package cfca.util;

import cfca.internal.tool.ASN1Parser;
import cfca.org.bouncycastle.asn1.cms.CMSAttributes;
import cfca.org.bouncycastle.asn1.cms.Time;
import cfca.org.bouncycastle.cms.CMSSignedDataParser;
import cfca.org.bouncycastle.cms.SignerInformation;
import cfca.org.bouncycastle.operator.bc.BcDigestCalculatorProvider;
import cfca.org.bouncycastle.util.encoders.Hex;
import cfca.org.slf4j.Logger;
import cfca.org.slf4j.LoggerFactory;
import cfca.sadk32.org.bouncycastle.asn1.sm2.ASN1SM2Signature;
import cfca.sm2rsa.common.Mechanism;
import cfca.sm2rsa.common.PKCS7SignedData;
import cfca.sm2rsa.common.PKCS7SignedData2;
import cfca.sm2rsa.common.PKCS7SignedFile;
import cfca.sm2rsa.common.PKCS7SignedFile2;
import cfca.sm2rsa.common.PKIException;
import cfca.system.Debugger;
import cfca.system.SM2Compatible;
import cfca.util.cipher.lib.Session;
import cfca.x509.certificate.X509Cert;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.Key;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.text.SimpleDateFormat;
import java.util.Iterator;

/* loaded from: input_file:cfca/util/SignatureUtil.class */
public class SignatureUtil {
    static final Logger logger;
    private X509Cert signCert = null;
    private String digestAlgorithm = null;
    private byte[] signature = null;
    private byte[] sourceData = null;
    private boolean sm2WithZFlag;

    public SignatureUtil() {
        this.sm2WithZFlag = true;
        this.sm2WithZFlag = SM2Compatible.isOutputSM2SignedWithZ();
        if (logger.isDebugEnabled()) {
            logger.debug("SignatureUtil sm2WithZFlag" + this.sm2WithZFlag);
        }
    }

    public boolean isSm2WithZFlag() {
        if (logger.isDebugEnabled()) {
            logger.debug("isSm2WithZFlag: " + this.sm2WithZFlag);
        }
        return this.sm2WithZFlag;
    }

    public void setSm2WithZFlag(boolean z) {
        if (logger.isDebugEnabled()) {
            logger.debug("setSm2WithZFlag: " + z);
        }
        this.sm2WithZFlag = z;
    }

    public final byte[] getSourceData() {
        if (logger.isDebugEnabled()) {
            logger.debug("getSourceData: sourceData= " + (this.sourceData == null ? "none" : Hex.toHexString(this.sourceData)));
        }
        return this.sourceData;
    }

    public final byte[] getSignature() {
        if (logger.isDebugEnabled()) {
            logger.debug("getSignature: signature= " + (this.signature == null ? "none" : Hex.toHexString(this.signature)));
        }
        return this.signature;
    }

    public final String getDigestAlgorithm() {
        if (logger.isDebugEnabled()) {
            logger.debug("getDigestAlgorithm: digestAlgorithm= " + (this.digestAlgorithm == null ? "none" : this.digestAlgorithm));
        }
        return this.digestAlgorithm;
    }

    public final X509Cert getSignerCert() {
        if (logger.isDebugEnabled()) {
            logger.debug("getSignerCert: signCert= " + Debugger.dump(this.signCert));
        }
        return this.signCert;
    }

    public final String getTimeFromTimeStamp(byte[] bArr) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("getTimeFromTimeStamp Running");
            stringBuffer.append("\n bTimeStamp: " + (bArr == null ? "none" : Hex.toHexString(bArr)));
            logger.debug(stringBuffer.toString());
        }
        if (logger.isDebugEnabled()) {
            logger.debug("getTimeFromTimeStamp: bTimeStamp= " + (bArr == null ? "none" : Hex.toHexString(bArr)));
        }
        if (bArr == null) {
            if (logger.isErrorEnabled()) {
                logger.error("getTimeFromTimeStamp: required bTimeStamp not null");
            }
            throw new PKIException("851500", "签名工具包存在必要参数: bTimeStamp");
        }
        try {
            CMSSignedDataParser cMSSignedDataParser = new CMSSignedDataParser(new BcDigestCalculatorProvider(), new ByteArrayInputStream(ASN1Parser.isBase64Encode(bArr) ? Base64.decode(bArr) : bArr));
            Iterator it = cMSSignedDataParser.getSignerInfos().getSigners().iterator();
            String str = null;
            while (it.hasNext()) {
                str = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").format(Time.getInstance(((SignerInformation) it.next()).getSignedAttributes().get(CMSAttributes.signingTime).getAttrValues().getObjectAt(0).toASN1Primitive()).getDate());
            }
            cMSSignedDataParser.close();
            if (logger.isDebugEnabled()) {
                logger.debug("getTimeFromTimeStamp Okay: signDate= " + str);
            }
            return str;
        } catch (Exception e) {
            if (logger.isErrorEnabled()) {
                logger.error("getTimeFromTimeStamp failure", (Throwable) e);
            }
            throw new PKIException("851502", "签名工具包解析时间戳失败", e);
        }
    }

    public final byte[] p1SignByHash(String str, byte[] bArr, PrivateKey privateKey, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p1SignByHash>>>>>>Running");
            stringBuffer.append("\n signAlg: ");
            stringBuffer.append(Debugger.dump(str));
            stringBuffer.append("\n digest: ");
            stringBuffer.append(Debugger.dump(bArr));
            stringBuffer.append("\n privateKey: ");
            stringBuffer.append(Debugger.dump(privateKey));
            stringBuffer.append("\n session: ");
            stringBuffer.append(Debugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (str == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: signAlg");
            }
            if (bArr == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: digest");
            }
            if (privateKey == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: priKey");
            }
            if (session == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: session");
            }
            checkHashLength(bArr, str);
            checkKeyType(privateKey, str);
            try {
                byte[] encode = Base64.encode(encodedToASN1(session.signByHash(new Mechanism(str), privateKey, bArr)));
                if (logger.isDebugEnabled()) {
                    logger.debug("p1SignByHash<<<<<<Finished: signData=" + Debugger.dumpBase64(encode));
                }
                return encode;
            } catch (PKIException e) {
                throw e;
            } catch (Exception e2) {
                throw new PKIException("851510", "签名工具包执行签名失败", e2);
            }
        } catch (PKIException e3) {
            if (logger.isErrorEnabled()) {
                StringBuffer stringBuffer2 = new StringBuffer();
                stringBuffer2.append("p1SignByHash<<<<<<Failure");
                stringBuffer2.append("\n signAlg: ");
                stringBuffer2.append(Debugger.dump(str));
                stringBuffer2.append("\n digest: ");
                stringBuffer2.append(Debugger.dump(bArr));
                stringBuffer2.append("\n privateKey: ");
                stringBuffer2.append(Debugger.dump(privateKey));
                stringBuffer2.append("\n session: ");
                stringBuffer2.append(Debugger.dump(session));
                logger.error(stringBuffer2.toString(), (Throwable) e3);
            }
            throw e3;
        }
    }

    public final boolean p1VerifyByHash(String str, byte[] bArr, byte[] bArr2, PublicKey publicKey, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p1VerifyByHash>>>>>>Running");
            stringBuffer.append("\n signAlg: ");
            stringBuffer.append(Debugger.dump(str));
            stringBuffer.append("\n base64P1SignedData: ");
            stringBuffer.append(Debugger.dump(bArr2));
            stringBuffer.append("\n digest: ");
            stringBuffer.append(Debugger.dump(bArr));
            stringBuffer.append("\n PublicKey: ");
            stringBuffer.append(Debugger.dump(publicKey));
            stringBuffer.append("\n session: ");
            stringBuffer.append(Debugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (str == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: signAlg");
            }
            if (bArr == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: digest");
            }
            if (bArr2 == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: base64P1SignedData");
            }
            if (publicKey == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: pubKey");
            }
            if (session == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: session");
            }
            checkHashLength(bArr, str);
            checkKeyType(publicKey, str);
            try {
                boolean verifyByHash = session.verifyByHash(new Mechanism(str), publicKey, bArr, decodedSignValue(bArr2));
                if (logger.isDebugEnabled()) {
                    logger.debug("p1VerifyByHash<<<<<<Finished: verifyResult=" + verifyByHash);
                }
                return verifyByHash;
            } catch (PKIException e) {
                throw e;
            } catch (Exception e2) {
                throw new PKIException("851520", "签名工具包执行校验失败", e2);
            }
        } catch (PKIException e3) {
            if (logger.isErrorEnabled()) {
                StringBuffer stringBuffer2 = new StringBuffer();
                stringBuffer2.append("p1VerifyByHash<<<<<<Failure");
                stringBuffer2.append("\n signAlg: ");
                stringBuffer2.append(Debugger.dump(str));
                stringBuffer2.append("\n base64P1SignedData: ");
                stringBuffer2.append(Debugger.dump(bArr2));
                stringBuffer2.append("\n digest: ");
                stringBuffer2.append(Debugger.dump(bArr));
                stringBuffer2.append("\n PublicKey: ");
                stringBuffer2.append(Debugger.dump(publicKey));
                stringBuffer2.append("\n session: ");
                stringBuffer2.append(Debugger.dump(session));
                logger.error(stringBuffer2.toString(), (Throwable) e3);
            }
            throw e3;
        }
    }

    public final byte[] p1SignMessage(String str, byte[] bArr, PrivateKey privateKey, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p1SignMessage>>>>>>Running");
            stringBuffer.append("\n sm2WithZFlag: " + this.sm2WithZFlag);
            stringBuffer.append("\n signAlg: ");
            stringBuffer.append(Debugger.dump(str));
            stringBuffer.append("\n sourceData: ");
            stringBuffer.append(Debugger.dump(bArr));
            stringBuffer.append("\n privateKey: ");
            stringBuffer.append(Debugger.dump(privateKey));
            stringBuffer.append("\n session: ");
            stringBuffer.append(Debugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (str == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: signAlg");
            }
            if (bArr == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: sourceData");
            }
            if (privateKey == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: priKey");
            }
            if (session == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: session");
            }
            checkKeyType(privateKey, str);
            try {
                try {
                    byte[] encode = Base64.encode(encodedToASN1(session.sign(new Mechanism(str), privateKey, bArr, this.sm2WithZFlag)));
                    if (logger.isDebugEnabled()) {
                        logger.debug("p1SignMessage<<<<<<Finished: sm2WithZFlag=" + this.sm2WithZFlag + ",signData=" + Debugger.dumpBase64(encode));
                    }
                    return encode;
                } catch (PKIException e) {
                    throw e;
                }
            } catch (Exception e2) {
                throw new PKIException("851510", "签名工具包执行签名失败", e2);
            }
        } catch (PKIException e3) {
            if (logger.isErrorEnabled()) {
                StringBuffer stringBuffer2 = new StringBuffer();
                stringBuffer2.append("p1SignMessage<<<<<<Failure");
                stringBuffer2.append("\n sm2WithZFlag: " + this.sm2WithZFlag);
                stringBuffer2.append("\n signAlg: ");
                stringBuffer2.append(Debugger.dump(str));
                stringBuffer2.append("\n sourceData: ");
                stringBuffer2.append(Debugger.dump(bArr));
                stringBuffer2.append("\n privateKey: ");
                stringBuffer2.append(Debugger.dump(privateKey));
                stringBuffer2.append("\n session: ");
                stringBuffer2.append(Debugger.dump(session));
                logger.error(stringBuffer2.toString(), (Throwable) e3);
            }
            throw e3;
        }
    }

    public final boolean p1VerifyMessage(String str, byte[] bArr, byte[] bArr2, PublicKey publicKey, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p1VerifyMessage>>>>>>Running");
            stringBuffer.append("\n sm2WithZFlag: " + this.sm2WithZFlag);
            stringBuffer.append("\n signAlg: ");
            stringBuffer.append(Debugger.dump(str));
            stringBuffer.append("\n sourceData: ");
            stringBuffer.append(Debugger.dump(bArr));
            stringBuffer.append("\n base64P1SignedData: ");
            stringBuffer.append(Debugger.dump(bArr2));
            stringBuffer.append("\n PublicKey: ");
            stringBuffer.append(Debugger.dump(publicKey));
            stringBuffer.append("\n session: ");
            stringBuffer.append(Debugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (str == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: signAlg");
            }
            if (bArr == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: sourceData");
            }
            if (bArr2 == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: base64P1SignedData");
            }
            if (publicKey == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: pubKey");
            }
            if (session == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: session");
            }
            checkKeyType(publicKey, str);
            try {
                try {
                    boolean verifySign = session.verifySign(new Mechanism(str), publicKey, bArr, decodedSignValue(bArr2));
                    if (logger.isDebugEnabled()) {
                        logger.debug("p1VerifyMessage<<<<<<Finished: verifyResult=" + verifySign);
                    }
                    return verifySign;
                } catch (PKIException e) {
                    throw e;
                }
            } catch (Exception e2) {
                throw new PKIException("851520", "签名工具包执行校验失败", e2);
            }
        } catch (PKIException e3) {
            if (logger.isErrorEnabled()) {
                StringBuffer stringBuffer2 = new StringBuffer();
                stringBuffer2.append("p1VerifyMessage<<<<<<Failure");
                stringBuffer2.append("\n sm2WithZFlag: " + this.sm2WithZFlag);
                stringBuffer2.append("\n signAlg: ");
                stringBuffer2.append(Debugger.dump(str));
                stringBuffer2.append("\n sourceData: ");
                stringBuffer2.append(Debugger.dump(bArr));
                stringBuffer2.append("\n base64P1SignedData: ");
                stringBuffer2.append(Debugger.dump(bArr2));
                stringBuffer2.append("\n PublicKey: ");
                stringBuffer2.append(Debugger.dump(publicKey));
                stringBuffer2.append("\n session: ");
                stringBuffer2.append(Debugger.dump(session));
                logger.error(stringBuffer2.toString(), (Throwable) e3);
            }
            throw e3;
        }
    }

    public final byte[] p1SignFile(String str, String str2, PrivateKey privateKey, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p1SignFile>>>>>>Running");
            stringBuffer.append("\n sm2WithZFlag: " + this.sm2WithZFlag);
            stringBuffer.append("\n signAlg: ");
            stringBuffer.append(Debugger.dump(str));
            stringBuffer.append("\n sourceFilePath: ");
            stringBuffer.append(Debugger.dump(str2));
            stringBuffer.append("\n privateKey: ");
            stringBuffer.append(Debugger.dump(privateKey));
            stringBuffer.append("\n session: ");
            stringBuffer.append(Debugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (str == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: signAlg");
            }
            if (str2 == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: sourceFilePath");
            }
            if (privateKey == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: priKey");
            }
            if (session == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: session");
            }
            checkKeyType(privateKey, str);
            try {
                try {
                    byte[] encode = Base64.encode(encodedToASN1(session.sign(new Mechanism(str), privateKey, str2, this.sm2WithZFlag)));
                    if (logger.isDebugEnabled()) {
                        logger.debug("p1SignFile<<<<<<Finished: sm2WithZFlag=" + this.sm2WithZFlag + ",signData=" + Debugger.dumpBase64(encode));
                    }
                    return encode;
                } catch (PKIException e) {
                    throw e;
                }
            } catch (Exception e2) {
                throw new PKIException("851510", "签名工具包执行签名失败", e2);
            }
        } catch (PKIException e3) {
            if (logger.isErrorEnabled()) {
                StringBuffer stringBuffer2 = new StringBuffer();
                stringBuffer2.append("p1SignFile<<<<<<Failure");
                stringBuffer2.append("\n sm2WithZFlag: " + this.sm2WithZFlag);
                stringBuffer2.append("\n signAlg: ");
                stringBuffer2.append(Debugger.dump(str));
                stringBuffer2.append("\n sourceData: ");
                stringBuffer2.append(Debugger.dump(this.sourceData));
                stringBuffer2.append("\n privateKey: ");
                stringBuffer2.append(Debugger.dump(privateKey));
                stringBuffer2.append("\n session: ");
                stringBuffer2.append(Debugger.dump(session));
                logger.error(stringBuffer2.toString(), (Throwable) e3);
            }
            throw e3;
        }
    }

    public final boolean p1VerifyFile(String str, String str2, byte[] bArr, PublicKey publicKey, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p1VerifyFile>>>>>>Running");
            stringBuffer.append("\n sm2WithZFlag: " + this.sm2WithZFlag);
            stringBuffer.append("\n signAlg: ");
            stringBuffer.append(Debugger.dump(str));
            stringBuffer.append("\n sourceFilePath: ");
            stringBuffer.append(Debugger.dump(str2));
            stringBuffer.append("\n base64P1SignedData: ");
            stringBuffer.append(Debugger.dump(bArr));
            stringBuffer.append("\n PublicKey: ");
            stringBuffer.append(Debugger.dump(publicKey));
            stringBuffer.append("\n session: ");
            stringBuffer.append(Debugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (str == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: signAlg");
            }
            if (str2 == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: sourceFilePath");
            }
            if (bArr == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: base64P1SignedData");
            }
            if (session == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: session");
            }
            checkKeyType(publicKey, str);
            try {
                try {
                    boolean verifySign = session.verifySign(new Mechanism(str), publicKey, str2, decodedSignValue(bArr));
                    if (logger.isDebugEnabled()) {
                        logger.debug("p1VerifyFile<<<<<<Finished: verifyResult=" + verifySign);
                    }
                    return verifySign;
                } catch (PKIException e) {
                    throw e;
                }
            } catch (Exception e2) {
                throw new PKIException("851520", "签名工具包执行校验失败", e2);
            }
        } catch (PKIException e3) {
            if (logger.isErrorEnabled()) {
                StringBuffer stringBuffer2 = new StringBuffer();
                stringBuffer2.append("p1VerifyFile<<<<<<Failure");
                stringBuffer2.append("\n sm2WithZFlag: " + this.sm2WithZFlag);
                stringBuffer2.append("\n signAlg: ");
                stringBuffer2.append(Debugger.dump(str));
                stringBuffer2.append("\n sourceFilePath: ");
                stringBuffer2.append(Debugger.dump(str2));
                stringBuffer2.append("\n base64P1SignedData: ");
                stringBuffer2.append(Debugger.dump(bArr));
                stringBuffer2.append("\n PublicKey: ");
                stringBuffer2.append(Debugger.dump(publicKey));
                stringBuffer2.append("\n session: ");
                stringBuffer2.append(Debugger.dump(session));
                logger.error(stringBuffer2.toString(), (Throwable) e3);
            }
            throw e3;
        }
    }

    public final byte[] p7SignByHash(String str, byte[] bArr, PrivateKey privateKey, X509Cert x509Cert, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p7SignByHash>>>>>>Running");
            stringBuffer.append("\n signAlg: ");
            stringBuffer.append(Debugger.dump(str));
            stringBuffer.append("\n digest: ");
            stringBuffer.append(Debugger.dump(bArr));
            stringBuffer.append("\n privateKey: ");
            stringBuffer.append(Debugger.dump(privateKey));
            stringBuffer.append("\n cert: ");
            stringBuffer.append(Debugger.dump(x509Cert));
            stringBuffer.append("\n session: ");
            stringBuffer.append(Debugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (str == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: signAlg");
            }
            if (bArr == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: digest");
            }
            if (privateKey == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: priKey");
            }
            if (session == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: session");
            }
            checkKeyType(privateKey, str);
            checkCertType(x509Cert, str);
            PKCS7SignedData buildPKCS7SignedData = buildPKCS7SignedData(session);
            try {
                X509Cert[] x509CertArr = {x509Cert};
                Mechanism mechanism = new Mechanism(str);
                byte[] signByHash = session.signByHash(new Mechanism(str), privateKey, bArr);
                if (logger.isDebugEnabled()) {
                    logger.debug("p7SignByHash::::::signValue=" + (signByHash == null ? "none" : Hex.toHexString(signByHash)));
                }
                try {
                    byte[] encode = Base64.encode(buildPKCS7SignedData.packageSignedData(false, null, null, signByHash, mechanism, x509CertArr));
                    if (logger.isDebugEnabled()) {
                        logger.debug("p7SignByHash<<<<<<Finished: signedData=" + Debugger.dumpBase64(encode));
                    }
                    return encode;
                } catch (Exception e) {
                    throw new PKIException("851511", "签名工具包执行签名时打包失败", e);
                }
            } catch (PKIException e2) {
                throw e2;
            } catch (Exception e3) {
                throw new PKIException("851510", "签名工具包执行签名失败", e3);
            }
        } catch (PKIException e4) {
            if (logger.isErrorEnabled()) {
                StringBuffer stringBuffer2 = new StringBuffer();
                stringBuffer2.append("p7SignByHash<<<<<<Failure");
                stringBuffer2.append("\n signAlg: ");
                stringBuffer2.append(Debugger.dump(str));
                stringBuffer2.append("\n digest: ");
                stringBuffer2.append(Debugger.dump(bArr));
                stringBuffer2.append("\n privateKey: ");
                stringBuffer2.append(Debugger.dump(privateKey));
                stringBuffer2.append("\n cert: ");
                stringBuffer2.append(Debugger.dump(x509Cert));
                stringBuffer2.append("\n session: ");
                stringBuffer2.append(Debugger.dump(session));
                logger.error(stringBuffer2.toString());
            }
            throw e4;
        }
    }

    public final boolean p7VerifyByHash(byte[] bArr, byte[] bArr2, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p7VerifyByHash>>>>>>Running");
            stringBuffer.append("\n digest: ");
            stringBuffer.append(Debugger.dump(bArr));
            stringBuffer.append("\n base64P7SignedData: ");
            stringBuffer.append(Debugger.dump(bArr2));
            stringBuffer.append("\n session: ");
            stringBuffer.append(Debugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (bArr == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: digest");
            }
            if (bArr2 == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: base64P7SignedData");
            }
            if (session == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: session");
            }
            PKCS7SignedData buildPKCS7SignedData = buildPKCS7SignedData(session);
            try {
                buildPKCS7SignedData.loadBase64(bArr2);
                this.signCert = buildPKCS7SignedData.getSignerX509Cert();
                this.digestAlgorithm = buildPKCS7SignedData.getDigestAlgorithm();
                this.signature = buildPKCS7SignedData.getSignature();
                if (logger.isDebugEnabled()) {
                    StringBuffer stringBuffer2 = new StringBuffer();
                    stringBuffer2.append("p7VerifyByHash:::::Decode ");
                    stringBuffer2.append("\n signCert=");
                    stringBuffer2.append(Debugger.dump(this.signCert));
                    stringBuffer2.append("\n digestAlgorithm=");
                    stringBuffer2.append(Debugger.dump(this.digestAlgorithm));
                    stringBuffer2.append("\n signature=");
                    stringBuffer2.append(Debugger.dump(this.signature));
                    logger.debug(stringBuffer2.toString());
                }
                try {
                    boolean verifyP7SignedDataByHash = buildPKCS7SignedData.verifyP7SignedDataByHash(bArr);
                    if (logger.isDebugEnabled()) {
                        logger.debug("p7VerifyByHash<<<<<<Finished: verifyResult=" + verifyP7SignedDataByHash);
                    }
                    return verifyP7SignedDataByHash;
                } catch (PKIException e) {
                    throw e;
                } catch (Exception e2) {
                    throw new PKIException("851520", "签名工具包执行校验失败", e2);
                }
            } catch (Exception e3) {
                throw new PKIException("851521", "签名工具包执行校验时解包失败", e3);
            }
        } catch (PKIException e4) {
            if (logger.isErrorEnabled()) {
                StringBuffer stringBuffer3 = new StringBuffer();
                stringBuffer3.append("p7VerifyByHash<<<<<<Failure");
                stringBuffer3.append("\n digest: ");
                stringBuffer3.append(Debugger.dump(bArr));
                stringBuffer3.append("\n base64P7SignedData: ");
                stringBuffer3.append(Debugger.dump(bArr2));
                stringBuffer3.append("\n session: ");
                stringBuffer3.append(Debugger.dump(session));
                logger.error(stringBuffer3.toString());
            }
            throw e4;
        }
    }

    public final byte[] p7SignMessageAttach(String str, byte[] bArr, PrivateKey privateKey, X509Cert x509Cert, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p7SignMessageAttach>>>>>>Running");
            stringBuffer.append("\n sm2WithZFlag: " + this.sm2WithZFlag);
            stringBuffer.append("\n signAlg: ");
            stringBuffer.append(Debugger.dump(str));
            stringBuffer.append("\n sourceData: ");
            stringBuffer.append(Debugger.dump(bArr));
            stringBuffer.append("\n privateKey: ");
            stringBuffer.append(Debugger.dump(privateKey));
            stringBuffer.append("\n cert: ");
            stringBuffer.append(Debugger.dump(x509Cert));
            stringBuffer.append("\n session: ");
            stringBuffer.append(Debugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (str == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: signAlg");
            }
            if (bArr == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: sourceData");
            }
            if (privateKey == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: priKey");
            }
            if (x509Cert == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: cert");
            }
            if (session == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: session");
            }
            checkKeyType(privateKey, str);
            checkCertType(x509Cert, str);
            PKCS7SignedData buildPKCS7SignedData = buildPKCS7SignedData(session);
            try {
                X509Cert[] x509CertArr = {x509Cert};
                Mechanism mechanism = new Mechanism(str);
                byte[] sign = session.sign(mechanism, privateKey, bArr, this.sm2WithZFlag);
                if (logger.isDebugEnabled()) {
                    logger.debug("p7SignMessageAttach::::: signValue=" + (sign == null ? "none" : Hex.toHexString(sign)));
                }
                try {
                    byte[] encode = Base64.encode(buildPKCS7SignedData.packageSignedData(true, null, bArr, sign, mechanism, x509CertArr));
                    if (logger.isDebugEnabled()) {
                        logger.debug("p7SignMessageAttach<<<<<<Finished: signedData=" + Debugger.dumpBase64(encode));
                    }
                    return encode;
                } catch (Exception e) {
                    throw new PKIException("851511", "签名工具包执行签名时打包失败", e);
                }
            } catch (PKIException e2) {
                throw e2;
            } catch (Exception e3) {
                throw new PKIException("851510", "签名工具包执行签名失败", e3);
            }
        } catch (PKIException e4) {
            if (logger.isErrorEnabled()) {
                StringBuffer stringBuffer2 = new StringBuffer();
                stringBuffer2.append("p7SignMessageAttach<<<<<<Failure");
                stringBuffer2.append("\n sm2WithZFlag: " + this.sm2WithZFlag);
                stringBuffer2.append("\n signAlg: ");
                stringBuffer2.append(Debugger.dump(str));
                stringBuffer2.append("\n sourceData: ");
                stringBuffer2.append(Debugger.dump(bArr));
                stringBuffer2.append("\n privateKey: ");
                stringBuffer2.append(Debugger.dump(privateKey));
                stringBuffer2.append("\n cert: ");
                stringBuffer2.append(Debugger.dump(x509Cert));
                stringBuffer2.append("\n session: ");
                stringBuffer2.append(Debugger.dump(session));
                logger.error(stringBuffer2.toString());
            }
            throw e4;
        }
    }

    public final boolean p7VerifyMessageAttach(byte[] bArr, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p7VerifyMessageAttach>>>>>>Running");
            stringBuffer.append("\n sm2WithZFlag: " + this.sm2WithZFlag);
            stringBuffer.append("\n base64P7SignedData: ");
            stringBuffer.append(Debugger.dump(bArr));
            stringBuffer.append("\n session: ");
            stringBuffer.append(Debugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (bArr == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: base647SignedData");
            }
            if (session == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: session");
            }
            PKCS7SignedData buildPKCS7SignedData = buildPKCS7SignedData(session);
            try {
                buildPKCS7SignedData.loadBase64(bArr);
                this.signCert = buildPKCS7SignedData.getSignerX509Cert();
                this.sourceData = buildPKCS7SignedData.getSourceData();
                this.digestAlgorithm = buildPKCS7SignedData.getDigestAlgorithm();
                this.signature = buildPKCS7SignedData.getSignature();
                if (logger.isDebugEnabled()) {
                    StringBuffer stringBuffer2 = new StringBuffer();
                    stringBuffer2.append("p7VerifyMessageAttach:::::Decode ");
                    stringBuffer2.append("\n signCert=");
                    stringBuffer2.append(Debugger.dump(this.signCert));
                    stringBuffer2.append("\n digestAlgorithm=");
                    stringBuffer2.append(Debugger.dump(this.digestAlgorithm));
                    stringBuffer2.append("\n signature=");
                    stringBuffer2.append(Debugger.dump(this.signature));
                    stringBuffer2.append("\n sourceData=");
                    stringBuffer2.append(Debugger.dump(this.sourceData));
                    logger.debug(stringBuffer2.toString());
                }
                try {
                    try {
                        boolean verifyP7SignedDataAttach = buildPKCS7SignedData.verifyP7SignedDataAttach();
                        if (logger.isDebugEnabled()) {
                            logger.debug("p7VerifyMessageAttach<<<<<<Finished: verifyResult=" + verifyP7SignedDataAttach);
                        }
                        return verifyP7SignedDataAttach;
                    } catch (PKIException e) {
                        throw e;
                    }
                } catch (Exception e2) {
                    throw new PKIException("851520", "签名工具包执行校验失败", e2);
                }
            } catch (Exception e3) {
                throw new PKIException("851521", "签名工具包执行校验时解包失败", e3);
            }
        } catch (PKIException e4) {
            if (logger.isErrorEnabled()) {
                StringBuffer stringBuffer3 = new StringBuffer();
                stringBuffer3.append("p7VerifyMessageAttach Running");
                stringBuffer3.append("\n sm2WithZFlag: " + this.sm2WithZFlag);
                stringBuffer3.append(Debugger.dump(bArr));
                stringBuffer3.append("\n session: ");
                stringBuffer3.append(Debugger.dump(session));
                logger.error(stringBuffer3.toString());
            }
            throw e4;
        }
    }

    public final byte[] p7SignMessageDetach(String str, byte[] bArr, PrivateKey privateKey, X509Cert x509Cert, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p7SignMessageDetach>>>>>>Running");
            stringBuffer.append("\n sm2WithZFlag: " + this.sm2WithZFlag);
            stringBuffer.append("\n signAlg: ");
            stringBuffer.append(Debugger.dump(str));
            stringBuffer.append("\n sourceData: ");
            stringBuffer.append(Debugger.dump(bArr));
            stringBuffer.append("\n privateKey: ");
            stringBuffer.append(Debugger.dump(privateKey));
            stringBuffer.append("\n cert: ");
            stringBuffer.append(Debugger.dump(x509Cert));
            stringBuffer.append("\n session: ");
            stringBuffer.append(Debugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (str == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: signAlg");
            }
            if (privateKey == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: priKey");
            }
            if (session == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: session");
            }
            checkKeyType(privateKey, str);
            checkCertType(x509Cert, str);
            PKCS7SignedData buildPKCS7SignedData = buildPKCS7SignedData(session);
            try {
                X509Cert[] x509CertArr = {x509Cert};
                Mechanism mechanism = new Mechanism(str);
                byte[] sign = session.sign(mechanism, privateKey, bArr, this.sm2WithZFlag);
                if (logger.isDebugEnabled()) {
                    logger.debug("p7SignMessageDetach:::::signValue=" + (sign == null ? "none" : Hex.toHexString(sign)));
                }
                try {
                    byte[] encode = Base64.encode(buildPKCS7SignedData.packageSignedData(false, null, bArr, sign, mechanism, x509CertArr));
                    if (logger.isDebugEnabled()) {
                        logger.debug("p7SignMessageDetach<<<<<<Finished: signedData=" + Debugger.dumpBase64(encode));
                    }
                    return encode;
                } catch (Exception e) {
                    throw new PKIException("851511", "签名工具包执行签名时打包失败", e);
                }
            } catch (PKIException e2) {
                throw e2;
            } catch (Exception e3) {
                throw new PKIException("851510", "签名工具包执行签名失败", e3);
            }
        } catch (PKIException e4) {
            if (logger.isErrorEnabled()) {
                StringBuffer stringBuffer2 = new StringBuffer();
                stringBuffer2.append("p7SignMessageDetach Running");
                stringBuffer2.append("\n sm2WithZFlag: " + this.sm2WithZFlag);
                stringBuffer2.append("\n signAlg: ");
                stringBuffer2.append(Debugger.dump(str));
                stringBuffer2.append("\n sourceData: ");
                stringBuffer2.append(Debugger.dump(bArr));
                stringBuffer2.append("\n privateKey: ");
                stringBuffer2.append(Debugger.dump(privateKey));
                stringBuffer2.append("\n cert: ");
                stringBuffer2.append(Debugger.dump(x509Cert));
                stringBuffer2.append("\n session: ");
                stringBuffer2.append(Debugger.dump(session));
                logger.error(stringBuffer2.toString());
            }
            throw e4;
        }
    }

    public final boolean p7VerifyMessageDetach(byte[] bArr, byte[] bArr2, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p7VerifyMessageDetach>>>>>>Running");
            stringBuffer.append("\n sm2WithZFlag: " + this.sm2WithZFlag);
            stringBuffer.append("\n sourceData: ");
            stringBuffer.append(Debugger.dump(bArr));
            stringBuffer.append("\n base64P7SignedData: ");
            stringBuffer.append(Debugger.dump(bArr2));
            stringBuffer.append("\n session: ");
            stringBuffer.append(Debugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (bArr == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: sourceData");
            }
            if (bArr2 == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: base64P7SignedData");
            }
            if (session == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: session");
            }
            PKCS7SignedData buildPKCS7SignedData = buildPKCS7SignedData(session);
            try {
                buildPKCS7SignedData.loadBase64(bArr2);
                this.signCert = buildPKCS7SignedData.getSignerX509Cert();
                this.digestAlgorithm = buildPKCS7SignedData.getDigestAlgorithm();
                this.signature = buildPKCS7SignedData.getSignature();
                if (logger.isDebugEnabled()) {
                    StringBuffer stringBuffer2 = new StringBuffer();
                    stringBuffer2.append("p7VerifyMessageDetach:::::Decode ");
                    stringBuffer2.append("\n signCert=");
                    stringBuffer2.append(Debugger.dump(this.signCert));
                    stringBuffer2.append("\n digestAlgorithm=");
                    stringBuffer2.append(Debugger.dump(this.digestAlgorithm));
                    stringBuffer2.append("\n signature=");
                    stringBuffer2.append(Debugger.dump(this.signature));
                    logger.debug(stringBuffer2.toString());
                }
                try {
                    try {
                        boolean verifyP7SignedData = buildPKCS7SignedData.verifyP7SignedData(bArr);
                        if (logger.isDebugEnabled()) {
                            logger.debug("p7VerifyMessageDetach<<<<<<Finished: verifyResult=" + verifyP7SignedData);
                        }
                        return verifyP7SignedData;
                    } catch (PKIException e) {
                        throw e;
                    }
                } catch (Exception e2) {
                    throw new PKIException("851520", "签名工具包执行校验失败", e2);
                }
            } catch (Exception e3) {
                throw new PKIException("851521", "签名工具包执行校验时解包失败", e3);
            }
        } catch (PKIException e4) {
            if (logger.isErrorEnabled()) {
                StringBuffer stringBuffer3 = new StringBuffer();
                stringBuffer3.append("p7VerifyMessageDetach<<<<<<Failure");
                stringBuffer3.append("\n sm2WithZFlag: " + this.sm2WithZFlag);
                stringBuffer3.append("\n sourceData: ");
                stringBuffer3.append(Debugger.dump(bArr));
                stringBuffer3.append("\n base64P7SignedData: ");
                stringBuffer3.append(Debugger.dump(bArr2));
                stringBuffer3.append("\n session: ");
                stringBuffer3.append(Debugger.dump(session));
                logger.error(stringBuffer3.toString());
            }
            throw e4;
        }
    }

    public final void p7SignFileAttach(String str, String str2, String str3, PrivateKey privateKey, X509Cert x509Cert, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p7SignFileAttach>>>>>>Running");
            stringBuffer.append("\n sm2WithZFlag: " + this.sm2WithZFlag);
            stringBuffer.append("\n signAlg: ");
            stringBuffer.append(Debugger.dump(str));
            stringBuffer.append("\n sourceFilePath: ");
            stringBuffer.append(Debugger.dump(str2));
            stringBuffer.append("\n signFilePath: " + (str3 == null ? "none" : str3));
            stringBuffer.append("\n privateKey: ");
            stringBuffer.append(Debugger.dump(privateKey));
            stringBuffer.append("\n cert: ");
            stringBuffer.append(Debugger.dump(x509Cert));
            stringBuffer.append("\n session: ");
            stringBuffer.append(Debugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (str == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: signAlg");
            }
            if (str2 == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: sourceFilePath");
            }
            if (str3 == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: signFilePath");
            }
            if (privateKey == null) {
                throw new PKIException("851500", "签名工具包存在必要参数:  priKey");
            }
            if (x509Cert == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: cert");
            }
            if (session == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: session");
            }
            checkKeyType(privateKey, str);
            checkCertType(x509Cert, str);
            PKCS7SignedFile buildPKCS7SignedFile = buildPKCS7SignedFile(session);
            try {
                X509Cert[] x509CertArr = {x509Cert};
                Mechanism mechanism = new Mechanism(str);
                byte[] sign = session.sign(mechanism, privateKey, str2, this.sm2WithZFlag);
                if (logger.isDebugEnabled()) {
                    logger.debug("p7SignFileAttach:::::signValue=" + (sign == null ? "none" : Hex.toHexString(sign)));
                }
                try {
                    buildPKCS7SignedFile.packageSignedFile(null, str2, str3, sign, mechanism, x509CertArr);
                    if (logger.isDebugEnabled()) {
                        logger.debug("p7SignFileAttach<<<<<<Finished");
                    }
                } catch (Error e) {
                    throw new PKIException("851511", "签名工具包执行签名时打包失败", e);
                } catch (Exception e2) {
                    throw new PKIException("851511", "签名工具包执行签名时打包失败", e2);
                }
            } catch (PKIException e3) {
                throw e3;
            } catch (Exception e4) {
                throw new PKIException("851510", "签名工具包执行签名失败", e4);
            }
        } catch (PKIException e5) {
            if (logger.isErrorEnabled()) {
                StringBuffer stringBuffer2 = new StringBuffer();
                stringBuffer2.append("p7SignFileAttach<<<<<<Failure");
                stringBuffer2.append("\n sm2WithZFlag: " + this.sm2WithZFlag);
                stringBuffer2.append("\n signAlg: ");
                stringBuffer2.append(Debugger.dump(str));
                stringBuffer2.append("\n sourceFilePath: ");
                stringBuffer2.append(Debugger.dump(str2));
                stringBuffer2.append("\n signFilePath: " + (str3 == null ? "none" : str3));
                stringBuffer2.append("\n privateKey: ");
                stringBuffer2.append(Debugger.dump(privateKey));
                stringBuffer2.append("\n cert: ");
                stringBuffer2.append(Debugger.dump(x509Cert));
                stringBuffer2.append("\n session: ");
                stringBuffer2.append(Debugger.dump(session));
                logger.error(stringBuffer2.toString());
            }
            throw e5;
        }
    }

    public final boolean p7VerifyFileAttach(String str, String str2, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p7VerifyFileAttach>>>>>>Running");
            stringBuffer.append("\n sm2WithZFlag: " + this.sm2WithZFlag);
            stringBuffer.append("\n signFilePath: " + (str == null ? "none" : str));
            stringBuffer.append("\n outSourceFilePath: " + (str2 == null ? "none" : str2));
            stringBuffer.append("\n session: ");
            stringBuffer.append(Debugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (str == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: signFilePath");
            }
            if (str2 == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: outSourceFilePath");
            }
            if (session == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: session");
            }
            try {
                try {
                    PKCS7SignedFile buildPKCS7SignedFile = buildPKCS7SignedFile(session);
                    boolean verifyP7SignedFile = buildPKCS7SignedFile.verifyP7SignedFile(str, str2);
                    this.signCert = buildPKCS7SignedFile.getSignerX509Cert();
                    this.digestAlgorithm = buildPKCS7SignedFile.getDigestAlgorithm();
                    this.signature = buildPKCS7SignedFile.getSignature();
                    if (logger.isDebugEnabled()) {
                        StringBuffer stringBuffer2 = new StringBuffer();
                        stringBuffer2.append("p7VerifyFileAttach<<<<<<Finished: verifyResult=" + verifyP7SignedFile);
                        stringBuffer2.append("\n signCert=");
                        stringBuffer2.append(Debugger.dump(this.signCert));
                        stringBuffer2.append("\n digestAlgorithm=");
                        stringBuffer2.append(Debugger.dump(this.digestAlgorithm));
                        stringBuffer2.append("\n signature=");
                        stringBuffer2.append(Debugger.dump(this.signature));
                        logger.debug(stringBuffer2.toString());
                    }
                    return verifyP7SignedFile;
                } catch (PKIException e) {
                    throw e;
                }
            } catch (Exception e2) {
                throw new PKIException("851520", "签名工具包执行校验失败", e2);
            }
        } catch (PKIException e3) {
            if (logger.isErrorEnabled()) {
                StringBuffer stringBuffer3 = new StringBuffer();
                stringBuffer3.append("p7VerifyFileAttach<<<<<<Failure");
                stringBuffer3.append("\n sm2WithZFlag: " + this.sm2WithZFlag);
                stringBuffer3.append("\n signFilePath: " + (str == null ? "none" : str));
                stringBuffer3.append("\n outSourceFilePath: " + (str2 == null ? "none" : str2));
                stringBuffer3.append("\n session: ");
                stringBuffer3.append(Debugger.dump(session));
                logger.error(stringBuffer3.toString());
            }
            throw e3;
        }
    }

    public final byte[] p7SignFileDetach(String str, String str2, PrivateKey privateKey, X509Cert x509Cert, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p7SignFileDetach>>>>>>Running");
            stringBuffer.append("\n sm2WithZFlag: " + this.sm2WithZFlag);
            stringBuffer.append("\n signAlg: ");
            stringBuffer.append(Debugger.dump(str));
            stringBuffer.append("\n sourceFilePath: ");
            stringBuffer.append(Debugger.dump(str2));
            stringBuffer.append("\n privateKey: ");
            stringBuffer.append(Debugger.dump(privateKey));
            stringBuffer.append("\n cert: ");
            stringBuffer.append(Debugger.dump(x509Cert));
            stringBuffer.append("\n session: ");
            stringBuffer.append(Debugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (str == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: signAlg");
            }
            if (str2 == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: sourceFilePath");
            }
            if (privateKey == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: priKey");
            }
            if (x509Cert == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: cert");
            }
            if (session == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: session");
            }
            checkKeyType(privateKey, str);
            checkCertType(x509Cert, str);
            PKCS7SignedData buildPKCS7SignedData = buildPKCS7SignedData(session);
            try {
                X509Cert[] x509CertArr = {x509Cert};
                Mechanism mechanism = new Mechanism(str);
                byte[] sign = session.sign(mechanism, privateKey, str2, this.sm2WithZFlag);
                if (logger.isDebugEnabled()) {
                    logger.debug("p7SignFileDetach:::::signValue=" + (sign == null ? "none" : Hex.toHexString(sign)));
                }
                try {
                    byte[] encode = Base64.encode(buildPKCS7SignedData.packageSignedData(false, null, null, sign, mechanism, x509CertArr));
                    if (logger.isDebugEnabled()) {
                        logger.debug("p7SignFileDetach<<<<<<Finished: signedData=" + Debugger.dumpBase64(encode));
                    }
                    return encode;
                } catch (Exception e) {
                    throw new PKIException("851511", "签名工具包执行签名时打包失败", e);
                }
            } catch (PKIException e2) {
                throw e2;
            } catch (Exception e3) {
                throw new PKIException("851510", "签名工具包执行签名失败", e3);
            }
        } catch (PKIException e4) {
            if (logger.isErrorEnabled()) {
                StringBuffer stringBuffer2 = new StringBuffer();
                stringBuffer2.append("p7SignFileDetach<<<<<<Failure");
                stringBuffer2.append("\n sm2WithZFlag: " + this.sm2WithZFlag);
                stringBuffer2.append("\n signAlg: ");
                stringBuffer2.append(Debugger.dump(str));
                stringBuffer2.append("\n sourceFilePath: ");
                stringBuffer2.append(Debugger.dump(str2));
                stringBuffer2.append("\n privateKey: ");
                stringBuffer2.append(Debugger.dump(privateKey));
                stringBuffer2.append("\n cert: ");
                stringBuffer2.append(Debugger.dump(x509Cert));
                stringBuffer2.append("\n session: ");
                stringBuffer2.append(Debugger.dump(session));
                logger.error(stringBuffer2.toString());
            }
            throw e4;
        }
    }

    public final boolean p7VerifyFileDetach(String str, byte[] bArr, Session session) throws PKIException {
        if (logger.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("p7VerifyFileDetach>>>>>>Running");
            stringBuffer.append("\n sm2WithZFlag: " + this.sm2WithZFlag);
            stringBuffer.append("\n sourceFilePath: ");
            stringBuffer.append(Debugger.dump(str));
            stringBuffer.append("\n base64P7SignedData: ");
            stringBuffer.append(Debugger.dump(bArr));
            stringBuffer.append("\n session: ");
            stringBuffer.append(Debugger.dump(session));
            logger.debug(stringBuffer.toString());
        }
        try {
            if (str == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: sourceFilePath");
            }
            if (bArr == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: base64P7SignedData");
            }
            if (session == null) {
                throw new PKIException("851500", "签名工具包存在必要参数: session");
            }
            PKCS7SignedData buildPKCS7SignedData = buildPKCS7SignedData(session);
            try {
                buildPKCS7SignedData.loadBase64(bArr);
                this.signCert = buildPKCS7SignedData.getSignerX509Cert();
                this.digestAlgorithm = buildPKCS7SignedData.getDigestAlgorithm();
                this.signature = buildPKCS7SignedData.getSignature();
                if (logger.isDebugEnabled()) {
                    StringBuffer stringBuffer2 = new StringBuffer();
                    stringBuffer2.append("p7VerifyFileDetach:::::Decode ");
                    stringBuffer2.append("\n signCert=");
                    stringBuffer2.append(Debugger.dump(this.signCert));
                    stringBuffer2.append("\n digestAlgorithm=");
                    stringBuffer2.append(Debugger.dump(this.digestAlgorithm));
                    stringBuffer2.append("\n signature=");
                    stringBuffer2.append(Debugger.dump(this.signature));
                    logger.debug(stringBuffer2.toString());
                }
                try {
                    try {
                        boolean verifyP7SignedData = buildPKCS7SignedData.verifyP7SignedData(str);
                        if (logger.isDebugEnabled()) {
                            logger.debug("p7VerifyFileDetach<<<<<<Finished: verifyResult=" + verifyP7SignedData);
                        }
                        return verifyP7SignedData;
                    } catch (PKIException e) {
                        throw e;
                    }
                } catch (Exception e2) {
                    throw new PKIException("851520", "签名工具包执行校验失败", e2);
                }
            } catch (Exception e3) {
                throw new PKIException("851521", "签名工具包执行校验时解包失败", e3);
            }
        } catch (PKIException e4) {
            if (logger.isErrorEnabled()) {
                StringBuffer stringBuffer3 = new StringBuffer();
                stringBuffer3.append("p7VerifyFileDetach<<<<<<Failure");
                stringBuffer3.append("\n sm2WithZFlag: " + this.sm2WithZFlag);
                stringBuffer3.append("\n sourceFilePath: ");
                stringBuffer3.append(Debugger.dump(str));
                stringBuffer3.append("\n base64P7SignedData: ");
                stringBuffer3.append(Debugger.dump(bArr));
                stringBuffer3.append("\n session: ");
                stringBuffer3.append(Debugger.dump(session));
                logger.error(stringBuffer3.toString());
            }
            throw e4;
        }
    }

    final PKCS7SignedData buildPKCS7SignedData(Session session) {
        return isNewFormat() ? new PKCS7SignedData2(session) : new PKCS7SignedData(session);
    }

    final PKCS7SignedFile buildPKCS7SignedFile(Session session) {
        return isNewFormat() ? new PKCS7SignedFile2(session) : new PKCS7SignedFile(session);
    }

    boolean isNewFormat() {
        logger.debug("isNewFormat=False: RAW(R+S)");
        return false;
    }

    private final byte[] decodedSignValue(byte[] bArr) throws PKIException {
        byte[] bArr2;
        if (logger.isDebugEnabled()) {
            logger.debug("decodedSignValue>>>>>>" + (bArr == null ? "none" : Hex.toHexString(bArr)));
        }
        if (bArr == null) {
            throw new PKIException("851500", "签名工具包存在必要参数: base64SignData");
        }
        byte[] decode = ASN1Parser.isBase64Encode(bArr) ? Base64.decode(bArr) : bArr;
        if (decode.length == 64 || decode.length >= 128) {
            bArr2 = decode;
        } else {
            if (decode.length < 66 || decode.length > 72) {
                throw new PKIException("851501", "签名工具包存在无效参数: base64SignData");
            }
            bArr2 = decodedFromASN1(decode);
        }
        if (logger.isDebugEnabled()) {
            logger.debug("decodedSignValue<<<<<<" + (bArr2 == null ? "none" : Hex.toHexString(bArr2)));
        }
        return bArr2;
    }

    private final byte[] encodedToASN1(byte[] bArr) throws PKIException {
        byte[] bArr2;
        if (logger.isDebugEnabled()) {
            logger.debug("encodedToASN1>>>>>>" + (bArr == null ? "none" : Hex.toHexString(bArr)));
        }
        if (isNewFormat() && bArr != null && bArr.length == 64) {
            try {
                bArr2 = new ASN1SM2Signature(bArr).getEncoded();
            } catch (IOException e) {
                throw new PKIException("851501", "签名工具包存在无效参数: signData", e);
            }
        } else {
            bArr2 = bArr;
        }
        if (logger.isDebugEnabled()) {
            logger.debug("encodedToASN1<<<<<<" + (bArr2 == null ? "none" : Hex.toHexString(bArr2)));
        }
        return bArr2;
    }

    private final byte[] decodedFromASN1(byte[] bArr) {
        if (logger.isDebugEnabled()) {
            logger.debug("decodedFromASN1>>>>>>" + (bArr == null ? "none" : Hex.toHexString(bArr)));
        }
        if (bArr == null) {
            throw new SecurityException("Unknown signature value");
        }
        byte[] bArr2 = null;
        if (!isNewFormat()) {
            if (logger.isDebugEnabled()) {
                logger.debug("decodedFromASN1<<<<<<" + (bArr == null ? "none" : Hex.toHexString(bArr)));
            }
            return bArr;
        }
        try {
            bArr2 = new ASN1SM2Signature(bArr).getRS();
            return bArr2;
        } catch (PKIException e) {
            if (logger.isErrorEnabled()) {
                logger.error("invalid asn1EncodedRS<<<<<<" + (bArr2 == null ? "none" : Hex.toHexString(bArr2)), (Throwable) e);
            }
            throw new SecurityException(e.getMessage(), e);
        }
    }

    private final void checkHashLength(byte[] bArr, String str) throws PKIException {
        String lowerCase = str.toLowerCase();
        if (lowerCase.indexOf("rsa") >= 0) {
            if (lowerCase.indexOf("sha256") >= 0 && bArr.length != 32) {
                throw new PKIException("851530", "签名工具包签名算法和散列值不匹配");
            }
            if (lowerCase.indexOf("sha512") >= 0 && bArr.length != 64) {
                throw new PKIException("851530", "签名工具包签名算法和散列值不匹配");
            }
            if (lowerCase.indexOf("sha384") >= 0 && bArr.length != 48) {
                throw new PKIException("851530", "签名工具包签名算法和散列值不匹配");
            }
            if (lowerCase.indexOf("sha1") >= 0 && bArr.length != 20) {
                throw new PKIException("851530", "签名工具包签名算法和散列值不匹配");
            }
            if (lowerCase.indexOf("md5") >= 0 && bArr.length != 16) {
                throw new PKIException("851530", "签名工具包签名算法和散列值不匹配");
            }
        }
        if (lowerCase.indexOf("sm2") >= 0 && lowerCase.indexOf("sm3") >= 0 && bArr.length != 32) {
            throw new PKIException("851530", "签名工具包签名算法和散列值不匹配");
        }
    }

    private final void checkKeyType(Key key, String str) throws PKIException {
        if (str.toLowerCase().indexOf(key.getAlgorithm().toLowerCase()) < 0) {
            throw new PKIException("851531", "签名工具包签名算法和签名密钥/校验密钥不匹配");
        }
    }

    private final void checkCertType(X509Cert x509Cert, String str) throws PKIException {
        if (str.toLowerCase().indexOf(x509Cert.getPublicKey().getAlgorithm().toLowerCase()) < 0) {
            throw new PKIException("851532", "签名工具包签名算法和签名证书/校验证书不匹配");
        }
    }

    static {
        Debugger.setDebugger();
        logger = LoggerFactory.getLogger((Class<?>) SignatureUtil.class);
    }
}
