package cn.esa.topesa;

import android.support.annotation.Keep;
import com.cfca.mobile.ulantoolkit.common.Constants;
import java.io.ByteArrayInputStream;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.LinkedList;
import java.util.List;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;

@Keep
/* loaded from: classes.dex */
public final class CertStore {
    private String certStoreName;
    private static f licMgr = f.a();
    private static d keyMgr = d.a();

    private CertStore(String str) {
        this.certStoreName = null;
        this.certStoreName = str;
    }

    public static CertStore byCert(Certificate certificate) throws CertApiException {
        String serialNumber = certificate.serialNumber();
        for (String str : listStore()) {
            for (java.security.cert.Certificate certificate2 : keyMgr.a(str)) {
                try {
                    if (new Certificate(certificate2.getEncoded()).serialNumber().equalsIgnoreCase(serialNumber)) {
                        return new CertStore(str);
                    }
                } catch (CertificateEncodingException e) {
                    throw new CertApiException(TCAErrCode.ERR_ENCODECERT, e);
                }
            }
        }
        throw new CertApiException(TCAErrCode.ERR_NOTFIND_CERTSTORE);
    }

    public static CertStore byName(String str) throws CertApiException {
        for (String str2 : listStore()) {
            if (str2.equalsIgnoreCase(str)) {
                return new CertStore(str);
            }
        }
        throw new CertApiException(TCAErrCode.ERR_NOTFIND_CERTSTORE);
    }

    private static byte[] decryptEncKey(String str, Certificate certificate) throws CertApiException {
        String str2 = "";
        String str3 = "";
        String str4 = str3;
        String str5 = str4;
        for (String str6 : str.split("&")) {
            String substring = str6.substring(str6.indexOf("=") + 1, str6.length());
            if (str6.indexOf("encPrivateKeyUser=") == 0) {
                str5 = substring;
            } else if (str6.indexOf("userSeal=") == 0) {
                str2 = substring;
            } else if (str6.indexOf("userCipher") == 0) {
                str3 = substring;
            } else if (str6.indexOf("userIV") == 0) {
                str4 = substring;
            }
        }
        try {
            return cn.b.d.a.a(str3.toUpperCase().equals(TCA.AES) ? cn.b.a.a.a.b.c.e : str3.toUpperCase().equals(TCA.DES) ? cn.b.a.a.a.b.c.a : str3.toUpperCase().equals("DESEDE") ? cn.b.a.a.a.b.c.a : cn.b.a.a.a.b.c.v, certificate.decryptRaw(n.c(str2)), n.c(str4)).a().a(n.c(str5));
        } catch (BadPaddingException e) {
            throw new CertApiException(TCAErrCode.ERR_BAD_PADDING, e);
        } catch (IllegalBlockSizeException e2) {
            throw new CertApiException(TCAErrCode.ERR_ILLEGAL_BLOCK, e2);
        }
    }

    private static List<Certificate> doListCerts(String str) throws CertApiException {
        LinkedList linkedList = new LinkedList();
        for (java.security.cert.Certificate certificate : keyMgr.a(str)) {
            try {
                if (licMgr.a(certificate)) {
                    linkedList.add(new Certificate(certificate.getEncoded()));
                }
            } catch (CertificateEncodingException e) {
                throw new CertApiException(TCAErrCode.ERR_ENCODECERT, e);
            }
        }
        return linkedList;
    }

    public static String getCertificateByKeyId(int i) throws CertApiException, CertificateEncodingException {
        String[] listStore = listStore();
        int length = listStore.length;
        Certificate certificate = null;
        int i2 = 0;
        while (i2 < length) {
            String str = listStore[i2];
            i2++;
            certificate = new Certificate(keyMgr.a(str, i).getEncoded());
        }
        return certificate.toBase64();
    }

    public static int getKeyIDByPairsID() throws CertApiException {
        int i = -1;
        for (String str : listStore()) {
            i = keyMgr.b(str);
        }
        return i;
    }

    public static int getKeyIdByCertificate(Certificate certificate) throws CertApiException {
        int i = -1;
        for (String str : listStore()) {
            i = keyMgr.a(str, n.a(certificate.toBase64()));
        }
        return i;
    }

    public static Certificate installCert(Certificate certificate) throws CertApiException {
        if (keyMgr.a((java.security.cert.Certificate) n.a(certificate.toBase64()), true)) {
            return certificate;
        }
        return null;
    }

    public static Certificate installCert(Certificate certificate, Certificate certificate2, String str) throws CertApiException {
        X509Certificate a = n.a(certificate.toBase64());
        X509Certificate a2 = n.a(certificate2.toBase64());
        String str2 = "";
        String str3 = "";
        String str4 = str3;
        String str5 = str4;
        for (String str6 : str.split("&")) {
            String substring = str6.substring(str6.indexOf("=") + 1, str6.length());
            if (str6.indexOf("encPrivateKeyUser=") == 0) {
                str5 = substring;
            } else if (str6.indexOf("userSeal=") == 0) {
                str2 = substring;
            } else if (str6.indexOf("userCipher") == 0) {
                str3 = substring;
            } else if (str6.indexOf("userIV") == 0) {
                str4 = substring;
            }
        }
        if (keyMgr.a(a, a2, str3, n.c(str2), n.c(str4), certificate.publicKeyAlg(), n.c(str5)) != null) {
            return certificate2;
        }
        return null;
    }

    public static CertSet listAllCerts() throws CertApiException {
        ArrayList arrayList = new ArrayList();
        for (String str : listStore()) {
            arrayList.addAll(doListCerts(str));
        }
        return new CertSet((Certificate[]) arrayList.toArray(new Certificate[arrayList.size()]));
    }

    public static String[] listStore() {
        return keyMgr.b();
    }

    public Csr genCsr(Certificate certificate) throws CertApiException {
        try {
            return new Csr(keyMgr.b(this.certStoreName, CertificateFactory.getInstance(Constants.X509).generateCertificate(new ByteArrayInputStream(n.c(certificate.toBase64())))));
        } catch (CertificateException e) {
            throw new CertApiException(TCAErrCode.ERR_CONV_CERT, e);
        }
    }

    public Csr genCsr(String str) throws CertApiException {
        return genCsr("SM2", "CN=topca", str);
    }

    public Csr genCsr(String str, String str2) throws CertApiException {
        return genCsr(str, "CN=topca", str2);
    }

    public Csr genCsr(String str, String str2, String str3) throws CertApiException {
        String str4;
        int i;
        if (!str.equalsIgnoreCase("SM2")) {
            if (str.equalsIgnoreCase("RSA1024")) {
                str4 = "SHA1";
                i = 1024;
            } else if (str.equalsIgnoreCase("RSA2048")) {
                str4 = "SHA1";
                i = 2048;
            }
            return new Csr(keyMgr.a(this.certStoreName, str2, str, i, str4, str3));
        }
        str4 = "SM3";
        i = 256;
        return new Csr(keyMgr.a(this.certStoreName, str2, str, i, str4, str3));
    }

    public String getCertStoreName() {
        return this.certStoreName;
    }

    public CertSet listCerts() throws CertApiException {
        List<Certificate> doListCerts = doListCerts(this.certStoreName);
        return new CertSet((Certificate[]) doListCerts.toArray(new Certificate[doListCerts.size()]));
    }
}
