package com.formosoft.applet;

import com.formosoft.jpki.JPKIRuntimeException;
import com.formosoft.jpki.asn1.ASN1OctetString;
import com.formosoft.jpki.jce.X509CertificateAdapter;
import com.formosoft.jpki.oid.OIDFactory;
import com.formosoft.jpki.oid.ObjectIdentifier;
import com.formosoft.jpki.pkcs1.RSAPrivateKey;
import com.formosoft.jpki.pkcs1.RSAPublicKey;
import com.formosoft.jpki.pkcs10.PKCS10Generator;
import com.formosoft.jpki.pkcs12.PKCS12;
import com.formosoft.jpki.pkcs6.SetOfExtendedCertificateOrCertificate;
import com.formosoft.jpki.pkcs7.IssuerAndSerialNumber;
import com.formosoft.jpki.pkcs7.PKCS7;
import com.formosoft.jpki.pkcs7.SetOfSignerInfo;
import com.formosoft.jpki.pkcs7.SignedData;
import com.formosoft.jpki.pkcs7.SignerInfo;
import com.formosoft.jpki.pkcs8.PrivateKeyInfo;
import com.formosoft.jpki.util.EncryptionUtil;
import com.formosoft.jpki.util.HMAC;
import com.formosoft.jpki.util.JCAAlgorithm;
import com.formosoft.jpki.util.PEMReader;
import com.formosoft.jpki.util.RSAUtil;
import com.formosoft.jpki.x500.X500Name;
import com.formosoft.jpki.x509.SetOfX509Algorithm;
import com.formosoft.jpki.x509.X509Algorithm;
import com.formosoft.jpki.x509.X509Certificate;
import com.formosoft.util.codec.Base64Utils;
import com.formosoft.util.codec.DigestUtils;
import com.formosoft.util.codec.HexUtils;
import com.formosoft.util.io.FileUtils;
import java.applet.Applet;
import java.awt.FileDialog;
import java.awt.Frame;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.ProviderException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.Enumeration;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:com/formosoft/applet/FSJPKILet.class */
public class FSJPKILet extends Applet {
    private static final long serialVersionUID = -9214010630359065466L;
    public static final String APPLET_VERSION = "1,1,10,408";
    private static final String ALGO_DES_EDE3_CBC = "DES-EDE3-CBC";
    private static final String prikeytitle = "-----BEGIN RSA PRIVATE KEY-----\r\nProc-Type: 4,ENCRYPTED\r\nDEK-Info: ";
    private static final String prikeyend = "-----END RSA PRIVATE KEY-----";
    public static final int FS_RTN_SUCCESS = 0;
    public static final int FS_RTN_ERROR = 5001;
    public static final int FS_RTN_INVALID_PARAM = 5005;
    public static final int FS_RTN_LIB_EXPIRE = 5007;
    public static final int FS_RTN_INVALID_CERT = 5040;
    public static final int FS_RTN_INVALID_KEY = 5043;
    public static final int FS_RTN_INVALID_FORMAT = 5045;
    public static final int FS_RTN_INVALID_PKCS12 = 5046;
    public static final int FS_RTN_SIGN_ERROR = 5061;
    public static final int FS_RTN_DECRYPT_ERROR = 5064;
    public static final int FS_RTN_GENKEY_ERROR = 5065;
    public static final int FS_RTN_PASSWD_INVALID = 5071;
    public static final int FS_FLAG_BASE64_ENCODE = 4096;
    public static final int FS_FLAG_DETACHMSG = 16384;
    public static final int FS_ALGOR_MD5 = 1;
    public static final int FS_ALGOR_SHA1 = 2;
    public static final int FS_ALGOR_DES = 1;
    public static final int FS_ALGOR_3DES = 2;
    public static final int FS_ALGOR_RC4 = 4;
    public static final int FS_ALGOR_AES_128 = 5;
    public static final int FS_ALGOR_AES_192 = 6;
    public static final int FS_ALGOR_AES_256 = 7;
    private String deletefilename;
    private String readfilename;
    private byte[] readfilecontent;
    private String writefilename;
    private byte[] writefilecontent;
    private int ErrorCode = 0;
    private boolean deletefile = false;
    private boolean readfile = false;
    private boolean writefile = false;
    private checkJavaScriptEvent evt = null;
    private String privateKey = null;
    private String cert = null;
    private String symkey = null;
    private String symiv = null;
    private boolean limit = false;
    private String limittime = "20111231";

    /* loaded from: input_file:com/formosoft/applet/FSJPKILet$checkJavaScriptEvent.class */
    class checkJavaScriptEvent extends Thread {
        private FSJPKILet applet;

        public checkJavaScriptEvent(FSJPKILet fSJPKILet) {
            this.applet = fSJPKILet;
        }

        @Override // java.lang.Thread, java.lang.Runnable
        public void run() {
            while (true) {
                this.applet.ReadFile();
                this.applet.WriteFile();
                this.applet.DeleteFile();
                this.applet.ExtendFunc();
                try {
                    Thread.sleep(500L);
                } catch (Exception e) {
                }
            }
        }
    }

    private boolean Expired() {
        this.ErrorCode = 0;
        if (!this.limit) {
            return false;
        }
        Date date = null;
        try {
            date = new SimpleDateFormat("yyyyMMdd").parse(this.limittime);
        } catch (ParseException e) {
            e.printStackTrace();
        }
        Date date2 = new Date();
        if (date != null && date.after(date2)) {
            return false;
        }
        this.ErrorCode = FS_RTN_LIB_EXPIRE;
        return true;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void WriteFile() {
        try {
            if (this.writefile) {
                this.ErrorCode = FS_RTN_INVALID_PARAM;
                if (this.writefilename != null || this.writefilecontent != null) {
                    try {
                        FileUtils.writeToFile(this.writefilecontent, this.writefilename);
                        this.writefilecontent = null;
                        this.writefilename = null;
                        this.ErrorCode = 0;
                    } catch (IOException e) {
                        e.printStackTrace();
                        this.ErrorCode = FS_RTN_INVALID_PARAM;
                        this.writefile = false;
                        return;
                    }
                }
            }
            this.writefile = false;
        } catch (Throwable th) {
            this.writefile = false;
            throw th;
        }
    }

    public void FSJPKIWriteFile(String str, String str2) {
        if (Expired()) {
            return;
        }
        int i = 0;
        this.writefilename = str;
        this.writefile = true;
        this.writefilecontent = str2.getBytes();
        while (true) {
            int i2 = i;
            i++;
            if (i2 >= 6 || !this.writefile) {
                break;
            } else {
                try {
                    Thread.sleep(500L);
                } catch (InterruptedException e) {
                }
            }
        }
        this.ErrorCode = 0;
    }

    private void FSJPKIWriteBinaryFile(String str, byte[] bArr) {
        if (Expired()) {
            return;
        }
        int i = 0;
        this.writefilename = str;
        this.writefile = true;
        this.writefilecontent = bArr;
        while (true) {
            int i2 = i;
            i++;
            if (i2 >= 6 || !this.writefile) {
                break;
            } else {
                try {
                    Thread.sleep(500L);
                } catch (InterruptedException e) {
                }
            }
        }
        this.ErrorCode = 0;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void DeleteFile() {
        try {
            if (this.deletefile) {
                this.ErrorCode = FS_RTN_INVALID_PARAM;
                if (this.deletefilename != null) {
                    new File(this.deletefilename).delete();
                    this.ErrorCode = 0;
                    this.deletefilename = null;
                }
            }
        } finally {
            this.deletefile = false;
        }
    }

    public void FSJPKIDeleteFile(String str, int i) {
        if (Expired()) {
            return;
        }
        int i2 = 0;
        this.deletefilename = str;
        this.deletefile = true;
        while (true) {
            int i3 = i2;
            i2++;
            if (i3 >= 6 || !this.deletefile) {
                break;
            } else {
                try {
                    Thread.sleep(500L);
                } catch (InterruptedException e) {
                }
            }
        }
        this.ErrorCode = 0;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void ReadFile() {
        try {
            if (this.readfile) {
                this.ErrorCode = FS_RTN_INVALID_PARAM;
                this.readfilecontent = new byte[0];
                if (this.readfilename != null) {
                    try {
                        this.readfilecontent = FileUtils.readFileToByteArray(this.readfilename);
                        this.ErrorCode = 0;
                        this.readfilename = null;
                    } catch (IOException e) {
                        e.printStackTrace();
                        this.readfile = false;
                        return;
                    }
                }
            }
            this.readfile = false;
        } catch (Throwable th) {
            this.readfile = false;
            throw th;
        }
    }

    protected void ExtendFunc() {
    }

    public String FSJPKIReadFile(String str) {
        return FSJPKIReadFile(str, 0);
    }

    public String FSJPKIReadFile(String str, int i) {
        if (Expired()) {
            return null;
        }
        int i2 = 0;
        this.readfilename = str;
        this.readfile = true;
        while (true) {
            int i3 = i2;
            i2++;
            if (i3 >= 6 || !this.readfile) {
                break;
            }
            try {
                Thread.sleep(500L);
            } catch (InterruptedException e) {
            }
        }
        return (i & 4096) > 0 ? Base64Utils.encode(this.readfilecontent) : new String(this.readfilecontent);
    }

    public String FSJPKISelectFile(int i) {
        FileDialog fileDialog = new FileDialog(new Frame(), "選擇檔案", i);
        fileDialog.setVisible(true);
        String directory = fileDialog.getDirectory();
        this.ErrorCode = 0;
        return directory != null ? fileDialog.getDirectory() + fileDialog.getFile() : File.separator;
    }

    public int FSJPKIExportPKCS12(String str, String str2, String str3, String str4, String str5) {
        RSAPrivateKey GetRSAPrivateKeyFromPem = GetRSAPrivateKeyFromPem(str, str2);
        if (GetRSAPrivateKeyFromPem == null) {
            this.ErrorCode = FS_RTN_INVALID_PARAM;
            return this.ErrorCode;
        }
        try {
            X509Certificate x509Certificate = new X509Certificate(Base64Utils.decode(str3));
            PrivateKeyInfo privateKeyInfo = new PrivateKeyInfo(KeyFactory.getInstance("RSA").generatePrivate(new RSAPrivateCrtKeySpec(GetRSAPrivateKeyFromPem.getModulus(), GetRSAPrivateKeyFromPem.getPublicExponent(), GetRSAPrivateKeyFromPem.getPrivateExponent(), GetRSAPrivateKeyFromPem.getPrimeP(), GetRSAPrivateKeyFromPem.getPrimeQ(), GetRSAPrivateKeyFromPem.getPrimeExponentP(), GetRSAPrivateKeyFromPem.getPrimeExponentQ(), GetRSAPrivateKeyFromPem.getCoefficient())).getEncoded());
            ArrayList arrayList = new ArrayList();
            arrayList.add(x509Certificate);
            FSJPKIWriteBinaryFile(str4, new PKCS12(privateKeyInfo, arrayList, str5.toCharArray()).getEncoded());
            return this.ErrorCode;
        } catch (Exception e) {
            e.printStackTrace();
            this.ErrorCode = FS_RTN_INVALID_PARAM;
            return this.ErrorCode;
        }
    }

    public int FSJPKIParsePKCS12(String str, String str2) {
        this.ErrorCode = FS_RTN_INVALID_PARAM;
        FSJPKIReadFile(str);
        if (this.ErrorCode != 0) {
            return this.ErrorCode;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            try {
                keyStore.load(new ByteArrayInputStream(this.readfilecontent), str2.toCharArray());
                RSAPrivateCrtKey rSAPrivateCrtKey = null;
                try {
                    Enumeration<String> aliases = keyStore.aliases();
                    while (aliases.hasMoreElements() && rSAPrivateCrtKey == null) {
                        String obj = aliases.nextElement().toString();
                        rSAPrivateCrtKey = (RSAPrivateCrtKey) keyStore.getKey(obj, str2.toCharArray());
                        this.cert = Base64Utils.encode(keyStore.getCertificate(obj).getEncoded());
                    }
                    RSAPrivateKey rSAPrivateKey = new RSAPrivateKey(rSAPrivateCrtKey.getModulus(), rSAPrivateCrtKey.getPublicExponent(), rSAPrivateCrtKey.getPrivateExponent(), rSAPrivateCrtKey.getPrimeP(), rSAPrivateCrtKey.getPrimeQ(), rSAPrivateCrtKey.getPrimeExponentP(), rSAPrivateCrtKey.getPrimeExponentQ(), rSAPrivateCrtKey.getCrtCoefficient());
                    byte[] bArr = new byte[8];
                    new SecureRandom().nextBytes(bArr);
                    this.privateKey = transFormat2Pem(ALGO_DES_EDE3_CBC, rSAPrivateKey.getEncoded(), bArr, str2.getBytes());
                    this.ErrorCode = 0;
                    return this.ErrorCode;
                } catch (Exception e) {
                    e.printStackTrace();
                    this.ErrorCode = FS_RTN_INVALID_PKCS12;
                    return this.ErrorCode;
                }
            } catch (Exception e2) {
                e2.printStackTrace();
                this.ErrorCode = FS_RTN_PASSWD_INVALID;
                return this.ErrorCode;
            }
        } catch (KeyStoreException e3) {
            e3.printStackTrace();
            this.ErrorCode = FS_RTN_ERROR;
            return this.ErrorCode;
        }
    }

    public String FSJPKIGetPrivateKey() {
        return this.privateKey;
    }

    public String FSJPKIGetCert() {
        return this.cert;
    }

    public String FSJPKIHash(String str, String str2, int i) {
        if (Expired()) {
            return null;
        }
        return Base64Utils.encode((i & 1) > 0 ? DigestUtils.md5(String2Bytes(str, str2)) : DigestUtils.sha(String2Bytes(str, str2)));
    }

    public String FSJPKIGenerateRSAKey(int i, String str, int i2) {
        if (Expired()) {
            return null;
        }
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            SecureRandom secureRandom = new SecureRandom();
            keyPairGenerator.initialize(i, secureRandom);
            RSAPrivateCrtKey rSAPrivateCrtKey = (RSAPrivateCrtKey) keyPairGenerator.generateKeyPair().getPrivate();
            RSAPrivateKey rSAPrivateKey = new RSAPrivateKey(rSAPrivateCrtKey.getModulus(), rSAPrivateCrtKey.getPublicExponent(), rSAPrivateCrtKey.getPrivateExponent(), rSAPrivateCrtKey.getPrimeP(), rSAPrivateCrtKey.getPrimeQ(), rSAPrivateCrtKey.getPrimeExponentP(), rSAPrivateCrtKey.getPrimeExponentQ(), rSAPrivateCrtKey.getCrtCoefficient());
            byte[] bArr = new byte[8];
            secureRandom.nextBytes(bArr);
            try {
                String transFormat2Pem = transFormat2Pem(ALGO_DES_EDE3_CBC, rSAPrivateKey.getEncoded(), bArr, str.getBytes());
                this.ErrorCode = 0;
                return transFormat2Pem;
            } catch (Exception e) {
                e.printStackTrace();
                this.ErrorCode = FS_RTN_INVALID_FORMAT;
                return null;
            }
        } catch (NoSuchAlgorithmException e2) {
            e2.printStackTrace();
            this.ErrorCode = FS_RTN_GENKEY_ERROR;
            return null;
        }
    }

    public String FSJPKICreatePKCS10(String str, String str2, String str3, String str4, int i) {
        RSAPrivateKey GetRSAPrivateKeyFromPem;
        PrivateKey GetPrivateKeyFromRSAPrivateKey;
        PublicKey GetPublicKeyFromRSAPrivateKey;
        if (Expired() || (GetRSAPrivateKeyFromPem = GetRSAPrivateKeyFromPem(str, str2)) == null || (GetPrivateKeyFromRSAPrivateKey = GetPrivateKeyFromRSAPrivateKey(GetRSAPrivateKeyFromPem)) == null || (GetPublicKeyFromRSAPrivateKey = GetPublicKeyFromRSAPrivateKey(GetRSAPrivateKeyFromPem)) == null) {
            return null;
        }
        try {
            try {
                String encodeChunked = Base64Utils.encodeChunked(new PKCS10Generator(new X500Name(str3), GetPublicKeyFromRSAPrivateKey).sign(GetPrivateKeyFromRSAPrivateKey, (str4 == null || !str4.equals("MD5")) ? "SHA1withRSA" : "MD5withRSA").getEncoded());
                this.ErrorCode = 0;
                return encodeChunked;
            } catch (Exception e) {
                e.printStackTrace();
                this.ErrorCode = FS_RTN_SIGN_ERROR;
                return null;
            }
        } catch (Exception e2) {
            e2.printStackTrace();
            this.ErrorCode = FS_RTN_INVALID_PARAM;
            return null;
        }
    }

    public String FSJPKIEkeySign(String str, String str2, String str3, String str4, int i) {
        RSAPrivateKey GetRSAPrivateKeyFromPem;
        PrivateKey GetPrivateKeyFromRSAPrivateKey;
        if (Expired() || (GetRSAPrivateKeyFromPem = GetRSAPrivateKeyFromPem(str, str2)) == null || (GetPrivateKeyFromRSAPrivateKey = GetPrivateKeyFromRSAPrivateKey(GetRSAPrivateKeyFromPem)) == null) {
            return null;
        }
        byte[] md5 = DigestUtils.md5(String2Bytes(str3, str4));
        try {
            Signature signature = Signature.getInstance("SHA1withRSA");
            try {
                signature.initSign(GetPrivateKeyFromRSAPrivateKey);
                byte[] bArr = null;
                try {
                    signature.update(md5);
                    bArr = signature.sign();
                } catch (Exception e) {
                    this.ErrorCode = FS_RTN_SIGN_ERROR;
                    e.printStackTrace();
                }
                this.ErrorCode = 0;
                return HexUtils.encodeHexString(bArr);
            } catch (Exception e2) {
                this.ErrorCode = FS_RTN_INVALID_KEY;
                e2.printStackTrace();
                return null;
            }
        } catch (Exception e3) {
            e3.printStackTrace();
            this.ErrorCode = FS_RTN_INVALID_PARAM;
            return null;
        }
    }

    public String FSJPKIPureSign(String str, String str2, String str3, String str4, int i) {
        RSAPrivateKey GetRSAPrivateKeyFromPem;
        PrivateKey GetPrivateKeyFromRSAPrivateKey;
        if (Expired() || (GetRSAPrivateKeyFromPem = GetRSAPrivateKeyFromPem(str, str2)) == null || (GetPrivateKeyFromRSAPrivateKey = GetPrivateKeyFromRSAPrivateKey(GetRSAPrivateKeyFromPem)) == null) {
            return null;
        }
        byte[] String2Bytes = String2Bytes(str3, str4);
        try {
            Signature signature = Signature.getInstance((i & 1) > 0 ? "MD5withRSA" : "SHA1withRSA");
            try {
                signature.initSign(GetPrivateKeyFromRSAPrivateKey);
                byte[] bArr = null;
                try {
                    signature.update(String2Bytes);
                    bArr = signature.sign();
                } catch (Exception e) {
                    this.ErrorCode = FS_RTN_SIGN_ERROR;
                    e.printStackTrace();
                }
                this.ErrorCode = 0;
                return Base64Utils.encode(bArr);
            } catch (Exception e2) {
                this.ErrorCode = FS_RTN_INVALID_KEY;
                e2.printStackTrace();
                return null;
            }
        } catch (Exception e3) {
            e3.printStackTrace();
            this.ErrorCode = FS_RTN_INVALID_PARAM;
            return null;
        }
    }

    public String FSJPKISign(String str, String str2, String str3, String str4, String str5, int i) {
        RSAPrivateKey GetRSAPrivateKeyFromPem;
        PrivateKey GetPrivateKeyFromRSAPrivateKey;
        if (Expired() || (GetRSAPrivateKeyFromPem = GetRSAPrivateKeyFromPem(str, str2)) == null || (GetPrivateKeyFromRSAPrivateKey = GetPrivateKeyFromRSAPrivateKey(GetRSAPrivateKeyFromPem)) == null) {
            return null;
        }
        byte[] String2Bytes = String2Bytes(str4, str5);
        try {
            Signature signature = Signature.getInstance((i & 1) > 0 ? "MD5withRSA" : "SHA1withRSA");
            try {
                signature.initSign(GetPrivateKeyFromRSAPrivateKey);
                byte[] bArr = null;
                try {
                    signature.update(String2Bytes);
                    bArr = signature.sign();
                } catch (Exception e) {
                    this.ErrorCode = FS_RTN_SIGN_ERROR;
                    e.printStackTrace();
                }
                boolean z = (i & 16384) > 0;
                try {
                    X509Certificate x509Certificate = new X509Certificate(Base64Utils.decode(str3));
                    this.ErrorCode = 0;
                    return Base64Utils.encode(composePKCS7(String2Bytes, x509Certificate, bArr, z));
                } catch (Exception e2) {
                    e2.printStackTrace();
                    this.ErrorCode = FS_RTN_INVALID_CERT;
                    return null;
                }
            } catch (Exception e3) {
                this.ErrorCode = FS_RTN_INVALID_KEY;
                e3.printStackTrace();
                return null;
            }
        } catch (Exception e4) {
            e4.printStackTrace();
            this.ErrorCode = FS_RTN_INVALID_PARAM;
            return null;
        }
    }

    public String FSJPKICertGetSubject(String str, int i) {
        if (Expired()) {
            return null;
        }
        try {
            X509Certificate x509Certificate = new X509Certificate(Base64Utils.decode(str));
            this.ErrorCode = 0;
            return x509Certificate.getSubject().toString();
        } catch (Exception e) {
            e.printStackTrace();
            this.ErrorCode = FS_RTN_INVALID_CERT;
            return null;
        }
    }

    public String FSJPKICertGetIssuer(String str, int i) {
        if (Expired()) {
            return null;
        }
        try {
            X509Certificate x509Certificate = new X509Certificate(Base64Utils.decode(str));
            this.ErrorCode = 0;
            return x509Certificate.getIssuer().toString();
        } catch (Exception e) {
            e.printStackTrace();
            this.ErrorCode = FS_RTN_INVALID_CERT;
            return null;
        }
    }

    public String FSJPKICertGetNotBefore(String str, int i) {
        if (Expired()) {
            return null;
        }
        try {
            X509Certificate x509Certificate = new X509Certificate(Base64Utils.decode(str));
            SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyyMMddHHmmssZ");
            this.ErrorCode = 0;
            return simpleDateFormat.format(x509Certificate.getNotBefore());
        } catch (Exception e) {
            e.printStackTrace();
            this.ErrorCode = FS_RTN_INVALID_CERT;
            return null;
        }
    }

    public String FSJPKICertGetNotAfter(String str, int i) {
        if (Expired()) {
            return null;
        }
        try {
            X509Certificate x509Certificate = new X509Certificate(Base64Utils.decode(str));
            SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyyMMddHHmmssZ");
            this.ErrorCode = 0;
            return simpleDateFormat.format(x509Certificate.getNotAfter());
        } catch (Exception e) {
            e.printStackTrace();
            this.ErrorCode = FS_RTN_INVALID_CERT;
            return null;
        }
    }

    public String FSJPKICertGetSerialNumberHexString(String str, int i) {
        if (Expired()) {
            return null;
        }
        try {
            X509Certificate x509Certificate = new X509Certificate(Base64Utils.decode(str));
            this.ErrorCode = 0;
            return HexUtils.encodeHexString(x509Certificate.getSerialNumber().toByteArray());
        } catch (Exception e) {
            e.printStackTrace();
            this.ErrorCode = FS_RTN_INVALID_CERT;
            return null;
        }
    }

    public String FSJPKICertGetDigestHexString(String str, int i) {
        if (Expired()) {
            return null;
        }
        try {
            X509Certificate x509Certificate = new X509Certificate(Base64Utils.decode(str));
            this.ErrorCode = 0;
            return DigestUtils.shaHex(x509Certificate.getEncoded());
        } catch (Exception e) {
            e.printStackTrace();
            this.ErrorCode = FS_RTN_INVALID_CERT;
            return null;
        }
    }

    public String FSJPKICertEncrypt(String str, String str2, int i) {
        if (Expired()) {
            return null;
        }
        try {
            String encode = Base64Utils.encode(new EncryptionUtil().encrypt((i & 4096) > 0 ? Base64Utils.decode(str2) : str2.getBytes(), new X509CertificateAdapter(Base64Utils.decode(str)), (i & 2) > 0 ? ALGO_DES_EDE3_CBC : "DES-CBC").getEncoded());
            this.ErrorCode = 0;
            return encode;
        } catch (Exception e) {
            e.printStackTrace();
            this.ErrorCode = FS_RTN_INVALID_CERT;
            return null;
        }
    }

    public String FSJPKIAES_CBCEncrypt(String str, String str2, int i) {
        if (Expired()) {
            return null;
        }
        byte[] bArr = new byte[32];
        byte[] bArr2 = new byte[16];
        byte[] bArr3 = new byte[16];
        PBES2PasswordToKeyBytes(str.toCharArray(), new byte[]{1, 2, 3, 4, 5, 6, 9, 8}, 0, bArr);
        System.arraycopy(bArr, 0, bArr2, 0, 16);
        System.arraycopy(bArr, 16, bArr3, 0, 16);
        try {
            String encode = Base64Utils.encode(AES(bArr2, bArr3, (i & 4096) > 0 ? Base64Utils.decode(str2) : str2.getBytes(), 0));
            this.ErrorCode = 0;
            return encode;
        } catch (Exception e) {
            e.printStackTrace();
            this.ErrorCode = FS_RTN_INVALID_PARAM;
            return null;
        }
    }

    public String FSJPKIAES_CBCDecrypt(String str, String str2, int i) {
        if (Expired()) {
            return null;
        }
        byte[] bArr = new byte[32];
        byte[] bArr2 = new byte[16];
        byte[] bArr3 = new byte[16];
        PBES2PasswordToKeyBytes(str.toCharArray(), new byte[]{1, 2, 3, 4, 5, 6, 9, 8}, 0, bArr);
        System.arraycopy(bArr, 0, bArr2, 0, 16);
        System.arraycopy(bArr, 16, bArr3, 0, 16);
        try {
            byte[] AES = AES(bArr2, bArr3, Base64Utils.decode(str2), 1);
            String encode = (i & 4096) > 0 ? Base64Utils.encode(AES) : new String(AES);
            this.ErrorCode = 0;
            return encode;
        } catch (Exception e) {
            e.printStackTrace();
            this.ErrorCode = FS_RTN_INVALID_PARAM;
            return null;
        }
    }

    public String FSJPKIAES_CBCEncrypt(String str, String str2, String str3, int i) {
        if (Expired()) {
            return null;
        }
        try {
            String encode = Base64Utils.encode(AES(HexUtils.decodeHexString(str), HexUtils.decodeHexString(str2), (i & 4096) > 0 ? Base64Utils.decode(str3) : str3.getBytes(), 0));
            this.ErrorCode = 0;
            return encode;
        } catch (Exception e) {
            e.printStackTrace();
            this.ErrorCode = FS_RTN_INVALID_PARAM;
            return null;
        }
    }

    public String FSJPKIAES_CBCDecrypt(String str, String str2, String str3, int i) {
        if (Expired()) {
            return null;
        }
        try {
            byte[] AES = AES(HexUtils.decodeHexString(str), HexUtils.decodeHexString(str2), Base64Utils.decode(str3), 1);
            String encode = (i & 4096) > 0 ? Base64Utils.encode(AES) : new String(AES);
            this.ErrorCode = 0;
            return encode;
        } catch (Exception e) {
            e.printStackTrace();
            this.ErrorCode = FS_RTN_INVALID_PARAM;
            return null;
        }
    }

    public String FSJPKIPublicEncrypt(String str, String str2, int i) {
        byte[] decode = (i & 4096) > 0 ? Base64Utils.decode(str2) : str2.getBytes();
        RSAPublicKey GetRSAPublicKeyFromPem = GetRSAPublicKeyFromPem(str);
        try {
            byte[] encrypt = RSAUtil.encrypt((java.security.interfaces.RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(GetRSAPublicKeyFromPem.getModulus(), GetRSAPublicKeyFromPem.getPublicExponent())), decode);
            this.ErrorCode = 0;
            return Base64Utils.encode(encrypt);
        } catch (Exception e) {
            e.printStackTrace();
            this.ErrorCode = FS_RTN_INVALID_PARAM;
            return null;
        }
    }

    public int FSJPKIGenerateKey(String str, String str2, int i, int i2) {
        int i3;
        int i4;
        if (Expired()) {
            return FS_RTN_LIB_EXPIRE;
        }
        switch (i2) {
            case 1:
                i3 = 8;
                i4 = 8;
                break;
            case 2:
                i3 = 24;
                i4 = 8;
                break;
            case 3:
            default:
                this.ErrorCode = FS_RTN_INVALID_PARAM;
                return this.ErrorCode;
            case 4:
                i3 = 16;
                i4 = 0;
                break;
            case 5:
                i3 = 16;
                i4 = 16;
                break;
            case 6:
                i3 = 24;
                i4 = 16;
                break;
            case 7:
                i3 = 32;
                i4 = 16;
                break;
        }
        byte[] bArr = new byte[i3 + i4];
        byte[] bArr2 = {1, 2, 3, 4, 5, 6, 9, 8};
        byte[] bArr3 = new byte[i3];
        byte[] bArr4 = new byte[i4];
        if (str2 == null || str2.length() == 16 || str2.length() == 0) {
            byte[] bArr5 = bArr2;
            try {
                bArr5 = HexUtils.decodeHexString(str2);
            } catch (Exception e) {
            }
            PBES2PasswordToKeyBytes(str.toCharArray(), bArr5, i, bArr);
            System.arraycopy(bArr, 0, bArr3, 0, i3);
            System.arraycopy(bArr, i3, bArr4, 0, i4);
            this.symkey = HexUtils.encodeHexString(bArr3).toUpperCase();
            this.symiv = HexUtils.encodeHexString(bArr4).toUpperCase();
            this.ErrorCode = 0;
        } else {
            this.ErrorCode = FS_RTN_INVALID_PARAM;
        }
        return this.ErrorCode;
    }

    public String GetKey() {
        return this.symkey;
    }

    public String GetIV() {
        return this.symiv;
    }

    public String FSJPKIGetAppletVersion() {
        return APPLET_VERSION;
    }

    public int GetErrorCode() {
        return this.ErrorCode;
    }

    public void init() {
        super.init();
        if (this.evt != null || Expired()) {
            return;
        }
        this.evt = new checkJavaScriptEvent(this);
        this.evt.start();
    }

    public void destroy() {
        super.destroy();
        if (this.evt != null) {
            this.evt.stop();
        }
        this.evt = null;
    }

    public void start() {
        super.start();
    }

    public void stop() {
        super.stop();
    }

    private static byte[] AES(byte[] bArr, byte[] bArr2, byte[] bArr3, int i) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalStateException, IllegalBlockSizeException, BadPaddingException {
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
        IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr2);
        if ((i & 1) > 0) {
            cipher.init(2, secretKeySpec, ivParameterSpec);
        } else {
            cipher.init(1, secretKeySpec, ivParameterSpec);
        }
        return cipher.doFinal(bArr3);
    }

    private static byte[] composePKCS7(byte[] bArr, X509Certificate x509Certificate, byte[] bArr2, boolean z) {
        ObjectIdentifier objectIdentifier = JCAAlgorithm.getObjectIdentifier("SHA1");
        SignerInfo signerInfo = new SignerInfo(1, new IssuerAndSerialNumber(x509Certificate.getIssuer(), x509Certificate.getSerialNumber()), null, new X509Algorithm(objectIdentifier), new X509Algorithm(JCAAlgorithm.getObjectIdentifier("RSA")), bArr2, null);
        ArrayList arrayList = new ArrayList();
        arrayList.add(x509Certificate);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(signerInfo);
        ArrayList arrayList3 = new ArrayList();
        arrayList3.add(new X509Algorithm(objectIdentifier));
        return new PKCS7(new SignedData(1, new SetOfX509Algorithm(arrayList3), new PKCS7(z ? null : new ASN1OctetString(bArr)), new SetOfExtendedCertificateOrCertificate(arrayList), null, new SetOfSignerInfo(arrayList2))).getEncoded();
    }

    private byte[] String2Bytes(String str, String str2) {
        byte[] bytes;
        try {
            bytes = str.getBytes(str2);
        } catch (UnsupportedEncodingException e) {
            bytes = str.getBytes();
        }
        return bytes;
    }

    private PrivateKey GetPrivateKeyFromRSAPrivateKey(RSAPrivateKey rSAPrivateKey) {
        PrivateKey privateKey = null;
        try {
            privateKey = KeyFactory.getInstance("RSA").generatePrivate(new RSAPrivateKeySpec(rSAPrivateKey.getModulus(), rSAPrivateKey.getPrivateExponent()));
        } catch (Exception e) {
            this.ErrorCode = FS_RTN_INVALID_KEY;
            e.printStackTrace();
        }
        return privateKey;
    }

    private PublicKey GetPublicKeyFromRSAPrivateKey(RSAPrivateKey rSAPrivateKey) {
        PublicKey publicKey = null;
        try {
            publicKey = KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(rSAPrivateKey.getModulus(), rSAPrivateKey.getPublicExponent()));
        } catch (Exception e) {
            this.ErrorCode = FS_RTN_INVALID_KEY;
            e.printStackTrace();
        }
        return publicKey;
    }

    private RSAPrivateKey GetRSAPrivateKeyFromPem(String str, String str2) {
        try {
            PEMReader pEMReader = new PEMReader(str);
            if (pEMReader.encrypted()) {
                try {
                    pEMReader.decrypt(str2);
                } catch (Exception e) {
                    e.printStackTrace();
                    this.ErrorCode = FS_RTN_DECRYPT_ERROR;
                    return null;
                }
            }
            try {
                return new RSAPrivateKey(pEMReader.getEncoded());
            } catch (Exception e2) {
                e2.printStackTrace();
                this.ErrorCode = FS_RTN_INVALID_FORMAT;
                return null;
            }
        } catch (Exception e3) {
            e3.printStackTrace();
            this.ErrorCode = FS_RTN_INVALID_FORMAT;
            return null;
        }
    }

    private RSAPublicKey GetRSAPublicKeyFromPem(String str) {
        try {
            try {
                byte[] encoded = new PEMReader(str).getEncoded();
                int i = (encoded[1] & 128) > 0 ? 1 + (encoded[1] & Byte.MAX_VALUE) + 2 : 1 + (encoded[1] & Byte.MAX_VALUE) + 1;
                int i2 = (encoded[i] & 128) > 0 ? i + (encoded[i] & Byte.MAX_VALUE) + 3 : i + (encoded[i] & Byte.MAX_VALUE) + 2;
                int i3 = (encoded[i2] & 128) > 0 ? i2 + (encoded[i2] & Byte.MAX_VALUE) + 2 : i2 + (encoded[i2] & Byte.MAX_VALUE) + 1;
                byte[] bArr = new byte[encoded.length - i3];
                System.arraycopy(encoded, i3, bArr, 0, bArr.length);
                return new RSAPublicKey(bArr);
            } catch (Exception e) {
                e.printStackTrace();
                this.ErrorCode = FS_RTN_INVALID_FORMAT;
                return null;
            }
        } catch (Exception e2) {
            e2.printStackTrace();
            this.ErrorCode = FS_RTN_INVALID_FORMAT;
            return null;
        }
    }

    private void PBES2PasswordToKeyBytes(char[] cArr, byte[] bArr, int i, byte[] bArr2) {
        byte[] bArr3 = new byte[cArr.length];
        for (int i2 = 0; i2 < cArr.length; i2++) {
            bArr3[i2] = (byte) cArr[i2];
        }
        byte[] bArr4 = new byte[4];
        int i3 = 0;
        int length = bArr2.length;
        int i4 = 1;
        while (length > 0) {
            try {
                bArr4[0] = (byte) ((i4 >> 24) & 255);
                bArr4[1] = (byte) ((i4 >> 16) & 255);
                bArr4[2] = (byte) ((i4 >> 8) & 255);
                bArr4[3] = (byte) (i4 & 255);
                HMAC hmac = new HMAC("SHA1", bArr3);
                if (bArr != null) {
                    hmac.update(bArr);
                }
                hmac.update(bArr4);
                byte[] mac = hmac.mac();
                int length2 = mac.length;
                if (length2 > length) {
                    length2 = length;
                }
                System.arraycopy(mac, 0, bArr2, i3, length2);
                for (int i5 = 1; i5 < i; i5++) {
                    mac = new HMAC("SHA1", bArr3).mac(mac);
                    for (int i6 = 0; i6 < length2; i6++) {
                        int i7 = i3 + i6;
                        bArr2[i7] = (byte) (bArr2[i7] ^ mac[i6]);
                    }
                }
                i3 += length2;
                length -= length2;
                i4++;
            } catch (NoSuchAlgorithmException e) {
                throw new ProviderException(e.toString());
            }
        }
    }

    private static void EVPBytesToKey(String str, byte[] bArr, byte[] bArr2, int i, byte[] bArr3, byte[] bArr4) throws NoSuchAlgorithmException {
        byte[] bArr5 = null;
        int length = bArr3 == null ? 0 : bArr3.length;
        int length2 = bArr4 == null ? 0 : bArr4.length;
        int i2 = 0;
        int i3 = 0;
        while (true) {
            MessageDigest messageDigest = MessageDigest.getInstance(str);
            if (bArr5 != null) {
                messageDigest.update(bArr5);
            }
            messageDigest.update(bArr);
            if (bArr2 != null) {
                messageDigest.update(bArr2, 0, 8);
            }
            bArr5 = messageDigest.digest();
            for (int i4 = 1; i4 < i; i4++) {
                MessageDigest messageDigest2 = MessageDigest.getInstance(str);
                messageDigest2.update(bArr5);
                bArr5 = messageDigest2.digest();
            }
            int i5 = 0;
            while (length > i2 && i5 < bArr5.length) {
                int i6 = i2;
                i2++;
                int i7 = i5;
                i5++;
                bArr3[i6] = bArr5[i7];
            }
            while (length2 > i3 && i5 < bArr5.length) {
                int i8 = i3;
                i3++;
                int i9 = i5;
                i5++;
                bArr4[i8] = bArr5[i9];
            }
            if (length == i2 && length2 == i3) {
                return;
            }
        }
    }

    private static byte[] encrypt(String str, byte[] bArr, byte[] bArr2, byte[] bArr3) throws NoSuchAlgorithmException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException {
        byte[] bArr4;
        ObjectIdentifier objectIdentifier = OIDFactory.getObjectIdentifier(str);
        if (objectIdentifier == null) {
            throw new NoSuchAlgorithmException(str);
        }
        String algorithm = JCAAlgorithm.getAlgorithm(objectIdentifier);
        if (algorithm == null) {
            throw new NoSuchAlgorithmException(str);
        }
        Cipher cipher = Cipher.getInstance(algorithm);
        int indexOf = algorithm.indexOf("/");
        if (indexOf > 0) {
            algorithm = algorithm.substring(0, indexOf);
        }
        if (algorithm.equalsIgnoreCase("DES")) {
            bArr4 = new byte[8];
        } else {
            if (!algorithm.equalsIgnoreCase("DESede")) {
                throw new NoSuchAlgorithmException(algorithm);
            }
            bArr4 = new byte[24];
        }
        EVPBytesToKey("MD5", bArr3, bArr, 1, bArr4, null);
        try {
            cipher.init(1, new SecretKeySpec(bArr4, algorithm), new IvParameterSpec(bArr));
            return cipher.doFinal(bArr2);
        } catch (InvalidAlgorithmParameterException e) {
            throw new JPKIRuntimeException(e);
        } catch (InvalidKeyException e2) {
            throw new JPKIRuntimeException(e2);
        }
    }

    private static String transFormat2Pem(String str, byte[] bArr, byte[] bArr2, byte[] bArr3) throws NoSuchAlgorithmException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException {
        String encodeChunked = Base64Utils.encodeChunked(encrypt(str, bArr2, bArr, bArr3));
        StringBuffer stringBuffer = new StringBuffer(prikeytitle);
        stringBuffer.append(str);
        stringBuffer.append(",");
        stringBuffer.append(HexUtils.encodeHexString(bArr2).toUpperCase());
        stringBuffer.append("\r\n\r\n");
        stringBuffer.append(encodeChunked);
        stringBuffer.append(prikeyend);
        return stringBuffer.toString();
    }
}
