package com.kinggrid.kgcore.gm;

import com.kinggrid.commons.KGDateUtils;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.Date;
import org.kg.bouncycastle.asn1.ASN1EncodableVector;
import org.kg.bouncycastle.asn1.ASN1GeneralizedTime;
import org.kg.bouncycastle.asn1.ASN1InputStream;
import org.kg.bouncycastle.asn1.ASN1Integer;
import org.kg.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.kg.bouncycastle.asn1.ASN1Sequence;
import org.kg.bouncycastle.asn1.ASN1UTCTime;
import org.kg.bouncycastle.asn1.DERBitString;
import org.kg.bouncycastle.asn1.DEROctetString;
import org.kg.bouncycastle.asn1.DERSequence;
import org.kg.bouncycastle.asn1.x509.X509CertificateStructure;
import org.kg.bouncycastle.jce.provider.BouncyCastleProvider;
import org.kg.bouncycastle.util.encoders.Hex;

/* loaded from: input_file:lib/iSignature_PDF_API_V6.0.0.680.jar:com/kinggrid/kgcore/gm/VerifyBeforeSign.class */
public class VerifyBeforeSign {
    static boolean Sm2 = true;
    static int ver = 0;

    public void verifySeal(byte[] bArr) throws IOException {
        ASN1ObjectIdentifier aSN1ObjectIdentifier;
        DEROctetString dEROctetString;
        DERBitString dERBitString;
        byte[] encoded;
        ASN1Sequence aSN1Sequence = (ASN1Sequence) new ASN1InputStream(bArr).readObject();
        ASN1Sequence aSN1Sequence2 = (ASN1Sequence) aSN1Sequence.getObjectAt(0);
        ver = ((ASN1Integer) ((ASN1Sequence) aSN1Sequence2.getObjectAt(0)).getObjectAt(1)).getValue().intValue();
        if (ver == 4) {
            aSN1ObjectIdentifier = (ASN1ObjectIdentifier) aSN1Sequence.getObjectAt(2);
            dEROctetString = (DEROctetString) aSN1Sequence.getObjectAt(1);
            dERBitString = (DERBitString) aSN1Sequence.getObjectAt(3);
            encoded = aSN1Sequence2.getEncoded();
        } else {
            ASN1Sequence aSN1Sequence3 = (ASN1Sequence) aSN1Sequence.getObjectAt(1);
            aSN1ObjectIdentifier = (ASN1ObjectIdentifier) aSN1Sequence3.getObjectAt(1);
            dEROctetString = (DEROctetString) aSN1Sequence3.getObjectAt(0);
            dERBitString = (DERBitString) aSN1Sequence3.getObjectAt(2);
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(aSN1Sequence2);
            aSN1EncodableVector.add(dEROctetString);
            aSN1EncodableVector.add(aSN1ObjectIdentifier);
            encoded = new DERSequence(aSN1EncodableVector).getEncoded();
        }
        checkAlgorithm(aSN1ObjectIdentifier);
        byte[] octets = dEROctetString.getOctets();
        checkSigndata(new X509CertificateStructure((ASN1Sequence) new ASN1InputStream(octets).readObject()), encoded, dERBitString.getBytes(), octets);
        checkStamp(aSN1Sequence2);
    }

    public void checkSigndata(X509CertificateStructure x509CertificateStructure, byte[] bArr, byte[] bArr2, byte[] bArr3) throws IOException {
        boolean verify;
        if (bArr2.length != 64) {
            bArr2 = sigDataAns1To64bit(bArr2);
        }
        if (Sm2) {
            byte[] bArr4 = new byte[64];
            System.arraycopy(x509CertificateStructure.getSubjectPublicKeyInfo().getPublicKeyData().getBytes(), 1, bArr4, 0, 64);
            verify = new SM2(true).Verify(bArr, bArr2, bArr4);
        } else {
            try {
                PublicKey publicKey = ((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr3))).getPublicKey();
                Signature signature = Signature.getInstance("SHA1withRSA", new BouncyCastleProvider());
                signature.initVerify(publicKey);
                signature.update(bArr);
                verify = signature.verify(bArr2);
            } catch (InvalidKeyException e) {
                throw new RuntimeException(e);
            } catch (GeneralSecurityException e2) {
                throw new RuntimeException(e2);
            }
        }
        if (!verify) {
            throw new RuntimeException("验证电子印章失败：验证电子印章签名值失败！");
        }
    }

    public void checkCert(X509CertificateStructure x509CertificateStructure) {
        long parseLong = Long.parseLong(x509CertificateStructure.getStartDate().getTime().substring(2, 14));
        long parseLong2 = Long.parseLong(x509CertificateStructure.getEndDate().getTime().substring(2, 14));
        long parseLong3 = Long.parseLong(KGDateUtils.format(new Date(), KGDateUtils.YYMMDDHHMMSS));
        if (parseLong > parseLong3 || parseLong2 < parseLong3) {
            throw new RuntimeException("验证电子印章失败：验证电子印章制章人证书有效期失败！");
        }
    }

    public void checkStamp(ASN1Sequence aSN1Sequence) {
        ASN1Sequence aSN1Sequence2 = (ASN1Sequence) aSN1Sequence.getObjectAt(2);
        String timeString = ver == 4 ? ((ASN1GeneralizedTime) aSN1Sequence2.getObjectAt(5)).getTimeString() : ((ASN1UTCTime) aSN1Sequence2.getObjectAt(4)).toString();
        Long valueOf = Long.valueOf(Long.parseLong(timeString.substring(0, timeString.length() - 1)));
        String timeString2 = ver == 4 ? ((ASN1GeneralizedTime) aSN1Sequence2.getObjectAt(6)).getTimeString() : ((ASN1UTCTime) aSN1Sequence2.getObjectAt(5)).toString();
        Long valueOf2 = Long.valueOf(Long.parseLong(timeString2.substring(0, timeString2.length() - 1)));
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyMMddHHmmdd");
        if (timeString2.length() == 15) {
            simpleDateFormat = new SimpleDateFormat("yyyyMMddHHmmdd");
        }
        Long.parseLong(simpleDateFormat.format(new Date()));
        long parseLong = Long.parseLong(simpleDateFormat.format(new Date()));
        if (valueOf.longValue() > parseLong || valueOf2.longValue() < parseLong) {
            throw new RuntimeException("验证电子印章失败：验证电子印章的有效期失败！");
        }
    }

    public void checkAlgorithm(ASN1ObjectIdentifier aSN1ObjectIdentifier) throws IOException {
        Sm2 = Hex.toHexString(aSN1ObjectIdentifier.getEncoded()).substring(4).equals(new String("2A811CCF55018375").toLowerCase());
    }

    public byte[] sigDataAns1To64bit(byte[] bArr) throws IOException {
        ASN1Sequence aSN1Sequence = ASN1Sequence.getInstance(bArr);
        ASN1Integer aSN1Integer = (ASN1Integer) aSN1Sequence.getObjectAt(0);
        ASN1Integer aSN1Integer2 = (ASN1Integer) aSN1Sequence.getObjectAt(1);
        byte[] byteArray = aSN1Integer.getValue().toByteArray();
        byte[] byteArray2 = aSN1Integer2.getValue().toByteArray();
        byte[] bArr2 = new byte[64];
        System.arraycopy(byteArray, byteArray.length == 32 ? 0 : 1, bArr2, 0, 32);
        System.arraycopy(byteArray2, byteArray2.length == 32 ? 0 : 1, bArr2, 32, 32);
        return bArr2;
    }
}
