package cn.com.jit.mctk;

import android.app.Activity;
import android.content.Context;
import android.text.TextUtils;
import android.util.Log;
import cn.com.jit.android.ida.util.ini.PKIConstant;
import cn.com.jit.ida.util.pki.PKIException;
import cn.com.jit.ida.util.pki.encoders.Base64;
import cn.com.jit.mctk.auth.PNXAuthContext;
import cn.com.jit.mctk.auth.support.AuthAskSupport;
import cn.com.jit.mctk.cert.PNXCertContext;
import cn.com.jit.mctk.cert.exception.PNXCertException;
import cn.com.jit.mctk.cert.net.CertUrlUtil;
import cn.com.jit.mctk.cert.pojo.CertEntry;
import cn.com.jit.mctk.cert.support.CertSupport;
import cn.com.jit.mctk.common.constant.PNXConfigConstant;
import cn.com.jit.mctk.common.exception.PNXClientException;
import cn.com.jit.mctk.common.init.PNXClientContext;
import cn.com.jit.mctk.crypto.PNXCryptoContext;
import cn.com.jit.mctk.crypto.constant.CryptoConfigConstant;
import cn.com.jit.mctk.crypto.exception.PNXCryptoException;
import cn.com.jit.mctk.crypto.support.PKCS7Signer;
import cn.com.jit.mctk.log.LogConfig;
import cn.com.jit.mctk.os.context.PnxContext;
import cn.com.jit.mctk.util.FileManager;
import cn.com.jit.mctk.util.StringUtils;
import com.google.gson.Gson;
import java.io.FileInputStream;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.channels.FileChannel;
import java.security.DigestInputStream;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class MCTKModel {
    private static MCTKModel mctkModelHolder;
    private AuthAskSupport authAskSupport;
    private CertSupport certSupport;
    private Context mContext;
    private PKCS7Signer pKCS7Signer;
    private PNXClientContext pnxClientContext;
    public final String DEFAULT_PIN = "Aa111111";
    private List<CertEntry> certEntryList = new ArrayList();
    private boolean isStartLog = true;

    private MCTKModel() {
    }

    public static byte[] calculateSHA256(String str) throws IOException, NoSuchAlgorithmException {
        MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
        FileInputStream fileInputStream = new FileInputStream(str);
        try {
            FileChannel channel = fileInputStream.getChannel();
            try {
                DigestInputStream digestInputStream = new DigestInputStream(fileInputStream, messageDigest);
                try {
                    ByteBuffer allocate = ByteBuffer.allocate(8192);
                    while (channel.read(allocate) != -1) {
                        allocate.flip();
                        messageDigest.update(allocate);
                        allocate.clear();
                    }
                    byte[] digest = messageDigest.digest();
                    digestInputStream.close();
                    if (channel != null) {
                        channel.close();
                    }
                    fileInputStream.close();
                    return digest;
                } finally {
                }
            } finally {
            }
        } catch (Throwable th) {
            try {
                throw th;
            } catch (Throwable th2) {
                if (th != null) {
                    try {
                        fileInputStream.close();
                    } catch (Throwable th3) {
                        th.addSuppressed(th3);
                    }
                } else {
                    fileInputStream.close();
                }
                throw th2;
            }
        }
    }

    public static MCTKModel getInstance() {
        if (mctkModelHolder == null) {
            synchronized (MCTKModel.class) {
                if (mctkModelHolder == null) {
                    mctkModelHolder = new MCTKModel();
                }
            }
        }
        return mctkModelHolder;
    }

    private void getPnxClientContext() {
        if (this.pnxClientContext == null) {
            this.pnxClientContext = PNXClientContext.getInstance(PnxContext.createPnxContext(this.mContext), "0");
            if (this.isStartLog) {
                loadJitMCTKLog();
            }
        }
    }

    private void loadJitMCTKLog() {
        LogConfig.logSwitch = true;
        LogConfig.fileSwitch = false;
        LogConfig.setLogLevel(2);
        LogConfig.setSaveFileLevel(6);
        LogConfig.CLEAR_SWITCH = true;
        LogConfig.DELAY_DATE = 10;
        LogConfig.apkPackage = this.mContext.getPackageName();
    }

    public void Verify(Context context, byte[] bArr, byte[] bArr2) {
        try {
            if (this.pKCS7Signer == null) {
                this.pKCS7Signer = PNXCryptoContext.getInstance(this.pnxClientContext).createPKCS7Signer();
            }
            if (!this.pKCS7Signer.verify(bArr, bArr2)) {
                Log.e("HTL", "isSign false ");
                return;
            }
            CertEntry certEntry = this.pKCS7Signer.getCertEntry();
            if (certEntry == null) {
                Log.e("HTL", "entry is null ");
                return;
            }
            Log.e("HTL", "NAME = " + certEntry.getAilas() + ";" + new Gson().toJson(certEntry));
            byte[] readStringFromAssets = FileManager.readStringFromAssets(context, "RSA_TWO.cer");
            if (readStringFromAssets == null) {
                Log.e("HTL", "rsaByte is null ");
                return;
            }
            Log.e("HTL", "isRoot => " + certEntry.verifySignRootCert(readStringFromAssets));
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public JIDMsg VerifyCert(Context context, byte[] bArr, byte[] bArr2) {
        String str;
        String str2;
        String errorCode;
        String errorDesc;
        JIDMsg jIDMsg = new JIDMsg();
        boolean z = false;
        try {
            if (this.pKCS7Signer == null) {
                this.pKCS7Signer = PNXCryptoContext.getInstance(this.pnxClientContext).createPKCS7Signer();
            }
            if (this.pKCS7Signer.verify(bArr, bArr2)) {
                CertEntry certEntry = this.pKCS7Signer.getCertEntry();
                if (certEntry != null) {
                    Log.e("HTL", "NAME = " + certEntry.getAilas() + ";" + new Gson().toJson(certEntry));
                    String loadJSONFromAsset = FileManager.loadJSONFromAsset(context, "RSA_TWO.cer");
                    String base64Cert = certEntry.getBase64Cert();
                    if (!StringUtils.isEmpty(loadJSONFromAsset) && !StringUtils.isEmpty(base64Cert)) {
                        z = CertEntry.verifyRootCert(loadJSONFromAsset, base64Cert);
                        if (z) {
                            str2 = "0";
                            str = "校验服务器证书成功";
                        } else {
                            str2 = "10002";
                            str = "校验服务器证书失败";
                        }
                        Log.e("HTL", "isRoot => " + z);
                    }
                    str2 = "1003";
                    str = "服务器或者根证书为空";
                    Log.e("HTL", "isRoot => " + z);
                } else {
                    Log.e("HTL", "entry is null ");
                    str2 = "10001";
                    str = "获取证书对象为空";
                }
            } else {
                Log.e("HTL", "isSign false ");
                str2 = "10000";
                str = "校验签名值和签名原文失败";
            }
        } catch (PKIException e) {
            errorCode = e.getErrCode();
            errorDesc = e.getErrDesc();
            String str3 = errorCode;
            str = errorDesc;
            str2 = str3;
        } catch (PNXClientException e2) {
            e2.printStackTrace();
            errorCode = e2.getErrorCode();
            errorDesc = e2.getErrorDesc();
            String str32 = errorCode;
            str = errorDesc;
            str2 = str32;
        } catch (PNXCryptoException e3) {
            errorCode = e3.getErrorCode();
            errorDesc = e3.getErrorDesc();
            String str322 = errorCode;
            str = errorDesc;
            str2 = str322;
        } catch (Exception e4) {
            e4.printStackTrace();
            str = "出现异常 " + e4.getMessage();
            str2 = "-2";
        }
        jIDMsg.setResult(z);
        jIDMsg.setErrCode(str2);
        jIDMsg.setMsg(str);
        return jIDMsg;
    }

    public String VerifyCert(Context context, byte[] bArr, byte[] bArr2, String str) {
        try {
            if (this.pKCS7Signer == null) {
                this.pKCS7Signer = PNXCryptoContext.getInstance(this.pnxClientContext).createPKCS7Signer();
            }
            if (!this.pKCS7Signer.verify(bArr, bArr2)) {
                Log.e("HTL", "isSign false ");
                return "10000";
            }
            CertEntry certEntry = this.pKCS7Signer.getCertEntry();
            if (certEntry == null) {
                Log.e("HTL", "entry is null ");
                return "10001";
            }
            Log.e("HTL", "NAME = " + certEntry.getAilas() + ";" + new Gson().toJson(certEntry));
            boolean verifySignRootCert = certEntry.verifySignRootCert(FileManager.readStringFromAssets(context, "RSA_TWO.cer"));
            StringBuilder sb = new StringBuilder();
            sb.append("isRoot => ");
            sb.append(verifySignRootCert);
            Log.e("HTL", sb.toString());
            return verifySignRootCert ? "1" : "-1";
        } catch (PNXCertException e) {
            e.printStackTrace();
            return e.getErrorCode();
        } catch (PNXClientException e2) {
            e2.printStackTrace();
            return e2.getErrorCode();
        } catch (PNXCryptoException e3) {
            return e3.getErrorCode();
        }
    }

    public boolean changeCertPassword(String str, String str2) {
        try {
            CertSupport createCertSupport = PNXCertContext.getInstance(this.pnxClientContext).createCertSupport();
            this.certSupport = createCertSupport;
            return createCertSupport.changeCertPassword(str, "Aa111111", str2);
        } catch (PNXCertException | PNXClientException e) {
            e.printStackTrace();
            return false;
        }
    }

    public void cleanSafeModelCache() {
        getPnxClientContext();
        this.pnxClientContext.finalizes();
    }

    public boolean deleteCert(String str) {
        try {
            this.certSupport = PNXCertContext.getInstance(this.pnxClientContext).createCertSupport();
            this.certSupport.deleteCert(getCertEntryList().get(0).getAilas(), str);
            return true;
        } catch (PNXCertException | PNXClientException e) {
            e.printStackTrace();
            return false;
        }
    }

    public AuthAskSupport getAuthAskSupport() {
        if (this.authAskSupport == null) {
            try {
                this.authAskSupport = PNXAuthContext.getInstance(this.pnxClientContext).createAuthAskSupport();
            } catch (PNXClientException e) {
                e.printStackTrace();
            }
        }
        return this.authAskSupport;
    }

    public List<CertEntry> getCertEntryList() {
        return isHaveCert() ? this.certEntryList : Collections.emptyList();
    }

    public CertSupport getCertSupport() {
        if (this.certSupport == null) {
            try {
                this.certSupport = PNXCertContext.getInstance(this.pnxClientContext).createCertSupport();
            } catch (PNXClientException e) {
                e.printStackTrace();
            }
        }
        return this.certSupport;
    }

    public String getVersion() {
        try {
            return PNXCryptoContext.getInstance(this.pnxClientContext).getVersion();
        } catch (PNXClientException e) {
            throw new RuntimeException(e);
        }
    }

    public boolean importCertWithP7b(String str, String str2, String str3, String str4, String str5) {
        try {
            CertSupport createCertSupport = PNXCertContext.getInstance(this.pnxClientContext).createCertSupport();
            this.certSupport = createCertSupport;
            return createCertSupport.importCertWithP7b("Aa111111", "SM2", str, str2, str3, str4, str5);
        } catch (PNXCertException | PNXClientException e) {
            e.printStackTrace();
            return false;
        }
    }

    public boolean init(Context context) {
        this.mContext = context;
        return initMCTKSoft(context);
    }

    public boolean initMCKTNotXieTong(Activity activity) {
        try {
            getPnxClientContext();
            PKIConstant.setJitModelAppPath(activity.getExternalFilesDir(null).getAbsolutePath());
            this.pnxClientContext.initKeyStore(PNXConfigConstant.STORE_MODE_SDKEY, "JITMODEL");
            return true;
        } catch (PNXClientException e) {
            e.printStackTrace();
            return false;
        }
    }

    public boolean initMCKTXieTong(Activity activity) {
        return initMCKTXieTong(activity, "172.16.22.159", MCTKConstant.CO_PORT, "jit@163.com");
    }

    public boolean initMCKTXieTong(Activity activity, String str, String str2, String str3) {
        try {
            getPnxClientContext();
            PKIConstant.setJServerIp(str);
            PKIConstant.setJServerPort(str2);
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("userCode", str3);
            jSONObject.put("pluginId", "emailPlugin");
            PKIConstant.setJUserInfo(jSONObject.toString());
            this.pnxClientContext.initKeyStore(PNXConfigConstant.STORE_MODE_SDKEY, "JITMODEL_CO");
            return true;
        } catch (PNXClientException | JSONException e) {
            e.printStackTrace();
            return false;
        }
    }

    public boolean initMCTKSoft(Context context) {
        try {
            getPnxClientContext();
            PKIConstant.setJitModelAppPath(context.getExternalFilesDir(null).getAbsolutePath());
            this.pnxClientContext.initKeyStore(PNXConfigConstant.STORE_MODE_STORAGE, "");
            return true;
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    public boolean isHaveCert() {
        try {
            CertSupport createCertSupport = PNXCertContext.getInstance(this.pnxClientContext).createCertSupport();
            this.certSupport = createCertSupport;
            List<CertEntry> certList = createCertSupport.getCertList();
            this.certEntryList = certList;
            return !certList.isEmpty();
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    public void openJsonModelRequest() {
        CertUrlUtil.JSONMODEL_PATH = "api/mcs/v1";
    }

    public String requestP10WitchCredential(String str) {
        try {
            CertSupport createCertSupport = PNXCertContext.getInstance(this.pnxClientContext).createCertSupport();
            this.certSupport = createCertSupport;
            return createCertSupport.requestP10WitchCredential(str, "Aa111111", 0, "SM2");
        } catch (PNXCertException | PNXClientException e) {
            e.printStackTrace();
            return "";
        }
    }

    public void setMCTKModelPath(Activity activity, String str) {
        try {
            cleanSafeModelCache();
            PKIConstant.setJitModelAppPath(str);
            this.pnxClientContext.initKeyStore(PNXConfigConstant.STORE_MODE_SDKEY, "JITMODEL_CO");
            this.certSupport = null;
            this.authAskSupport = null;
        } catch (PNXClientException e) {
            e.printStackTrace();
        }
    }

    public String signByCert(String str, String str2) {
        try {
            if (this.pKCS7Signer == null) {
                this.pKCS7Signer = PNXCryptoContext.getInstance(this.pnxClientContext).createPKCS7Signer();
            }
            String ailas = getCertEntryList().get(0).getAilas();
            if (TextUtils.isEmpty(ailas)) {
                return null;
            }
            this.pKCS7Signer.setSignType(CryptoConfigConstant.ATTACH);
            this.pKCS7Signer.setDigestAlg("SM3");
            this.pKCS7Signer.setCertPwd(str2);
            return new String(Base64.encode(this.pKCS7Signer.sign(str.getBytes(), ailas)));
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public void startJitMCTKLog() {
        this.isStartLog = true;
    }
}
