package cfca.sadk.util;

import cfca.org.slf4j.Logger;
import cfca.org.slf4j.LoggerFactory;
import cfca.sadk.algorithm.common.Mechanism;
import cfca.sadk.algorithm.common.MechanismKit;
import cfca.sadk.algorithm.common.PKCS7SignedData;
import cfca.sadk.algorithm.common.PKCS7SignedFile;
import cfca.sadk.algorithm.common.PKIException;
import cfca.sadk.algorithm.util.BigIntegerUtil;
import cfca.sadk.asn1.parser.ASN1Parser;
import cfca.sadk.lib.crypto.Session;
import cfca.sadk.org.bouncycastle.asn1.ASN1EncodableVector;
import cfca.sadk.org.bouncycastle.asn1.ASN1Integer;
import cfca.sadk.org.bouncycastle.asn1.ASN1Sequence;
import cfca.sadk.org.bouncycastle.asn1.DERSequence;
import cfca.sadk.org.bouncycastle.asn1.cms.CMSAttributes;
import cfca.sadk.org.bouncycastle.asn1.cms.Time;
import cfca.sadk.org.bouncycastle.cms.CMSSignedDataParser;
import cfca.sadk.org.bouncycastle.cms.SignerInformation;
import cfca.sadk.org.bouncycastle.operator.bc.BcDigestCalculatorProvider;
import cfca.sadk.org.bouncycastle.util.BigIntegers;
import cfca.sadk.system.FileHelper;
import cfca.sadk.system.SADKDebugger;
import cfca.sadk.x509.certificate.X509Cert;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.interfaces.RSAPublicKey;
import java.text.SimpleDateFormat;
import java.util.Iterator;

/* loaded from: input_file:cfca/sadk/util/Signature.class */
public class Signature {
    static final int sourceFileLoadLimitedLength = 10240;
    static final Logger logger;
    private X509Cert signCert;
    private String digestAlgorithm;
    private byte[] signature;
    private byte[] sourceData;
    private final boolean outputBase64SignResult;

    public Signature() {
        this.signCert = null;
        this.digestAlgorithm = null;
        this.signature = null;
        this.sourceData = null;
        this.outputBase64SignResult = true;
    }

    public Signature(boolean z) {
        this.signCert = null;
        this.digestAlgorithm = null;
        this.signature = null;
        this.sourceData = null;
        this.outputBase64SignResult = z;
    }

    public X509Cert getSignerX509CertFromP7SignData(byte[] bArr) throws PKIException {
        if (logger.isDebugEnabled()) {
            logger.debug("getSignerX509CertFromP7SignData>>>>>>Running");
        }
        try {
            X509Cert signerX509Cert = GetPKCS7From(bArr, null).getSignerX509Cert();
            if (logger.isDebugEnabled()) {
                logger.debug("getSignerX509CertFromP7SignData<<<<<<Finished");
            }
            return signerX509Cert;
        } catch (PKIException e) {
            if (logger.isErrorEnabled()) {
                logger.error("getSignerX509CertFromP7SignData<<<<Failure", e);
            }
            throw e;
        } catch (RuntimeException e2) {
            if (logger.isErrorEnabled()) {
                logger.error("getSignerX509CertFromP7SignData<<<<Failure", e2);
            }
            throw e2;
        }
    }

    public byte[] getContentFromP7SignData(byte[] bArr) throws PKIException {
        if (logger.isDebugEnabled()) {
            logger.debug("getContentFromP7SignData>>>>>>Running");
        }
        try {
            PKCS7SignedData GetPKCS7From = GetPKCS7From(bArr, null);
            if (logger.isDebugEnabled()) {
                logger.debug("getContentFromP7SignData<<<<<<Finished");
            }
            return GetPKCS7From.getSourceData();
        } catch (PKIException e) {
            if (logger.isErrorEnabled()) {
                logger.error("getContentFromP7SignData<<<<Failure", e);
            }
            throw e;
        } catch (RuntimeException e2) {
            if (logger.isErrorEnabled()) {
                logger.error("getContentFromP7SignData<<<<Failure", e2);
            }
            throw e2;
        }
    }

    public String getDigestAlgorithmFromP7SignData(byte[] bArr) throws PKIException {
        if (logger.isDebugEnabled()) {
            logger.debug("getDigestAlgorithmFromP7SignData>>>>>>Running");
        }
        try {
            PKCS7SignedData GetPKCS7From = GetPKCS7From(bArr, null);
            if (logger.isDebugEnabled()) {
                logger.debug("getDigestAlgorithmFromP7SignData<<<<<<Finished");
            }
            return GetPKCS7From.getDigestAlgorithm();
        } catch (PKIException e) {
            if (logger.isErrorEnabled()) {
                logger.error("getDigestAlgorithmFromP7SignData<<<<Failure", e);
            }
            throw e;
        } catch (RuntimeException e2) {
            if (logger.isErrorEnabled()) {
                logger.error("getDigestAlgorithmFromP7SignData<<<<Failure", e2);
            }
            throw e2;
        }
    }

    public byte[] getSourceData() {
        if (logger.isDebugEnabled()) {
            logger.debug("getSourceData<<<<<<Finished: sourceData=" + SADKDebugger.dump(this.sourceData));
        }
        return this.sourceData;
    }

    public byte[] getSignature() {
        if (logger.isDebugEnabled()) {
            logger.debug("getSignature<<<<<<Finished: signature=" + SADKDebugger.dump(this.signature));
        }
        return this.signature;
    }

    public String getDigestAlgorithm() {
        if (logger.isDebugEnabled()) {
            logger.debug("getDigestAlgorithm<<<<<<Finished: digestAlgorithm=" + SADKDebugger.dump(this.digestAlgorithm));
        }
        return this.digestAlgorithm;
    }

    public X509Cert getSignerCert() {
        if (logger.isDebugEnabled()) {
            logger.debug("getSignerCert<<<<<<Finished: signCert=" + SADKDebugger.dump(this.signCert));
        }
        return this.signCert;
    }

    private final byte[] SM2RStoASN1(byte[] bArr) throws PKIException {
        byte[] bArr2;
        if (logger.isDebugEnabled()) {
            logger.debug("SM2RStoASN1::>>>>>>Running: signData=" + SADKDebugger.dump(bArr));
        }
        if (bArr == null || bArr.length != 64) {
            bArr2 = bArr;
        } else {
            try {
                byte[] bArr3 = new byte[32];
                byte[] bArr4 = new byte[32];
                System.arraycopy(bArr, 0, bArr3, 0, 32);
                System.arraycopy(bArr, 32, bArr4, 0, 32);
                ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
                aSN1EncodableVector.add(BigIntegers.fromByteArray(bArr3, 32));
                aSN1EncodableVector.add(BigIntegers.fromByteArray(bArr4, 32));
                bArr2 = new DERSequence(aSN1EncodableVector).getEncoded();
            } catch (Exception e) {
                if (logger.isErrorEnabled()) {
                    logger.error("SM2RStoASN1::<<<<<<Failure(SM2Signature Encoded Failure): signData=" + SADKDebugger.dump(bArr), e);
                }
                throw new PKIException("SM2Signature Encoded Failure", e);
            }
        }
        if (logger.isDebugEnabled()) {
            logger.debug("SM2RStoASN1::<<<<<<Finished: outBytes=" + SADKDebugger.dump(bArr2));
        }
        return bArr2;
    }

    private final byte[] SM2ASN1toRS(byte[] bArr) throws PKIException {
        if (logger.isDebugEnabled()) {
            logger.debug("SM2ASN1toRS::>>>>>>Running: asn1SM2RSValue=" + SADKDebugger.dump(bArr));
        }
        try {
            ASN1Sequence aSN1Sequence = ASN1Sequence.getInstance(bArr);
            ASN1Integer aSN1Integer = (ASN1Integer) aSN1Sequence.getObjectAt(0);
            ASN1Integer aSN1Integer2 = (ASN1Integer) aSN1Sequence.getObjectAt(1);
            byte[] asUnsigned32ByteArray = BigIntegerUtil.asUnsigned32ByteArray(aSN1Integer.getPositiveValue());
            byte[] asUnsigned32ByteArray2 = BigIntegerUtil.asUnsigned32ByteArray(aSN1Integer2.getPositiveValue());
            byte[] bArr2 = new byte[64];
            System.arraycopy(asUnsigned32ByteArray, 0, bArr2, 0, 32);
            System.arraycopy(asUnsigned32ByteArray2, 0, bArr2, 32, 32);
            if (logger.isDebugEnabled()) {
                logger.debug("SM2ASN1toRS::<<<<<<Finished: SM2RS64Bytes=" + SADKDebugger.dump(bArr2));
            }
            return bArr2;
        } catch (Exception e) {
            if (logger.isErrorEnabled()) {
                logger.error("SM2ASN1toRS::<<<<<<Failure(SM2Signature Decoded Failure): asn1SM2RSValue=" + SADKDebugger.dump(bArr), e);
            }
            throw new PKIException("SM2Signature Decoded Failure", e);
        }
    }

    public byte[] p1SignByHash(String str, byte[] bArr, PrivateKey privateKey, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p1SignByHash>>>>>>Running");
            stringBuffer.append("\n signAlg: ");
            stringBuffer.append(SADKDebugger.dump(str));
            stringBuffer.append("\n hashValue: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            stringBuffer.append("\n PrivateKey: ");
            stringBuffer.append(SADKDebugger.dump(privateKey));
            stringBuffer.append("\n session: ");
            stringBuffer.append(SADKDebugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            byte[] outputSignResult = outputSignResult(SM2RStoASN1(session.signByHash(new Mechanism(str), privateKey, bArr)));
            if (logger.isDebugEnabled()) {
                logger.debug("p1SignByHash<<<<<<Finished");
            }
            return outputSignResult;
        } catch (PKIException e) {
            if (logger.isErrorEnabled()) {
                logger.error("p1SignByHash<<<<<<Failure", e);
            }
            throw e;
        } catch (Throwable th) {
            if (logger.isErrorEnabled()) {
                logger.error("p1SignByHash<<<<<<Failure", th);
            }
            throw new PKIException("p1SignByHash Failure", th);
        }
    }

    public byte[] p7SignByHash(String str, byte[] bArr, PrivateKey privateKey, X509Cert x509Cert, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p7SignByHash>>>>>>Running");
            stringBuffer.append("\n signAlg: ");
            stringBuffer.append(SADKDebugger.dump(str));
            stringBuffer.append("\n hashValue: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            stringBuffer.append("\n PrivateKey: ");
            stringBuffer.append(SADKDebugger.dump(privateKey));
            stringBuffer.append("\n signCert: ");
            stringBuffer.append(SADKDebugger.dump(x509Cert));
            stringBuffer.append("\n session: ");
            stringBuffer.append(SADKDebugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            PKCS7SignedData pKCS7SignedData = new PKCS7SignedData(session);
            X509Cert[] x509CertArr = {x509Cert};
            Mechanism mechanism = new Mechanism(str);
            byte[] signByHash = session.signByHash(new Mechanism(str), privateKey, bArr);
            if (logger.isDebugEnabled()) {
                logger.debug("p7SignByHash::::::: binarySignValue=" + SADKDebugger.dump(signByHash));
            }
            byte[] outputSignResult = outputSignResult(pKCS7SignedData.packageSignedData(false, null, null, signByHash, mechanism, x509CertArr));
            if (logger.isDebugEnabled()) {
                logger.debug("p7SignByHash<<<<<<Finished");
            }
            return outputSignResult;
        } catch (PKIException e) {
            if (logger.isErrorEnabled()) {
                logger.error("p7SignByHash<<<<<<Failure", e);
            }
            throw e;
        } catch (Throwable th) {
            if (logger.isErrorEnabled()) {
                logger.error("p7SignByHash<<<<<<Failure", th);
            }
            throw new PKIException("p7SignByHash Failure", th);
        }
    }

    public boolean p1VerifyByHash(String str, byte[] bArr, byte[] bArr2, PublicKey publicKey, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p1VerifyByHash>>>>>>Running");
            stringBuffer.append("\n signAlg: ");
            stringBuffer.append(SADKDebugger.dump(str));
            stringBuffer.append("\n hashValue: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            stringBuffer.append("\n base64P1SignedData: ");
            stringBuffer.append(SADKDebugger.dump(bArr2));
            stringBuffer.append("\n publicKey: ");
            stringBuffer.append(SADKDebugger.dump(publicKey));
            stringBuffer.append("\n session: ");
            stringBuffer.append(SADKDebugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            byte[] GetP1SignatureValue = GetP1SignatureValue(publicKey, str, bArr2);
            if (logger.isDebugEnabled()) {
                logger.debug("p1VerifyByHash::::::: binarySignValue=" + SADKDebugger.dump(GetP1SignatureValue));
            }
            boolean verifyByHash = session.verifyByHash(new Mechanism(str), publicKey, bArr, GetP1SignatureValue);
            if (logger.isDebugEnabled()) {
                logger.debug("p1VerifyByHash<<<<<<Finished: verifyResult=" + verifyByHash);
            }
            return verifyByHash;
        } catch (PKIException e) {
            if (logger.isErrorEnabled()) {
                logger.error("p1VerifyByHash<<<<<<Failure", e);
            }
            throw e;
        } catch (Throwable th) {
            if (logger.isErrorEnabled()) {
                logger.error("p1VerifyByHash<<<<<<Failure", th);
            }
            throw new PKIException("p1VerifyByHash Failure", th);
        }
    }

    public boolean p7VerifyByHash(byte[] bArr, byte[] bArr2, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p7VerifyByHash>>>>>>Running");
            stringBuffer.append("\n hashValue: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            stringBuffer.append("\n base64P7SignedData: ");
            stringBuffer.append(SADKDebugger.dump(bArr2));
            stringBuffer.append("\n session: ");
            stringBuffer.append(SADKDebugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            PKCS7SignedData GetPKCS7From = GetPKCS7From(bArr2, session);
            GetDataFrom(GetPKCS7From, false);
            boolean verifyP7SignedDataByHash = GetPKCS7From.verifyP7SignedDataByHash(bArr);
            if (logger.isDebugEnabled()) {
                logger.debug("p7VerifyByHash<<<<<<Finished: verifyResult=" + verifyP7SignedDataByHash);
            }
            return verifyP7SignedDataByHash;
        } catch (PKIException e) {
            if (logger.isErrorEnabled()) {
                logger.error("p7VerifyByHash<<<<<<Failure", e);
            }
            throw e;
        } catch (Throwable th) {
            if (logger.isErrorEnabled()) {
                logger.error("p7VerifyByHash<<<<<<Failure", th);
            }
            throw new PKIException("p7VerifyByHash Failure", th);
        }
    }

    public byte[] p1SignMessage(String str, byte[] bArr, PrivateKey privateKey, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p1SignMessage>>>>>>Running");
            stringBuffer.append("\n signAlg: ");
            stringBuffer.append(SADKDebugger.dump(str));
            stringBuffer.append("\n sourceData: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            stringBuffer.append("\n PrivateKey: ");
            stringBuffer.append(SADKDebugger.dump(privateKey));
            stringBuffer.append("\n session: ");
            stringBuffer.append(SADKDebugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            byte[] outputSignResult = outputSignResult(SM2RStoASN1(session.sign(new Mechanism(str), privateKey, bArr)));
            if (logger.isDebugEnabled()) {
                logger.debug("p1SignMessage<<<<<<Finished");
            }
            return outputSignResult;
        } catch (PKIException e) {
            if (logger.isErrorEnabled()) {
                logger.error("p1SignMessage<<<<<<Failure", e);
            }
            throw e;
        } catch (Throwable th) {
            if (logger.isErrorEnabled()) {
                logger.error("p1SignMessage<<<<<<Failure", th);
            }
            throw new PKIException("p1SignMessage Failure", th);
        }
    }

    public byte[] p1SignFile(String str, String str2, PrivateKey privateKey, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p1SignFile>>>>>>Running");
            stringBuffer.append("\n signAlg: ");
            stringBuffer.append(SADKDebugger.dump(str));
            stringBuffer.append("\n sourceFilePath: ");
            stringBuffer.append(SADKDebugger.dump(str2));
            stringBuffer.append("\n PrivateKey: ");
            stringBuffer.append(SADKDebugger.dump(privateKey));
            stringBuffer.append("\n session: ");
            stringBuffer.append(SADKDebugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        FileInputStream fileInputStream = null;
        try {
            try {
                try {
                    fileInputStream = new FileInputStream(str2);
                    byte[] outputSignResult = outputSignResult(SM2RStoASN1(session.sign(new Mechanism(str), privateKey, fileInputStream)));
                    if (logger.isDebugEnabled()) {
                        logger.debug("p1SignFile<<<<<<Finished");
                    }
                    if (fileInputStream != null) {
                        try {
                            fileInputStream.close();
                        } catch (Exception e) {
                            throw new PKIException("p1SignFile Failure", e);
                        }
                    }
                    return outputSignResult;
                } catch (Throwable th) {
                    if (logger.isErrorEnabled()) {
                        logger.error("p1SignFile<<<<<<Failure", th);
                    }
                    throw new PKIException("p1SignFile Failure", th);
                }
            } catch (PKIException e2) {
                if (logger.isErrorEnabled()) {
                    logger.error("p1SignFile<<<<<<Failure", e2);
                }
                throw e2;
            }
        } catch (Throwable th2) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (Exception e3) {
                    throw new PKIException("p1SignFile Failure", e3);
                }
            }
            throw th2;
        }
    }

    public byte[] p7SignMessageAttach(String str, byte[] bArr, PrivateKey privateKey, X509Cert x509Cert, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p7SignMessageAttach>>>>>>Running");
            stringBuffer.append("\n signAlg: ");
            stringBuffer.append(SADKDebugger.dump(str));
            stringBuffer.append("\n sourceData: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            stringBuffer.append("\n privateKey: ");
            stringBuffer.append(SADKDebugger.dump(privateKey));
            stringBuffer.append("\n signCert: ");
            stringBuffer.append(SADKDebugger.dump(x509Cert));
            stringBuffer.append("\n session: ");
            stringBuffer.append(SADKDebugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            PKCS7SignedData pKCS7SignedData = new PKCS7SignedData(session);
            X509Cert[] x509CertArr = {x509Cert};
            Mechanism mechanism = new Mechanism(str);
            byte[] sign = session.sign(mechanism, privateKey, bArr);
            if (logger.isDebugEnabled()) {
                logger.debug("p7SignMessageAttach::::::: binarySignValue=" + SADKDebugger.dump(sign));
            }
            byte[] outputSignResult = outputSignResult(pKCS7SignedData.packageSignedData(true, null, bArr, sign, mechanism, x509CertArr));
            if (logger.isDebugEnabled()) {
                logger.debug("p7SignMessageAttach<<<<<<Finished");
            }
            return outputSignResult;
        } catch (PKIException e) {
            if (logger.isErrorEnabled()) {
                logger.error("p7SignMessageAttach<<<<<<Failure", e);
            }
            throw e;
        } catch (Throwable th) {
            if (logger.isErrorEnabled()) {
                logger.error("p7SignMessageAttach<<<<<<Failure", th);
            }
            throw new PKIException("p7SignMessageAttach Failure", th);
        }
    }

    public byte[] p7SignMessageDetach(String str, byte[] bArr, PrivateKey privateKey, X509Cert x509Cert, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p7SignMessageDetach>>>>>>Running");
            stringBuffer.append("\n signAlg: ");
            stringBuffer.append(SADKDebugger.dump(str));
            stringBuffer.append("\n sourceData: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            stringBuffer.append("\n privateKey: ");
            stringBuffer.append(SADKDebugger.dump(privateKey));
            stringBuffer.append("\n signCert: ");
            stringBuffer.append(SADKDebugger.dump(x509Cert));
            stringBuffer.append("\n session: ");
            stringBuffer.append(SADKDebugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            PKCS7SignedData pKCS7SignedData = new PKCS7SignedData(session);
            X509Cert[] x509CertArr = {x509Cert};
            Mechanism mechanism = new Mechanism(str);
            byte[] sign = session.sign(mechanism, privateKey, bArr);
            if (logger.isDebugEnabled()) {
                logger.debug("p7SignMessageAttach::::::: binarySignValue=" + SADKDebugger.dump(sign));
            }
            byte[] outputSignResult = outputSignResult(pKCS7SignedData.packageSignedData(false, null, bArr, sign, mechanism, x509CertArr));
            if (logger.isDebugEnabled()) {
                logger.debug("p7SignMessageAttach<<<<<<Finished");
            }
            return outputSignResult;
        } catch (PKIException e) {
            if (logger.isErrorEnabled()) {
                logger.error("p7SignMessageDetach<<<<<<Failure", e);
            }
            throw e;
        } catch (Throwable th) {
            if (logger.isErrorEnabled()) {
                logger.error("p7SignMessageDetach<<<<<<Failure", th);
            }
            throw new PKIException("p7SignMessageDetach Failure", th);
        }
    }

    public void p7SignFileAttach(String str, String str2, String str3, PrivateKey privateKey, X509Cert x509Cert, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p7SignFileAttach>>>>>>Running");
            stringBuffer.append("\n signAlg: ");
            stringBuffer.append(SADKDebugger.dump(str));
            stringBuffer.append("\n sourceFilePath: ");
            stringBuffer.append(SADKDebugger.dump(str2));
            stringBuffer.append("\n outSignedFilePath: ");
            stringBuffer.append(SADKDebugger.dump(str3));
            stringBuffer.append("\n privateKey: ");
            stringBuffer.append(SADKDebugger.dump(privateKey));
            stringBuffer.append("\n signCert: ");
            stringBuffer.append(SADKDebugger.dump(x509Cert));
            stringBuffer.append("\n session: ");
            stringBuffer.append(SADKDebugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        FileInputStream fileInputStream = null;
        try {
            try {
                FileInputStream fileInputStream2 = new FileInputStream(str2);
                PKCS7SignedFile pKCS7SignedFile = new PKCS7SignedFile(session);
                X509Cert[] x509CertArr = {x509Cert};
                Mechanism mechanism = new Mechanism(str);
                byte[] sign = session.sign(mechanism, privateKey, fileInputStream2);
                if (logger.isDebugEnabled()) {
                    logger.debug("p7SignFileAttach::::::: binarySignValue=" + SADKDebugger.dump(sign));
                }
                fileInputStream = new FileInputStream(str2);
                pKCS7SignedFile.packageSignedFile(null, str2, str3, sign, mechanism, x509CertArr);
                if (logger.isDebugEnabled()) {
                    logger.debug("p7SignFileAttach<<<<<<Finished: outSignedFilePath=" + SADKDebugger.dump(str3));
                }
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (Exception e) {
                        throw new PKIException("p7SignFileAttach Failure", e);
                    }
                }
            } catch (PKIException e2) {
                if (logger.isErrorEnabled()) {
                    logger.error("p7SignFileAttach<<<<<<Failure", e2);
                }
                throw e2;
            } catch (Throwable th) {
                if (logger.isErrorEnabled()) {
                    logger.error("p7SignFileAttach<<<<<<Failure", th);
                }
                throw new PKIException("p7SignFileAttach Failure", th);
            }
        } catch (Throwable th2) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (Exception e3) {
                    throw new PKIException("p7SignFileAttach Failure", e3);
                }
            }
            throw th2;
        }
    }

    public byte[] p7SignFileDetach(String str, String str2, PrivateKey privateKey, X509Cert x509Cert, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p7SignFileDetach>>>>>>Running");
            stringBuffer.append("\n signAlg: ");
            stringBuffer.append(SADKDebugger.dump(str));
            stringBuffer.append("\n sourceFilePath: ");
            stringBuffer.append(SADKDebugger.dump(str2));
            stringBuffer.append("\n privateKey: ");
            stringBuffer.append(SADKDebugger.dump(privateKey));
            stringBuffer.append("\n signCert: ");
            stringBuffer.append(SADKDebugger.dump(x509Cert));
            stringBuffer.append("\n session: ");
            stringBuffer.append(SADKDebugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        FileInputStream fileInputStream = null;
        try {
            try {
                PKCS7SignedData pKCS7SignedData = new PKCS7SignedData(session);
                X509Cert[] x509CertArr = {x509Cert};
                Mechanism mechanism = new Mechanism(str);
                fileInputStream = new FileInputStream(str2);
                byte[] sign = session.sign(mechanism, privateKey, fileInputStream);
                if (logger.isDebugEnabled()) {
                    logger.debug("p7SignFileDetach::::::: binarySignValue=" + SADKDebugger.dump(sign));
                }
                byte[] outputSignResult = outputSignResult(pKCS7SignedData.packageSignedData(false, null, null, sign, mechanism, x509CertArr));
                if (logger.isDebugEnabled()) {
                    logger.debug("p7SignFileDetach<<<<<<Finished");
                }
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (Exception e) {
                        throw new PKIException("p7SignFileDetach Failure", e);
                    }
                }
                return outputSignResult;
            } catch (PKIException e2) {
                if (logger.isErrorEnabled()) {
                    logger.error("p7SignFileDetach<<<<<<Failure", e2);
                }
                throw e2;
            } catch (Throwable th) {
                if (logger.isErrorEnabled()) {
                    logger.error("p7SignFileDetach<<<<<<Failure", th);
                }
                throw new PKIException("p7SignFileDetach Failure", th);
            }
        } catch (Throwable th2) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (Exception e3) {
                    throw new PKIException("p7SignFileDetach Failure", e3);
                }
            }
            throw th2;
        }
    }

    public boolean p1VerifyMessage(String str, byte[] bArr, byte[] bArr2, PublicKey publicKey, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p1VerifyMessage>>>>>>Running");
            stringBuffer.append("\n sourceData: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            stringBuffer.append("\n base64P1SignedData: ");
            stringBuffer.append(SADKDebugger.dump(bArr2));
            stringBuffer.append("\n publicKey: ");
            stringBuffer.append(SADKDebugger.dump(publicKey));
            stringBuffer.append("\n session: ");
            stringBuffer.append(SADKDebugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            byte[] GetP1SignatureValue = GetP1SignatureValue(publicKey, str, bArr2);
            if (logger.isDebugEnabled()) {
                logger.debug("p1VerifyMessage::::::: binarySignValue=" + SADKDebugger.dump(GetP1SignatureValue));
            }
            boolean verify = session.verify(new Mechanism(str), publicKey, bArr, GetP1SignatureValue);
            if (logger.isDebugEnabled()) {
                logger.debug("p1VerifyMessage<<<<<<Finished: verifyResult=" + verify);
            }
            return verify;
        } catch (PKIException e) {
            if (logger.isErrorEnabled()) {
                logger.error("p1VerifyMessage<<<<<<Failure", e);
            }
            throw e;
        } catch (Throwable th) {
            if (logger.isErrorEnabled()) {
                logger.error("p1VerifyMessage<<<<<<Failure", th);
            }
            throw new PKIException("p1VerifyMessage Failure", th);
        }
    }

    public boolean p1VerifyFile(String str, String str2, byte[] bArr, PublicKey publicKey, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p1VerifyMessage>>>>>>Running");
            stringBuffer.append("\n sourceFilePath: ");
            stringBuffer.append(SADKDebugger.dump(str2));
            stringBuffer.append("\n base64P1SignedData: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            stringBuffer.append("\n publicKey: ");
            stringBuffer.append(SADKDebugger.dump(publicKey));
            stringBuffer.append("\n session: ");
            stringBuffer.append(SADKDebugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        FileInputStream fileInputStream = null;
        try {
            try {
                try {
                    fileInputStream = new FileInputStream(str2);
                    byte[] GetP1SignatureValue = GetP1SignatureValue(publicKey, str, bArr);
                    if (logger.isDebugEnabled()) {
                        logger.debug("p1VerifyFile::::::: binarySignValue=" + SADKDebugger.dump(GetP1SignatureValue));
                    }
                    boolean verify = session.verify(new Mechanism(str), publicKey, fileInputStream, GetP1SignatureValue);
                    if (logger.isDebugEnabled()) {
                        logger.debug("p1VerifyFile<<<<<<Finished: verifyResult=" + verify);
                    }
                    if (fileInputStream != null) {
                        try {
                            fileInputStream.close();
                        } catch (Exception e) {
                            throw new PKIException("p1VerifyFile Failure", e);
                        }
                    }
                    return verify;
                } catch (Throwable th) {
                    if (logger.isErrorEnabled()) {
                        logger.error("p1VerifyFile<<<<<<Failure", th);
                    }
                    throw new PKIException("p1VerifyFile Failure", th);
                }
            } catch (PKIException e2) {
                if (logger.isErrorEnabled()) {
                    logger.error("p1VerifyFile<<<<<<Failure", e2);
                }
                throw e2;
            }
        } catch (Throwable th2) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (Exception e3) {
                    throw new PKIException("p1VerifyFile Failure", e3);
                }
            }
            throw th2;
        }
    }

    public boolean p7VerifyMessageAttach(byte[] bArr, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p7VerifyMessageAttach>>>>>>Running");
            stringBuffer.append("\n base64P7SignedData: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            stringBuffer.append("\n session: ");
            stringBuffer.append(SADKDebugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            PKCS7SignedData GetPKCS7From = GetPKCS7From(bArr, session);
            GetDataFrom(GetPKCS7From, true);
            boolean verifyP7SignedDataAttach = GetPKCS7From.verifyP7SignedDataAttach();
            if (logger.isDebugEnabled()) {
                logger.debug("p7VerifyMessageAttach<<<<<<Finished: verifyResult=" + verifyP7SignedDataAttach);
            }
            return verifyP7SignedDataAttach;
        } catch (PKIException e) {
            if (logger.isErrorEnabled()) {
                logger.error("p7VerifyMessageAttach<<<<<<Failure", e);
            }
            throw e;
        } catch (Throwable th) {
            if (logger.isErrorEnabled()) {
                logger.error("p7VerifyMessageAttach<<<<<<Failure", th);
            }
            throw new PKIException("p7VerifyMessageAttach Failure", th);
        }
    }

    public boolean p7VerifyMessageDetach(byte[] bArr, byte[] bArr2, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p7VerifyMessageDetach>>>>>>Running");
            stringBuffer.append("\n sourceData: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            stringBuffer.append("\n base64P7SignedData: ");
            stringBuffer.append(SADKDebugger.dump(bArr2));
            stringBuffer.append("\n session: ");
            stringBuffer.append(SADKDebugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            PKCS7SignedData GetPKCS7From = GetPKCS7From(bArr2, session);
            GetDataFrom(GetPKCS7From, false);
            boolean verifyP7SignedData = GetPKCS7From.verifyP7SignedData(bArr);
            if (logger.isDebugEnabled()) {
                logger.debug("p7VerifyMessageDetach<<<<<<Finished: verifyResult=" + verifyP7SignedData);
            }
            return verifyP7SignedData;
        } catch (PKIException e) {
            if (logger.isErrorEnabled()) {
                logger.error("p7VerifyMessageDetach<<<<<<Failure", e);
            }
            throw e;
        } catch (Throwable th) {
            if (logger.isErrorEnabled()) {
                logger.error("p7VerifyMessageDetach<<<<<<Failure", th);
            }
            throw new PKIException("p7VerifyMessageDetach Failure", th);
        }
    }

    public boolean p7VerifyFileAttach(String str, String str2, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p7VerifyFileAttach>>>>>>Running");
            stringBuffer.append("\n signedFilePath: ");
            stringBuffer.append(SADKDebugger.dump(str));
            stringBuffer.append("\n outSourceFilePath: ");
            stringBuffer.append(SADKDebugger.dump(str2));
            stringBuffer.append("\n session: ");
            stringBuffer.append(SADKDebugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            PKCS7SignedFile pKCS7SignedFile = new PKCS7SignedFile(session);
            boolean verifyP7SignedFile = pKCS7SignedFile.verifyP7SignedFile(str, str2);
            if (logger.isDebugEnabled()) {
                logger.debug("p7VerifyFileAttach:::::: verifyResult=" + verifyP7SignedFile);
            }
            GetDataFrom(pKCS7SignedFile, str2);
            if (logger.isDebugEnabled()) {
                logger.debug("p7VerifyFileAttach<<<<<<Finished: verifyResult=" + verifyP7SignedFile);
            }
            return verifyP7SignedFile;
        } catch (PKIException e) {
            if (logger.isErrorEnabled()) {
                logger.error("p7VerifyFileAttach<<<<<<Failure", e);
            }
            throw e;
        } catch (Throwable th) {
            if (logger.isErrorEnabled()) {
                logger.error("p7VerifyFileAttach<<<<<<Failure", th);
            }
            throw new PKIException("p7VerifyFileAttach Failure", th);
        }
    }

    public boolean p7VerifyFileDetach(String str, byte[] bArr, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p7VerifyFileDetach>>>>>>Running");
            stringBuffer.append("\n sourceFilePath: ");
            stringBuffer.append(SADKDebugger.dump(str));
            stringBuffer.append("\n base64P7SignedData: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            stringBuffer.append("\n session: ");
            stringBuffer.append(SADKDebugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        FileInputStream fileInputStream = null;
        try {
            try {
                PKCS7SignedData GetPKCS7From = GetPKCS7From(bArr, session);
                GetDataFrom(GetPKCS7From, false);
                fileInputStream = new FileInputStream(str);
                boolean verifyP7SignedData = GetPKCS7From.verifyP7SignedData(fileInputStream);
                if (logger.isDebugEnabled()) {
                    logger.debug("p7VerifyFileDetach<<<<<<Finished: verifyResult=" + verifyP7SignedData);
                }
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (Exception e) {
                        throw new PKIException("p7VerifyFileDetach Failure", e);
                    }
                }
                return verifyP7SignedData;
            } catch (PKIException e2) {
                if (logger.isErrorEnabled()) {
                    logger.error("p7VerifyFileDetach<<<<<<Failure", e2);
                }
                throw e2;
            } catch (Throwable th) {
                if (logger.isErrorEnabled()) {
                    logger.error("p7VerifyFileDetach<<<<<<Failure", th);
                }
                throw new PKIException("p7VerifyFileDetach Failure", th);
            }
        } catch (Throwable th2) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (Exception e3) {
                    throw new PKIException("p7VerifyFileDetach Failure", e3);
                }
            }
            throw th2;
        }
    }

    public String getTimeFromTimeStamp(byte[] bArr) throws PKIException {
        byte[] decode;
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("getTimeFromTimeStamp>>>>>>Running");
            stringBuffer.append("\n base64P7SignedData: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (bArr == null) {
                throw new PKIException("base64P7SignedData should not be null");
            }
            boolean isDERSequence = ASN1Parser.isDERSequence(bArr);
            logger.debug("getTimeFromTimeStamp::::::isDERSequence=" + isDERSequence);
            if (isDERSequence) {
                decode = bArr;
            } else {
                try {
                    decode = Base64.decode(bArr);
                } catch (Exception e) {
                    throw new PKIException("GetTimeStamp Failure: base64P7SignedData Invalid", e);
                }
            }
            logger.debug("getTimeFromTimeStamp::::::base64P7SignedData Invalid");
            try {
                CMSSignedDataParser cMSSignedDataParser = new CMSSignedDataParser(new BcDigestCalculatorProvider(), new ByteArrayInputStream(decode));
                logger.debug("getTimeFromTimeStamp::::::SignedData Invalid");
                try {
                    Iterator it = cMSSignedDataParser.getSignerInfos().getSigners().iterator();
                    String str = null;
                    while (it.hasNext()) {
                        str = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").format(Time.getInstance(((SignerInformation) it.next()).getSignedAttributes().get(CMSAttributes.signingTime).getAttrValues().getObjectAt(0).toASN1Primitive()).getDate());
                    }
                    cMSSignedDataParser.close();
                    if (logger.isDebugEnabled()) {
                        logger.debug("getTimeFromTimeStamp<<<<<<Finished: signTimeText=" + str);
                    }
                    return str;
                } catch (Exception e2) {
                    throw new PKIException("GetTimeStamp Failure: Time parsed failure", e2);
                }
            } catch (Exception e3) {
                throw new PKIException("GetTimeStamp Failure: base64P7SignedData parsed failure", e3);
            }
        } catch (PKIException e4) {
            if (logger.isErrorEnabled()) {
                logger.error("getTimeFromTimeStamp<<<<<<Failure", e4);
            }
            throw e4;
        } catch (Throwable th) {
            if (logger.isErrorEnabled()) {
                logger.error("getTimeFromTimeStamp<<<<<<Failure", th);
            }
            throw new PKIException("getTimeFromTimeStamp Failure", th);
        }
    }

    private final byte[] GetP1SignatureValue(PublicKey publicKey, String str, byte[] bArr) throws PKIException {
        byte[] SM2ASN1toRS;
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("GetP1SignatureValue::>>>>>>Running");
            stringBuffer.append("\n signAlg: " + str);
            stringBuffer.append("\n signedData: ");
            stringBuffer.append(SADKDebugger.dump(bArr));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (publicKey == null) {
                throw new PKIException("Required parameters publicKey");
            }
            if (str == null) {
                throw new PKIException("Required parameters signAlg");
            }
            if (bArr == null || bArr.length == 0) {
                throw new PKIException("Required parameters signedData");
            }
            String upperCase = str.toUpperCase();
            if (upperCase.indexOf(MechanismKit.RSA) >= 0) {
                SM2ASN1toRS = bArr.length % (publicKey instanceof RSAPublicKey ? (7 + ((RSAPublicKey) publicKey).getModulus().bitLength()) / 8 : 64) == 0 ? bArr : Base64.decode(bArr);
            } else {
                if (upperCase.indexOf(MechanismKit.SM2) < 0) {
                    throw new PKIException("Invalid signatureAlgorithm: " + str);
                }
                if (bArr.length < 64) {
                    throw new PKIException("Invalid signatureValue:  signedData shortage=" + SADKDebugger.dump(bArr));
                }
                if (bArr.length == 64) {
                    SM2ASN1toRS = bArr;
                } else if (bArr.length > 72 || !ASN1Parser.isDERSequence(bArr)) {
                    byte[] decode = Base64.decode(bArr);
                    if (decode.length == 64) {
                        SM2ASN1toRS = decode;
                    } else {
                        if (!ASN1Parser.isDERSequence(decode)) {
                            throw new PKIException("Invalid signatureValue: required binary or base64, signedData=" + SADKDebugger.dump(bArr));
                        }
                        SM2ASN1toRS = SM2ASN1toRS(decode);
                    }
                } else {
                    SM2ASN1toRS = SM2ASN1toRS(bArr);
                }
            }
            if (logger.isDebugEnabled()) {
                logger.debug("GetP1SignatureValue::<<<<<<Finished: outSignatureBytes=" + SADKDebugger.dump(SM2ASN1toRS));
            }
            return SM2ASN1toRS;
        } catch (PKIException e) {
            if (logger.isErrorEnabled()) {
                logger.error("GetP1SignatureValue::<<<<Failure", e);
            }
            throw e;
        } catch (Exception e2) {
            if (logger.isErrorEnabled()) {
                logger.error("GetP1SignatureValue::<<<<Failure,Invalid base64SignatureValue=" + SADKDebugger.dump(bArr), e2);
            }
            throw new PKIException("Invalid base64SignatureValue");
        }
    }

    private final PKCS7SignedData GetPKCS7From(byte[] bArr, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            logger.debug("GetPKCS7From::>>>>>>Running: p7SignedData=" + SADKDebugger.dump(bArr));
        }
        try {
            PKCS7SignedData pKCS7SignedData = new PKCS7SignedData(session);
            pKCS7SignedData.loadBase64(bArr);
            if (logger.isDebugEnabled()) {
                logger.debug("GetPKCS7From::<<<<<<Finished");
            }
            return pKCS7SignedData;
        } catch (PKIException e) {
            if (logger.isErrorEnabled()) {
                logger.error("GetPKCS7From::<<<<<<Failure: p7SignedData=" + SADKDebugger.dump(bArr), e);
            }
            throw e;
        }
    }

    private final void GetDataFrom(PKCS7SignedData pKCS7SignedData, boolean z) throws PKIException {
        if (logger.isDebugEnabled()) {
            logger.debug("GetDataFrom::>>>>>>Running");
        }
        this.signCert = pKCS7SignedData.getSignerX509Cert();
        if (logger.isDebugEnabled()) {
            logger.debug("GetDataFrom::::::::signCert=" + SADKDebugger.dump(this.signCert));
        }
        this.digestAlgorithm = pKCS7SignedData.getDigestAlgorithm();
        if (logger.isDebugEnabled()) {
            logger.debug("GetDataFrom::::::::digestAlgorithm=" + SADKDebugger.dump(this.digestAlgorithm));
        }
        this.signature = pKCS7SignedData.getSignature();
        if (logger.isDebugEnabled()) {
            logger.debug("GetDataFrom::::::::signature=" + SADKDebugger.dump(this.signature));
        }
        if (z) {
            this.sourceData = pKCS7SignedData.getSourceData();
            if (logger.isDebugEnabled()) {
                logger.debug("GetDataFrom::::::::sourceData=" + SADKDebugger.dump(this.sourceData));
            }
        }
        if (logger.isDebugEnabled()) {
            logger.debug("GetDataFrom::<<<<<<Finished");
        }
    }

    private final void GetDataFrom(PKCS7SignedFile pKCS7SignedFile, String str) {
        if (logger.isDebugEnabled()) {
            logger.debug("GetDataFrom::>>>>>>Running");
        }
        this.signCert = pKCS7SignedFile.getSignerX509Cert();
        if (logger.isDebugEnabled()) {
            logger.debug("GetDataFrom::::::::signCert=" + SADKDebugger.dump(this.signCert));
        }
        this.digestAlgorithm = pKCS7SignedFile.getDigestAlgorithm();
        if (logger.isDebugEnabled()) {
            logger.debug("GetDataFrom::::::::digestAlgorithm=" + SADKDebugger.dump(this.digestAlgorithm));
        }
        this.signature = pKCS7SignedFile.getSignature();
        if (logger.isDebugEnabled()) {
            logger.debug("GetDataFrom::::::::signature=" + SADKDebugger.dump(this.signature));
        }
        if (str != null) {
            try {
                File file = new File(str);
                if (file.exists() && file.isFile() && file.length() < 10240) {
                    this.sourceData = FileHelper.read(file.getAbsolutePath());
                    if (logger.isDebugEnabled()) {
                        logger.debug("GetDataFrom::::::::sourceData=" + SADKDebugger.dump(this.sourceData));
                    }
                }
            } catch (Exception e) {
            }
        }
        if (logger.isDebugEnabled()) {
            logger.debug("GetDataFrom::<<<<<<Finished");
        }
    }

    final byte[] outputSignResult(byte[] bArr) {
        byte[] bArr2;
        if (logger.isDebugEnabled()) {
            logger.debug("outputSignResult::>>>>>>Running: binarySignValue=" + SADKDebugger.dump(bArr));
        }
        if (this.outputBase64SignResult) {
            bArr2 = Base64.encode(bArr);
            if (logger.isDebugEnabled()) {
                logger.debug("outputSignResult::<<<<<<Finished: base64SignValue=" + SADKDebugger.dumpBase64(bArr2));
            }
        } else {
            bArr2 = bArr;
            if (logger.isDebugEnabled()) {
                logger.debug("outputSignResult::<<<<<<Finished: binarySignValue=" + SADKDebugger.dump(bArr2));
            }
        }
        return bArr2;
    }

    static {
        SADKDebugger.setDebugger();
        logger = LoggerFactory.getLogger(Signature.class);
    }
}
