                                new PostModelimpl(ApplyCert.this.context, MskApiTool.getConfig().getCompanyId(), MskApiTool.getConfig().getCompanySecretKey()).recordCert(ApplyCert.this.userFlag, 256, "SM2", 1, "", cSRReturnDataBean.data.certBase64, "", new SaveCertListener());
                                return;
                            }
                            DigitalEnvelope digitalEnvelope = new DigitalEnvelope(cSRReturnDataBean.data.certKmcReq1);
                            byte[] bArr = new byte[0];
                            try {
                                byte[] SM2CertEncrypt = ApplyCert.this.model.SM2CertEncrypt("1".getBytes("UTF-8"), Base64.decode(cSRReturnDataBean.data.certSignBufKmc, 2));
                                if (digitalEnvelope.getUserCipher().equals("SM4")) {
                                    i = 65;
                                    i2 = 48;
                                } else {
                                    i = 64;
                                    i2 = 49;
                                }
                                ApplyCert.this.model.decDataByEncCert(0, ApplyCert.this.userFlag, ApplyCert.this.pin, SM2CertEncrypt, digitalEnvelope.getUserSeal(), digitalEnvelope.getEncPriKey(), i, i2, digitalEnvelope.getUserIV(), new DecDataByEncCert(cSRReturnDataBean));
                            } catch (Exception e) {
                                ErrorInfo error3 = Errors.ApplyCertErrors.resSign.error(e.getMessage());
                                ApplyCert.this.callBack.onError(error3);
                                Log.e(Errors.ApplyCertErrors.class.getName(), error3.getErrorInfo(), e);
                            }
                        } catch (NoSuchAlgorithmException e2) {
                            ErrorInfo error4 = Errors.ApplyCertErrors.resSign.error(e2.getMessage());
                            ApplyCert.this.callBack.onError(error4);
                            Log.e(Errors.ApplyCertErrors.class.getName(), error4.getErrorInfo(), e2);
                        }
                    }
                });
            } catch (NoSuchAlgorithmException e) {
                ErrorInfo error = Errors.ApplyCertErrors.reqSign.error(e.getMessage());
                ApplyCert.this.callBack.onError(error);
                Log.e(Errors.ApplyCertErrors.class.getName(), error.getErrorInfo(), e);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class GenerateKeyListener extends BaseCertListener {
        private GenerateKeyListener() {
            super();
        }

        @Override // cn.com.scca.sdk.msk.core.ApplyCert.BaseCertListener
        public ErrorInfo getErrorInfo(String str) {
            ErrorInfo error = Errors.ApplyCertErrors.GenerKey.error(str);
            Log.e(Errors.ApplyCertErrors.class.getName(), error.getErrorInfo());
            return error;
        }

        @Override // cn.com.scca.sdk.msk.core.ApplyCert.BaseCertListener, sansec.saas.mobileshield.sdk.business.listener.BaseListener
        public void onSuccess(String str) {
            LogUtils.debug("产生CSRP:" + ApplyCert.this.keyType.getLength() + "    userFlag:" + ApplyCert.this.userFlag + "   pin:" + ApplyCert.this.pin + "    dn:" + ApplyCert.this.dn + "  hashAlg:" + ApplyCert.this.hashAlg.name());
            ApplyCert.this.model.generateCSR(ApplyCert.this.keyType.getLength(), ApplyCert.this.userFlag, ApplyCert.this.pin, ApplyCert.this.dn, ApplyCert.this.hashAlg.name(), new GenerateCsrListener());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class SaveCertListener extends BaseCertListener {
        private SaveCertListener() {
            super();
        }

        @Override // cn.com.scca.sdk.msk.core.ApplyCert.BaseCertListener
        public ErrorInfo getErrorInfo(String str) {
            ErrorInfo error = Errors.ApplyCertErrors.SaveCert.error(str);
            Log.e(Errors.ApplyCertErrors.class.getName(), error.getErrorInfo());
            return error;
        }

        @Override // cn.com.scca.sdk.msk.core.ApplyCert.BaseCertListener, sansec.saas.mobileshield.sdk.postinfo.listener.ILoginReturnListener
        public void onSuccess() {
            ApplyCert.this.callBack.onSuccess(true);
        }
    }

    public ApplyCert(Context context, String str, DnInfo dnInfo, ApplyCertModle applyCertModle, String str2, KeyType keyType, HashAlg hashAlg, CallBack<Boolean> callBack) {
        this.context = context;
        this.pin = str;
        this.applyCertModle = applyCertModle;
        this.userFlag = str2;
        this.callBack = callBack;
        this.keyType = keyType;
        this.hashAlg = hashAlg;
        this.dn = dnInfo == null ? null : dnInfo.toDnString();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void applyCert(String str, final CallBack<CSRReturnDataBean> callBack) throws NoSuchAlgorithmException {
        CSRReqDataBean cSRReqDataBean = new CSRReqDataBean(this.applyCertModle);
        cSRReqDataBean.setCsr(str);
        String signatureBySHA1 = signatureBySHA1(cSRReqDataBean.getSignatureSource(MskApiTool.getConfig().getAppSecret()));
        HashMap hashMap = new HashMap();
        hashMap.put("appId", MskApiTool.getConfig().getAppId());
        hashMap.put(SocialOperation.GAME_SIGNATURE, signatureBySHA1);
        LogUtils.debug("申请证书请求信息:" + cSRReqDataBean.toString());
        new SccaHttpsClient(MskApiTool.getConfig().getApplyCertUrl(), hashMap, cSRReqDataBean.toMapRequest(), CSRReturnDataBean.class, this.context).setHandler(new Handler() { // from class: cn.com.scca.sdk.msk.core.ApplyCert.1
            @Override // android.os.Handler
            public void handleMessage(Message message) {
                super.handleMessage(message);
                int i = message.what;
                if (i == 200) {
                    callBack.onSuccess((CSRReturnDataBean) message.obj);
                } else {
                    if (i != 300) {
                        return;
                    }
                    callBack.onError((ErrorInfo) message.obj);
                }
            }
        }).start();
    }

    private void goApply() {
        this.model.generateKey(this.keyType.getLength(), this.userFlag, this.pin, this.dn, new GenerateKeyListener());
    }

    private String signatureBySHA1(String str) throws NoSuchAlgorithmException {
        return Global.bytesToHexString(MessageDigest.getInstance(SecurityConstants.SHA1).digest(str.getBytes()));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean verifySignatureBySHA1(CSRReturnDataBean cSRReturnDataBean) throws NoSuchAlgorithmException {
        StringBuilder sb = new StringBuilder();
        sb.append(cSRReturnDataBean.data.certBase64);
        LogUtils.debug("计算响应的值[certBase64]：" + cSRReturnDataBean.data.certBase64);
        sb.append(cSRReturnDataBean.data.certKmcReq1);
        LogUtils.debug("计算响应的值[certKmcReq1]：" + cSRReturnDataBean.data.certKmcReq1);
        sb.append(cSRReturnDataBean.data.certP7b);
        LogUtils.debug("计算响应的值[certP7b]：" + cSRReturnDataBean.data.certP7b);
        sb.append(cSRReturnDataBean.data.certSignBufKmc);
        LogUtils.debug("计算响应的值[certSignBufKmc]：" + cSRReturnDataBean.data.certSignBufKmc);
        sb.append(MskApiTool.getConfig().getAppSecret());
        LogUtils.debug("计算响应的值[appSecret]：" + MskApiTool.getConfig().getAppSecret());
        String sb2 = sb.toString();
        LogUtils.debug("计算响应的值：" + sb2);
        String signatureBySHA1 = signatureBySHA1(sb2);
        LogUtils.debug("计算响应的签名值：" + signatureBySHA1);
        LogUtils.debug("响应的签名值：" + cSRReturnDataBean.data.signature);
        return signatureBySHA1.equals(cSRReturnDataBean.data.signature);
    }

    public void run() {
        this.model = Global.getModel(this.keyType, this.context);
        goApply();
    }
}
