package chinapnr;

import cfca.sadk.lib.crypto.JCrypto;
import cfca.sadk.lib.crypto.Session;
import cfca.sadk.util.CertUtil;
import cfca.sadk.util.KeyUtil;
import cfca.sadk.util.Signature;
import cfca.sadk.x509.certificate.X509Cert;
import cfca.sadk.x509.certificate.X509CertVerifier;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.util.zip.GZIPInputStream;
import java.util.zip.GZIPOutputStream;

/* loaded from: input_file:chinapnr/Cfca.class */
public class Cfca {
    public static final String SUCCESS = "0";
    public static final String FAIL = "1";

    /* loaded from: input_file:chinapnr/Cfca$Result.class */
    public static class Result {
        private String code;
        private String message;

        public String getCode() {
            return this.code;
        }

        public void setCode(String str) {
            this.code = str;
        }

        public String getMessage() {
            return this.message;
        }

        public void setMessage(String str) {
            this.message = str;
        }
    }

    public Result signCfca(String str, String str2, String str3, String str4) {
        Result result = new Result();
        try {
            JCrypto.getInstance().initialize("JSOFT_LIB", (Object) null);
            byte[] p7SignMessageAttach = new Signature().p7SignMessageAttach("sha1WithRSAEncryption", str.getBytes(str2), KeyUtil.getPrivateKeyFromPFX(str3, str4), CertUtil.getCertFromPFX(str3, str4), JCrypto.getInstance().openSession("JSOFT_LIB"));
            if (p7SignMessageAttach == null) {
                result.setCode(FAIL);
                result.setMessage("失败");
                return result;
            }
            ByteArrayOutputStream byteArrayOutputStream = null;
            GZIPOutputStream gZIPOutputStream = null;
            try {
                byteArrayOutputStream = new ByteArrayOutputStream();
                gZIPOutputStream = new GZIPOutputStream(byteArrayOutputStream);
                gZIPOutputStream.write(p7SignMessageAttach);
                gZIPOutputStream.finish();
                gZIPOutputStream.flush();
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                if (byteArrayOutputStream != null) {
                    try {
                        byteArrayOutputStream.close();
                    } catch (IOException e) {
                        e.printStackTrace();
                    }
                }
                if (gZIPOutputStream != null) {
                    try {
                        gZIPOutputStream.close();
                    } catch (IOException e2) {
                        e2.printStackTrace();
                    }
                }
                result.setCode(SUCCESS);
                result.setMessage(URLEncoder.encode(cfca.sadk.util.Base64.toBase64String(byteArray), str2));
                return result;
            } finally {
            }
        } catch (Exception e3) {
            e3.printStackTrace();
            result.setCode(FAIL);
            result.setMessage("异常");
            return result;
        }
    }

    public Result verifySignCfca(String str, String str2, String str3, String str4, String str5) {
        Result result = new Result();
        ByteArrayOutputStream byteArrayOutputStream = null;
        GZIPInputStream gZIPInputStream = null;
        try {
            try {
                JCrypto.getInstance().initialize("JSOFT_LIB", (Object) null);
                Session openSession = JCrypto.getInstance().openSession("JSOFT_LIB");
                Signature signature = new Signature();
                byte[] decode = str3.indexOf("%") >= 0 ? cfca.sadk.util.Base64.decode(URLDecoder.decode(str3, str4)) : cfca.sadk.util.Base64.decode(str3);
                ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
                GZIPInputStream gZIPInputStream2 = new GZIPInputStream(new ByteArrayInputStream(decode));
                while (true) {
                    int read = gZIPInputStream2.read();
                    if (read == -1) {
                        break;
                    }
                    byteArrayOutputStream2.write(read);
                }
                byte[] byteArray = byteArrayOutputStream2.toByteArray();
                X509Cert signerX509CertFromP7SignData = signature.getSignerX509CertFromP7SignData(byteArray);
                X509CertVerifier.updateTrustCertsMap(str5);
                if (!X509CertVerifier.validateCertSign(signerX509CertFromP7SignData)) {
                    result.setCode(FAIL);
                    result.setMessage("证书无效");
                    if (byteArrayOutputStream2 != null) {
                        try {
                            byteArrayOutputStream2.close();
                        } catch (IOException e) {
                            e.printStackTrace();
                        }
                    }
                    if (gZIPInputStream2 != null) {
                        try {
                            gZIPInputStream2.close();
                        } catch (IOException e2) {
                            e2.printStackTrace();
                        }
                    }
                    return result;
                }
                if (!X509CertVerifier.verifyCertDate(signerX509CertFromP7SignData)) {
                    result.setCode(FAIL);
                    result.setMessage("证书过期");
                    if (byteArrayOutputStream2 != null) {
                        try {
                            byteArrayOutputStream2.close();
                        } catch (IOException e3) {
                            e3.printStackTrace();
                        }
                    }
                    if (gZIPInputStream2 != null) {
                        try {
                            gZIPInputStream2.close();
                        } catch (IOException e4) {
                            e4.printStackTrace();
                        }
                    }
                    return result;
                }
                if (signature.p7VerifyMessageAttach(byteArray, openSession)) {
                    String subject = signature.getSignerCert().getSubject();
                    if (!str.equals(subject.substring(subject.indexOf(64) + 1, subject.indexOf(64) + 7))) {
                        result.setCode(FAIL);
                        result.setMessage("非商户证书");
                        if (byteArrayOutputStream2 != null) {
                            try {
                                byteArrayOutputStream2.close();
                            } catch (IOException e5) {
                                e5.printStackTrace();
                            }
                        }
                        if (gZIPInputStream2 != null) {
                            try {
                                gZIPInputStream2.close();
                            } catch (IOException e6) {
                                e6.printStackTrace();
                            }
                        }
                        return result;
                    }
                }
                if (str2.equals(new String(signature.getSourceData(), str4))) {
                    result.setCode(SUCCESS);
                    result.setMessage("验签成功");
                    if (byteArrayOutputStream2 != null) {
                        try {
                            byteArrayOutputStream2.close();
                        } catch (IOException e7) {
                            e7.printStackTrace();
                        }
                    }
                    if (gZIPInputStream2 != null) {
                        try {
                            gZIPInputStream2.close();
                        } catch (IOException e8) {
                            e8.printStackTrace();
                        }
                    }
                    return result;
                }
                result.setCode(FAIL);
                result.setMessage("签名信息不正确");
                if (byteArrayOutputStream2 != null) {
                    try {
                        byteArrayOutputStream2.close();
                    } catch (IOException e9) {
                        e9.printStackTrace();
                    }
                }
                if (gZIPInputStream2 != null) {
                    try {
                        gZIPInputStream2.close();
                    } catch (IOException e10) {
                        e10.printStackTrace();
                    }
                }
                return result;
            } catch (Throwable th) {
                if (0 != 0) {
                    try {
                        byteArrayOutputStream.close();
                    } catch (IOException e11) {
                        e11.printStackTrace();
                    }
                }
                if (0 != 0) {
                    try {
                        gZIPInputStream.close();
                    } catch (IOException e12) {
                        e12.printStackTrace();
                    }
                }
                throw th;
            }
        } catch (Exception e13) {
            e13.printStackTrace();
            result.setCode(FAIL);
            result.setMessage("验签异常");
            if (0 != 0) {
                try {
                    byteArrayOutputStream.close();
                } catch (IOException e14) {
                    e14.printStackTrace();
                }
            }
            if (0 != 0) {
                try {
                    gZIPInputStream.close();
                } catch (IOException e15) {
                    e15.printStackTrace();
                }
            }
            return result;
        }
    }
}
