package cn.com.infosec.netsign.agent.impl;

import cn.com.infosec.netsign.agent.GenericCertificate;
import cn.com.infosec.netsign.agent.NetSignAgentUtil;
import cn.com.infosec.netsign.agent.NetSignResult;
import cn.com.infosec.netsign.agent.VerifyResult;
import cn.com.infosec.netsign.agent.basic.BasicNetSignAgent;
import cn.com.infosec.netsign.agent.exception.NetSignAgentException;
import cn.com.infosec.netsign.agent.exception.ServerProcessException;
import cn.com.infosec.netsign.agent.impl.base.AgentBasic;
import cn.com.infosec.netsign.agent.newcommunitor.CommunicatorManager;
import cn.com.infosec.netsign.agent.resource.AgentErrorRes;
import cn.com.infosec.netsign.agent.util.AlgUtils;
import cn.com.infosec.netsign.base.CSRParameters;
import cn.com.infosec.netsign.base.NSMessage;
import cn.com.infosec.netsign.base.NSMessageOpt;
import cn.com.infosec.netsign.base.TransUtil;
import cn.com.infosec.netsign.crypto.util.Base64;
import cn.com.infosec.netsign.der.util.P7SignedData;
import cn.com.infosec.netsign.der.util.P7SignedDataParser;
import cn.com.infosec.netsign.der.util.PKCS7SignedData;
import cn.com.infosec.netsign.der.util.PKCS7SignedDataParser;
import cn.com.infosec.netsign.isc.constant.AlgorithmConst;
import cn.com.infosec.netsign.logger.ConsoleLogger;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.PublicKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.List;

/* loaded from: input_file:cn/com/infosec/netsign/agent/impl/SignAgentImpl.class */
public class SignAgentImpl extends AgentBasic {
    private byte[] pwd;

    public SignAgentImpl(CommunicatorManager communicatorManager, byte[] bArr) {
        super(communicatorManager);
        this.pwd = bArr;
    }

    private NSMessage makeSignReq(String str, byte[] bArr, String str2, String str3, CSRParameters cSRParameters, boolean z) throws NetSignAgentException {
        paramEmpty(bArr, "plain");
        NSMessage createMessage = NetSignAgentUtil.createMessage(str);
        createMessage.setPlainText(bArr);
        createMessage.setSignCertDN(str2);
        createMessage.setDigestAlg(AlgUtils.trimDigestAlg(str3));
        createMessage.setUsedTSA(z);
        createMessage.setCSRParameters(cSRParameters);
        createMessage.setApiPasswd(this.pwd);
        return createMessage;
    }

    private NSMessage makeVerifyReq(String str, byte[] bArr, String str2, String str3, String str4) throws NetSignAgentException {
        paramEmpty(bArr, "plain");
        NSMessage createMessage = NetSignAgentUtil.createMessage(str);
        createMessage.setPlainText(bArr);
        createMessage.setCryptoText(Base64.decode(str2));
        createMessage.setSignCertDN(str3);
        createMessage.setDigestAlg(str4);
        createMessage.setTransCert(true);
        return createMessage;
    }

    public byte[] p1Sign(byte[] bArr, String str, String str2) throws NetSignAgentException {
        logString("rawSign{origBytes:" + bArr + ";dn:" + str + "}");
        return makeRes(makeSignReq(TransUtil.RAW_SIGN, bArr, str, str2, null, false), "rawSign").getCryptoText();
    }

    public String rawSign(byte[] bArr, String str) throws NetSignAgentException {
        return Base64.encode(p1Sign(bArr, str, null));
    }

    public String rawSign(byte[] bArr, String str, String str2) throws NetSignAgentException {
        return Base64.encode(p1Sign(bArr, str, str2));
    }

    public byte[] rawSign(byte[] bArr, String str, String str2, boolean z, int i, byte[] bArr2) throws NetSignAgentException {
        NSMessage makeSignReq = makeSignReq(TransUtil.RAW_SIGNATURE, bArr, str, str2, null, false);
        makeSignReq.setSignCertType(i + "");
        makeSignReq.setTransCert(z);
        makeSignReq.setKeyHash(bArr2);
        return makeRes(makeSignReq, "rawSign").getCryptoText();
    }

    public String rawSignHash(byte[] bArr, String str, String str2) throws NetSignAgentException {
        logString("rawSignHash{origBytes:" + bArr + ";dn:" + str + "}");
        paramEmpty(bArr, "digest");
        return Base64.encode(makeRes(makeSignReq(TransUtil.RAW_SIGN_HASH, bArr, str, str2, null, false), "rawSignHash").getCryptoText());
    }

    public String detachedSignHash(byte[] bArr, String str, String str2) throws NetSignAgentException {
        logString("detachedSignHash{origBytes:" + bArr + ";dn:" + str + "}");
        paramEmpty(bArr, "digest");
        return Base64.encode(makeRes(makeSignReq(TransUtil.DETACHED_SIGNHASH, bArr, str, str2, null, false), "detachedSignHash").getCryptoText());
    }

    public String detachedSignHash(byte[] bArr, String str, CSRParameters cSRParameters, boolean z) throws NetSignAgentException {
        logString("detachedSignHash{origBytes:" + bArr + ";digestAlg:" + str + "}");
        paramEmpty(bArr, "digest");
        paramEmpty(cSRParameters, "CSRParameters");
        return Base64.encode(makeRes(makeSignReq(TransUtil.DETACHED_SIGNHASH, bArr, null, str, cSRParameters, z), "detachedSignHash").getCryptoText());
    }

    public boolean rawVerify(byte[] bArr, String str, String str2) throws NetSignAgentException {
        logString("rawVerify{origBytes:" + bArr + ";signedStr:" + str + ";dn:" + str2 + "}");
        paramEmpty(str, "signedStr");
        makeRes(makeVerifyReq(TransUtil.VERIFY_PBC_RAW_SIG, bArr, str, str2, null), "rawVerify");
        return true;
    }

    public boolean rawVerify(byte[] bArr, byte[] bArr2, String str) throws NetSignAgentException {
        logString("rawVerify{origBytes:" + bArr + ";dn:" + str + "}");
        paramEmpty(bArr2, "signed");
        NSMessage makeVerifyReq = makeVerifyReq(TransUtil.VERIFY_PBC_RAW_SIG, bArr, "AAA", str, null);
        makeVerifyReq.setCryptoText(bArr2);
        makeRes(makeVerifyReq, "rawVerify");
        return true;
    }

    public boolean rawVerify(byte[] bArr, String str, String str2, String str3) throws NetSignAgentException {
        logString("rawVerify{origBytes:" + bArr + ";signedStr:" + str + ";dn:" + str2 + "}");
        paramEmpty(str, "signedStr");
        makeRes(makeVerifyReq(TransUtil.VERIFY_PBC_RAW_SIG, bArr, str, str2, str3), "rawVerify");
        return true;
    }

    public boolean rawVerifyByPubkey(byte[] bArr, String str, String str2, String str3) throws NetSignAgentException {
        logString("rawVerifyByPubKey{origBytes:" + bArr + ";signedStr:" + str + ";pubKeyId:" + str3 + "}");
        paramEmpty(str, "signedStr");
        NSMessage makeVerifyReq = makeVerifyReq(TransUtil.NSS_RAW_VERIFY, bArr, str, null, str2);
        makeVerifyReq.setBankID(str3);
        makeRes(makeVerifyReq, "rawVerifyByPubKey");
        return true;
    }

    public boolean rawVerifyByPubkey(byte[] bArr, String str, String str2, PublicKey publicKey) throws NetSignAgentException {
        logString("rawVerifyByPubKey{origBytes:" + bArr + ";signedStr:" + str + "}");
        paramEmpty(str, "signedStr");
        NSMessage makeVerifyReq = makeVerifyReq(TransUtil.NSS_RAW_VERIFY, bArr, str, null, str2);
        NetSignAgentUtil.decode(str);
        makeVerifyReq.setPublicKey(publicKey);
        makeRes(makeVerifyReq, "rawVerifyByPubKey");
        return true;
    }

    public boolean rawVerifySimple(byte[] bArr, String str, String str2, String str3) throws NetSignAgentException {
        logString("rawVerify{origBytes:" + bArr + ";signedStr:" + str + ";dn:" + str2 + "}");
        paramEmpty(str, "signedStr");
        makeRes(makeVerifyReq(TransUtil.VERIFY_RAW_SIGNED_VALUE_PROCESSOR, bArr, str, str2, str3), "rawVerifySimple");
        return true;
    }

    public boolean rawAfterwardsVerifyHash(byte[] bArr, String str, String str2, X509Certificate x509Certificate, String str3) throws NetSignAgentException {
        logString("rawAfterwardsVerifyHash{origBytes:" + bArr + ";signedText:" + str + "}");
        paramEmpty(str, "signedText");
        paramEmpty(bArr, "digest");
        NSMessage makeVerifyReq = makeVerifyReq(TransUtil.RAW_AFTERWARDS_VERIFYHASH, bArr, str, str2, AlgUtils.trimDigestAlg(str3));
        makeVerifyReq.setCert(x509Certificate);
        makeRes(makeVerifyReq, "rawAfterwardsVerifyHash");
        return true;
    }

    public boolean rawVerifyHash(byte[] bArr, String str, String str2, String str3) throws NetSignAgentException {
        logString("rawVerifyHash{origBytes:" + bArr + ";signedStr:" + str + ";dn:" + str2 + "}");
        paramEmpty(bArr, "digest");
        paramEmpty(str, "signedStr");
        makeRes(makeVerifyReq(TransUtil.RAW_VERIFYHASH, bArr, str, str2, str3), "rawVerifyHash");
        return true;
    }

    public boolean rawVerify(byte[] bArr, byte[] bArr2, String str, PublicKey publicKey, X509Certificate x509Certificate, String str2, int i, byte[] bArr3) throws NetSignAgentException {
        paramEmpty(bArr2, "signed");
        NSMessage makeVerifyReq = makeVerifyReq(TransUtil.RAW_SIGN_VERIFY, bArr, "AAA", str, str2);
        makeVerifyReq.setCryptoText(bArr2);
        makeVerifyReq.setSignCertType(i + "");
        makeVerifyReq.setKeyHash(bArr3);
        makeVerifyReq.setPublicKey(publicKey);
        makeVerifyReq.setCert(x509Certificate);
        makeRes(makeVerifyReq, "rawVerify");
        return true;
    }

    public byte[] p7DetachedSign(byte[] bArr, String str, String str2) throws NetSignAgentException {
        logString("detachedSign{origBytes:" + bArr + ";dn:" + str + "}");
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.DETACHED_SIGN);
        createMessage.setPlainText(bArr);
        createMessage.setSignCertDN(str);
        createMessage.setDigestAlg(str2);
        createMessage.setApiPasswd(this.pwd);
        return makeRes(createMessage, "DetachedSign").getCryptoText();
    }

    public String detachedSign(byte[] bArr, String str, String str2) throws NetSignAgentException {
        return Base64.encode(p7DetachedSign(bArr, str, str2));
    }

    public GenericCertificate detachedVerify(byte[] bArr, byte[] bArr2) throws NetSignAgentException {
        logString("detachedVerify{origBytes:" + bArr + ";signedStr:" + bArr2 + "}");
        paramEmpty(bArr2, "signed");
        NSMessage makeVerifyReq = makeVerifyReq(TransUtil.DETACHED_VERIFY, bArr, "AAA", null, null);
        makeVerifyReq.setCryptoText(bArr2);
        return new GenericCertificate(makeRes(makeVerifyReq, "detachedVerify").getCert());
    }

    public GenericCertificate detachedVerify(byte[] bArr, String str) throws NetSignAgentException {
        logString("detachedVerify{origBytes:" + bArr + ";signedStr:" + str + "}");
        paramEmpty(str, "signedStr");
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.DETACHED_VERIFY);
        createMessage.setCryptoText(Base64.decode(str));
        createMessage.setPlainText(bArr);
        createMessage.setTransCert(true);
        return new GenericCertificate(makeRes(createMessage, "detachedVerify").getCert());
    }

    public GenericCertificate detachedVerifySimple(byte[] bArr, String str) throws NetSignAgentException {
        logString("uploadCert{origBytes:" + bArr + ";certStr:" + str + "}");
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.VERIFY_DETACHED_SIGNED_VALUE_PROCESSOR);
        createMessage.setPlainText(bArr);
        createMessage.setCryptoText(Base64.decode(str));
        createMessage.setTransCert(true);
        return new GenericCertificate(makeRes(createMessage, "detachedVerifySimple").getCert());
    }

    public GenericCertificate detachedAfterwardsVerify(InputStream inputStream, String str) throws NetSignAgentException {
        return detachedInputStreamVerify(TransUtil.DETACHED_AFTERWARDS_VERIFYHASH, inputStream, str, "detachedAfterwardsVerify");
    }

    public GenericCertificate detachedVerifyHash(byte[] bArr, byte[] bArr2, String str) throws NetSignAgentException {
        NSMessage makeVerifyReq = makeVerifyReq(TransUtil.DETACHED_VERIFY_HASH, bArr2, "AAA", null, str);
        makeVerifyReq.setCryptoText(bArr);
        makeVerifyReq.setApiPasswd(this.pwd);
        return new GenericCertificate(makeRes(makeVerifyReq, "detachedVerifyHash").getCert());
    }

    public GenericCertificate detachedVerify(byte[] bArr, InputStream inputStream) throws NetSignAgentException {
        logString("detachedVerify");
        paramEmpty(bArr, "signed");
        try {
            PKCS7SignedData parse = PKCS7SignedDataParser.parse(bArr, "INFOSEC");
            String str = (String) NetSignAgentUtil.digestOIDName.get(parse.getDigestAlgOid());
            NSMessage makeVerifyReq = makeVerifyReq(TransUtil.DETACHED_VERIFY_HASH, localDigest(getSignCert(str, parse.getSignCert(), (String) null, (CSRParameters) null), inputStream), "AAA", null, str);
            makeVerifyReq.setCryptoText(bArr);
            makeVerifyReq.setApiPasswd(this.pwd);
            return new GenericCertificate(makeRes(makeVerifyReq, "detachedVerify").getCert());
        } catch (Exception e) {
            throw new NetSignAgentException(AgentErrorRes.INIT_PARA_NULL, "Decode signedText failed:" + e.toString());
        }
    }

    public GenericCertificate detachedAfterwardsVerifyHash(byte[] bArr, String str, String str2) throws NetSignAgentException {
        logString("detachedSignature{digest:" + bArr + "}");
        paramEmpty(str, "signed");
        paramEmpty(str2, "digestAlg");
        paramEmpty(bArr, "digest");
        NSMessage makeVerifyReq = makeVerifyReq(TransUtil.DETACHED_AFTERWARDS_VERIFYHASH, bArr, str, null, str2);
        makeVerifyReq.setApiPasswd(this.pwd);
        return new GenericCertificate(makeRes(makeVerifyReq, "detachedAfterwardsVerifyHash").getCert());
    }

    public String unstandardDettachedSign(byte[] bArr, String str, String str2) throws NetSignAgentException {
        logString("nonstandardDettachedSign{origBytes:" + bArr + ";dn:" + str + "}");
        NSMessage createMessage = NetSignAgentUtil.createMessage(str2 + TransUtil.DETACHED_SIGN);
        createMessage.setPlainText(bArr);
        createMessage.setSignCertDN(str);
        createMessage.setApiPasswd(this.pwd);
        return Base64.encode(makeRes(createMessage, "unstandardDetachedSign").getCryptoText());
    }

    public GenericCertificate unstandardDettachedVerify(byte[] bArr, String str, String str2) throws NetSignAgentException {
        logString("unstandardDettachedVerify{origBytes:" + bArr + ";certStr:" + str + "}");
        paramEmpty(str, "signed");
        NSMessage createMessage = NetSignAgentUtil.createMessage(str2 + TransUtil.DETACHED_VERIFY);
        createMessage.setCryptoText(Base64.decode(str));
        createMessage.setPlainText(bArr);
        createMessage.setTransCert(true);
        return new GenericCertificate(makeRes(createMessage, "unstandardDetachedVerify").getCert());
    }

    public String rawSignature(byte[] bArr, String str, boolean z, CSRParameters cSRParameters) throws NetSignAgentException {
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.RAW_SIGN);
        createMessage.setPlainText(bArr);
        createMessage.setUsedTSA(z);
        createMessage.setTransCert(true);
        createMessage.setDigestAlg(str);
        createMessage.setCSRParameters(cSRParameters);
        return Base64.encode(makeRes(createMessage, "rawSignature").getCryptoText());
    }

    public String[] rawSignHash(byte[] bArr, String str, boolean z, CSRParameters cSRParameters) throws NetSignAgentException {
        paramEmpty(cSRParameters, "CSRParameters");
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.RAW_SIGN_HASH);
        createMessage.setPlainText(bArr);
        createMessage.setDigestAlg(str);
        createMessage.setTransCert(true);
        createMessage.setCSRParameters(cSRParameters);
        createMessage.setUsedTSA(z);
        createMessage.setApiPasswd(this.pwd);
        NSMessageOpt makeRes = makeRes(createMessage, "rawSignHash");
        try {
            return new String[]{Base64.encode(makeRes.getCryptoText()), Base64.encode(makeRes.getCert().getEncoded())};
        } catch (CertificateEncodingException e) {
            throw new NetSignAgentException(AgentErrorRes.RECV_MSG_ERROR, "get cert error");
        }
    }

    public String detachedSignature(byte[] bArr, String str, boolean z, CSRParameters cSRParameters) throws NetSignAgentException {
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.DETACHED_SIGN);
        createMessage.setPlainText(bArr);
        createMessage.setUsedTSA(z);
        createMessage.setCSRParameters(cSRParameters);
        createMessage.setDigestAlg(str);
        return Base64.encode(makeRes(createMessage, "detachedSignature").getCryptoText());
    }

    public String detachedSignature(InputStream inputStream, String str, boolean z, CSRParameters cSRParameters) throws NetSignAgentException {
        logString("detachedSignature");
        paramEmpty(cSRParameters, "CSRParameters");
        paramEmpty(str, "digestAlg");
        String upperCase = str == null ? null : str.trim().toUpperCase();
        NSMessageOpt signCert = getSignCert(upperCase, (X509Certificate) null, (String) null, cSRParameters);
        signCert.getCert();
        byte[] localDigest = localDigest(signCert, inputStream);
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.DETACHED_SIGNHASH);
        createMessage.setApiPasswd(this.pwd);
        createMessage.setUsedTSA(z);
        createMessage.setPlainText(localDigest);
        createMessage.setCSRParameters(cSRParameters);
        createMessage.setDigestAlg(upperCase);
        return Base64.encode(makeRes(createMessage, "detachedSignature").getCryptoText());
    }

    public byte[] detachedSign(InputStream inputStream, String str, boolean z, String str2) throws NetSignAgentException {
        logString("detachedSignature");
        paramEmpty(inputStream, "plainText");
        paramEmpty(str2, "certId");
        String upperCase = str == null ? null : str.trim().toUpperCase();
        byte[] localDigest = localDigest(getSignCert(upperCase, null, str2), inputStream);
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.DETACHED_SIGNHASH);
        createMessage.setApiPasswd(this.pwd);
        createMessage.setUsedTSA(z);
        createMessage.setPlainText(localDigest);
        createMessage.setSignCertDN(str2);
        createMessage.setDigestAlg(upperCase);
        return makeRes(createMessage, "detachedSign").getCryptoText();
    }

    public String detachedSign(byte[] bArr, String str, String str2, boolean z) throws NetSignAgentException {
        logString("detachedSign{origBytes:" + bArr + ";dn:" + str + "}");
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.DETACHED_SIGN);
        createMessage.setPlainText(bArr);
        createMessage.setSignCertDN(str);
        createMessage.setDigestAlg(str2);
        createMessage.setApiPasswd(this.pwd);
        createMessage.setBankID(Boolean.toString(z));
        return Base64.encode(makeRes(createMessage, "detachedSign").getCryptoText());
    }

    public String detachedSignature(InputStream inputStream, String str, boolean z, String str2) throws NetSignAgentException {
        return Base64.encode(detachedSign(inputStream, str, z, str2));
    }

    public String attachedSignature(byte[] bArr, String str, boolean z, CSRParameters cSRParameters) throws NetSignAgentException {
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.ATTACHED_SIGN);
        createMessage.setPlainText(bArr);
        createMessage.setUsedTSA(z);
        createMessage.setDigestAlg(str);
        createMessage.setCSRParameters(cSRParameters);
        return Base64.encode(makeRes(createMessage, "attachedSignature").getCryptoText());
    }

    public byte[] attachedSign(byte[] bArr, String str, boolean z, String str2) throws NetSignAgentException {
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.ATTACHED_SIGN);
        createMessage.setPlainText(bArr);
        createMessage.setDigestAlg(str);
        createMessage.setSignCertDN(str2);
        createMessage.setUsedTSA(z);
        return makeRes(createMessage, "attachedSign").getCryptoText();
    }

    public String attachedSignature(byte[] bArr, String str, boolean z, String str2) throws NetSignAgentException {
        return Base64.encode(attachedSign(bArr, str, z, str2));
    }

    public List attachedVerify(String str) throws NetSignAgentException {
        if (isEmpty(str)) {
            throw new NetSignAgentException(AgentErrorRes.INIT_PARA_NULL, "param signedStr invalid");
        }
        return attachedVerify(Base64.decode(str));
    }

    /* JADX WARN: Type inference failed for: r0v11, types: [byte[], byte[][]] */
    public byte[][] attachedVerify2(byte[] bArr) throws NetSignAgentException {
        List attachedVerify = attachedVerify(bArr);
        try {
            return new byte[]{(byte[]) attachedVerify.get(0), ((X509Certificate) attachedVerify.get(1)).getEncoded()};
        } catch (CertificateEncodingException e) {
            throw new NetSignAgentException(AgentErrorRes.GET_SIGNCERTEXTERN_ERROR, "get cert error");
        }
    }

    public byte[][] attachedVerify2(String str) throws NetSignAgentException {
        paramEmpty(str, "signedData");
        return attachedVerify2(Base64.decode(str));
    }

    public List attachedVerify(byte[] bArr) throws NetSignAgentException {
        paramEmpty(bArr, "signed");
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.ATTACHED_VERIFY);
        createMessage.setCryptoText(bArr);
        createMessage.setTransCert(true);
        NSMessageOpt makeRes = makeRes(createMessage, "attachedVerify");
        byte[] plainText = makeRes.getPlainText();
        ArrayList arrayList = new ArrayList(3);
        arrayList.add(plainText);
        arrayList.add(makeRes.getCert());
        arrayList.add(makeRes.getDigestAlg());
        return arrayList;
    }

    public String signWithSceneCert(byte[] bArr, String str, CSRParameters cSRParameters) throws NetSignAgentException {
        logString("signWithSceneCert");
        paramEmpty(cSRParameters, "CSRParameters");
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.SIGN_WITH_SCENE_CERT);
        createMessage.setPlainText(bArr);
        createMessage.setSignCertDN(str);
        createMessage.setCSRParameters(cSRParameters);
        return Base64.encode(makeRes(createMessage, "signWithSceneCert").getCryptoText());
    }

    public String detachedSignWithEncCert(byte[] bArr, String str, String str2) throws NetSignAgentException {
        logString("DetachedSignWithEncCert{origBytes:" + bArr + ";dn:" + str + ";digestAlg:" + str2 + "}");
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.ENCCERT_DETACHED_SIGN);
        createMessage.setPlainText(bArr);
        createMessage.setSignCertDN(str);
        createMessage.setDigestAlg(str2);
        return Base64.encode(makeRes(createMessage, "detachedSignWithEncCert").getCryptoText());
    }

    private NSMessageOpt getSignCert(String str, X509Certificate x509Certificate, String str2) throws NetSignAgentException {
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.GET_CERT);
        createMessage.setSignCertDN(str2);
        createMessage.setCert(x509Certificate);
        createMessage.setDigestAlg(str);
        createMessage.setTransCert(true);
        return sendMsg(createMessage);
    }

    private NSMessageOpt getSignCert(String str, X509Certificate x509Certificate, String str2, CSRParameters cSRParameters) throws NetSignAgentException {
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.GET_SIGNCERT);
        createMessage.setSignCertDN(str2);
        createMessage.setCert(x509Certificate);
        createMessage.setCSRParameters(cSRParameters);
        createMessage.setDigestAlg(str);
        createMessage.setTransCert(true);
        return sendMsg(createMessage);
    }

    private NSMessageOpt getSignCert(String str, String str2, X509Certificate x509Certificate, boolean z) throws NetSignAgentException, ServerProcessException {
        if (x509Certificate != null && (x509Certificate.getPublicKey() instanceof RSAPublicKey) && str2 != null) {
            NSMessageOpt nSMessageOpt = new NSMessageOpt();
            nSMessageOpt.setDigestAlg(str2);
            nSMessageOpt.setCert(x509Certificate);
            return nSMessageOpt;
        }
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.GET_SIGNCERT);
        createMessage.setSignCertDN(str);
        createMessage.setCert(x509Certificate);
        createMessage.setDigestAlg(str2);
        createMessage.setTransCert(z);
        return sendMsg(createMessage);
    }

    private byte[] localDigest(NSMessageOpt nSMessageOpt, InputStream inputStream) throws NetSignAgentException {
        try {
            byte[] computeStreamDigest = BasicNetSignAgent.computeStreamDigest(nSMessageOpt, inputStream);
            if (computeStreamDigest != null) {
                if (computeStreamDigest.length == 0) {
                    return null;
                }
            }
            return computeStreamDigest;
        } catch (NetSignAgentException e) {
            logException(e);
            throw new NetSignAgentException(AgentErrorRes.HASH_ERROR, e.getMessage());
        }
    }

    public boolean rawVerify(byte[] bArr, String str, String str2, String str3, X509Certificate x509Certificate) throws NetSignAgentException {
        paramEmpty(str, "signedText");
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.RAW_Verify);
        createMessage.setPlainText(bArr);
        createMessage.setCryptoText(Base64.decode(str));
        createMessage.setDigestAlg(str2);
        NetSignAgentUtil.checkAndSetTSA(str3, createMessage);
        createMessage.setCert(x509Certificate);
        makeRes(createMessage, "rawVerify");
        return true;
    }

    public void attachedSign(InputStream inputStream, String str, OutputStream outputStream, String str2) throws NetSignAgentException {
        NSMessageOpt signCert = getSignCert("", null, str2);
        if (signCert.getResult() != 1) {
            throw new NetSignAgentException(signCert.getResult(), signCert.getErrMsg());
        }
        byte[] localDigest = localDigest(signCert, inputStream);
        ConsoleLogger.logBinary("digest", localDigest);
        try {
            inputStream.close();
            if (!(inputStream instanceof ByteArrayInputStream)) {
                inputStream = new FileInputStream(str);
            }
            NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.MAKE_EMPTY_ATTACHED_SIGN);
            createMessage.setPlainText(localDigest);
            createMessage.setSignCertDN(str2);
            createMessage.setDigestAlg(signCert.getDigestAlg());
            createMessage.setApiPasswd(this.pwd);
            try {
                createMessage.setKeyHash((inputStream.available() + "").getBytes());
                NSMessageOpt makeRes = makeRes(createMessage, "attachedSign");
                try {
                    outputStream.write(makeRes.getPlainText());
                    outputStream.flush();
                    byte[] bArr = new byte[1024];
                    while (true) {
                        int read = inputStream.read(bArr);
                        if (read == -1) {
                            outputStream.write(makeRes.getCryptoText());
                            outputStream.flush();
                            return;
                        } else {
                            outputStream.write(bArr, 0, read);
                            outputStream.flush();
                        }
                    }
                } catch (IOException e) {
                    e.printStackTrace();
                    throw new NetSignAgentException(AgentErrorRes.WRITE_FILE_FAILED, "write response failed");
                }
            } catch (IOException e2) {
                e2.printStackTrace();
                throw new NetSignAgentException(AgentErrorRes.READ_FILE_FAILED, "can not access file size");
            }
        } catch (IOException e3) {
            e3.printStackTrace();
            throw new NetSignAgentException(AgentErrorRes.ERROR_INPUT_PARA, "Can not recognized file plain");
        }
    }

    public GenericCertificate attachedVerify(InputStream inputStream, OutputStream outputStream, String str) throws NetSignAgentException {
        try {
            P7SignedData attached2Detached = P7SignedDataParser.attached2Detached(inputStream, outputStream, false);
            outputStream.close();
            InputStream byteArrayInputStream = outputStream instanceof ByteArrayOutputStream ? new ByteArrayInputStream(((ByteArrayOutputStream) outputStream).toByteArray()) : new FileInputStream(str);
            try {
                byte[] localDigest = localDigest(getSignCert(attached2Detached.getDigestAlg(), (X509Certificate) attached2Detached.getCert(), (String) null, (CSRParameters) null), byteArrayInputStream);
                ConsoleLogger.logBinary("digest", localDigest);
                return detachedVerifyHash(attached2Detached.getP7(), localDigest, attached2Detached.getDigestAlg());
            } finally {
                try {
                    byteArrayInputStream.close();
                } catch (IOException e) {
                }
            }
        } catch (Exception e2) {
            e2.printStackTrace();
            throw new NetSignAgentException(AgentErrorRes.ERROR_INPUT_PARA, "Can not recognized file format");
        }
    }

    public String attachedSign(byte[] bArr, String str, String str2, CSRParameters cSRParameters, boolean z) throws NetSignAgentException {
        return Base64.encode(makeRes(makeSignReq(TransUtil.ATTACHED_SIGN, bArr, str, str2, cSRParameters, z), "attachedSign").getCryptoText());
    }

    public String attachedSign(byte[] bArr, String str, byte[] bArr2, String str2, boolean z) throws NetSignAgentException {
        paramEmpty(bArr2, NetSignResult.PFX);
        paramEmpty(str2, "pfx pin");
        NSMessage makeSignReq = makeSignReq(TransUtil.ATTACHED_SIGN_WITH_PFX, bArr, null, str, null, z);
        makeSignReq.setCryptoText(bArr2);
        makeSignReq.setHashValue(bArr2);
        makeSignReq.setTSAText(str2.getBytes());
        return Base64.encode(makeRes(makeSignReq, "attachedSign").getCryptoText());
    }

    public VerifyResult attachedVerify(String str, String str2) throws NetSignAgentException {
        paramEmpty(str, "signed");
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.ATTACHED_VERIFY);
        createMessage.setCryptoText(Base64.decode(str));
        createMessage.setDigestAlg(str2);
        createMessage.setTransCert(true);
        NSMessageOpt makeRes = makeRes(createMessage, "attachedVerify");
        return new VerifyResult(makeRes.getCert(), makeRes.getResult(), makeRes.getPlainText());
    }

    public VerifyResult attachedAfterwardsVerify(String str) throws NetSignAgentException {
        paramEmpty(str, "signed");
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.ATTACHED_AFTERWARDS_VERIFY);
        createMessage.setCryptoText(Base64.decode(str));
        createMessage.setTransCert(true);
        NSMessageOpt makeRes = makeRes(createMessage, "attachedAfterwardsVerify");
        VerifyResult verifyResult = new VerifyResult(makeRes.getCert(), makeRes.getResult(), makeRes.getPlainText());
        verifyResult.setDigestAlg(makeRes.getDigestAlg());
        return verifyResult;
    }

    public String detachedSign(byte[] bArr, String str, String str2, CSRParameters cSRParameters, boolean z) throws NetSignAgentException {
        return Base64.encode(makeRes(makeSignReq(TransUtil.DETACHED_SIGN, bArr, str, str2, cSRParameters, z), "detachedSign").getCryptoText());
    }

    public String detachedSign(byte[] bArr, String str, byte[] bArr2, String str2, boolean z) throws NetSignAgentException {
        paramEmpty(bArr2, NetSignResult.PFX);
        paramEmpty(str2, "pfx pin");
        NSMessage makeSignReq = makeSignReq(TransUtil.DETACHED_SIGN_WITH_PFX, bArr, null, str, null, z);
        makeSignReq.setHashValue(bArr2);
        makeSignReq.setTSAText(str2.getBytes());
        return Base64.encode(makeRes(makeSignReq, "detachedSign").getCryptoText());
    }

    public GenericCertificate detachedVerify(byte[] bArr, String str, String str2) throws NetSignAgentException {
        paramEmpty(str, "signed");
        return new GenericCertificate(makeRes(makeVerifyReq(TransUtil.DETACHED_VERIFY, bArr, str, null, str2), "detachedVerify").getCert());
    }

    public GenericCertificate detachedAfterwardsVerify(byte[] bArr, String str, String str2) throws NetSignAgentException {
        paramEmpty(str, "signed");
        return new GenericCertificate(makeRes(makeVerifyReq(TransUtil.DETACHED_AFTERWARDS_VERIFY, bArr, str, null, str2), "detachedAfterwardsVerify").getCert());
    }

    public String detachedSign(InputStream inputStream, String str, String str2, CSRParameters cSRParameters, boolean z) throws NetSignAgentException {
        paramEmpty(inputStream, "plain");
        String trimDigestAlg = AlgUtils.trimDigestAlg(str2);
        return Base64.encode(makeRes(makeSignReq(TransUtil.DETACHED_SIGNHASH, localDigest(getSignCert(trimDigestAlg, (X509Certificate) null, str, cSRParameters), inputStream), str, trimDigestAlg, cSRParameters, z), "detachedSign").getCryptoText());
    }

    private GenericCertificate detachedInputStreamVerify(String str, InputStream inputStream, String str2, String str3) throws NetSignAgentException {
        logString(str3);
        paramEmpty(str2, "signed");
        try {
            PKCS7SignedData parse = PKCS7SignedDataParser.parse(Base64.decode(str2), "INFOSEC");
            String str4 = (String) NetSignAgentUtil.digestOIDName.get(parse.getDigestAlgOid());
            return new GenericCertificate(makeRes(makeVerifyReq(str, localDigest(getSignCert(str4, parse.getSignCert(), (String) null, (CSRParameters) null), inputStream), str2, null, str4), str3).getCert());
        } catch (Exception e) {
            throw new NetSignAgentException(AgentErrorRes.INIT_PARA_NULL, "Decode signedText failed:" + e.toString());
        }
    }

    public GenericCertificate detachedVerify(InputStream inputStream, String str) throws NetSignAgentException {
        return detachedInputStreamVerify(TransUtil.DETACHED_VERIFY_HASH, inputStream, str, "detachedVerify");
    }

    public String nssRawSign(byte[] bArr, String str, String str2) throws NetSignAgentException {
        paramEmpty(str, "label");
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.NSS_RAW_SIGN);
        createMessage.setPlainText(bArr);
        createMessage.setBankID(str);
        createMessage.setDigestAlg(str2);
        return Base64.encode(makeRes(createMessage, "nssRawSign").getCryptoText());
    }

    public int nssRawVerify(byte[] bArr, byte[] bArr2, String str, String str2) throws NetSignAgentException {
        paramEmpty(str2, "pubKey");
        paramEmpty(bArr2, "signed");
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.NSS_RAW_VERIFY);
        createMessage.setCryptoText(bArr2);
        createMessage.setPlainText(bArr);
        createMessage.setPublicKey(NetSignAgentUtil.getRSAPublicKey(Base64.decode(str2)));
        createMessage.setDigestAlg(str);
        return makeRes(createMessage, "nssRawVerify").getResult();
    }

    public int nssRawVerify(byte[] bArr, String str, String str2, String str3) throws NetSignAgentException {
        paramEmpty(str, "signed");
        return nssRawVerify(bArr, Base64.decode(str), str2, str3);
    }

    public String rawSignWithSessionKey(byte[] bArr, String str, String[] strArr, String str2, String str3) throws NetSignAgentException {
        paramEmpty(strArr, "keypair");
        paramInvalid(strArr.length < 2);
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.NSS_RAW_SIGN);
        createMessage.setPlainText(bArr);
        createMessage.setEncCertDN(str);
        createMessage.setSignCertType(str2);
        createMessage.setDigestAlg(str3);
        createMessage.setCryptoText((strArr[0] + ":" + strArr[1]).getBytes());
        return Base64.encode(makeRes(createMessage, "rawSignWithSessionKey").getCryptoText());
    }

    public int rawVerifyWithSessionKey(byte[] bArr, String str, String[] strArr, String str2, String str3) throws NetSignAgentException {
        paramEmpty(strArr, "keypair");
        paramEmpty(str, "signed");
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.NSS_RAW_VERIFY);
        createMessage.setCryptoText(Base64.decode(str));
        createMessage.setPlainText(bArr);
        createMessage.setDigestAlg(str3);
        createMessage.setSignCertType(str2);
        return makeRes(createMessage, "rawVerifyWithSessionKey").getResult();
    }

    public int rawVerifyByKeyLabel(byte[] bArr, byte[] bArr2, String str, String str2) throws NetSignAgentException {
        paramEmpty(bArr2, "signed");
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.NSS_RAW_VERIFY);
        createMessage.setCryptoText(bArr2);
        createMessage.setPlainText(bArr);
        createMessage.setBankID(str2);
        createMessage.setDigestAlg(str);
        return makeRes(createMessage, "rawVerifyByKeyLabel").getResult();
    }

    public int rawVerifyByKeyLabel(byte[] bArr, String str, String str2, String str3) throws NetSignAgentException {
        paramEmpty(str, "signed");
        return rawVerifyByKeyLabel(bArr, Base64.decode(str), str2, str3);
    }

    public String[] genP10(String str, String str2, String str3, boolean z) throws NetSignAgentException {
        paramEmpty(str3, "keyType");
        paramEmpty(str2, "label");
        paramEmpty(str, "dn");
        paramInvalid(str2.indexOf(AlgorithmConst.PARAM_SEP) > -1);
        NSMessage createMessage = NetSignAgentUtil.createMessage(TransUtil.NSS_GEN_P10);
        createMessage.setSignCertDN(str);
        createMessage.setBankID(str2);
        createMessage.setSignCertType(str3);
        createMessage.setTransCert(z);
        return NetSignAgentUtil.genKeyPairResult(makeRes(createMessage, "genP10"));
    }
}
