package com.ezca.etssapi;

import com.ccit.mshield.sof.constant.AlgorithmConstants;
import com.ezca.etssapi.exception.TSPTcpIpException;
import com.ezca.etssapi.exception.TSPTcpIpResponse;
import com.ezca.etssapi.exception.TSPValidationException;
import com.ezca.sm2.SM2;
import com.ezca.sm2.SM2Result;
import com.ezca.sm2.SM3Digest;
import com.igexin.push.f.r;
import com.xiaomi.mipush.sdk.Constants;
import io.dcloud.common.util.JSUtil;
import java.io.ByteArrayInputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.File;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.Date;
import java.util.Iterator;
import java.util.concurrent.atomic.AtomicBoolean;
import org.bouncycastle.asn1.ASN1Boolean;
import org.bouncycastle.asn1.ASN1Encoding;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.cms.ContentInfo;
import org.bouncycastle.asn1.eac.CertificateBody;
import org.bouncycastle.asn1.tsp.MessageImprint;
import org.bouncycastle.asn1.tsp.TSTInfo;
import org.bouncycastle.asn1.tsp.TimeStampReq;
import org.bouncycastle.asn1.tsp.TimeStampResp;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.math.ec.ECPoint;
import org.bouncycastle.tsp.TSPException;
import org.bouncycastle.tsp.TimeStampRequest;
import org.bouncycastle.util.encoders.Base64;
import org.i5cn.util.ByteUtil;
import org.i5cn.util.CryptoUtil;
import org.i5cn.util.HEX;

/* loaded from: classes.dex */
public class TS {
    private static final boolean DEFAULT_CERT_REQ = false;
    private static final byte PING = Byte.MAX_VALUE;
    private static final String PROVIDER = "BC";
    private static final byte TYPE_DATA = 1;
    private static final byte TYPE_DIGEST = 48;
    private static final byte TYPE_FILE = 2;
    private static final byte TYPE_TSQ = 49;
    private static final byte[] uid = {TYPE_TSQ, 50, 51, 52, 53, 54, 55, 56, TYPE_TSQ, 50, 51, 52, 53, 54, 55, 56};
    private String host;
    private int port;
    private AtomicBoolean connStatus = new AtomicBoolean(false);
    private volatile boolean isClose = false;
    private AtomicBoolean isPing = new AtomicBoolean(false);
    private ConnPool pool = null;

    static {
        if (Security.getProvider("BC") == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }

    public TS(String str, int i, int i2, int i3) throws TSPTcpIpException {
        init(str, i, i2, i3, 1);
    }

    public TS(String str, int i, int i2, int i3, int i4) throws TSPTcpIpException {
        init(str, i, i2, i3, i4);
    }

    private static TimeStampReq _generateTimeStampRequestByDigest(String str, byte[] bArr, String str2, BigInteger bigInteger, boolean z) throws TSPTcpIpException {
        if (str == null || "".equals(str)) {
            throw new TSPTcpIpException("摘要算法参数不能为空");
        }
        String oidByName = SysObjectIdentifiers.getOidByName(str);
        if (oidByName == null) {
            throw new TSPTcpIpException("不支持的摘要算法");
        }
        if (bArr == null || bArr.length == 0) {
            throw new TSPTcpIpException("摘要数据参数不能为空");
        }
        try {
            if (bArr.length != SysObjectIdentifiers.getDigestLength(oidByName)) {
                throw new TSPTcpIpException("摘要数据长度错误");
            }
            if (str2 == null || "".equals(str2) || SysUtility.isValidIdentifier(str2)) {
                return new TimeStampReq(new MessageImprint(new AlgorithmIdentifier(new ASN1ObjectIdentifier(oidByName), DERNull.INSTANCE), bArr), str2 == null ? SysObjectIdentifiers.TSAPolicy : new ASN1ObjectIdentifier(str2), bigInteger == null ? null : new ASN1Integer(bigInteger), ASN1Boolean.getInstance(z), null);
            }
            throw new TSPTcpIpException("策略值格式错误");
        } catch (Exception unused) {
            throw new TSPTcpIpException("摘要数据长度错误");
        }
    }

    private static byte[] generateTimeStampRequestByDigest(String str, byte[] bArr, String str2, BigInteger bigInteger, boolean z) throws TSPTcpIpException {
        try {
            return _generateTimeStampRequestByDigest(str, bArr, str2, bigInteger, z).getEncoded(ASN1Encoding.DER);
        } catch (IOException e) {
            throw new TSPTcpIpException("TimeStampReq编码异常：" + e.getMessage());
        }
    }

    public static byte[] getCert(byte[] bArr) throws TSPValidationException {
        if (bArr == null || bArr.length == 0) {
            throw new TSPValidationException("时间戳响应数据不能为空");
        }
        try {
            TimeStampResp timeStampResp = TimeStampResp.getInstance(new ASN1InputStream(bArr).readObject());
            int intValue = timeStampResp.getStatus().getStatus().intValue();
            if (intValue != 0 && intValue != 1) {
                throw new TSPValidationException("未签名的时间戳响应，时间戳响应状态值：" + intValue + "，错误信息：\"" + timeStampResp.getStatus().getFailInfo().getString() + JSUtil.QUOTE);
            }
            ContentInfo timeStampToken = timeStampResp.getTimeStampToken();
            if (timeStampToken == null) {
                throw new TSPValidationException("找不到时间戳Token");
            }
            try {
                EzcaTimeStampToken ezcaTimeStampToken = new EzcaTimeStampToken(timeStampToken);
                CMSSignedData cMSSignedData = ezcaTimeStampToken.toCMSSignedData();
                int size = cMSSignedData.getSignerInfos().getSigners().size();
                if (size != 1) {
                    throw new TSPValidationException("错误：TimeStamp Token有" + size + "个签名，要求只能包含1个TSA签名");
                }
                Iterator it2 = ezcaTimeStampToken.getCertificates().getMatches(cMSSignedData.getSignerInfos().getSigners().iterator().next().getSID()).iterator();
                X509CertificateHolder x509CertificateHolder = it2.hasNext() ? (X509CertificateHolder) it2.next() : null;
                if (x509CertificateHolder == null) {
                    throw new TSPValidationException("找不到证书");
                }
                try {
                    return x509CertificateHolder.getEncoded();
                } catch (IOException e) {
                    throw new TSPValidationException("编码证书错误：" + e.getMessage());
                }
            } catch (IOException e2) {
                throw new TSPValidationException("时间戳响应数据格式错误：" + e2.getMessage());
            } catch (TSPException e3) {
                throw new TSPValidationException("时间戳响应数据格式错误：" + e3.getMessage());
            }
        } catch (IOException e4) {
            throw new TSPValidationException("时间戳响应数据格式错误：" + e4.getMessage());
        }
    }

    public static BigInteger getCertSN(byte[] bArr) throws TSPValidationException {
        if (bArr == null || bArr.length == 0) {
            throw new TSPValidationException("时间戳响应数据不能为空");
        }
        try {
            EzcaTimeStampResponse ezcaTimeStampResponse = new EzcaTimeStampResponse(bArr);
            int status = ezcaTimeStampResponse.getStatus();
            if (status != 0 && status != 1) {
                throw new TSPValidationException("非正常签发的时间戳响应，当前状态值：" + status);
            }
            return ezcaTimeStampResponse.getTimeStampToken().getSID().getSerialNumber();
        } catch (Exception e) {
            throw new TSPValidationException("时间戳响应数据格式错误：" + e.getMessage());
        }
    }

    private Socket getClient() throws TSPTcpIpException {
        if (!this.connStatus.get()) {
            throw new TSPTcpIpException("服务器不可用");
        }
        Socket connection = this.pool.getConnection();
        if (connection != null) {
            return connection;
        }
        throw new TSPTcpIpException("无空闲连接");
    }

    public static byte[] getHash(byte[] bArr) throws TSPValidationException {
        if (bArr == null || bArr.length == 0) {
            throw new TSPValidationException("时间戳响应数据不能为空");
        }
        try {
            EzcaTimeStampResponse ezcaTimeStampResponse = new EzcaTimeStampResponse(bArr);
            int status = ezcaTimeStampResponse.getStatus();
            if (status != 0 && status != 1) {
                throw new TSPValidationException("非正常签发的时间戳响应，当前状态值：" + status);
            }
            return ezcaTimeStampResponse.getTimeStampToken().getTimeStampInfo().getMessageImprintDigest();
        } catch (Exception e) {
            throw new TSPValidationException("时间戳响应数据格式错误：" + e.getMessage());
        }
    }

    public static BigInteger getSequential(byte[] bArr) throws TSPValidationException {
        if (bArr == null || bArr.length == 0) {
            throw new TSPValidationException("时间戳响应数据不能为空");
        }
        try {
            EzcaTimeStampResponse ezcaTimeStampResponse = new EzcaTimeStampResponse(bArr);
            int status = ezcaTimeStampResponse.getStatus();
            if (status != 0 && status != 1) {
                throw new TSPValidationException("非正常签发的时间戳响应，当前状态值：" + status);
            }
            return ezcaTimeStampResponse.getTimeStampToken().getTimeStampInfo().getSerialNumber();
        } catch (Exception e) {
            throw new TSPValidationException("时间戳响应数据格式错误：" + e.getMessage());
        }
    }

    public static Date getTime(byte[] bArr) throws TSPValidationException {
        if (bArr == null || bArr.length == 0) {
            throw new TSPValidationException("时间戳响应数据不能为空");
        }
        try {
            TimeStampResp timeStampResp = TimeStampResp.getInstance(new ASN1InputStream(bArr).readObject());
            int intValue = timeStampResp.getStatus().getStatus().intValue();
            if (intValue != 0 && intValue != 1) {
                throw new TSPValidationException("未签名的时间戳响应，时间戳响应状态值：" + intValue + "，错误信息：\"" + timeStampResp.getStatus().getFailInfo().getString() + JSUtil.QUOTE);
            }
            ContentInfo timeStampToken = timeStampResp.getTimeStampToken();
            if (timeStampToken == null) {
                throw new TSPValidationException("找不到时间戳签名时间");
            }
            try {
                return new EzcaTimeStampToken(timeStampToken).getTimeStampInfo().getGenTime();
            } catch (IOException e) {
                throw new TSPValidationException("时间戳响应数据格式错误：" + e.getMessage());
            } catch (TSPException e2) {
                throw new TSPValidationException("时间戳响应数据格式错误：" + e2.getMessage());
            }
        } catch (IOException e3) {
            throw new TSPValidationException("时间戳响应数据格式错误：" + e3.getMessage());
        }
    }

    private void init(String str, int i, int i2, int i3, int i4) throws TSPTcpIpException {
        if (str == null || "".equals(str)) {
            throw new TSPTcpIpException("IP地址不能为空");
        }
        if (!SysUtility.isValidIP(str)) {
            throw new TSPTcpIpException("无效的IP地址");
        }
        if (i < 1 || i > 65535) {
            throw new TSPTcpIpException("端口超出取值范围");
        }
        int i5 = i2 < 0 ? 0 : i2;
        int i6 = i3 < 0 ? 0 : i3;
        if (i4 < 1 || i4 > 1024) {
            throw new TSPTcpIpException("连接数超出取值范围");
        }
        this.host = str;
        this.port = i;
        close();
        try {
            this.pool = new ConnPool(i4, str, i, i5, i6);
            this.connStatus.set(true);
        } catch (IOException e) {
            throw new TSPTcpIpException("连接服务器失败：" + e.getMessage());
        }
    }

    public static void main(String[] strArr) {
        try {
            byte[] bytes = "TXFfdsfds0".getBytes();
            TS ts = new TS("192.168.7.91", 400, 0, 0, 5);
            byte[][] timeStampByData = ts.getTimeStampByData(bytes);
            byte[] bArr = timeStampByData[0];
            byte[] bArr2 = timeStampByData[1];
            System.out.println(new String(Base64.encode(bArr2)));
            System.out.println(new String(Base64.encode(ts.getSignCertByCertSN("73e8f45a927bcfac9ebe3898205be60c"))));
            verifyTimeStampByRequestAndCert(ts.getSignCertByCertSN("73e8f45a927bcfac9ebe3898205be60c"), bArr2);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    private synchronized void ping() {
        if (!this.isPing.get()) {
            this.isPing.set(true);
            new Thread(new Runnable() { // from class: com.ezca.etssapi.TS.1
                private int failureCount = 0;

                @Override // java.lang.Runnable
                public void run() {
                    int readInt;
                    byte readByte;
                    Socket socket = new Socket();
                    try {
                        socket.setSoTimeout(1000);
                        socket.connect(new InetSocketAddress(TS.this.host, TS.this.port), 1000);
                    } catch (Exception unused) {
                        TS.this.connStatus.set(false);
                    }
                    while (!TS.this.isClose) {
                        if (!TS.this.connStatus.get()) {
                            try {
                                socket.close();
                            } catch (IOException unused2) {
                            }
                            socket = new Socket();
                            try {
                                socket.setSoTimeout(1000);
                                socket.connect(new InetSocketAddress(TS.this.host, TS.this.port), 1000);
                            } catch (Exception unused3) {
                                Thread.sleep(5000L);
                            }
                        }
                        try {
                            DataInputStream dataInputStream = new DataInputStream(socket.getInputStream());
                            DataOutputStream dataOutputStream = new DataOutputStream(socket.getOutputStream());
                            dataOutputStream.writeInt(1);
                            dataOutputStream.writeByte(CertificateBody.profileType);
                            dataOutputStream.flush();
                            readInt = dataInputStream.readInt();
                            readByte = dataInputStream.readByte();
                        } catch (IOException unused4) {
                            this.failureCount++;
                        }
                        if (readInt == 1 || readByte == Byte.MAX_VALUE) {
                            this.failureCount = 0;
                            if (!TS.this.connStatus.get()) {
                                TS.this.pool.reset();
                            }
                            TS.this.connStatus.set(true);
                            break;
                        }
                        this.failureCount++;
                        int i = this.failureCount;
                        if (i == 0) {
                            try {
                                Thread.sleep(3000L);
                            } catch (InterruptedException unused5) {
                            }
                        } else if (i == 3) {
                            TS.this.connStatus.set(false);
                        }
                    }
                    TS.this.isPing.set(false);
                }
            }).start();
        }
    }

    private TSPTcpIpResponse sendTS(Socket socket, byte[] bArr) throws IOException, TSPTcpIpException {
        DataInputStream dataInputStream = new DataInputStream(socket.getInputStream());
        DataOutputStream dataOutputStream = new DataOutputStream(socket.getOutputStream());
        dataOutputStream.writeInt(bArr.length + 1);
        dataOutputStream.writeByte(0);
        dataOutputStream.write(bArr);
        dataOutputStream.flush();
        int readInt = dataInputStream.readInt();
        byte readByte = dataInputStream.readByte();
        if (readByte == 5) {
            byte[] bArr2 = new byte[readInt - 1];
            dataInputStream.readFully(bArr2);
            return new TSPTcpIpResponse(TimeStampResp.getInstance(new ASN1InputStream(bArr2).readObject()));
        }
        if (readByte == 6) {
            byte[] bArr3 = new byte[readInt - 1];
            dataInputStream.readFully(bArr3);
            return new TSPTcpIpResponse(bArr3);
        }
        dataInputStream.close();
        dataOutputStream.close();
        socket.close();
        throw new TSPTcpIpException("错误的时间戳响应数据");
    }

    private void sendTSR(Socket socket, byte b, byte[] bArr, byte[] bArr2) throws IOException, TSPValidationException {
        String str;
        DataInputStream dataInputStream = new DataInputStream(socket.getInputStream());
        DataOutputStream dataOutputStream = new DataOutputStream(socket.getOutputStream());
        int length = bArr.length;
        int length2 = bArr2.length;
        dataOutputStream.writeInt(length + length2 + 8 + 1);
        dataOutputStream.writeByte(b);
        dataOutputStream.write(ByteUtil.Int2Byte(length));
        dataOutputStream.write(bArr);
        dataOutputStream.write(ByteUtil.Int2Byte(length2));
        dataOutputStream.write(bArr2);
        dataOutputStream.flush();
        int readInt = dataInputStream.readInt();
        if (dataInputStream.readByte() != b) {
            throw new TSPValidationException("服务器返回数据错误", -1);
        }
        int readInt2 = dataInputStream.readInt();
        if (readInt2 == 0) {
            return;
        }
        byte[] bArr3 = new byte[readInt - 5];
        dataInputStream.readFully(bArr3);
        try {
            str = new String(bArr3, r.b);
        } catch (UnsupportedEncodingException unused) {
            str = "无法解析返回消息";
        }
        throw new TSPValidationException(str, readInt2);
    }

    private TSPTcpIpResponse sign(byte[] bArr) throws TSPTcpIpException {
        Socket client = getClient();
        try {
            try {
                return sendTS(client, bArr);
            } catch (IOException e) {
                e.printStackTrace();
                this.connStatus.set(false);
                ping();
                throw new TSPTcpIpException("服务器通信超时");
            }
        } finally {
            this.pool.releaseConnection(client);
        }
    }

    private byte[] tsSign(byte[] bArr) throws TSPTcpIpException {
        TSPTcpIpResponse sign = sign(bArr);
        if (sign.isErrorResponse()) {
            throw new TSPTcpIpException(sign.getErrorMsg());
        }
        try {
            return sign.getTimeStampResp().getEncoded(ASN1Encoding.DER);
        } catch (IOException e) {
            throw new TSPTcpIpException("时间戳响应编码异常：" + e.getMessage());
        }
    }

    private void verify(byte b, byte[] bArr, byte[] bArr2) throws TSPTcpIpException, TSPValidationException {
        Socket client = getClient();
        try {
            try {
                sendTSR(client, b, bArr, bArr2);
            } catch (IOException unused) {
                this.connStatus.set(false);
                ping();
                throw new TSPTcpIpException("服务器通信超时");
            }
        } finally {
            this.pool.releaseConnection(client);
        }
    }

    public static void verifyTimeStampByData(byte[] bArr, byte[] bArr2, byte[] bArr3) throws TSPValidationException {
        if (bArr2 == null || bArr2.length == 0) {
            throw new TSPValidationException("原数据不能为空");
        }
        verifyTimeStampResponseOffline((byte) 1, bArr2, bArr3);
        verifyTimeStampByRequestAndCert(bArr, bArr3);
    }

    public static void verifyTimeStampByDigest(byte[] bArr, byte[] bArr2, byte[] bArr3) throws TSPValidationException {
        if (bArr2 == null || bArr2.length == 0) {
            throw new TSPValidationException("原数据摘要不能为空");
        }
        verifyTimeStampResponseOffline((byte) 48, bArr2, bArr3);
        verifyTimeStampByRequestAndCert(bArr, bArr3);
    }

    public static void verifyTimeStampByFile(byte[] bArr, File file, byte[] bArr2) throws TSPValidationException {
        if (file == null) {
            throw new TSPValidationException("原文件不能为空");
        }
        verifyTimeStampResponseOffline((byte) 2, file, bArr2);
        verifyTimeStampByRequestAndCert(bArr, bArr2);
    }

    public static void verifyTimeStampByRequest(byte[] bArr, byte[] bArr2, byte[] bArr3) throws TSPValidationException {
        if (bArr2 == null || bArr2.length == 0) {
            throw new TSPValidationException("时间戳请求数据不能为空");
        }
        verifyTimeStampResponseOffline(TYPE_TSQ, bArr2, bArr3);
        verifyTimeStampByRequestAndCert(bArr, bArr3);
    }

    public static void verifyTimeStampByRequestAndCert(byte[] bArr, byte[] bArr2) throws TSPValidationException {
        if (bArr == null || bArr.length == 0) {
            throw new TSPValidationException("时间戳签名证书不能为空");
        }
        if (bArr2 == null || bArr2.length == 0) {
            throw new TSPValidationException("时间戳响应不能为空");
        }
        try {
            EzcaTimeStampResponse ezcaTimeStampResponse = new EzcaTimeStampResponse(bArr2);
            int status = ezcaTimeStampResponse.getStatus();
            if (status != 0 && status != 1) {
                throw new TSPValidationException("无效的时间戳响应");
            }
            EzcaTimeStampToken timeStampToken = ezcaTimeStampResponse.getTimeStampToken();
            SignerInformation next = timeStampToken.toCMSSignedData().getSignerInfos().getSigners().iterator().next();
            try {
                byte[] encodedSignedAttributes = next.getEncodedSignedAttributes();
                byte[] signature = next.getSignature();
                String nameByOid = SysObjectIdentifiers.getNameByOid(next.getEncryptionAlgOID());
                if (nameByOid.equals("RSA")) {
                    try {
                        X509CertificateHolder x509CertificateHolder = new X509CertificateHolder(bArr);
                        Certificate generateCertificate = CertificateFactory.getInstance("x.509").generateCertificate(new ByteArrayInputStream(bArr));
                        try {
                            Signature signature2 = Signature.getInstance(SysObjectIdentifiers.getNameByOid(next.getDigestAlgOID()) + "with" + nameByOid);
                            signature2.initVerify(generateCertificate);
                            if (x509CertificateHolder.getSerialNumber().compareTo(timeStampToken.getSID().getSerialNumber()) != 0) {
                                throw new TSPValidationException("签名证书与时间戳响应不一至");
                            }
                            try {
                                signature2.update(encodedSignedAttributes);
                                if (!signature2.verify(signature)) {
                                    throw new TSPValidationException("签名验证失败");
                                }
                                return;
                            } catch (SignatureException e) {
                                e.printStackTrace();
                                throw new TSPValidationException("RSA签名签验对象初始化出错");
                            }
                        } catch (Exception e2) {
                            e2.printStackTrace();
                            throw new TSPValidationException("RSA签名签验对象初始化出错");
                        }
                    } catch (IOException e3) {
                        e3.printStackTrace();
                        throw new TSPValidationException("RSA签名证书模式格式错误");
                    } catch (CertificateException e4) {
                        e4.printStackTrace();
                        throw new TSPValidationException("RSA签名证书模式格式错误");
                    }
                }
                try {
                    X509CertificateHolder x509CertificateHolder2 = new X509CertificateHolder(bArr);
                    ECPoint generationECPointCert = SysUtility.generationECPointCert(x509CertificateHolder2);
                    if (x509CertificateHolder2.getSerialNumber().compareTo(timeStampToken.getSID().getSerialNumber()) != 0) {
                        throw new TSPValidationException("签名证书与时间戳响应不一至");
                    }
                    SM2 Instance = SM2.Instance();
                    SM3Digest sM3Digest = new SM3Digest();
                    byte[] Sm2GetZ = Instance.Sm2GetZ(uid, generationECPointCert);
                    sM3Digest.update(Sm2GetZ, 0, Sm2GetZ.length);
                    sM3Digest.update(encodedSignedAttributes, 0, encodedSignedAttributes.length);
                    byte[] bArr3 = new byte[32];
                    sM3Digest.doFinal(bArr3, 0);
                    try {
                        ASN1Sequence aSN1Sequence = (ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(signature)).readObject();
                        ASN1Integer aSN1Integer = ASN1Integer.getInstance(aSN1Sequence.getObjectAt(0));
                        ASN1Integer aSN1Integer2 = ASN1Integer.getInstance(aSN1Sequence.getObjectAt(1));
                        byte[] byteArray = aSN1Integer.getValue().toByteArray();
                        byte[] byteArray2 = aSN1Integer2.getValue().toByteArray();
                        byte[] bArr4 = new byte[32];
                        byte[] bArr5 = new byte[32];
                        System.arraycopy(byteArray, byteArray.length - 32, bArr4, 0, 32);
                        System.arraycopy(byteArray2, byteArray2.length - 32, bArr5, 0, 32);
                        SM2Result sM2Result = new SM2Result();
                        sM2Result.r = new BigInteger(1, bArr4);
                        sM2Result.s = new BigInteger(1, bArr5);
                        Instance.Sm2Verify(bArr3, generationECPointCert, sM2Result.r, sM2Result.s, sM2Result);
                        if (!sM2Result.r.equals(sM2Result.R)) {
                            throw new TSPValidationException("签名验证失败");
                        }
                    } catch (IOException e5) {
                        e5.printStackTrace();
                        throw new TSPValidationException("SM2签名签验对象初始化出错");
                    }
                } catch (Exception unused) {
                    throw new TSPValidationException("时间戳签名证书格式错误");
                }
            } catch (IOException unused2) {
                throw new TSPValidationException("取签名数据出错");
            }
        } catch (Exception e6) {
            e6.printStackTrace();
            throw new TSPValidationException("时间戳响应数据格式错误");
        }
    }

    private void verifyTimeStampResponse(byte b, Object obj, byte[] bArr) throws TSPValidationException {
        if (bArr == null || bArr.length == 0) {
            throw new TSPValidationException("时间戳响应数据不能为空");
        }
        try {
            TimeStampResp timeStampResp = TimeStampResp.getInstance(new ASN1InputStream(bArr).readObject());
            int intValue = timeStampResp.getStatus().getStatus().intValue();
            if (intValue != 0 && intValue != 1) {
                throw new TSPValidationException("时间戳响应状态错误");
            }
            ContentInfo timeStampToken = timeStampResp.getTimeStampToken();
            if (timeStampToken == null) {
                throw new TSPValidationException("找不到时间戳");
            }
            try {
                TSTInfo aSN1Structure = new EzcaTimeStampToken(timeStampToken).getTimeStampInfo().toASN1Structure();
                byte[] bArr2 = null;
                if (b == 1) {
                    try {
                        bArr2 = MessageDigest.getInstance(SysObjectIdentifiers.getNameByOid(aSN1Structure.getMessageImprint().getHashAlgorithm().getAlgorithm().getId())).digest((byte[]) obj);
                    } catch (NoSuchAlgorithmException e) {
                        throw new TSPValidationException("不支持时间戳响应中的摘要算法：" + e.getMessage());
                    }
                } else if (b == 2) {
                    try {
                        bArr2 = CryptoUtil.hashBig(SysObjectIdentifiers.getNameByOid(aSN1Structure.getMessageImprint().getHashAlgorithm().getAlgorithm().getId()), (File) obj);
                    } catch (IOException e2) {
                        throw new TSPValidationException("原文件读写错误：" + e2.getMessage());
                    } catch (NoSuchAlgorithmException e3) {
                        throw new TSPValidationException("不支持时间戳响应中的摘要算法：" + e3.getMessage());
                    }
                } else if (b == 48) {
                    bArr2 = (byte[]) obj;
                } else if (b == 49) {
                    try {
                        verify(TYPE_TSQ, (byte[]) obj, bArr);
                        return;
                    } catch (TSPTcpIpException e4) {
                        throw new TSPValidationException("通信异常：" + e4.getMessage());
                    }
                }
                if (!aSN1Structure.getMessageImprint().equals(new MessageImprint(aSN1Structure.getMessageImprint().getHashAlgorithm(), bArr2))) {
                    throw new TSPValidationException("摘要不一致");
                }
                try {
                    verify((byte) 48, bArr2, bArr);
                } catch (TSPTcpIpException e5) {
                    throw new TSPValidationException("通信异常：" + e5.getMessage());
                }
            } catch (IOException unused) {
                throw new TSPValidationException("时间戳响应数据格式错误");
            } catch (TSPException unused2) {
                throw new TSPValidationException("时间戳响应数据格式错误");
            }
        } catch (IOException unused3) {
            throw new TSPValidationException("时间戳响应数据格式错误");
        }
    }

    private static void verifyTimeStampResponseOffline(byte b, Object obj, byte[] bArr) throws TSPValidationException {
        if (bArr == null || bArr.length == 0) {
            throw new TSPValidationException("时间戳响应数据不能为空");
        }
        try {
            TimeStampResp timeStampResp = TimeStampResp.getInstance(new ASN1InputStream(bArr).readObject());
            int intValue = timeStampResp.getStatus().getStatus().intValue();
            if (intValue != 0 && intValue != 1) {
                throw new TSPValidationException("时间戳响应状态错误");
            }
            ContentInfo timeStampToken = timeStampResp.getTimeStampToken();
            if (timeStampToken == null) {
                throw new TSPValidationException("找不到时间戳");
            }
            try {
                TSTInfo aSN1Structure = new EzcaTimeStampToken(timeStampToken).getTimeStampInfo().toASN1Structure();
                byte[] bArr2 = null;
                if (b == 1) {
                    try {
                        bArr2 = MessageDigest.getInstance(SysObjectIdentifiers.getNameByOid(aSN1Structure.getMessageImprint().getHashAlgorithm().getAlgorithm().getId())).digest((byte[]) obj);
                    } catch (NoSuchAlgorithmException e) {
                        throw new TSPValidationException("不支持时间戳响应中的摘要算法：" + e.getMessage());
                    }
                } else if (b == 2) {
                    try {
                        bArr2 = CryptoUtil.hashBig(SysObjectIdentifiers.getNameByOid(aSN1Structure.getMessageImprint().getHashAlgorithm().getAlgorithm().getId()), (File) obj);
                    } catch (IOException e2) {
                        throw new TSPValidationException("原文件读写错误：" + e2.getMessage());
                    } catch (NoSuchAlgorithmException e3) {
                        throw new TSPValidationException("不支持时间戳响应中的摘要算法：" + e3.getMessage());
                    }
                } else if (b == 48) {
                    bArr2 = (byte[]) obj;
                } else if (b == 49) {
                    try {
                        bArr2 = new TimeStampRequest((byte[]) obj).getMessageImprintDigest();
                    } catch (Exception e4) {
                        throw new TSPValidationException("读时间戳请求错误：" + e4.getMessage());
                    }
                }
                if (!aSN1Structure.getMessageImprint().equals(new MessageImprint(aSN1Structure.getMessageImprint().getHashAlgorithm(), bArr2))) {
                    throw new TSPValidationException("摘要不一致");
                }
            } catch (IOException unused) {
                throw new TSPValidationException("时间戳响应数据格式错误");
            } catch (TSPException unused2) {
                throw new TSPValidationException("时间戳响应数据格式错误");
            }
        } catch (IOException unused3) {
            throw new TSPValidationException("时间戳响应数据格式错误");
        }
    }

    public void close() {
        ConnPool connPool = this.pool;
        if (connPool != null) {
            connPool.releaseAllConnection();
        }
        this.isClose = true;
    }

    public byte[] getSignCertByCertSN(String str) throws TSPValidationException, TSPTcpIpException, IOException {
        if (str.equals("")) {
            throw new TSPValidationException("时间戳签名证书序列号不能为空");
        }
        byte[] decode = HEX.decode(str);
        if (decode != null) {
            return getSignCertByCertSN(decode);
        }
        throw new TSPValidationException("时间戳签名证书序列号模式错误");
    }

    public byte[] getSignCertByCertSN(BigInteger bigInteger) throws TSPValidationException, TSPTcpIpException, IOException {
        if (bigInteger != null) {
            return getSignCertByCertSN(bigInteger.toByteArray());
        }
        throw new TSPValidationException("时间戳签名证书序列号不能为空");
    }

    public byte[] getSignCertByCertSN(byte[] bArr) throws TSPValidationException, TSPTcpIpException, IOException {
        if (bArr == null) {
            throw new TSPValidationException("时间戳签名证书序列号不能为空");
        }
        Socket client = getClient();
        DataInputStream dataInputStream = new DataInputStream(client.getInputStream());
        DataOutputStream dataOutputStream = new DataOutputStream(client.getOutputStream());
        dataOutputStream.writeInt(bArr.length + 1);
        dataOutputStream.writeByte(99);
        dataOutputStream.write(bArr);
        dataOutputStream.flush();
        int readInt = dataInputStream.readInt();
        if (dataInputStream.readByte() != 99) {
            dataInputStream.close();
            dataOutputStream.close();
            client.close();
            throw new TSPTcpIpException("通过签名证书序列号取得签名证书出错");
        }
        int i = readInt - 1;
        byte[] bArr2 = new byte[i];
        dataInputStream.readFully(bArr2);
        if (i != 1) {
            return bArr2;
        }
        throw new TSPTcpIpException("通过当前证书序列号未找到对应签名证书");
    }

    public String getSyncInfo() throws TSPTcpIpException, IOException {
        Socket client = getClient();
        DataInputStream dataInputStream = new DataInputStream(client.getInputStream());
        DataOutputStream dataOutputStream = new DataOutputStream(client.getOutputStream());
        dataOutputStream.writeInt(1);
        dataOutputStream.writeByte(7);
        dataOutputStream.flush();
        int readInt = dataInputStream.readInt();
        if (dataInputStream.readByte() == 7) {
            byte[] bArr = new byte[readInt - 1];
            dataInputStream.readFully(bArr);
            return new String(bArr);
        }
        dataInputStream.close();
        dataOutputStream.close();
        client.close();
        throw new TSPTcpIpException("获取当前数据同步信息出错");
    }

    public byte[][] getTimeStampByData(String str, byte[] bArr, String str2, BigInteger bigInteger, boolean z) throws TSPTcpIpException {
        if (str == null || "".equals(str)) {
            throw new TSPTcpIpException("摘要算法参数不能为空");
        }
        String upperCase = str.toUpperCase();
        if (SysObjectIdentifiers.getOidByName(upperCase) == null) {
            throw new TSPTcpIpException("不支持的摘要算法");
        }
        if (bArr == null || bArr.length == 0) {
            throw new TSPTcpIpException("数据不能为空");
        }
        try {
            return getTimeStampByDigest(upperCase, upperCase.equals(AlgorithmConstants.SM3_SymAlg) ? SysUtility.SM3ToHash(bArr) : CryptoUtil.hash(upperCase, bArr), str2, bigInteger, z);
        } catch (NoSuchAlgorithmException e) {
            throw new TSPTcpIpException("不支持的摘要算法：" + e.getMessage());
        }
    }

    public byte[][] getTimeStampByData(byte[] bArr) throws TSPTcpIpException {
        return getTimeStampByData(SysObjectIdentifiers.SHA1[0], bArr, null, null, false);
    }

    public byte[][] getTimeStampByDigest(String str, byte[] bArr, String str2, BigInteger bigInteger, boolean z) throws TSPTcpIpException {
        byte[] generateTimeStampRequestByDigest = generateTimeStampRequestByDigest(str, bArr, str2, bigInteger, z);
        return new byte[][]{generateTimeStampRequestByDigest, tsSign(generateTimeStampRequestByDigest)};
    }

    public byte[][] getTimeStampByDigest(byte[] bArr) throws TSPTcpIpException {
        return getTimeStampByDigest(SysObjectIdentifiers.SHA1[0], bArr, null, null, false);
    }

    public byte[][] getTimeStampByFile(File file) throws TSPTcpIpException {
        return getTimeStampByFile(SysObjectIdentifiers.SHA1[0], file, null, null, false);
    }

    public byte[][] getTimeStampByFile(String str, File file, String str2, BigInteger bigInteger, boolean z) throws TSPTcpIpException {
        if (str == null || "".equals(str)) {
            throw new TSPTcpIpException("摘要算法参数不能为空");
        }
        if (SysObjectIdentifiers.getOidByName(str) == null) {
            throw new TSPTcpIpException("不支持的摘要算法");
        }
        if (file == null) {
            throw new TSPTcpIpException("文件不能为空");
        }
        try {
            return getTimeStampByDigest(str, CryptoUtil.hashBig(str, file), str2, bigInteger, z);
        } catch (IOException e) {
            throw new TSPTcpIpException("读文件错误：" + e.getMessage());
        } catch (NoSuchAlgorithmException e2) {
            throw new TSPTcpIpException("不支持的摘要算法：" + e2.getMessage());
        }
    }

    public boolean isAvailable() {
        return this.connStatus.get();
    }

    public boolean setupLogSyncTime(String str) throws TSPTcpIpException, IOException, TSPValidationException {
        if (str.length() != 5) {
            throw new TSPValidationException("同步时间设置错误");
        }
        if (!str.contains(Constants.COLON_SEPARATOR)) {
            throw new TSPValidationException("同步时间设置错误");
        }
        String[] split = str.split(Constants.COLON_SEPARATOR);
        try {
            int intValue = Integer.valueOf(split[0]).intValue();
            int intValue2 = Integer.valueOf(split[1]).intValue();
            if (intValue > 23 || intValue2 > 56) {
                throw new TSPValidationException("同步时间设置错误");
            }
            Socket client = getClient();
            DataInputStream dataInputStream = new DataInputStream(client.getInputStream());
            DataOutputStream dataOutputStream = new DataOutputStream(client.getOutputStream());
            byte[] bytes = str.getBytes();
            dataOutputStream.writeInt(bytes.length + 1);
            dataOutputStream.writeByte(6);
            dataOutputStream.write(bytes);
            dataOutputStream.flush();
            int readInt = dataInputStream.readInt();
            if (dataInputStream.readByte() != 6) {
                dataInputStream.close();
                dataOutputStream.close();
                client.close();
                throw new TSPTcpIpException("设置时间戳服务器日志同步时间出错");
            }
            byte[] bArr = new byte[readInt - 1];
            dataInputStream.readFully(bArr);
            String str2 = new String(bArr);
            if (str2.equals("")) {
                return true;
            }
            throw new TSPTcpIpException(str2);
        } catch (Exception unused) {
            throw new TSPValidationException("同步时间设置错误");
        }
    }

    public void verifyTimeStampByData(byte[] bArr, byte[] bArr2) throws TSPValidationException {
        if (bArr == null || bArr.length == 0) {
            throw new TSPValidationException("原数据不能为空");
        }
        verifyTimeStampResponse((byte) 1, bArr, bArr2);
    }

    public void verifyTimeStampByDigest(byte[] bArr, byte[] bArr2) throws TSPValidationException {
        if (bArr == null || bArr.length == 0) {
            throw new TSPValidationException("原数据摘要不能为空");
        }
        verifyTimeStampResponse((byte) 48, bArr, bArr2);
    }

    public void verifyTimeStampByFile(File file, byte[] bArr) throws TSPValidationException {
        if (file == null) {
            throw new TSPValidationException("原文件不能为空");
        }
        verifyTimeStampResponse((byte) 2, file, bArr);
    }

    public void verifyTimeStampByRequest(byte[] bArr, byte[] bArr2) throws TSPValidationException {
        if (bArr == null || bArr.length == 0) {
            throw new TSPValidationException("时间戳请求数据不能为空");
        }
        verifyTimeStampResponse(TYPE_TSQ, bArr, bArr2);
    }
}
