package koal.ra.caclient;

import com.koal.common.util.Base64;
import com.koal.common.util.StringUtils;
import com.koal.security.pki.x509.Certificate;
import com.koal.security.pki.x509.RSAPrivateKey;
import com.koal.security.pki.x509.RSAPublicKey;
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import koal.common.emengine.EMUtils;
import koal.common.emengine.Engine;
import koal.common.emengine.util.ArraysEx;
import koal.common.emengine.util.BlobUtil;

/* loaded from: input_file:koal/ra/caclient/EIDCustomized.class */
public class EIDCustomized {
    public static final String VERSION = "20110511";
    static KeyPair TMP_PRO_KEY_PAIR = null;
    static String B64_PUB_KEY = "";
    static String B64_PRV_KEY = "";
    private static /* synthetic */ int[] $SWITCH_TABLE$koal$ra$caclient$ReqType;

    public static byte[] PKCS5Padding(byte[] bArr, int i) {
        int length = i - (bArr.length % i);
        ByteBuffer allocate = ByteBuffer.allocate(bArr.length + length);
        allocate.put(bArr);
        allocate.put(Byte.MIN_VALUE);
        allocate.put(new byte[length - 1]);
        return allocate.array();
    }

    public static byte[] PKCS5TrimPadding(byte[] bArr) {
        int i = 0;
        for (int length = bArr.length - 1; length >= 0; length--) {
            i++;
            if (bArr[length] == Byte.MIN_VALUE) {
                break;
            }
        }
        return ArraysEx.copyOfRange(bArr, 0, bArr.length - i);
    }

    public static byte[] EncryptPrvKeyItem(byte[] bArr, Engine engine, byte[] bArr2, SymmAlgo symmAlgo) throws Exception {
        byte[] endianReverse = BlobUtil.endianReverse(BlobUtil.firstZeroByteTrim(bArr));
        String str = String.valueOf(symmAlgo.algoName()) + "/ECB/NOPadding";
        ByteBuffer allocate = ByteBuffer.allocate(endianReverse.length + 1);
        allocate.put((byte) endianReverse.length);
        allocate.put(endianReverse);
        return engine.symmetricEnc(bArr2, PKCS5Padding(allocate.array(), bArr2.length), str);
    }

    static byte[] DecryptPrvKeyItem(byte[] bArr, Engine engine, byte[] bArr2, String str) throws Exception {
        byte[] PKCS5TrimPadding = PKCS5TrimPadding(engine.symmetricDec(bArr2, bArr, str));
        byte[] endianReverse = BlobUtil.endianReverse(ArraysEx.copyOfRange(PKCS5TrimPadding, 1, PKCS5TrimPadding.length - 1));
        if (endianReverse[0] < 0) {
            byte[] bArr3 = new byte[endianReverse.length + 1];
            System.arraycopy(endianReverse, 0, bArr3, 1, endianReverse.length);
            endianReverse = bArr3;
        }
        return endianReverse;
    }

    public static RSAPrivateKey DecryptPrvKey(RSAPublicKey rSAPublicKey, byte[] bArr, Engine engine, byte[] bArr2, SymmAlgo symmAlgo) throws Exception {
        ByteBuffer wrap = ByteBuffer.wrap(bArr);
        int i = wrap.get();
        byte[] bArr3 = new byte[i];
        byte[] bArr4 = new byte[i];
        byte[] bArr5 = new byte[i];
        byte[] bArr6 = new byte[i];
        byte[] bArr7 = new byte[i];
        wrap.get(bArr3);
        wrap.get(bArr4);
        wrap.get(bArr5);
        wrap.get(bArr6);
        wrap.get(bArr7);
        String str = String.valueOf(symmAlgo.algoName()) + "/ECB/NOPadding";
        byte[] DecryptPrvKeyItem = DecryptPrvKeyItem(bArr3, engine, bArr2, str);
        DecryptPrvKeyItem(bArr4, engine, bArr2, str);
        byte[] DecryptPrvKeyItem2 = DecryptPrvKeyItem(bArr5, engine, bArr2, str);
        byte[] DecryptPrvKeyItem3 = DecryptPrvKeyItem(bArr6, engine, bArr2, str);
        byte[] DecryptPrvKeyItem4 = DecryptPrvKeyItem(bArr7, engine, bArr2, str);
        RSAPrivateKey rSAPrivateKey = new RSAPrivateKey();
        rSAPrivateKey.getModulus().setValue(rSAPublicKey.getModulus().getValue());
        rSAPrivateKey.getPublicExponent().setValue(rSAPublicKey.getPublicExponent().getValue());
        rSAPrivateKey.getPrivateExponent().setValue(BigInteger.ONE);
        rSAPrivateKey.getPrime1().setValue(new BigInteger(DecryptPrvKeyItem));
        rSAPrivateKey.getPrime2().setValue(new BigInteger(DecryptPrvKeyItem2));
        rSAPrivateKey.getExponent1().setValue(new BigInteger(DecryptPrvKeyItem2));
        rSAPrivateKey.getExponent2().setValue(new BigInteger(DecryptPrvKeyItem3));
        rSAPrivateKey.getCoefficient().setValue(new BigInteger(DecryptPrvKeyItem4));
        return rSAPrivateKey;
    }

    public static String RewrapperEnvelopedData(Engine engine, String str, PrivateKey privateKey, PublicKey publicKey) throws Exception {
        if (engine == null) {
            throw new Exception("必须配置加密机引擎: engine == null");
        }
        String[] split = StringUtils.split(str, "|");
        if (split.length <= 2) {
            throw new Exception("加密证书没有启用密钥不落地，请和CA管理员联系。");
        }
        String str2 = split[0];
        String str3 = split[1];
        String str4 = split[2];
        String str5 = split[3];
        String str6 = split[4];
        String str7 = split[5];
        String str8 = split[6];
        SymmAlgo symmAlgoByOid = SymmAlgo.symmAlgoByOid(str4);
        if (symmAlgoByOid == SymmAlgo.UNKNOW) {
            throw new Exception("不支持的对称算法: " + str4);
        }
        byte[] decode = Base64.decode(str5.getBytes());
        byte[] prvKeyDecrypt = Util.prvKeyDecrypt(privateKey, decode, decode.length);
        byte[] symmetricDec = engine.symmetricDec(prvKeyDecrypt, Base64.decode(str6.getBytes()), org.apache.commons.lang.StringUtils.isEmpty(str8) ? String.valueOf(symmAlgoByOid.algoName()) + "/ECB/PKCS5Padding" : String.valueOf(symmAlgoByOid.algoName()) + "/CBC/PKCS5Padding");
        RSAPrivateKey rSAPrivateKey = new RSAPrivateKey();
        rSAPrivateKey.decode(symmetricDec);
        BigInteger bigInteger = (BigInteger) rSAPrivateKey.getPrime1().getValue();
        BigInteger bigInteger2 = (BigInteger) rSAPrivateKey.getPrime2().getValue();
        BigInteger bigInteger3 = (BigInteger) rSAPrivateKey.getExponent1().getValue();
        BigInteger bigInteger4 = (BigInteger) rSAPrivateKey.getExponent2().getValue();
        BigInteger bigInteger5 = (BigInteger) rSAPrivateKey.getCoefficient().getValue();
        byte[] EncryptPrvKeyItem = EncryptPrvKeyItem(bigInteger.toByteArray(), engine, prvKeyDecrypt, symmAlgoByOid);
        byte[] EncryptPrvKeyItem2 = EncryptPrvKeyItem(bigInteger2.toByteArray(), engine, prvKeyDecrypt, symmAlgoByOid);
        byte[] EncryptPrvKeyItem3 = EncryptPrvKeyItem(bigInteger3.toByteArray(), engine, prvKeyDecrypt, symmAlgoByOid);
        byte[] EncryptPrvKeyItem4 = EncryptPrvKeyItem(bigInteger4.toByteArray(), engine, prvKeyDecrypt, symmAlgoByOid);
        byte[] EncryptPrvKeyItem5 = EncryptPrvKeyItem(bigInteger5.toByteArray(), engine, prvKeyDecrypt, symmAlgoByOid);
        ByteBuffer allocate = ByteBuffer.allocate(1 + (EncryptPrvKeyItem.length * 5));
        allocate.put((byte) EncryptPrvKeyItem.length);
        allocate.put(EncryptPrvKeyItem);
        allocate.put(EncryptPrvKeyItem2);
        allocate.put(EncryptPrvKeyItem3);
        allocate.put(EncryptPrvKeyItem4);
        allocate.put(EncryptPrvKeyItem5);
        String str9 = new String(Base64.encode(allocate.array()));
        String str10 = new String(Base64.encode(Util.pubKeyDecrypt(publicKey, prvKeyDecrypt, prvKeyDecrypt.length)));
        Certificate certificate = new Certificate();
        certificate.decode(Base64.decode(str3.getBytes()));
        new String(Base64.encode(certificate.getSubjectPublicKeyInfo().encode()));
        return String.valueOf(str2) + "|" + str3 + "|" + str4 + "|" + str10 + "|" + str9 + "|" + new String(Base64.encode(EIDPublicKey.valueOf(EMUtils.getRSAPublicKey(certificate.getPublicKey())).toByteArray())) + "|" + str7 + "|" + str8;
    }

    public static void EID_LraRequestCustomized(ReqTemplate reqTemplate) throws Exception {
        if (TMP_PRO_KEY_PAIR == null) {
            try {
                TMP_PRO_KEY_PAIR = Util.genRSAKeyPair(1024);
            } catch (Exception e) {
                TMP_PRO_KEY_PAIR = new KeyPair(EMUtils.getPubKeyFromBase64Value(B64_PUB_KEY), EMUtils.getPrvKey(Base64.decode(B64_PRV_KEY.getBytes())));
            }
        }
        String lraRequest = reqTemplate.getLraRequest();
        String[] split = org.apache.commons.lang.StringUtils.split(lraRequest, "|");
        String str = split[0];
        String str2 = split[1];
        if (reqTemplate.getReqType() == ReqType.EID_CardPubKey2) {
            reqTemplate.setReqType(ReqType.EID_X509PubKey2);
            RSAPublicKey rSAPubKey = EIDPublicKey.valueOf(str).toRSAPubKey();
            RSAPublicKey rSAPubKey2 = EIDPublicKey.valueOf(str2).toRSAPubKey();
            PublicKey pubKey = EMUtils.getPubKey(rSAPubKey);
            PublicKey pubKey2 = EMUtils.getPubKey(rSAPubKey2);
            str = new String(Base64.encode(pubKey.getEncoded()));
            str2 = new String(Base64.encode(pubKey2.getEncoded()));
        }
        String str3 = new String(Base64.encode(TMP_PRO_KEY_PAIR.getPublic().getEncoded()));
        String str4 = new String(Base64.encode(EMUtils.getRSAPublicKey(TMP_PRO_KEY_PAIR.getPublic()).encode()));
        switch ($SWITCH_TABLE$koal$ra$caclient$ReqType()[reqTemplate.getReqType().ordinal()]) {
            case Util.CERT_PROPS_PUBKEY /* 6 */:
                lraRequest = String.valueOf(str) + "|" + str4;
                break;
            case 9:
                lraRequest = String.valueOf(str) + "|" + str3;
                break;
        }
        reqTemplate.setLraRequest(lraRequest);
        reqTemplate.getExtParams().put("ACTUAL_PRO_PUB_KEY", str2);
    }

    public static void EID_LraResponseCustomized(Engine engine, ReqTemplate reqTemplate, CertResponse certResponse) throws Exception {
        certResponse.setLraInfo(RewrapperEnvelopedData(engine, certResponse.getLraInfo(), TMP_PRO_KEY_PAIR.getPrivate(), EMUtils.getPubKeyFromBase64Value((String) reqTemplate.getExtParams().get("ACTUAL_PRO_PUB_KEY"))));
    }

    public static void main(String[] strArr) throws Exception {
        PublicKey pubKey = EMUtils.getPubKey(EIDPublicKey.valueOf("BJ3EnsXcE8KicTNHRNd1dZpyWYduHAX1d9xDADVpsGNeoP/jdFJdW4rcABOOr3fPnUXx+aq1RKe2h8b3tNDPtNYz95UZAoXDQ5GRjUjXm/efElT1DvQupvo13JdfNjhEFETgj+AhoLnz6eQt5ZCdEAlmZj5a+qOKmO9mkrtVFc2Lnyf+E2Xx1r3akGmO4cTPVAJZFmRgXJxBHvMm4DU3APABAAEA").toRSAPubKey());
        System.out.println(pubKey.toString());
        System.out.println(BlobUtil.toHexString(pubKey.getEncoded()));
        System.out.println("PKCS10: \r\n" + Util.pubKey2PKCS10Req(pubKey));
    }

    static /* synthetic */ int[] $SWITCH_TABLE$koal$ra$caclient$ReqType() {
        int[] iArr = $SWITCH_TABLE$koal$ra$caclient$ReqType;
        if (iArr != null) {
            return iArr;
        }
        int[] iArr2 = new int[ReqType.valuesCustom().length];
        try {
            iArr2[ReqType.CMP.ordinal()] = 2;
        } catch (NoSuchFieldError unused) {
        }
        try {
            iArr2[ReqType.CMP2.ordinal()] = 3;
        } catch (NoSuchFieldError unused2) {
        }
        try {
            iArr2[ReqType.EID_CardPubKey2.ordinal()] = 10;
        } catch (NoSuchFieldError unused3) {
        }
        try {
            iArr2[ReqType.EID_RSAPUBKEY2.ordinal()] = 6;
        } catch (NoSuchFieldError unused4) {
        }
        try {
            iArr2[ReqType.EID_X509PubKey2.ordinal()] = 9;
        } catch (NoSuchFieldError unused5) {
        }
        try {
            iArr2[ReqType.OSCCA_ECC_PUBKEY.ordinal()] = 13;
        } catch (NoSuchFieldError unused6) {
        }
        try {
            iArr2[ReqType.PKCS10.ordinal()] = 1;
        } catch (NoSuchFieldError unused7) {
        }
        try {
            iArr2[ReqType.PUBKEYBLOB.ordinal()] = 11;
        } catch (NoSuchFieldError unused8) {
        }
        try {
            iArr2[ReqType.PUBKEYBLOB2.ordinal()] = 12;
        } catch (NoSuchFieldError unused9) {
        }
        try {
            iArr2[ReqType.RSAPUBKEY.ordinal()] = 4;
        } catch (NoSuchFieldError unused10) {
        }
        try {
            iArr2[ReqType.RSAPUBKEY2.ordinal()] = 5;
        } catch (NoSuchFieldError unused11) {
        }
        try {
            iArr2[ReqType.X509PubKey.ordinal()] = 7;
        } catch (NoSuchFieldError unused12) {
        }
        try {
            iArr2[ReqType.X509PubKey2.ordinal()] = 8;
        } catch (NoSuchFieldError unused13) {
        }
        $SWITCH_TABLE$koal$ra$caclient$ReqType = iArr2;
        return iArr2;
    }
}
