package pax.util;

import android.util.Base64;
import com.U8.reader.ERROR;
import com.huawei.hms.aaid.constant.AaidIdConstant;
import com.huawei.hms.framework.common.ContainerUtils;
import com.pax.api.BaseException;
import com.pax.api.PedException;
import com.pax.api.PedManager;
import com.pax.api.PiccException;
import com.pax.api.model.ST_RSA_KEY;
import com.xiaomi.mipush.sdk.Constants;
import java.nio.ByteBuffer;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;

/* loaded from: classes49.dex */
public class CertReqMaker {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes49.dex */
    public class CERT_REQ {
        byte[] body;
        byte[] header;
        byte[] signAlg;
        byte[] signData;

        private CERT_REQ() {
            this.header = new byte[4];
        }

        /* synthetic */ CERT_REQ(CertReqMaker certReqMaker, CERT_REQ cert_req) {
            this();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes49.dex */
    public class CERT_REQ_BODY {
        byte[] body_serial;
        byte[] public_key_exp;
        byte[] public_key_mod;
        String subject_city;
        String subject_cn;
        String subject_common_name;
        String subject_email;
        String subject_org;
        String subject_org_un;
        String subject_prov;

        CERT_REQ_BODY() {
        }
    }

    private byte[] BuildPKCS1Padding(byte[] bArr) {
        byte[] bArr2 = new byte[256];
        byte[] bArr3 = {0, PedManager.PED_SM2_PVT_KEY, 49, PedManager.PED_SM2_PVT_KEY, 13, 6, 9, 96, -122, ERROR.PARAMETER_INVALID_OUTPUT_POWER_OUT_OF_RANGE, 1, BaseException.NO_PERMISSION_ERROR, 3, 4, 2, 1, 5, 0, 4, 32};
        Arrays.fill(bArr2, (byte) -1);
        ByteBuffer wrap = ByteBuffer.wrap(bArr2);
        wrap.put((byte) 0);
        wrap.put((byte) 1);
        wrap.position(204);
        wrap.put(bArr3);
        wrap.put(bArr);
        return wrap.array();
    }

    private byte[] buildBodyBase(byte[] bArr) {
        byte[] bArr2 = new byte[32];
        ByteBuffer wrap = ByteBuffer.wrap(bArr2);
        wrap.put((byte) 2);
        wrap.put((byte) bArr.length);
        wrap.put(bArr);
        int length = 2 + bArr.length;
        byte[] bArr3 = new byte[length];
        memcpy(bArr3, 0, bArr2, 0, length);
        return bArr3;
    }

    private byte[] buildCN(String str) {
        byte[] bArr = {6, 3, ERROR.COPYRIGHT_AUTHENTICATION_FAIL, 4, 6};
        byte[] bArr2 = new byte[32];
        ByteBuffer wrap = ByteBuffer.wrap(bArr2);
        wrap.put((byte) 49);
        wrap.put((byte) (bArr.length + 2 + 2 + str.length()));
        wrap.put(PedManager.PED_SM2_PVT_KEY);
        wrap.put((byte) (bArr.length + 2 + str.length()));
        wrap.put(bArr);
        wrap.put(PiccException.CARD_NO_ACTIVATION);
        wrap.put((byte) str.length());
        wrap.put(str.getBytes());
        int i = bArr2[1] + 2;
        byte[] bArr3 = new byte[i];
        memcpy(bArr3, 0, bArr2, 0, i);
        return bArr3;
    }

    private byte[] buildCertReqBody(CERT_REQ_BODY cert_req_body) {
        byte[] buildBodyBase = buildBodyBase(cert_req_body.body_serial);
        byte[] buildIssuerOrSubject = buildIssuerOrSubject(cert_req_body.subject_cn, cert_req_body.subject_prov, cert_req_body.subject_city, cert_req_body.subject_org, cert_req_body.subject_org_un, cert_req_body.subject_common_name, cert_req_body.subject_email);
        byte[] buildPubKey = buildPubKey(cert_req_body.public_key_mod, cert_req_body.public_key_exp);
        short length = (short) (buildBodyBase.length + buildIssuerOrSubject.length + buildPubKey.length);
        byte[] shortToByteArray = shortToByteArray(length);
        byte[] bArr = new byte[4 + length];
        ByteBuffer wrap = ByteBuffer.wrap(bArr);
        wrap.put(new byte[]{PedManager.PED_SM2_PVT_KEY, -126});
        wrap.put(shortToByteArray);
        wrap.put(buildBodyBase);
        wrap.put(buildIssuerOrSubject);
        wrap.put(buildPubKey);
        return bArr;
    }

    private byte[] buildCommonName(String str) {
        byte[] bArr = {6, 3, ERROR.COPYRIGHT_AUTHENTICATION_FAIL, 4, 3};
        byte[] bArr2 = new byte[32];
        ByteBuffer wrap = ByteBuffer.wrap(bArr2);
        wrap.put((byte) 49);
        wrap.put((byte) (bArr.length + 2 + 2 + str.length()));
        wrap.put(PedManager.PED_SM2_PVT_KEY);
        wrap.put((byte) (bArr.length + 2 + str.length()));
        wrap.put(bArr);
        wrap.put((byte) 12);
        wrap.put((byte) str.length());
        wrap.put(str.getBytes());
        int i = bArr2[1] + 2;
        byte[] bArr3 = new byte[i];
        memcpy(bArr3, 0, bArr2, 0, i);
        return bArr3;
    }

    private byte[] buildEmail(String str) {
        byte[] bArr = {6, 9, 42, -122, ERROR.PARAMETER_INVALID_OUTPUT_POWER_OUT_OF_RANGE, -122, -9, 13, 1, 9, 1};
        byte[] bArr2 = new byte[64];
        ByteBuffer wrap = ByteBuffer.wrap(bArr2);
        wrap.put((byte) 49);
        wrap.put((byte) (bArr.length + 2 + 2 + str.length()));
        wrap.put(PedManager.PED_SM2_PVT_KEY);
        wrap.put((byte) (bArr.length + 2 + str.length()));
        wrap.put(bArr);
        wrap.put((byte) 22);
        wrap.put((byte) str.length());
        wrap.put(str.getBytes());
        int i = bArr2[1] + 2;
        byte[] bArr3 = new byte[i];
        memcpy(bArr3, 0, bArr2, 0, i);
        return bArr3;
    }

    private byte[] buildIssuerOrSubject(String str, String str2, String str3, String str4, String str5, String str6, String str7) {
        int i;
        byte[] bArr = new byte[512];
        byte[] buildCN = str.length() > 0 ? buildCN(str) : str.getBytes();
        byte[] buildST = str2.length() > 0 ? buildST(str2) : str2.getBytes();
        byte[] buildL = str3.length() > 0 ? buildL(str3) : str3.getBytes();
        byte[] buildOrg = str4.length() > 0 ? buildOrg(str4) : str4.getBytes();
        byte[] buildUnitName = str5.length() > 0 ? buildUnitName(str5) : str5.getBytes();
        byte[] buildCommonName = str6.length() > 0 ? buildCommonName(str6) : str6.getBytes();
        byte[] buildEmail = str7.length() > 0 ? buildEmail(str7) : str7.getBytes();
        int length = buildCN.length + buildST.length + buildL.length + buildOrg.length + buildUnitName.length + buildCommonName.length + buildEmail.length;
        bArr[0] = PedManager.PED_SM2_PVT_KEY;
        if (length < 127) {
            bArr[1] = (byte) length;
            i = 2;
        } else {
            bArr[1] = -127;
            bArr[2] = (byte) length;
            i = 3;
        }
        ByteBuffer wrap = ByteBuffer.wrap(bArr);
        wrap.position(i);
        wrap.put(buildCN);
        wrap.put(buildST);
        wrap.put(buildL);
        wrap.put(buildOrg);
        wrap.put(buildUnitName);
        wrap.put(buildCommonName);
        wrap.put(buildEmail);
        int i2 = i + length;
        byte[] bArr2 = new byte[i2];
        memcpy(bArr2, 0, bArr, 0, i2);
        return bArr2;
    }

    private byte[] buildL(String str) {
        byte[] bArr = {6, 3, ERROR.COPYRIGHT_AUTHENTICATION_FAIL, 4, 7};
        byte[] bArr2 = new byte[32];
        ByteBuffer wrap = ByteBuffer.wrap(bArr2);
        wrap.put((byte) 49);
        wrap.put((byte) (bArr.length + 2 + 2 + str.length()));
        wrap.put(PedManager.PED_SM2_PVT_KEY);
        wrap.put((byte) (bArr.length + 2 + str.length()));
        wrap.put(bArr);
        wrap.put((byte) 12);
        wrap.put((byte) str.length());
        wrap.put(str.getBytes());
        int i = bArr2[1] + 2;
        byte[] bArr3 = new byte[i];
        memcpy(bArr3, 0, bArr2, 0, i);
        return bArr3;
    }

    private byte[] buildOrg(String str) {
        byte[] bArr = {6, 3, ERROR.COPYRIGHT_AUTHENTICATION_FAIL, 4, 10};
        byte[] bArr2 = new byte[32];
        ByteBuffer wrap = ByteBuffer.wrap(bArr2);
        wrap.put((byte) 49);
        wrap.put((byte) (bArr.length + 2 + 2 + str.length()));
        wrap.put(PedManager.PED_SM2_PVT_KEY);
        wrap.put((byte) (bArr.length + 2 + str.length()));
        wrap.put(bArr);
        wrap.put((byte) 12);
        wrap.put((byte) str.length());
        wrap.put(str.getBytes());
        int i = bArr2[1] + 2;
        byte[] bArr3 = new byte[i];
        memcpy(bArr3, 0, bArr2, 0, i);
        return bArr3;
    }

    private byte[] buildPubKey(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[512];
        byte[] bArr4 = {PedManager.PED_SM2_PVT_KEY, -126, 1, 34};
        byte[] bArr5 = {PedManager.PED_SM2_PVT_KEY, 13, 6, 9, 42, -122, ERROR.PARAMETER_INVALID_OUTPUT_POWER_OUT_OF_RANGE, -122, -9, 13, 1, 1, 1, 5};
        byte[] bArr6 = {3, -126, 1, 15, 0, PedManager.PED_SM2_PVT_KEY, -126, 1, 10, 2, -126, 1, 1};
        ByteBuffer wrap = ByteBuffer.wrap(bArr3);
        wrap.put(bArr4);
        wrap.put(bArr5);
        wrap.put(bArr6);
        wrap.put(bArr);
        byte[] bArr7 = {2, 3};
        memcpy(bArr7, 2, bArr2, 0, 3);
        wrap.put(bArr7);
        int length = bArr4.length + bArr5.length + bArr6.length + bArr.length + bArr7.length;
        byte[] bArr8 = new byte[length];
        memcpy(bArr8, 0, bArr3, 0, length);
        return bArr8;
    }

    private byte[] buildReq(CERT_REQ cert_req) {
        short length = (short) (cert_req.body.length + cert_req.signAlg.length + cert_req.signData.length);
        byte[] shortToByteArray = shortToByteArray(length);
        cert_req.header[0] = PedManager.PED_SM2_PVT_KEY;
        cert_req.header[1] = -126;
        cert_req.header[2] = shortToByteArray[0];
        cert_req.header[3] = shortToByteArray[1];
        byte[] bArr = new byte[cert_req.header.length + length];
        ByteBuffer wrap = ByteBuffer.wrap(bArr);
        wrap.put(cert_req.header);
        wrap.put(cert_req.body);
        wrap.put(cert_req.signAlg);
        wrap.put(cert_req.signData);
        return bArr;
    }

    private byte[] buildST(String str) {
        byte[] bArr = {6, 3, ERROR.COPYRIGHT_AUTHENTICATION_FAIL, 4, 8};
        byte[] bArr2 = new byte[32];
        ByteBuffer wrap = ByteBuffer.wrap(bArr2);
        wrap.put((byte) 49);
        wrap.put((byte) (bArr.length + 2 + 2 + str.length()));
        wrap.put(PedManager.PED_SM2_PVT_KEY);
        wrap.put((byte) (bArr.length + 2 + str.length()));
        wrap.put(bArr);
        wrap.put((byte) 12);
        wrap.put((byte) str.length());
        wrap.put(str.getBytes());
        int i = bArr2[1] + 2;
        byte[] bArr3 = new byte[i];
        memcpy(bArr3, 0, bArr2, 0, i);
        return bArr3;
    }

    private byte[] buildSignAlg() {
        return new byte[]{PedManager.PED_SM2_PVT_KEY, 13, 6, 9, 42, -122, ERROR.PARAMETER_INVALID_OUTPUT_POWER_OUT_OF_RANGE, -122, -9, 13, 1, 1, 11, 5};
    }

    private byte[] buildSignData(byte[] bArr) {
        byte[] bArr2 = {3, -126, 1, 1};
        byte[] bArr3 = new byte[bArr2.length + bArr.length];
        memcpy(bArr3, 0, bArr2, 0, bArr2.length);
        memcpy(bArr3, bArr2.length, bArr, 0, bArr.length);
        return bArr3;
    }

    private byte[] buildUnitName(String str) {
        byte[] bArr = {6, 3, ERROR.COPYRIGHT_AUTHENTICATION_FAIL, 4, 11};
        byte[] bArr2 = new byte[32];
        ByteBuffer wrap = ByteBuffer.wrap(bArr2);
        wrap.put((byte) 49);
        wrap.put((byte) (bArr.length + 2 + 2 + str.length()));
        wrap.put(PedManager.PED_SM2_PVT_KEY);
        wrap.put((byte) (bArr.length + 2 + str.length()));
        wrap.put(bArr);
        wrap.put((byte) 12);
        wrap.put((byte) str.length());
        wrap.put(str.getBytes());
        int i = bArr2[1] + 2;
        byte[] bArr3 = new byte[i];
        memcpy(bArr3, 0, bArr2, 0, i);
        return bArr3;
    }

    private void checkCertReq(CERT_REQ_BODY cert_req_body) {
        if (cert_req_body.subject_cn == null) {
            cert_req_body.subject_cn = "";
        }
        if (cert_req_body.subject_prov == null) {
            cert_req_body.subject_prov = "";
        }
        if (cert_req_body.subject_city == null) {
            cert_req_body.subject_city = "";
        }
        if (cert_req_body.subject_org == null) {
            cert_req_body.subject_org = "";
        }
        if (cert_req_body.subject_org_un == null) {
            cert_req_body.subject_org_un = "";
        }
        if (cert_req_body.subject_common_name == null) {
            cert_req_body.subject_common_name = "";
        }
        if (cert_req_body.subject_email == null) {
            cert_req_body.subject_email = "";
        }
    }

    private CERT_REQ_BODY fillCertReqBody(byte b, Map<String, String> map) throws PedException {
        CERT_REQ_BODY cert_req_body = new CERT_REQ_BODY();
        cert_req_body.body_serial = new byte[1];
        cert_req_body.subject_cn = map.get("C");
        cert_req_body.subject_prov = map.get("ST");
        cert_req_body.subject_city = map.get("L");
        cert_req_body.subject_org = map.get("O");
        cert_req_body.subject_org_un = map.get("OU");
        cert_req_body.subject_common_name = map.get("CN");
        cert_req_body.subject_email = map.get("E");
        checkCertReq(cert_req_body);
        ST_RSA_KEY pedReadRsaKey = PedManager.getInstance().pedReadRsaKey(b);
        cert_req_body.public_key_mod = new byte[pedReadRsaKey.iModulusLen / 8];
        memcpy(cert_req_body.public_key_mod, 0, pedReadRsaKey.aucModulus, 512 - cert_req_body.public_key_mod.length, cert_req_body.public_key_mod.length);
        cert_req_body.public_key_exp = new byte[3];
        memcpy(cert_req_body.public_key_exp, 0, pedReadRsaKey.aucExponent, pedReadRsaKey.aucExponent.length - 3, 3);
        log("public_key_mod:" + pedReadRsaKey.aucModulus);
        log("public_key_mod:" + pedReadRsaKey.iModulusLen);
        log("public_key_mod:" + pedReadRsaKey.aucExponent);
        log("public_key_exp:" + pedReadRsaKey.iExponentLen);
        return cert_req_body;
    }

    private byte[] getPaddingHash256(byte[] bArr) {
        return BuildPKCS1Padding(getSHA256Java(bArr));
    }

    private byte[] getSHA256Java(byte[] bArr) {
        byte[] bArr2 = null;
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(AaidIdConstant.SIGNATURE_SHA256);
            messageDigest.update(bArr);
            bArr2 = messageDigest.digest();
            return bArr2;
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            return bArr2;
        }
    }

    private void log(String str) {
        PaxUtil.log("CertReqMaker", str);
    }

    private void memcpy(byte[] bArr, int i, byte[] bArr2, int i2, int i3) {
        System.arraycopy(bArr2, i2, bArr, i, i3);
    }

    private Map<String, String> parseDN(String str) {
        HashMap hashMap = new HashMap();
        for (String str2 : str.split(Constants.ACCEPT_TIME_SEPARATOR_SP)) {
            String[] split = str2.split(ContainerUtils.KEY_VALUE_DELIMITER);
            if (split.length == 2) {
                hashMap.put(split[0], split[1]);
            }
        }
        return hashMap;
    }

    private byte[] shortToByteArray(short s) {
        return new byte[]{(byte) ((s >> 8) & 255), (byte) (s & 255)};
    }

    public String genCertReq(byte b, byte b2, String str) throws PedException {
        byte[] buildCertReqBody = buildCertReqBody(fillCertReqBody(b, parseDN(str)));
        byte[] paddingHash256 = getPaddingHash256(buildCertReqBody);
        log("hash256:" + Arrays.toString(paddingHash256));
        byte[] buildSignData = buildSignData(PedManager.getInstance().pedRsaRecover(b2, paddingHash256).pucData);
        byte[] buildSignAlg = buildSignAlg();
        CERT_REQ cert_req = new CERT_REQ(this, null);
        cert_req.body = buildCertReqBody;
        cert_req.signAlg = buildSignAlg;
        cert_req.signData = buildSignData;
        return String.valueOf(String.valueOf("-----BEGIN CERTIFICATE REQUEST-----\n") + new String(Base64.encode(buildReq(cert_req), 0))) + "-----END CERTIFICATE REQUEST-----\n";
    }
}
