package com.kinggrid.pdfviewer.action.ofd;

import com.alibaba.fastjson.JSONObject;
import com.kgofd.commons.KGCommonUtils;
import com.kgofd.commons.KGDateUtils;
import com.kgofd.encrypt.KGBase64;
import com.kgofd.encrypt.KGSM3Digest;
import com.kgofd.encrypt.SM2;
import com.kgofd.ofd.utils.KGOfdUtils;
import com.kinggrid.pdfviewer.Contants;
import com.kinggrid.pdfviewer.License;
import com.kinggrid.pdfviewer.PVHttpUtil;
import com.kinggrid.pdfviewer.PdfActionInter;
import com.kinggrid.pdfviewer.PdfFileResource;
import com.kinggrid.pdfviewer.PdfFileResourceManager;
import com.kinggrid.pdfviewer.ofd.OfdUtils;
import com.kinggrid.pdfviewer.utils.StampUtils;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.text.ParseException;
import java.util.Date;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.lingala.zip4j.core.ZipFile;
import net.lingala.zip4j.exception.ZipException;
import net.lingala.zip4j.io.ZipInputStream;
import org.dom4j.Document;
import org.dom4j.DocumentException;
import org.dom4j.Element;
import org.kg.bouncycastle.asn1.ASN1InputStream;
import org.kg.bouncycastle.asn1.ASN1Sequence;
import org.kg.bouncycastle.asn1.DERSequence;
import org.kg.bouncycastle.asn1.x509.Certificate;
import org.kg.bouncycastle.asn1.x509.X509CertificateStructure;
import org.kg.bouncycastle.util.encoders.Hex;

/* loaded from: input_file:com/kinggrid/pdfviewer/action/ofd/VerifySealOfdAction.class */
public class VerifySealOfdAction implements PdfActionInter {
    @Override // com.kinggrid.pdfviewer.PdfActionInter
    public void execute(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, JSONObject jSONObject, PdfFileResource pdfFileResource) throws IOException {
        String string = jSONObject.getString("documentId");
        int intValue = jSONObject.getIntValue("page");
        float floatValue = jSONObject.getFloatValue("x");
        float floatValue2 = jSONObject.getFloatValue("y");
        if (pdfFileResource == null) {
            pdfFileResource = PdfFileResourceManager.getPdfFileResource();
        }
        pdfFileResource.init(httpServletRequest, httpServletResponse, str, string, "1");
        JSONObject jSONObject2 = new JSONObject();
        try {
            ZipFile zipFile = OfdUtils.getOfdHummer(pdfFileResource.getPdfFile(), jSONObject.getString("pdfPwd")).getZipFile();
            Map<String, Object> ofdSignOfXY = OfdUtils.getOfdSignOfXY(zipFile, intValue, floatValue, floatValue2);
            if (ofdSignOfXY != null) {
                JSONObject parseSeal = parseSeal((String) ofdSignOfXY.get("signedValuePath"), zipFile, jSONObject);
                parseSeal.put("idx", (String) ofdSignOfXY.get("idx"));
                jSONObject2.put("status", true);
                jSONObject2.put("seal", parseSeal);
            } else {
                jSONObject2.put("status", false);
                jSONObject2.put("message", "印章已被删除，请刷新页面重新加载文档！");
            }
            jSONObject2.put("companyName", License.getCompanyName());
            httpServletResponse.getWriter().write(jSONObject2.toJSONString());
        } catch (Exception e) {
            throw new RuntimeException(e.getMessage(), e);
        }
    }

    /* JADX WARN: Finally extract failed */
    private JSONObject parseSeal(String str, ZipFile zipFile, JSONObject jSONObject) throws ZipException, IOException, DocumentException {
        Date parseUTC2Date;
        byte[] bytes;
        byte[] octets;
        JSONObject jSONObject2 = new JSONObject();
        String substring = str.substring(0, str.lastIndexOf("/"));
        jSONObject2.put("signPath", substring);
        jSONObject2.put("stampType", "0");
        ZipInputStream zipInputStream = null;
        ASN1InputStream aSN1InputStream = null;
        ASN1InputStream aSN1InputStream2 = null;
        try {
            try {
                ZipInputStream inputStream = zipFile.getInputStream(zipFile.getFileHeader(str));
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                try {
                    byte[] bArr = new byte[8192];
                    while (true) {
                        int read = inputStream.read(bArr);
                        if (read == -1) {
                            break;
                        }
                        byteArrayOutputStream.write(bArr, 0, read);
                    }
                    if (inputStream != null) {
                        inputStream.close();
                    }
                    byte[] byteArray = byteArrayOutputStream.toByteArray();
                    ASN1Sequence dERSequence = DERSequence.getInstance(byteArray);
                    ASN1Sequence objectAt = dERSequence.getObjectAt(0);
                    ASN1Sequence objectAt2 = objectAt.getObjectAt(1).getObjectAt(0);
                    ASN1Sequence objectAt3 = objectAt2.getObjectAt(0);
                    jSONObject2.put("sealID", objectAt2.getObjectAt(1).toString());
                    int intValue = objectAt3.getObjectAt(1).getValue().intValue();
                    jSONObject2.put("signType", Integer.valueOf(intValue));
                    jSONObject2.put("sealVid", objectAt3.getObjectAt(2).getString());
                    ASN1Sequence objectAt4 = objectAt2.getObjectAt(2);
                    jSONObject2.put("type", objectAt4.getObjectAt(0).getValue().toString());
                    jSONObject2.put("sealName", objectAt4.getObjectAt(1).getString());
                    if (intValue == 4) {
                        jSONObject2.put("validStart", KGDateUtils.dateTime(objectAt4.getObjectAt(5).getDate()));
                        jSONObject2.put("validEnd", KGDateUtils.dateTime(objectAt4.getObjectAt(6).getDate()));
                    } else {
                        jSONObject2.put("validStart", KGDateUtils.date(objectAt4.getObjectAt(4).getAdjustedDate()));
                        jSONObject2.put("validEnd", KGDateUtils.date(objectAt4.getObjectAt(5).getAdjustedDate()));
                    }
                    byte[] encoded = objectAt.getEncoded();
                    if (intValue == 4) {
                        if (Contants.CHECK_SEAL_STATS) {
                            Map<String, Object> checkSealStats = new PVHttpUtil().checkSealStats(Contants.URL, new KGBase64().encode(dERSequence.getEncoded()));
                            if (!"0".equals(checkSealStats.get("code"))) {
                                throw new RuntimeException("验证印章状态有效性失败：" + checkSealStats.get("message"));
                            }
                        }
                        dERSequence.getObjectAt(3).getBytes();
                        try {
                            parseUTC2Date = objectAt.getObjectAt(2).getDate();
                            bytes = dERSequence.getObjectAt(3).getBytes();
                            octets = dERSequence.getObjectAt(1).getOctets();
                        } catch (ParseException e) {
                            throw new RuntimeException(e);
                        }
                    } else {
                        dERSequence.getObjectAt(1).getBytes();
                        String str2 = new String(objectAt.getObjectAt(2).getBytes());
                        parseUTC2Date = str2.length() == 15 ? KGDateUtils.parseUTC2Date(str2, "yyyyMMddHHmmss") : KGDateUtils.parseUTC2Date(str2, "yyMMddHHmmss");
                        bytes = dERSequence.getObjectAt(1).getBytes();
                        octets = objectAt.getObjectAt(5).getOctets();
                    }
                    jSONObject2.put("stampID", StampUtils.getStampID(parseUTC2Date, byteArray));
                    String dateTime = KGDateUtils.dateTime(parseUTC2Date);
                    jSONObject2.put("signDate", dateTime);
                    X509CertificateStructure x509CertificateStructure = X509CertificateStructure.getInstance(ASN1Sequence.getInstance(octets));
                    String x500Name = x509CertificateStructure.getIssuer().toString();
                    int indexOf = x500Name.indexOf(",");
                    if (indexOf == -1) {
                        indexOf = x500Name.length();
                    }
                    jSONObject2.put("userName", x500Name.substring(x500Name.indexOf("=") + 1, indexOf));
                    if (bytes.length != 64) {
                        bytes = OfdUtils.sigDataAns1To64bit(bytes);
                    }
                    boolean verifySign = verifySign(substring, zipFile, encoded, bytes, x509CertificateStructure, dateTime);
                    jSONObject2.put("effectiveness", Boolean.valueOf(verifySign));
                    JSONObject parseCert = parseCert(octets);
                    parseCert.put("sigEffectiveness", Boolean.valueOf(verifySign));
                    jSONObject2.put("cert", parseCert);
                    if (0 != 0) {
                        aSN1InputStream.close();
                    }
                    if (0 != 0) {
                        aSN1InputStream2.close();
                    }
                    if (0 != 0) {
                        zipInputStream.close();
                    }
                    return jSONObject2;
                } catch (Throwable th) {
                    if (inputStream != null) {
                        inputStream.close();
                    }
                    throw th;
                }
            } catch (ParseException e2) {
                throw new RuntimeException(e2);
            }
        } catch (Throwable th2) {
            if (0 != 0) {
                aSN1InputStream.close();
            }
            if (0 != 0) {
                aSN1InputStream2.close();
            }
            if (0 != 0) {
                zipInputStream.close();
            }
            throw th2;
        }
    }

    public boolean verifySign(String str, ZipFile zipFile, byte[] bArr, byte[] bArr2, X509CertificateStructure x509CertificateStructure, String str2) throws ZipException, DocumentException, IOException {
        byte[] bArr3 = new byte[64];
        System.arraycopy(x509CertificateStructure.getSubjectPublicKeyInfo().getPublicKeyData().getBytes(), 1, bArr3, 0, 64);
        if (!new SM2(true).Verify(bArr, bArr2, bArr3) || !cerValid(str2, x509CertificateStructure)) {
            return false;
        }
        Document document = KGOfdUtils.getDocument(zipFile, str + "/Signature.xml");
        String fileName = zipFile.getFileHeader(str + "/Signature.xml").getFileName();
        String attributeValue = document.selectSingleNode("/ofd:Signature/ofd:SignedInfo/ofd:References").attributeValue("CheckMethod");
        List selectNodes = document.selectNodes("/ofd:Signature/ofd:SignedInfo/ofd:References/ofd:Reference");
        for (int i = 0; i < selectNodes.size(); i++) {
            Element element = (Element) selectNodes.get(i);
            String attributeValue2 = element.attributeValue("FileRef");
            if (!attributeValue2.equals("OFD.xml")) {
                attributeValue2 = KGCommonUtils.converPath(attributeValue2, fileName);
            }
            if (attributeValue.equals("1.2.156.10197.1.401") && !new KGBase64().encode(KGSM3Digest.getSm3Digest(zipFile.getInputStream(zipFile.getFileHeader(attributeValue2)))).equals(element.element("CheckValue").getTextTrim())) {
                return false;
            }
        }
        return true;
    }

    private JSONObject parseCert(byte[] bArr) throws IOException, ParseException {
        JSONObject jSONObject = new JSONObject();
        ASN1InputStream aSN1InputStream = new ASN1InputStream(bArr);
        ASN1Sequence readObject = aSN1InputStream.readObject();
        aSN1InputStream.close();
        Certificate certificate = Certificate.getInstance(readObject);
        jSONObject.put("version", Integer.valueOf(certificate.getVersionNumber()));
        jSONObject.put("serialNumber", new String(Hex.encode(certificate.getSerialNumber().getValue().toByteArray())));
        String cn = getCN(certificate.getSubject().toString());
        String cn2 = getCN(certificate.getIssuer().toString());
        jSONObject.put("subjectDN", cn);
        jSONObject.put("issuerDN", cn2);
        jSONObject.put("sigAlg", certificate.getSignatureAlgorithm().getAlgorithm().getId());
        Date date = certificate.getStartDate().getDate();
        Date date2 = certificate.getEndDate().getDate();
        jSONObject.put("notBefore", KGDateUtils.dateTime(date));
        jSONObject.put("notAfter", KGDateUtils.dateTime(date2));
        return jSONObject;
    }

    private String getCN(String str) {
        String upperCase = str.toUpperCase();
        int indexOf = upperCase.indexOf("CN=");
        int indexOf2 = upperCase.indexOf(",", indexOf);
        if (indexOf2 == -1) {
            indexOf2 = upperCase.indexOf("+", indexOf);
        }
        return indexOf2 != -1 ? str.substring(indexOf + 3, indexOf2) : str.substring(indexOf + 3);
    }

    public boolean cerValid(String str, X509CertificateStructure x509CertificateStructure) {
        boolean z = false;
        Date date = x509CertificateStructure.getStartDate().getDate();
        Date date2 = x509CertificateStructure.getEndDate().getDate();
        Date parse2Date = KGDateUtils.parse2Date(str, "yyyy-MM-dd HH:mm:ss");
        if (date.before(parse2Date) && date2.after(parse2Date)) {
            z = true;
        }
        return z;
    }
}
