package net.netca.pki.crypto.android.k.a;

import android.content.Context;
import android.text.TextUtils;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import net.netca.pki.Certificate;
import net.netca.pki.crypto.android.b.h;
import net.netca.pki.crypto.android.exceptions.CertRevokedException;
import net.netca.pki.crypto.android.exceptions.UserCancelException;
import net.netca.pki.crypto.android.l.l;
import net.netca.pki.u;

/* loaded from: classes.dex */
public class b implements net.netca.pki.crypto.android.k.b {
    private Certificate a(List<Certificate> list, Context context) {
        if (list.isEmpty()) {
            return null;
        }
        if (list.size() == 1) {
            return list.get(0);
        }
        Certificate a2 = new l(context, list).a();
        if (a2 != null) {
            return a2;
        }
        throw new UserCancelException("用户取消");
    }

    private ArrayList<Certificate> b(String str) {
        Certificate certificate;
        ArrayList<Certificate> arrayList = new ArrayList<>();
        ArrayList<net.netca.pki.crypto.android.b.h> e = e();
        for (int i = 0; i < e.size(); i++) {
            net.netca.pki.crypto.android.b.h hVar = e.get(i);
            if (!hVar.f()) {
                if (str == null || str.equalsIgnoreCase("BothEncSign")) {
                    certificate = new Certificate(hVar.a());
                } else if (str.equalsIgnoreCase("Signature")) {
                    if (hVar.g() == h.a.Signature || hVar.g() == h.a.Both) {
                        certificate = new Certificate(hVar.a());
                    }
                } else if (str.equalsIgnoreCase("Encrypt") && (hVar.g() == h.a.Encrypt || hVar.g() == h.a.Both)) {
                    certificate = new Certificate(hVar.a());
                }
                arrayList.add(certificate);
            }
        }
        return arrayList;
    }

    private ArrayList<net.netca.pki.crypto.android.b.h> e() {
        ArrayList<net.netca.pki.crypto.android.b.h> arrayList = new ArrayList<>();
        for (net.netca.pki.crypto.android.b.d dVar : net.netca.pki.crypto.android.b.b.a().c()) {
            if (dVar != null) {
                try {
                    List<Certificate> certs = dVar.getCerts();
                    Iterator<Certificate> it = certs.iterator();
                    while (it.hasNext()) {
                        arrayList.add(new net.netca.pki.crypto.android.b.h(it.next()));
                    }
                    net.netca.pki.crypto.android.l.i.a(certs);
                } catch (Exception e) {
                    net.netca.pki.crypto.android.l.c.a("CertImpl", e.getMessage());
                    e.printStackTrace();
                }
            }
        }
        return arrayList;
    }

    @Override // net.netca.pki.crypto.android.k.b
    public List<Certificate> a() {
        return b("Signature");
    }

    @Override // net.netca.pki.crypto.android.k.b
    public Certificate a(String str) {
        return new Certificate(str);
    }

    @Override // net.netca.pki.crypto.android.k.b
    public boolean a(Certificate certificate) {
        return certificate.match("Algorithm='SM2'");
    }

    @Override // net.netca.pki.crypto.android.k.b
    public byte[] a(Certificate certificate, String str) {
        if (TextUtils.isEmpty(str)) {
            str = certificate.getAttribute(58);
        }
        byte[] b2 = net.netca.pki.crypto.android.l.d.b(str, certificate);
        switch (net.netca.pki.crypto.android.l.d.a(b2)) {
            case -2:
                throw new CertRevokedException("CA证书已吊销");
            case -1:
                throw new u("证书状态未知");
            case 0:
                throw new CertRevokedException("证书已吊销");
            default:
                return b2;
        }
    }

    @Override // net.netca.pki.crypto.android.k.b
    public synchronized Certificate b() {
        return a(b("Signature"), net.netca.pki.crypto.android.f.a.a().d());
    }

    @Override // net.netca.pki.crypto.android.k.b
    public net.netca.pki.crypto.android.e.a b(Certificate certificate) {
        return new net.netca.pki.crypto.android.e.a(certificate);
    }

    @Override // net.netca.pki.crypto.android.k.b
    public byte[] b(Certificate certificate, String str) {
        if (TextUtils.isEmpty(str)) {
            str = certificate.getAttribute(56);
        }
        byte[] a2 = net.netca.pki.crypto.android.l.d.a(str, certificate);
        switch (certificate.verifyWithCrl(a2)) {
            case -2:
                throw new CertRevokedException("CA证书已吊销");
            case -1:
                throw new u("证书状态未知");
            case 0:
                throw new CertRevokedException("证书已吊销");
            default:
                return a2;
        }
    }

    @Override // net.netca.pki.crypto.android.k.b
    public List<Certificate> c() {
        return b("Encrypt");
    }

    @Override // net.netca.pki.crypto.android.k.b
    public synchronized Certificate d() {
        return a(b("Encrypt"), net.netca.pki.crypto.android.f.a.a().d());
    }
}
