package net.netca.pki.crypto.android.interfaces.a;

import java.util.Arrays;
import java.util.Date;
import net.netca.pki.Certificate;
import net.netca.pki.Hash;
import net.netca.pki.PkiException;
import net.netca.pki.TimeStamp;
import net.netca.pki.crypto.android.interfaces.TimeStampInterface;
import net.netca.pki.encoding.asn1.pki.AlgorithmIdentifier;
import net.netca.pki.encoding.asn1.pki.tsp.HttpGetTimeStamp;
import net.netca.pki.encoding.json.jose.IHash;

/* loaded from: classes3.dex */
public class s implements TimeStampInterface {
    public TimeStamp a = null;

    @Override // net.netca.pki.crypto.android.interfaces.TimeStampInterface
    public String getPolicy() throws PkiException {
        TimeStamp timeStamp = this.a;
        if (timeStamp != null) {
            return timeStamp.getPolicy();
        }
        throw new PkiException("call verifyInit first");
    }

    @Override // net.netca.pki.crypto.android.interfaces.TimeStampInterface
    public String getSerialNumber() throws PkiException {
        TimeStamp timeStamp = this.a;
        if (timeStamp != null) {
            return timeStamp.getSerialNumber();
        }
        throw new PkiException("call verifyInit first");
    }

    @Override // net.netca.pki.crypto.android.interfaces.TimeStampInterface
    public Date getTime() throws PkiException {
        TimeStamp timeStamp = this.a;
        if (timeStamp != null) {
            return timeStamp.getTime();
        }
        throw new PkiException("call verifyInit first");
    }

    @Override // net.netca.pki.crypto.android.interfaces.TimeStampInterface
    public Certificate getTsaCert() throws PkiException {
        TimeStamp timeStamp = this.a;
        if (timeStamp != null) {
            return timeStamp.getTsaCertificate();
        }
        throw new PkiException("call verifyInit first");
    }

    @Override // net.netca.pki.crypto.android.interfaces.TimeStampInterface
    public byte[] requestTimeStampToken(String str, byte[] bArr, int i2) throws PkiException {
        String str2;
        HttpGetTimeStamp httpGetTimeStamp = new HttpGetTimeStamp();
        httpGetTimeStamp.setHttpImplement(new net.netca.pki.a.a.f.a());
        if (8192 == i2) {
            str2 = AlgorithmIdentifier.SHA1_OID;
        } else if (16384 == i2) {
            str2 = AlgorithmIdentifier.SHA256_OID;
        } else if (24576 == i2) {
            str2 = AlgorithmIdentifier.SHA512_OID;
        } else {
            if (28672 != i2) {
                throw new PkiException("unsupport algo");
            }
            str2 = AlgorithmIdentifier.SM3_OID;
        }
        httpGetTimeStamp.setHashAlgorithm(AlgorithmIdentifier.CreateAlgorithmIdentifier(str2));
        httpGetTimeStamp.setData(bArr);
        httpGetTimeStamp.getTimeStamp(str);
        byte[] timeStampToken = httpGetTimeStamp.getTimeStampToken();
        verifyInit(bArr, timeStampToken);
        return timeStampToken;
    }

    @Override // net.netca.pki.crypto.android.interfaces.TimeStampInterface
    public byte[] requestTimeStampToken(String str, byte[] bArr, String str2) throws PkiException {
        String str3;
        HttpGetTimeStamp httpGetTimeStamp = new HttpGetTimeStamp();
        httpGetTimeStamp.setHttpImplement(new net.netca.pki.a.a.f.a());
        if (IHash.SHA1.equalsIgnoreCase(str2)) {
            str3 = AlgorithmIdentifier.SHA1_OID;
        } else if ("SHA256".equalsIgnoreCase(str2)) {
            str3 = AlgorithmIdentifier.SHA256_OID;
        } else if ("SHA512".equalsIgnoreCase(str2)) {
            str3 = AlgorithmIdentifier.SHA512_OID;
        } else {
            if (!IHash.SM3.equalsIgnoreCase(str2)) {
                throw new PkiException("unsupport algo");
            }
            str3 = AlgorithmIdentifier.SM3_OID;
        }
        httpGetTimeStamp.setHashAlgorithm(AlgorithmIdentifier.CreateAlgorithmIdentifier(str3));
        httpGetTimeStamp.setData(bArr);
        httpGetTimeStamp.getTimeStamp(str);
        byte[] timeStampToken = httpGetTimeStamp.getTimeStampToken();
        verifyInit(bArr, timeStampToken);
        return timeStampToken;
    }

    @Override // net.netca.pki.crypto.android.interfaces.TimeStampInterface
    public void verifyInit(byte[] bArr, byte[] bArr2) throws PkiException {
        try {
            TimeStamp timeStamp = this.a;
            if (timeStamp != null) {
                timeStamp.free();
                this.a = null;
            }
            TimeStamp timeStamp2 = new TimeStamp(bArr2, 0, bArr2.length, (Certificate) null);
            this.a = timeStamp2;
            if (Arrays.equals(Hash.computeHash(timeStamp2.getHashAlgorithm(), bArr), this.a.getMessageImprint())) {
            } else {
                throw new PkiException("原文验证不通过");
            }
        } catch (Exception e2) {
            this.a = null;
            e2.printStackTrace();
            throw e2;
        }
    }
}
