package cn.com.infosec.netsign.agent.impl.project.cup;

import cn.com.infosec.netsign.agent.GenericCertificate;
import cn.com.infosec.netsign.agent.NetSignAgent;
import cn.com.infosec.netsign.agent.digest.SHA256Digest;
import cn.com.infosec.netsign.agent.exception.NetSignAgentException;
import cn.com.infosec.netsign.agent.impl.CertAgentImpl;
import cn.com.infosec.netsign.agent.impl.EncryptionAgentImpl;
import cn.com.infosec.netsign.agent.impl.KeyAgentImpl;
import cn.com.infosec.netsign.agent.impl.SignAgentImpl;
import cn.com.infosec.netsign.agent.impl.base.AgentBasic;
import cn.com.infosec.netsign.agent.newcommunitor.CommunicatorManager;
import cn.com.infosec.netsign.agent.resource.AgentErrorRes;
import cn.com.infosec.netsign.agent.util.PBCAgent2GUtil;
import cn.com.infosec.netsign.base.util.Utils;
import cn.com.infosec.netsign.crypto.util.Base64;
import cn.com.infosec.netsign.crypto.util.SM3;
import cn.com.infosec.netsign.json.JsonObject;
import cn.com.infosec.netsign.json.JsonParser;
import cn.com.infosec.netsign.json.JsonValueObject;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.cert.X509Certificate;

/* loaded from: input_file:cn/com/infosec/netsign/agent/impl/project/cup/StcAgentImpl.class */
public class StcAgentImpl extends AgentBasic {
    public final String CUPSTC_PINKEY = "cupstcpinkey";
    public final String CUPSTC_TRANSKEY = "cupstctranskey";
    private byte[] pwd;
    private SignAgentImpl signAgent;
    private EncryptionAgentImpl encryptionAgent;
    private KeyAgentImpl keyAgent;
    private CertAgentImpl certAgent;

    public StcAgentImpl(CommunicatorManager communicatorManager, byte[] bArr, SignAgentImpl signAgentImpl, EncryptionAgentImpl encryptionAgentImpl, KeyAgentImpl keyAgentImpl, CertAgentImpl certAgentImpl) {
        super(communicatorManager);
        this.CUPSTC_PINKEY = "cupstcpinkey";
        this.CUPSTC_TRANSKEY = "cupstctranskey";
        this.pwd = bArr;
        this.signAgent = signAgentImpl;
        this.encryptionAgent = encryptionAgentImpl;
        this.keyAgent = keyAgentImpl;
        this.certAgent = certAgentImpl;
    }

    public String CUPSTCRawSign(byte[] bArr, String str, String str2) throws NetSignAgentException {
        if (bArr == null || "".equals(str)) {
            throw new NetSignAgentException(AgentErrorRes.INIT_PARA_NULL, "param invalid");
        }
        String upperCase = str2 == null ? "SHA256" : str2.toUpperCase();
        byte[] cUPSTCPlain = getCUPSTCPlain(bArr, upperCase);
        if (null == cUPSTCPlain) {
            return null;
        }
        return this.signAgent.rawSign(cUPSTCPlain, str, upperCase);
    }

    public boolean CUPSTCRawVerify(byte[] bArr, String str, String str2, String str3) throws NetSignAgentException {
        if (bArr == null || "".equals(str2) || isEmpty(str)) {
            throw new NetSignAgentException(AgentErrorRes.INIT_PARA_NULL, "param invalid");
        }
        String upperCase = str3 == null ? "SHA256" : str3.toUpperCase();
        byte[] cUPSTCPlain = getCUPSTCPlain(bArr, upperCase);
        if (null == cUPSTCPlain) {
            return false;
        }
        return this.signAgent.rawVerify(cUPSTCPlain, str, str2, upperCase);
    }

    public String CUPSTCEncrypt(byte[] bArr, String str) throws NetSignAgentException {
        if (str == null || !validKeyType(str)) {
            throw new NetSignAgentException(AgentErrorRes.ERROR_INPUT_PARA, "param invalid");
        }
        byte[] symmEncrypt = this.encryptionAgent.symmEncrypt(bArr, "1".equals(str) ? "cupstcpinkey" : "cupstctranskey", "/ECB/NoPadding");
        if (symmEncrypt != null) {
            return Base64.encode(symmEncrypt);
        }
        return null;
    }

    public byte[] CUPSTCDecrypt(String str, String str2) throws NetSignAgentException {
        if (str2 == null || !validKeyType(str2)) {
            throw new NetSignAgentException(AgentErrorRes.ERROR_INPUT_PARA, "param invalid");
        }
        String str3 = "1".equals(str2) ? "cupstcpinkey" : "cupstctranskey";
        byte[] symmDecrypt = this.encryptionAgent.symmDecrypt(Base64.decode(str), str3, "/ECB/NoPadding");
        if (symmDecrypt != null && checkCUPSTCDATA(symmDecrypt)) {
            return symmDecrypt;
        }
        byte[] symmDecrypt2 = this.encryptionAgent.symmDecrypt(Base64.decode(str), str3 + ".bak", "/ECB/NoPadding");
        if (symmDecrypt2 == null) {
            return null;
        }
        if (checkCUPSTCDATA(symmDecrypt2)) {
            return symmDecrypt2;
        }
        throw new NetSignAgentException(AgentErrorRes.INVALID_MSG_FORMAT, "result invalid");
    }

    public String CUPSTCEncryptWorkingKey(String str, String str2) throws NetSignAgentException {
        byte[] asymmEncrypt = this.encryptionAgent.asymmEncrypt(str.getBytes(), "/ECB/PKCS1Padding", str2);
        if (asymmEncrypt != null) {
            return Base64.encode(asymmEncrypt);
        }
        return null;
    }

    public String CUPSTCDecryptWorkingKey(String str, String str2) throws NetSignAgentException {
        byte[] asymmDecrypt = this.encryptionAgent.asymmDecrypt(Base64.decode(str), "/ECB/PKCS1Padding", str2);
        if (asymmDecrypt != null) {
            return new String(asymmDecrypt);
        }
        return null;
    }

    public boolean CUPSTCRenewKey(String str) {
        return false;
    }

    public boolean CUPSTCSetWorkingKey(String str, String str2) throws NetSignAgentException {
        if (isEmpty(str) || isEmpty(str2) || !validKeyType(str2)) {
            throw new NetSignAgentException(AgentErrorRes.INIT_PARA_NULL, "param invalid");
        }
        if (str.length() % 2 == 1) {
            str = "0" + str;
        }
        byte[] byteArray = new BigInteger(str, 16).toByteArray();
        if (byteArray.length > str.length() / 2) {
            byte[] bArr = new byte[str.length() / 2];
            System.arraycopy(byteArray, byteArray.length - bArr.length, bArr, 0, bArr.length);
            byteArray = bArr;
        }
        return str2.equals("1") ? this.keyAgent.setWorkingKey("cupstcpinkey", byteArray, "DESEde", true) : this.keyAgent.setWorkingKey("cupstctranskey", byteArray, "DESEde", true);
    }

    public String CUPSTCEncryptAndSign(String str, String str2, String str3, String str4) throws NetSignAgentException {
        if (isEmpty(str) || isEmpty(str3)) {
            throw new NetSignAgentException(AgentErrorRes.INIT_PARA_NULL, "param invalid");
        }
        String str5 = null;
        String str6 = null;
        try {
            JsonObject parse = new JsonParser(str4).parse(str.toCharArray());
            if (isEmpty(parse)) {
                throw new NetSignAgentException(AgentErrorRes.PARSE_JSON_RESULT_NULL, "json empty");
            }
            String valueByKey = PBCAgent2GUtil.getValueByKey(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_TXNTYPE);
            if (isEmpty(valueByKey)) {
                throw new NetSignAgentException(AgentErrorRes.PARSE_JSON_ATTR_ABSENT, "invalid txnType");
            }
            try {
                JsonValueObject jsonValueObject = (JsonValueObject) parse.getValue(PBCAgent2GUtil.CUPSTC_JSONKEY_ENCRYPTDATA);
                if (isEmpty(jsonValueObject) && !valueByKey.equals(PBCAgent2GUtil.CUPSTC_TXNTYPE_DOWNLOADCERT)) {
                    throw new NetSignAgentException(AgentErrorRes.PARSE_JSON_ATTR_ABSENT, "encrypt data empty");
                }
                if (PBCAgent2GUtil.CUPSTC_TXNTYPE_RESETKEY.equals(valueByKey)) {
                    JsonObject jsonObject = (JsonObject) jsonValueObject.getValue();
                    String valueByKey2 = PBCAgent2GUtil.getValueByKey(jsonObject, PBCAgent2GUtil.CUPSTC_JSONKEY_NEWKEY);
                    String valueByKey3 = PBCAgent2GUtil.getValueByKey(jsonObject, PBCAgent2GUtil.CUPSTC_JSONKEY_KEYTYPE);
                    String valueByKey4 = PBCAgent2GUtil.getValueByKey(jsonObject, "keyLabel");
                    if (PBCAgent2GUtil.notEmpty(valueByKey2) && (!isEmpty(valueByKey3) || !isEmpty(valueByKey4))) {
                        CUPSTCSetWorkingKey(valueByKey2, valueByKey3, valueByKey4);
                    }
                    if (isEmpty(str2)) {
                        throw new NetSignAgentException(AgentErrorRes.INIT_PARA_NULL, "encryptCertID invalid");
                    }
                    String CUPSTCEncryptWorkingKey = CUPSTCEncryptWorkingKey(jsonValueObject.toJson(), str2);
                    if (isEmpty(CUPSTCEncryptWorkingKey)) {
                        throw new NetSignAgentException(AgentErrorRes.ENCRYPTDATARESULT_NULL, "encrypt failed");
                    }
                    PBCAgent2GUtil.putStringToJson(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_ENCRYPTDATA, CUPSTCEncryptWorkingKey);
                } else if (PBCAgent2GUtil.CUPSTC_TXNTYPE_DOWNLOADCERT.equals(valueByKey)) {
                    if (PBCAgent2GUtil.notEmpty(jsonValueObject)) {
                        try {
                            str6 = CUPSTCEncrypt(jsonValueObject.toJson().getBytes(str4), "3");
                        } catch (UnsupportedEncodingException e) {
                            e.printStackTrace();
                        }
                        if (isEmpty(str6)) {
                            throw new NetSignAgentException(AgentErrorRes.ENCRYPTDATARESULT_NULL, "encrypt result empty");
                        }
                        PBCAgent2GUtil.putStringToJson(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_ENCRYPTDATA, str6);
                    }
                    GenericCertificate[] genericCertificate = this.certAgent.getGenericCertificate(str3);
                    if (genericCertificate == null || genericCertificate[0] == null) {
                        throw new NetSignAgentException(AgentErrorRes.CERTGETTED_NULL, "no cert found");
                    }
                    String base64Cert = genericCertificate[0].getBase64Cert();
                    if (isEmpty(base64Cert)) {
                        throw new NetSignAgentException(AgentErrorRes.CERFILEGETTED_NULL, "no cert found");
                    }
                    PBCAgent2GUtil.putStringToJson(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_CERFILE, base64Cert);
                } else {
                    try {
                        str6 = CUPSTCEncrypt(jsonValueObject.toJson().getBytes(str4), "3");
                    } catch (UnsupportedEncodingException e2) {
                        e2.printStackTrace();
                    }
                    if (isEmpty(str6)) {
                        throw new NetSignAgentException(AgentErrorRes.ENCRYPTDATARESULT_NULL, "encrypt result empty");
                    }
                    PBCAgent2GUtil.putStringToJson(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_ENCRYPTDATA, str6);
                }
                JsonValueObject jsonValueObject2 = (JsonValueObject) parse.getValue(PBCAgent2GUtil.CUPSTC_JSONKEY_RISKINFO);
                if (PBCAgent2GUtil.notEmpty(jsonValueObject2)) {
                    PBCAgent2GUtil.putStringToJson(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_RISKINFO, Base64.encode(jsonValueObject2.toJson().getBytes()));
                }
                try {
                    str5 = CUPSTCRawSign(PBCAgent2GUtil.getCUPSTCSignString(parse).getBytes(str4), str3, "SHA256");
                } catch (UnsupportedEncodingException e3) {
                    e3.printStackTrace();
                }
                if (!PBCAgent2GUtil.notEmpty(str5)) {
                    throw new NetSignAgentException(AgentErrorRes.SIGNRESULT_NULL, "encrypt result empty");
                }
                PBCAgent2GUtil.putStringToJson(parse, "signature", str5);
                return parse.toJson();
            } catch (Exception e4) {
                e4.printStackTrace();
                throw new NetSignAgentException(AgentErrorRes.PARSE_JSON_ENCRYPTDATA_FORMATERROR, "no encrypt data");
            }
        } catch (Exception e5) {
            e5.printStackTrace();
            throw new NetSignAgentException(AgentErrorRes.PARSE_JSON_FAILED, "json invalid");
        }
    }

    public String CUPSTCDecryptAndVerify(String str, String str2, String str3, String str4) throws NetSignAgentException {
        JsonParser jsonParser = new JsonParser(str4);
        if (isEmpty(str) || isEmpty(str3)) {
            throw new NetSignAgentException(AgentErrorRes.INIT_PARA_NULL, "param invalid");
        }
        try {
            JsonObject parse = jsonParser.parse(str.toCharArray());
            if (null == parse) {
                throw new NetSignAgentException(AgentErrorRes.PARSE_JSON_RESULT_NULL, "attached2Detached json result null");
            }
            String valueByKey = PBCAgent2GUtil.getValueByKey(parse, "signature");
            if (!PBCAgent2GUtil.notEmpty(valueByKey)) {
                throw new NetSignAgentException(AgentErrorRes.PARSE_JSON_ATTR_ABSENT, "lack attribute");
            }
            CUPSTCRawVerify(PBCAgent2GUtil.getCUPSTCSignString(parse).getBytes(), valueByKey, str3, "SHA256");
            String valueByKey2 = PBCAgent2GUtil.getValueByKey(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_RISKINFO);
            if (PBCAgent2GUtil.notEmpty(valueByKey2)) {
                try {
                    PBCAgent2GUtil.putObjectToJson(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_RISKINFO, new String(Base64.decode(valueByKey2), str4), jsonParser);
                } catch (UnsupportedEncodingException e) {
                    e.printStackTrace();
                }
            }
            String str5 = null;
            String valueByKey3 = PBCAgent2GUtil.getValueByKey(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_TXNTYPE);
            if (isEmpty(valueByKey3)) {
                throw new NetSignAgentException(AgentErrorRes.PARSE_JSON_ATTR_ABSENT, "lack transaction type");
            }
            String valueByKey4 = PBCAgent2GUtil.getValueByKey(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_ENCRYPTDATA);
            if (isEmpty(valueByKey4) && !PBCAgent2GUtil.CUPSTC_TXNTYPE_DOWNLOADCERT.equals(valueByKey3)) {
                throw new NetSignAgentException(AgentErrorRes.PARSE_JSON_ATTR_ABSENT, "lack encrypt data");
            }
            if (PBCAgent2GUtil.CUPSTC_TXNTYPE_RESETKEY.equals(valueByKey3)) {
                if (isEmpty(str2)) {
                    throw new NetSignAgentException(AgentErrorRes.INIT_PARA_NULL, "encryptCertID empty");
                }
                String CUPSTCDecryptWorkingKey = CUPSTCDecryptWorkingKey(valueByKey4, str2);
                if (isEmpty(CUPSTCDecryptWorkingKey)) {
                    throw new NetSignAgentException(AgentErrorRes.DECRYPTRESULT_NULL, "decrypt result empty");
                }
                try {
                    JsonObject parse2 = jsonParser.parse(CUPSTCDecryptWorkingKey.toCharArray());
                    String valueByKey5 = PBCAgent2GUtil.getValueByKey(parse2, PBCAgent2GUtil.CUPSTC_JSONKEY_NEWKEY);
                    String valueByKey6 = PBCAgent2GUtil.getValueByKey(parse2, PBCAgent2GUtil.CUPSTC_JSONKEY_KEYTYPE);
                    String valueByKey7 = PBCAgent2GUtil.getValueByKey(parse2, "keyLabel");
                    if (!PBCAgent2GUtil.notEmpty(valueByKey5) || (isEmpty(valueByKey6) && isEmpty(valueByKey7))) {
                        throw new NetSignAgentException(AgentErrorRes.JSONMESSAGE_SA009_NULL, "密钥重置交易报文内容为空");
                    }
                    CUPSTCSetWorkingKey(valueByKey5, valueByKey6, valueByKey7);
                    PBCAgent2GUtil.putObjectToJson(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_ENCRYPTDATA, CUPSTCDecryptWorkingKey, jsonParser);
                } catch (Exception e2) {
                    e2.printStackTrace();
                    throw new NetSignAgentException(AgentErrorRes.PARSE_JSON_FAILED, "attached2Detached result failed");
                }
            } else if (PBCAgent2GUtil.CUPSTC_TXNTYPE_DOWNLOADCERT.equals(valueByKey3)) {
                if (PBCAgent2GUtil.notEmpty(valueByKey4)) {
                    byte[] CUPSTCDecrypt = CUPSTCDecrypt(valueByKey4, "3");
                    if (CUPSTCDecrypt == null) {
                        throw new NetSignAgentException(AgentErrorRes.DECRYPTRESULT_NULL, "decrypt result empty");
                    }
                    try {
                        str5 = new String(CUPSTCDecrypt, str4);
                    } catch (UnsupportedEncodingException e3) {
                        e3.printStackTrace();
                    }
                    if (isEmpty(str5)) {
                        throw new NetSignAgentException(AgentErrorRes.DECRYPTRESULT_NULL, "decrypt result empty");
                    }
                    PBCAgent2GUtil.putObjectToJson(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_ENCRYPTDATA, str5, jsonParser);
                }
                X509Certificate x509Certificate = null;
                String valueByKey8 = PBCAgent2GUtil.getValueByKey(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_CERFILE);
                if (!PBCAgent2GUtil.notEmpty(valueByKey8)) {
                    throw new NetSignAgentException(AgentErrorRes.PARSE_JSON_ATTR_ABSENT, "no cert found");
                }
                try {
                    x509Certificate = NetSignAgent.generateCertificate(valueByKey8.getBytes());
                } catch (Exception e4) {
                    e4.printStackTrace();
                }
                this.certAgent.uploadCert(null, x509Certificate);
            } else {
                byte[] CUPSTCDecrypt2 = CUPSTCDecrypt(valueByKey4, "3");
                if (CUPSTCDecrypt2 == null) {
                    throw new NetSignAgentException(AgentErrorRes.DECRYPTRESULT_NULL, "no decrypt result");
                }
                try {
                    str5 = new String(CUPSTCDecrypt2, str4);
                } catch (UnsupportedEncodingException e5) {
                    e5.printStackTrace();
                }
                if (isEmpty(str5)) {
                    throw new NetSignAgentException(AgentErrorRes.DECRYPTRESULT_NULL, "no decrypt result");
                }
                PBCAgent2GUtil.putObjectToJson(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_ENCRYPTDATA, str5, jsonParser);
            }
            return parse.toJson();
        } catch (Exception e6) {
            e6.printStackTrace();
            throw new NetSignAgentException(AgentErrorRes.PARSE_JSON_FAILED, "attached2Detached json failed");
        }
    }

    public boolean CUPSTCSetWorkingKey(String str, String str2, String str3) throws NetSignAgentException {
        String str4;
        if (isEmpty(str) || (isEmpty(str2) && isEmpty(str3))) {
            throw new NetSignAgentException(AgentErrorRes.INIT_PARA_NULL, "param invalid");
        }
        if (str.length() % 2 == 1) {
            str = "0" + str;
        }
        byte[] byteArray = new BigInteger(str, 16).toByteArray();
        if (byteArray.length > str.length() / 2) {
            byte[] bArr = new byte[str.length() / 2];
            System.arraycopy(byteArray, byteArray.length - bArr.length, bArr, 0, bArr.length);
            byteArray = bArr;
        }
        if (isEmpty(str3)) {
            if (!"1".equals(str2) && !"3".equals(str2)) {
                throw new NetSignAgentException(AgentErrorRes.ERROR_INPUT_PARA, "keyType invalid");
            }
            str4 = "1".equals(str2) ? "cupstcpinkey" : "cupstctranskey";
        } else {
            if (!str3.matches("^[0-9A-Za-z_]{1,50}$")) {
                throw new NetSignAgentException(AgentErrorRes.ERROR_INPUT_PARA, "keyLabel invalid");
            }
            str4 = str3;
        }
        return this.keyAgent.setWorkingKey(str4, byteArray, "DESEde", true);
    }

    public String CUPSTCEncrypt(byte[] bArr, String str, String str2) throws NetSignAgentException {
        String str3;
        if (allTrue(new boolean[]{isEmpty(str), isEmpty(str2)}) || isEmpty((Object) bArr)) {
            throw new NetSignAgentException(AgentErrorRes.INIT_PARA_NULL, "param invalid");
        }
        if (!isEmpty(str2)) {
            str3 = str2;
        } else {
            if (!validKeyType(str)) {
                throw new NetSignAgentException(AgentErrorRes.ERROR_INPUT_PARA, "keyType invalid");
            }
            str3 = "1".equals(str) ? "cupstcpinkey" : "cupstctranskey";
        }
        byte[] symmEncrypt = this.encryptionAgent.symmEncrypt(bArr, str3, "/ECB/NoPadding");
        if (symmEncrypt != null) {
            return Base64.encode(symmEncrypt);
        }
        return null;
    }

    public byte[] CUPSTCDecrypt(String str, String str2, String str3) throws NetSignAgentException {
        String str4;
        if (isEmpty(str2) && isEmpty(str3)) {
            throw new NetSignAgentException(AgentErrorRes.INIT_PARA_NULL, "param invalid");
        }
        if (!isEmpty(str3)) {
            str4 = str3;
        } else {
            if (!validKeyType(str2)) {
                throw new NetSignAgentException(AgentErrorRes.ERROR_INPUT_PARA, "keyType invalid");
            }
            str4 = "1".equals(str2) ? "cupstcpinkey" : "cupstctranskey";
        }
        byte[] symmDecrypt = this.encryptionAgent.symmDecrypt(Base64.decode(str), str4, "/ECB/NoPadding");
        if (symmDecrypt != null && checkCUPSTCDATA(symmDecrypt)) {
            return symmDecrypt;
        }
        byte[] symmDecrypt2 = this.encryptionAgent.symmDecrypt(Base64.decode(str), str4 + ".bak", "/ECB/NoPadding");
        if (symmDecrypt2 == null) {
            return null;
        }
        if (checkCUPSTCDATA(symmDecrypt2)) {
            return symmDecrypt2;
        }
        throw new NetSignAgentException(AgentErrorRes.INVALID_MSG_FORMAT, "decrypt result invalid");
    }

    public String CUPSTCEncryptAndSign(String str, String str2, String str3, String str4, String str5, String str6) throws NetSignAgentException {
        JsonParser jsonParser = new JsonParser(str6);
        if (isEmpty(str) || isEmpty(str3)) {
            throw new NetSignAgentException(AgentErrorRes.INIT_PARA_NULL, "param invalid");
        }
        try {
            JsonObject parse = jsonParser.parse(str.toCharArray());
            if (null == parse) {
                throw new NetSignAgentException(AgentErrorRes.PARSE_JSON_RESULT_NULL, "no json data");
            }
            String valueByKey = PBCAgent2GUtil.getValueByKey(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_TXNTYPE);
            if (isEmpty(valueByKey)) {
                throw new NetSignAgentException(AgentErrorRes.PARSE_JSON_ATTR_ABSENT, "transfer invalid");
            }
            try {
                JsonValueObject jsonValueObject = (JsonValueObject) parse.getValue(PBCAgent2GUtil.CUPSTC_JSONKEY_ENCRYPTDATA);
                if (isEmpty(jsonValueObject) && !valueByKey.equals(PBCAgent2GUtil.CUPSTC_TXNTYPE_DOWNLOADCERT)) {
                    throw new NetSignAgentException(AgentErrorRes.PARSE_JSON_ATTR_ABSENT, "invalid data");
                }
                String str7 = null;
                if (PBCAgent2GUtil.CUPSTC_TXNTYPE_RESETKEY.equals(valueByKey)) {
                    JsonObject jsonObject = (JsonObject) jsonValueObject.getValue();
                    String valueByKey2 = PBCAgent2GUtil.getValueByKey(jsonObject, PBCAgent2GUtil.CUPSTC_JSONKEY_NEWKEY);
                    String valueByKey3 = PBCAgent2GUtil.getValueByKey(jsonObject, PBCAgent2GUtil.CUPSTC_JSONKEY_KEYTYPE);
                    String valueByKey4 = PBCAgent2GUtil.getValueByKey(jsonObject, "keyLabel");
                    if (PBCAgent2GUtil.notEmpty(valueByKey2) && (!isEmpty(valueByKey3) || !isEmpty(valueByKey4))) {
                        CUPSTCSetWorkingKey(valueByKey2, valueByKey3, valueByKey4);
                    }
                    if (isEmpty(str2)) {
                        throw new NetSignAgentException(AgentErrorRes.INIT_PARA_NULL, "encryptCertID empty");
                    }
                    String CUPSTCEncryptWorkingKey = CUPSTCEncryptWorkingKey(jsonValueObject.toJson(), str2);
                    if (isEmpty(CUPSTCEncryptWorkingKey)) {
                        throw new NetSignAgentException(AgentErrorRes.ENCRYPTDATARESULT_NULL, "encrypt failed");
                    }
                    PBCAgent2GUtil.putStringToJson(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_ENCRYPTDATA, CUPSTCEncryptWorkingKey);
                } else if (PBCAgent2GUtil.CUPSTC_TXNTYPE_DOWNLOADCERT.equals(valueByKey)) {
                    if (PBCAgent2GUtil.notEmpty(jsonValueObject)) {
                        try {
                            str7 = CUPSTCEncrypt(jsonValueObject.toJson().getBytes(str6), "3", str4);
                        } catch (UnsupportedEncodingException e) {
                            e.printStackTrace();
                        }
                        if (isEmpty(str7)) {
                            throw new NetSignAgentException(AgentErrorRes.ENCRYPTDATARESULT_NULL, "encrypt failed");
                        }
                        PBCAgent2GUtil.putStringToJson(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_ENCRYPTDATA, str7);
                    }
                    GenericCertificate[] genericCertificate = this.certAgent.getGenericCertificate(str3);
                    if (genericCertificate == null || genericCertificate[0] == null) {
                        throw new NetSignAgentException(AgentErrorRes.CERTGETTED_NULL, "get cert failed");
                    }
                    String base64Cert = genericCertificate[0].getBase64Cert();
                    if (!PBCAgent2GUtil.notEmpty(base64Cert)) {
                        throw new NetSignAgentException(AgentErrorRes.CERFILEGETTED_NULL, "get cert failed");
                    }
                    PBCAgent2GUtil.putStringToJson(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_CERFILE, base64Cert);
                } else {
                    try {
                        str7 = CUPSTCEncrypt(jsonValueObject.toJson().getBytes(str6), "3", str4);
                    } catch (UnsupportedEncodingException e2) {
                        e2.printStackTrace();
                    }
                    if (isEmpty(str7)) {
                        throw new NetSignAgentException(AgentErrorRes.ENCRYPTDATARESULT_NULL, "encrypt result null");
                    }
                    PBCAgent2GUtil.putStringToJson(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_ENCRYPTDATA, str7);
                }
                JsonValueObject jsonValueObject2 = (JsonValueObject) parse.getValue(PBCAgent2GUtil.CUPSTC_JSONKEY_RISKINFO);
                if (PBCAgent2GUtil.notEmpty(jsonValueObject2)) {
                    PBCAgent2GUtil.putStringToJson(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_RISKINFO, Base64.encode(jsonValueObject2.toJson().getBytes()));
                }
                String str8 = null;
                try {
                    str8 = CUPSTCRawSign(PBCAgent2GUtil.getCUPSTCSignString(parse).getBytes(str6), str3, "SHA256");
                } catch (UnsupportedEncodingException e3) {
                    e3.printStackTrace();
                }
                if (!PBCAgent2GUtil.notEmpty(str8)) {
                    throw new NetSignAgentException(AgentErrorRes.SIGNRESULT_NULL, "signed failed");
                }
                PBCAgent2GUtil.putStringToJson(parse, "signature", str8);
                return parse.toJson();
            } catch (Exception e4) {
                e4.printStackTrace();
                throw new NetSignAgentException(AgentErrorRes.PARSE_JSON_ENCRYPTDATA_FORMATERROR, "no encrypt data");
            }
        } catch (Exception e5) {
            e5.printStackTrace();
            throw new NetSignAgentException(AgentErrorRes.PARSE_JSON_FAILED, "json invalid");
        }
    }

    public String CUPSTCDecryptAndVerify(String str, String str2, String str3, String str4, String str5, String str6) throws NetSignAgentException {
        JsonParser jsonParser = new JsonParser(str6);
        if (isEmpty(str) || isEmpty(str3)) {
            throw new NetSignAgentException(AgentErrorRes.INIT_PARA_NULL, "param invalid");
        }
        try {
            JsonObject parse = jsonParser.parse(str.toCharArray());
            if (null == parse) {
                throw new NetSignAgentException(AgentErrorRes.PARSE_JSON_RESULT_NULL, "json attached2Detached empty");
            }
            String valueByKey = PBCAgent2GUtil.getValueByKey(parse, "signature");
            if (!PBCAgent2GUtil.notEmpty(valueByKey)) {
                throw new NetSignAgentException(AgentErrorRes.PARSE_JSON_ATTR_ABSENT, "signed abandon");
            }
            CUPSTCRawVerify(PBCAgent2GUtil.getCUPSTCSignString(parse).getBytes(), valueByKey, str3, "SHA256");
            String valueByKey2 = PBCAgent2GUtil.getValueByKey(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_RISKINFO);
            if (PBCAgent2GUtil.notEmpty(valueByKey2)) {
                try {
                    PBCAgent2GUtil.putObjectToJson(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_RISKINFO, new String(Base64.decode(valueByKey2), str6), jsonParser);
                } catch (UnsupportedEncodingException e) {
                    e.printStackTrace();
                }
            }
            String str7 = null;
            String valueByKey3 = PBCAgent2GUtil.getValueByKey(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_TXNTYPE);
            if (isEmpty(valueByKey3)) {
                throw new NetSignAgentException(AgentErrorRes.PARSE_JSON_ATTR_ABSENT, "transaction type abandon");
            }
            String valueByKey4 = PBCAgent2GUtil.getValueByKey(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_ENCRYPTDATA);
            if (isEmpty(valueByKey4) && !PBCAgent2GUtil.CUPSTC_TXNTYPE_DOWNLOADCERT.equals(valueByKey3)) {
                throw new NetSignAgentException(AgentErrorRes.PARSE_JSON_ATTR_ABSENT, "encrypt data abandon");
            }
            if (PBCAgent2GUtil.CUPSTC_TXNTYPE_RESETKEY.equals(valueByKey3)) {
                if (isEmpty(str2)) {
                    throw new NetSignAgentException(AgentErrorRes.INIT_PARA_NULL, "no encryptCertID");
                }
                String CUPSTCDecryptWorkingKey = CUPSTCDecryptWorkingKey(valueByKey4, str2);
                if (isEmpty(CUPSTCDecryptWorkingKey)) {
                    throw new NetSignAgentException(AgentErrorRes.DECRYPTRESULT_NULL, "decrypt result null");
                }
                try {
                    JsonObject parse2 = jsonParser.parse(CUPSTCDecryptWorkingKey.toCharArray());
                    String valueByKey5 = PBCAgent2GUtil.getValueByKey(parse2, PBCAgent2GUtil.CUPSTC_JSONKEY_NEWKEY);
                    String valueByKey6 = PBCAgent2GUtil.getValueByKey(parse2, PBCAgent2GUtil.CUPSTC_JSONKEY_KEYTYPE);
                    String valueByKey7 = PBCAgent2GUtil.getValueByKey(parse2, "keyLabel");
                    if (!PBCAgent2GUtil.notEmpty(valueByKey5) || (isEmpty(valueByKey6) && isEmpty(valueByKey7))) {
                        throw new NetSignAgentException(AgentErrorRes.JSONMESSAGE_SA009_NULL, "密钥重置交易报文内容为空");
                    }
                    CUPSTCSetWorkingKey(valueByKey5, valueByKey6, valueByKey7);
                    PBCAgent2GUtil.putObjectToJson(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_ENCRYPTDATA, CUPSTCDecryptWorkingKey, jsonParser);
                } catch (Exception e2) {
                    e2.printStackTrace();
                    throw new NetSignAgentException(AgentErrorRes.PARSE_JSON_FAILED, "attached2Detached result null");
                }
            } else if (PBCAgent2GUtil.CUPSTC_TXNTYPE_DOWNLOADCERT.equals(valueByKey3)) {
                if (PBCAgent2GUtil.notEmpty(valueByKey4)) {
                    byte[] CUPSTCDecrypt = CUPSTCDecrypt(valueByKey4, "3", str4);
                    if (CUPSTCDecrypt == null) {
                        throw new NetSignAgentException(AgentErrorRes.DECRYPTRESULT_NULL, "decrypt failed");
                    }
                    try {
                        str7 = new String(CUPSTCDecrypt, str6);
                    } catch (UnsupportedEncodingException e3) {
                        e3.printStackTrace();
                    }
                    if (isEmpty(str7)) {
                        throw new NetSignAgentException(AgentErrorRes.DECRYPTRESULT_NULL, "decrypt failed");
                    }
                    PBCAgent2GUtil.putObjectToJson(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_ENCRYPTDATA, str7, jsonParser);
                }
                X509Certificate x509Certificate = null;
                String valueByKey8 = PBCAgent2GUtil.getValueByKey(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_CERFILE);
                if (!PBCAgent2GUtil.notEmpty(valueByKey8)) {
                    throw new NetSignAgentException(AgentErrorRes.PARSE_JSON_ATTR_ABSENT, "no cert");
                }
                try {
                    x509Certificate = NetSignAgent.generateCertificate(valueByKey8.getBytes());
                } catch (Exception e4) {
                    e4.printStackTrace();
                }
                this.certAgent.uploadCert(null, x509Certificate);
            } else {
                byte[] CUPSTCDecrypt2 = CUPSTCDecrypt(valueByKey4, "3", str4);
                if (CUPSTCDecrypt2 == null) {
                    throw new NetSignAgentException(AgentErrorRes.DECRYPTRESULT_NULL, "decrypt failed");
                }
                try {
                    str7 = new String(CUPSTCDecrypt2, str6);
                } catch (UnsupportedEncodingException e5) {
                    e5.printStackTrace();
                }
                if (isEmpty(str7)) {
                    throw new NetSignAgentException(AgentErrorRes.DECRYPTRESULT_NULL, "decrypt failed");
                }
                PBCAgent2GUtil.putObjectToJson(parse, PBCAgent2GUtil.CUPSTC_JSONKEY_ENCRYPTDATA, str7, jsonParser);
            }
            return parse.toJson();
        } catch (Exception e6) {
            e6.printStackTrace();
            throw new NetSignAgentException(AgentErrorRes.PARSE_JSON_FAILED, "json invalid");
        }
    }

    private static byte[] getCUPSTCPlain(byte[] bArr, String str) throws NetSignAgentException {
        byte[] bArr2;
        if ("SM3".equals(str)) {
            bArr2 = SM3.SM3Digest(bArr);
        } else {
            if (!"SHA256".equals(str)) {
                throw new NetSignAgentException(AgentErrorRes.DIGESTALG_ERROR, "digest error");
            }
            SHA256Digest sHA256Digest = new SHA256Digest();
            bArr2 = new byte[32];
            sHA256Digest.update(bArr, 0, bArr.length);
            sHA256Digest.doFinal(bArr2, 0);
        }
        return Utils.toHexString(bArr2).toUpperCase().getBytes();
    }

    private static boolean checkCUPSTCDATA(byte[] bArr) {
        return new String(bArr).trim().startsWith("{");
    }

    private static boolean validKeyType(String str) {
        return "1".equals(str) || "3".equals(str);
    }
}
