package cn.unitid.thirdparty.netonej.http.client;

import cn.unitid.thirdparty.netonej.common.FileByteArrayReader;
import cn.unitid.thirdparty.netonej.common.NetonejIdMagic;
import cn.unitid.thirdparty.netonej.common.NetonejUtil;
import cn.unitid.thirdparty.netonej.common.key.SM2BCPublicKey;
import cn.unitid.thirdparty.netonej.common.sm3.SM3Digest;
import cn.unitid.thirdparty.netonej.common.x509.SM2X509Certificate;
import cn.unitid.thirdparty.netonej.exception.NetonejExcepption;
import cn.unitid.thirdparty.netonej.http.entity.NetoneCertList;
import cn.unitid.thirdparty.netonej.http.entity.NetoneResponse;
import cn.unitid.thirdparty.netonej.http.entity.NetoneSVS;
import cn.unitid.thirdparty.netonej.http.xml.XmlparserFacotry;
import cn.unitid.thirdparty.netonej.profile.DefaultProfile;
import java.io.IOException;
import java.security.cert.CertificateParsingException;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.spongycastle.cert.X509CertificateHolder;
import org.spongycastle.math.ec.ECPoint;

/* loaded from: input_file:cn/unitid/thirdparty/netonej/http/client/SVSClient.class */
public class SVSClient extends BaseClient {
    private static final Log log = LogFactory.getLog(SVSClient.class);
    private static final String SVS_ACTION_VC = "vc.svr";
    private static final String SVS_ACTION_VP1 = "vp1.svr";
    private static final String SVS_ACTION_VP7 = "vp7.svr";
    private static final String SVS_ACTION_VX = "vx.svr";
    private static final String SVS_ACTION_LISTC = "listc.svr";
    private static final String PARAME_SIGNATURE = "signature";
    private static final String PARAME_P7DATA = "p7data";
    private static final String PARAME_P7ODAT = "p7odat";
    private static final String PARAME_ALGO = "algo";
    private static final String PARAME_DATT = "datt";
    private static final String PARAME_GREENPASS = "greenpass";
    private static final String PARAME_GREENPASS_VALUE = "0";
    private static final String PARAME_IDMAGIC = "idmagic";
    private static final String PARAME_ID = "id";
    private String _host;
    private String _port;
    private static final String PARAME_VFLAG = "vflag";
    public static final String SVS_ALOG_MD5 = "RSA-MD5";
    public static final String SVS_ALOG_SHA1 = "RSA-SHA1";
    public static final String SVS_ALOG_SM3 = "ECDSA-SM2-WITH-SM3";
    private boolean greenpass;
    private String vflag;

    public void enabledGreenpass() {
        this.greenpass = true;
    }

    public void disabledGreepass() {
        this.greenpass = false;
    }

    public SVSClient(String str, String str2) {
        super(DefaultProfile.getProfile());
        this.greenpass = false;
        this.vflag = null;
        this._host = str;
        this._port = str2;
    }

    private Map<String, String> prepareParameter() {
        HashMap hashMap = new HashMap();
        hashMap.put("responseformat", responseformat);
        if (!this.greenpass) {
            hashMap.put(PARAME_GREENPASS, PARAME_GREENPASS_VALUE);
        }
        if (!NetonejUtil.isEmpty(this.application)) {
            hashMap.put("application", "abck2");
        }
        if (!NetonejUtil.isEmpty(this.vflag)) {
            hashMap.put(PARAME_VFLAG, this.vflag);
        }
        return hashMap;
    }

    public NetoneSVS verifyCertificate(String str) throws NetonejExcepption {
        log.debug("-SVS（vc）Base64编码公钥证书：" + str);
        Map<String, String> prepareParameter = prepareParameter();
        prepareParameter.put("cert", str);
        prepareParameter.put("responseformat", "2");
        try {
            NetoneResponse doPost = doPost(getServiceUrl(SVS_ACTION_VC), prepareParameter);
            log.debug("netone response=" + doPost.toString());
            return new NetoneSVS(doPost);
        } catch (Exception e) {
            log.error("-SVS（vc）证书验证失败", e);
            throw new NetonejExcepption("-SVS（vc）证书验证失败" + e, e);
        }
    }

    public NetoneSVS verifyCertificateByDn(String str) throws NetonejExcepption {
        log.debug("-SVS（vc）DN：" + str);
        Map<String, String> prepareParameter = prepareParameter();
        prepareParameter.put(PARAME_ID, (String) NetonejUtil.getMapFromDN(str).get("CN"));
        prepareParameter.put(PARAME_IDMAGIC, NetonejIdMagic.SCN);
        try {
            NetoneResponse doPost = doPost(getServiceUrl(SVS_ACTION_VC), prepareParameter);
            log.debug("netone response=" + doPost.toString());
            return new NetoneSVS(doPost);
        } catch (Exception e) {
            log.error("-SVS（vc）证书验证失败", e);
            e.printStackTrace();
            throw new NetonejExcepption("-SVS（vc）证书验证失败" + e, e);
        }
    }

    public NetoneSVS verifyPKCS1(byte[] bArr, String str, String str2) throws NetonejExcepption {
        log.debug("-SVS（vp1）data：" + NetonejUtil.base64Encode(bArr) + " signature：" + str + " certDn：" + str2);
        Map<String, String> prepareParameter = prepareParameter();
        prepareParameter.put("data", NetonejUtil.base64Encode(bArr));
        prepareParameter.put(PARAME_DATT, PARAME_GREENPASS_VALUE);
        prepareParameter.put(PARAME_SIGNATURE, str);
        prepareParameter.put(PARAME_IDMAGIC, NetonejIdMagic.SCN);
        prepareParameter.put(PARAME_ID, (String) NetonejUtil.getMapFromDN(str2).get("CN"));
        try {
            NetoneResponse doPost = doPost(getServiceUrl(SVS_ACTION_VP1), prepareParameter);
            log.debug("netone response=" + doPost.toString());
            return new NetoneSVS(doPost);
        } catch (Exception e) {
            log.error("-SVS(vp1)数字签名验证失败", e);
            throw new NetonejExcepption("-SVS(vp1)数字签名验证失败" + e, e);
        }
    }

    public NetoneSVS verifyPKCS1(String str, String str2, String str3, String str4, String str5, boolean z) throws NetonejExcepption {
        log.debug("-SVS（vp1）data：" + str + " signature：" + str2 + " algo：" + str3 + " datt：" + str4);
        try {
            Map<String, String> prepareParameter = prepareParameter();
            if (z) {
                prepareParameter.put("data", str);
            } else {
                prepareParameter.put("data", NetonejUtil.base64Encode(str.getBytes("utf-8")));
            }
            prepareParameter.put(PARAME_SIGNATURE, str2);
            prepareParameter.put(PARAME_DATT, str4);
            prepareParameter.put("cert", str5);
            if (!NetonejUtil.isEmpty(str3)) {
                prepareParameter.put(PARAME_ALGO, str3);
            }
            NetoneResponse doPost = doPost(getServiceUrl(SVS_ACTION_VP1), prepareParameter);
            log.debug("netone response=" + doPost.toString());
            return new NetoneSVS(doPost);
        } catch (Exception e) {
            log.error("-SVS(vp1)数字签名验证失败", e);
            throw new NetonejExcepption("-SVS(vp1)数字签名验证失败" + e, e);
        }
    }

    public NetoneSVS verifyPKCS1(String str, String str2, String str3, String str4, boolean z) throws NetonejExcepption {
        return verifyPKCS1(str, str2, "", str3, str4, z);
    }

    public NetoneSVS verifyPKCS1(String str, String str2, String str3, boolean z) throws NetonejExcepption {
        return verifyPKCS1(str, str2, "", PARAME_GREENPASS_VALUE, str3, z);
    }

    public NetoneSVS verifyPKCS7(String str, String str2, boolean z) throws NetonejExcepption {
        log.debug("-SVS（vp7）p7data：" + str + " p7odat：" + str2 + " dataB64：" + z);
        try {
            Map<String, String> prepareParameter = prepareParameter();
            prepareParameter.put(PARAME_P7DATA, str);
            if (!NetonejUtil.isEmpty(str2)) {
                if (z) {
                    prepareParameter.put(PARAME_P7ODAT, str2);
                } else {
                    prepareParameter.put(PARAME_P7ODAT, NetonejUtil.base64Encode(str2.getBytes("utf-8")));
                }
            }
            NetoneResponse doPost = doPost(getServiceUrl(SVS_ACTION_VP7), prepareParameter);
            log.debug("netone response=" + doPost.toString());
            return new NetoneSVS(doPost);
        } catch (Exception e) {
            log.error("-SVS（vp7）数字签名验证失败", e);
            throw new NetonejExcepption("-SVS（vp7）数字签名验证失败" + e, e);
        }
    }

    public NetoneSVS verifyPKCS7(String str) throws NetonejExcepption {
        return verifyPKCS7(str, "", false);
    }

    public NetoneSVS verifyPKCS1File(String str, String str2, String str3, String str4) throws NetonejExcepption {
        log.debug("-SVS（vp1）fileName：" + str + " signature：" + str2 + " algo：" + str3);
        try {
            byte[] bArr = null;
            byte[] read = FileByteArrayReader.read(str);
            if (SVS_ALOG_MD5.equalsIgnoreCase(str3)) {
                bArr = NetonejUtil.digestBinary(read, "MD5");
            } else if (SVS_ALOG_SHA1.equalsIgnoreCase(str3)) {
                bArr = NetonejUtil.digestBinary(read, "SHA-1");
            } else if (SVS_ALOG_SM3.equalsIgnoreCase(str3)) {
                bArr = sm3Digest(read, str4);
            }
            return verifyPKCS1(NetonejUtil.base64Encode(bArr), str2, str3, "1", str4, true);
        } catch (Exception e) {
            log.error("-SVS（vp1）数字签名验证失败", e);
            throw new NetonejExcepption("-SVS（vp1）数字签名验证失败" + e, e);
        }
    }

    public NetoneSVS verifyXML(String str) throws NetonejExcepption {
        log.debug("-SVS（vx）data：" + str);
        Map<String, String> prepareParameter = prepareParameter();
        prepareParameter.put("data", str);
        try {
            NetoneResponse doPost = doPost(getServiceUrl(SVS_ACTION_VX), prepareParameter);
            log.debug("netone response=" + doPost.toString());
            return new NetoneSVS(doPost);
        } catch (Exception e) {
            log.error("-SVS（vx）验证XML签名失败", e);
            throw new NetonejExcepption("-SVS（vx）验证XML签名失败" + e, e);
        }
    }

    public NetoneCertList listCertificates() throws NetonejExcepption {
        log.debug("-SVS（listc）");
        HashMap hashMap = new HashMap();
        hashMap.put("responseformat", responseformat);
        try {
            NetoneResponse doPost = doPost(getServiceUrl(SVS_ACTION_LISTC), hashMap);
            log.debug("netone response=" + doPost.toString());
            NetoneCertList netoneCertList = new NetoneCertList(doPost.getStatusCode());
            if (doPost.getStatusCode() == 200) {
                netoneCertList.setCertList((List) XmlparserFacotry.parseXmlString(doPost.getRetString()));
            }
            return netoneCertList;
        } catch (Exception e) {
            log.error("-SVS（listc）枚举服务端的证书", e);
            throw new NetonejExcepption("-SVS（listc）枚举服务端的证书" + e, e);
        }
    }

    public String getVflag() {
        return this.vflag;
    }

    public void setVflag(String str) {
        this.vflag = str;
    }

    @Override // cn.unitid.thirdparty.netonej.http.client.BaseClient
    public String getHostIp() {
        return this._host;
    }

    @Override // cn.unitid.thirdparty.netonej.http.client.BaseClient
    public String getPort() {
        return this._port;
    }

    private byte[] sm3Digest(byte[] bArr, String str) throws IOException, CertificateParsingException {
        byte[] bArr2 = new byte[32];
        SM2X509Certificate sM2X509Certificate = new SM2X509Certificate(new X509CertificateHolder(Base64.decodeBase64(str)).toASN1Structure());
        SM3Digest sM3Digest = new SM3Digest();
        ECPoint q = ((SM2BCPublicKey) sM2X509Certificate.getPublicKey()).getQ();
        sM3Digest.addId(q.getAffineXCoord().toBigInteger(), q.getAffineYCoord().toBigInteger());
        sM3Digest.update(bArr, 0, bArr.length);
        sM3Digest.doFinal(bArr2, 0);
        return bArr2;
    }
}
