package koal.ra.caclient.spec;

import com.koal.common.util.Base64;
import com.koal.security.asn1.BitString;
import com.koal.security.pki.pkcs12.PFX;
import com.koal.security.pki.pkcs7.ContentEncryptionAlgorithmIdentifier;
import com.koal.security.pki.pkcs7.EncryptedContent;
import com.koal.security.pki.pkcs7.RecipientInfo;
import com.koal.security.pki.pkcs7.SignedAndEnvelopedData;
import com.koal.security.pki.x509.AlgorithmIdentifier;
import com.koal.security.pki.x509.Certificate;
import com.koal.security.pki.x509.RSAPrivateKey;
import java.math.BigInteger;
import java.security.PrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import koal.common.emengine.EMUtils;
import koal.ra.caclient.KOALCAVersion;
import koal.ra.caclient.LraType;
import koal.ra.caclient.asn.V6_3_X.EncryptedValue;
import koal.ra.caclient.asn.pkcs7.ContentInfo;
import koal.ra.caclient.asn.pkcs7.ExtendedCertificateOrCertificate;
import koal.ra.caclient.asn.pkcs7.SignedData;
import koal.security.ec.KoalEcPrivateKey;
import koal.security.gb.Identifiers;

/* loaded from: input_file:koal/ra/caclient/spec/RARespMessage.class */
public abstract class RARespMessage extends RAMessage {
    public RARespMessage(KOALCAVersion kOALCAVersion) {
        super(kOALCAVersion);
    }

    public RARespMessage(String str) {
        super(str);
    }

    public abstract int getResponseCount();

    public abstract int getStatus();

    public abstract String getStatusMessage();

    public abstract String getLRACertResp(String str, String str2, LraType lraType) throws Exception;

    public abstract Certificate getNewSigCert();

    public abstract Certificate getNewEncCert();

    protected abstract SignedAndEnvelopedData getEncryptedValue();

    protected abstract Certificate[] getCaChains();

    /* JADX INFO: Access modifiers changed from: protected */
    public EncCertValues parseEncryptedValue(String str) throws Exception {
        if (getResponseCount() < 2) {
            return null;
        }
        SignedAndEnvelopedData encryptedValue = getEncryptedValue();
        return encryptedValue instanceof EncryptedValue ? parseEncryptedValue((EncryptedValue) encryptedValue, str) : parseEncryptedValue(encryptedValue, str);
    }

    protected EncCertValues parseEncryptedValue(SignedAndEnvelopedData signedAndEnvelopedData, String str) throws Exception {
        EncCertValues encCertValues = new EncCertValues();
        PrivateKey privateKey = null;
        RecipientInfo component = signedAndEnvelopedData.getRecipientInfos().getSetofRecipientInfos().getComponent(0);
        ContentEncryptionAlgorithmIdentifier contentEncryptionAlgorithm = signedAndEnvelopedData.getEncryptedContentInfo().getContentEncryptionAlgorithm();
        AlgorithmIdentifier keyEncryptionAlgorithmIdentifier = component.getKeyEncryptionAlgorithmIdentifier();
        EncryptedContent encryptedContent = signedAndEnvelopedData.getEncryptedContentInfo().getEncryptedContent();
        if (!contentEncryptionAlgorithm.isDefaultValue() && !contentEncryptionAlgorithm.getAlgorithm().equals(Identifiers.id_cn_gmj_algo_fz_null)) {
            encCertValues.setSymmAlgoId(contentEncryptionAlgorithm);
        }
        if (!keyEncryptionAlgorithmIdentifier.isDefaultValue()) {
            encCertValues.setAsymAlgoId(keyEncryptionAlgorithmIdentifier);
        }
        if (!component.getEncryptedKey().isDefaultValue()) {
            encCertValues.setB64SymmKey(new String(Base64.encode((byte[]) component.getEncryptedKey().getValue())));
        }
        encCertValues.setB64PrvKey(new String(Base64.encode((byte[]) encryptedContent.getValue())));
        Certificate newEncCert = getNewEncCert();
        encCertValues.setCert(newEncCert);
        if (encCertValues.getSymmAlgoId() == null) {
            try {
                if (encCertValues.getCert().getPublicKey() instanceof RSAPublicKey) {
                    RSAPrivateKey rSAPrivateKey = new RSAPrivateKey();
                    rSAPrivateKey.decode((byte[]) encryptedContent.getValue());
                    privateKey = getPrvKey(rSAPrivateKey);
                } else {
                    privateKey = KoalEcPrivateKey.createInstance((byte[]) encryptedContent.getValue());
                }
            } catch (Exception e) {
            }
            if (encCertValues.getCert().getPublicKey() instanceof ECPublicKey) {
                try {
                    privateKey = KoalEcPrivateKey.createInstanceFromNakedBytes(Identifiers.id_cn_gmj_algo_sm2, (byte[]) encryptedContent.getValue());
                } catch (Exception e2) {
                }
            }
            if (privateKey == null) {
                try {
                    privateKey = EMUtils.getPrvKey((byte[]) encryptedContent.getValue());
                } catch (Exception e3) {
                    throw new Exception("解析加密私钥数据时出现错误: " + e3.getMessage(), e3);
                }
            }
            try {
                encCertValues.setPfxLraInfo(new String(Base64.encode(new PFX(privateKey, newEncCert, str.toCharArray()).encode())));
            } catch (Exception e4) {
                throw new Exception("生成PFX证书时出现错误: " + e4.getMessage(), e4);
            }
        }
        return encCertValues;
    }

    protected EncCertValues parseEncryptedValue(EncryptedValue encryptedValue, String str) throws Exception {
        EncCertValues encCertValues = new EncCertValues();
        PrivateKey privateKey = null;
        if (!encryptedValue.getSymmAlg().isDefaultValue()) {
            encCertValues.setSymmAlgoId(encryptedValue.getSymmAlg());
        }
        if (!encryptedValue.getKeyAlg().isDefaultValue()) {
            encCertValues.setAsymAlgoId(encryptedValue.getKeyAlg());
        }
        if (!encryptedValue.getEncSymmKey().isDefaultValue()) {
            encCertValues.setB64SymmKey(new String(Base64.encode((byte[]) encryptedValue.getEncSymmKey().getValue())));
        }
        encCertValues.setB64PrvKey(new String(Base64.encode((byte[]) encryptedValue.getEncValue().getValue())));
        Certificate newEncCert = getNewEncCert();
        encCertValues.setCert(newEncCert);
        if (encCertValues.getSymmAlgoId() == null) {
            try {
                BitString encValue = encryptedValue.getEncValue();
                if (encCertValues.getCert().getPublicKey() instanceof RSAPublicKey) {
                    RSAPrivateKey rSAPrivateKey = new RSAPrivateKey();
                    rSAPrivateKey.decode((byte[]) encValue.getValue());
                    privateKey = getPrvKey(rSAPrivateKey);
                } else {
                    privateKey = KoalEcPrivateKey.createInstance((byte[]) encValue.getValue());
                }
            } catch (Exception e) {
            }
            if (privateKey == null) {
                try {
                    privateKey = EMUtils.getPrvKey((byte[]) encryptedValue.getEncValue().getValue());
                } catch (Exception e2) {
                    throw new Exception("解析加密私钥数据时出现错误: " + e2.getMessage(), e2);
                }
            }
            try {
                encCertValues.setPfxLraInfo(new String(Base64.encode(new PFX(privateKey, newEncCert, str.toCharArray()).encode())));
            } catch (Exception e3) {
                throw new Exception("生成PFX证书时出现错误: " + e3.getMessage(), e3);
            }
        }
        return encCertValues;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getPKCS7SigChain(boolean z) throws Exception {
        ContentInfo contentInfo = new ContentInfo();
        SignedData signedData = new SignedData();
        contentInfo.getContentType().copy(koal.ra.caclient.asn.pkcs7.Identifiers.signedData);
        ExtendedCertificateOrCertificate extendedCertificateOrCertificate = new ExtendedCertificateOrCertificate();
        extendedCertificateOrCertificate.getCertificate().copy(getNewSigCert());
        extendedCertificateOrCertificate.setActual(extendedCertificateOrCertificate.getCertificate());
        signedData.getCertificates().addComponent(extendedCertificateOrCertificate);
        if (z) {
            for (int i = 0; i < getCaChains().length; i++) {
                ExtendedCertificateOrCertificate extendedCertificateOrCertificate2 = new ExtendedCertificateOrCertificate();
                extendedCertificateOrCertificate2.getCertificate().copy(getCaChains()[i]);
                extendedCertificateOrCertificate2.setActual(extendedCertificateOrCertificate2.getCertificate());
                signedData.getCertificates().addComponent(extendedCertificateOrCertificate2);
            }
        }
        signedData.getVersion().setValue(BigInteger.valueOf(1L));
        signedData.getContentInfo().getContentType().copy(koal.ra.caclient.asn.pkcs7.Identifiers.data);
        contentInfo.getContent().setActual(signedData);
        return new String(Base64.encode(contentInfo.encode()));
    }
}
