package cn.unitid.easypki.pkcs12;

import cn.unitid.a.a.a.a.q;
import cn.unitid.a.a.a.a.q.f;
import cn.unitid.a.a.a.a.q.j;
import cn.unitid.a.a.a.a.q.k;
import cn.unitid.a.a.a.a.q.n;
import cn.unitid.a.a.a.a.r;
import cn.unitid.a.a.a.a.w;
import cn.unitid.a.a.a.b.e;
import cn.unitid.a.a.a.e.b.a.a.a;
import cn.unitid.a.a.a.g.a.i;
import cn.unitid.a.a.a.h.p;
import cn.unitid.a.a.a.i.a.b;
import cn.unitid.a.a.a.i.g;
import cn.unitid.a.a.a.i.h;
import cn.unitid.easypki.crypto.ECKeyGenerator;
import cn.unitid.easypki.provider.asymmetric.sm2.SM2BCPublicKey;
import cn.unitid.easypki.security.ec.ECDomainParametersHelper;
import cn.unitid.easypki.util.CertificateConverter;
import cn.unitid.easypki.x509.SM2X509Certificate;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyStoreException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPrivateKey;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

/* loaded from: classes2.dex */
public class SM2KeyStore {
    private i ecPointQ;
    private ECPrivateKey privateKey;
    private Map<i, X509Certificate> certificateMap = new HashMap();
    private List<X509Certificate> certificateList = new ArrayList();

    private void parseCertificate(f fVar, p pVar) throws cn.unitid.a.a.a.i.i, IOException, CertificateException {
        for (cn.unitid.a.a.a.i.f fVar2 : new g(fVar, pVar).a()) {
            if (fVar2.a().b(j.bA)) {
                X509Certificate fromBinary = CertificateConverter.fromBinary(((e) fVar2.b()).getEncoded());
                this.certificateMap.put(((SM2BCPublicKey) ((SM2X509Certificate) fromBinary).getPublicKey()).getQ(), fromBinary);
                this.certificateList.add(fromBinary);
            }
        }
    }

    private ECPrivateKey parsePrivateKey(f fVar, p pVar) throws cn.unitid.a.a.a.i.i, IOException, InvalidKeyException {
        a generate = ECKeyGenerator.generate(w.a(new h(cn.unitid.a.a.a.a.q.g.a(n.a(w.a(((r) fVar.b()).e()).a(0)).b())).a(pVar).getEncoded()));
        this.ecPointQ = ECDomainParametersHelper.getECPointG().a(generate.b());
        return generate;
    }

    public List<X509Certificate> getCertificateList() {
        return this.certificateList;
    }

    public ECPrivateKey getPrivateKey() {
        return this.privateKey;
    }

    public X509Certificate getX509Certificate() {
        return this.certificateMap.get(this.ecPointQ);
    }

    public void loadKeyStore(byte[] bArr, char[] cArr) throws KeyStoreException {
        cn.unitid.a.a.a.i.e eVar = new cn.unitid.a.a.a.i.e(k.a(bArr));
        try {
            if (!eVar.a(new cn.unitid.a.a.a.i.a.a(cn.unitid.a.a.a.h.a.a.a), cArr)) {
                throw new Exception("invalid password!");
            }
            f[] a = eVar.a();
            p a2 = new b().a(cArr);
            for (f fVar : a) {
                q a3 = fVar.a();
                if (a3.b(j.V)) {
                    parseCertificate(fVar, a2);
                } else if (a3.b(j.Q)) {
                    this.privateKey = parsePrivateKey(fVar, a2);
                }
            }
        } catch (Exception e) {
            throw new KeyStoreException("fail to load key store, cause:" + e.getMessage());
        }
    }
}
