package com.hebca.crypto.imp.sansec;

import android.content.Context;
import android.util.Log;
import com.alibaba.fastjson.asm.Opcodes;
import com.hebca.crypto.AsymCrypter;
import com.hebca.crypto.Cert;
import com.hebca.crypto.Container;
import com.hebca.crypto.Signer;
import com.hebca.crypto.SymCrypter;
import com.hebca.crypto.exception.AsymCryptException;
import com.hebca.crypto.exception.CertException;
import com.hebca.crypto.exception.ConnectionException;
import com.hebca.crypto.exception.ContainerException;
import com.hebca.crypto.exception.DeviceException;
import com.hebca.crypto.exception.DeviceOpenException;
import com.hebca.crypto.exception.ImportKeyPairException;
import com.hebca.crypto.exception.LoginException;
import com.hebca.crypto.exception.NoCertExistException;
import com.hebca.crypto.exception.SignException;
import com.hebca.crypto.exception.SymCryptException;
import com.hebca.crypto.imp.CertImp;
import com.hebca.crypto.imp.ContainerBase;
import com.hebca.crypto.util.Result;
import com.hebca.ext.crypto.sm2.SM2KeyPairGenerator;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import org2.bouncycastle.asn1.ASN1EncodableVector;
import org2.bouncycastle.asn1.ASN1OctetString;
import org2.bouncycastle.asn1.ASN1Sequence;
import org2.bouncycastle.asn1.DERInteger;
import org2.bouncycastle.asn1.DEROctetString;
import org2.bouncycastle.asn1.DERSequence;
import org2.bouncycastle.jce.provider.BouncyCastleProvider;
import org2.bouncycastle.util.encoders.Base64;
import sansec.saas.mobileshield.sdk.postinfo.bean.CertInfoDataBean;

/* loaded from: classes.dex */
public class ContainerSanSec extends ContainerBase {
    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
    private String cryptAlias;
    private X509Certificate cryptCert;
    private KeyStore.PrivateKeyEntry cryptEntry;
    private int cryptKeyLen;
    private KeyPair cryptKeyPair;
    private byte[] cryptPubKey;
    private Context mContext;
    private byte[] privateKey;
    private String signAlias;
    private X509Certificate signCert;
    private KeyStore.PrivateKeyEntry signEntry;
    private int signKeyLen;
    private KeyPair signKeyPair;
    private byte[] signPubKey;
    private byte[] sm2CryptPubKey;
    private byte[] sm2SignPubKey;
    private String type;

    public ContainerSanSec(DeviceSanSec deviceSanSec, String str, Context context) {
        super(deviceSanSec);
        this.sm2SignPubKey = null;
        this.sm2CryptPubKey = null;
        this.type = str;
        this.mContext = context;
    }

    private byte[] decryptWappedSymKey(byte[] bArr) throws AsymCryptException {
        new boolean[1][0] = false;
        new byte[1][0] = null;
        try {
            byte[] bArr2 = new byte[64];
            byte[] bArr3 = new byte[64];
            byte[] bArr4 = new byte[32];
            byte[] bArr5 = new byte[16];
            System.arraycopy(bArr, 0, bArr2, 0, 64);
            System.arraycopy(bArr, 64, bArr3, 0, 64);
            System.arraycopy(bArr, 128, bArr4, 0, 32);
            System.arraycopy(bArr, Opcodes.IF_ICMPLE, bArr5, 0, 16);
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(new DERInteger(bArr2));
            aSN1EncodableVector.add(new DERInteger(bArr3));
            aSN1EncodableVector.add(new DEROctetString(bArr4));
            aSN1EncodableVector.add(new DEROctetString(bArr5));
            Result decrypt = ((DeviceSanSec) getDevice()).getManager().decrypt(((DeviceSanSec) getDevice()).getUsername(), getPlainEncrypt(new DERSequence(aSN1EncodableVector).getDEREncoded()));
            Log.e("test......", "" + decrypt.getMsg());
            if (decrypt.getCode().equals(SanSecSynManager.success)) {
                return (byte[]) decrypt.getMsg();
            }
            AsymCryptException asymCryptException = new AsymCryptException();
            asymCryptException.setDetailMessage(decrypt.getMsg().toString());
            throw asymCryptException;
        } catch (Exception unused) {
            throw new AsymCryptException();
        }
    }

    private void getCryptPrivate(String str) throws ImportKeyPairException, LoginException, ConnectionException, SymCryptException, AsymCryptException, NoCertExistException, InterruptedException {
        byte[] decode = Base64.decode(str);
        byte[] bArr = new byte[Opcodes.IINC];
        byte[] bArr2 = new byte[68];
        if (decode.length != 388) {
            if (decode.length == 200) {
                System.arraycopy(decode, 0, bArr, 0, Opcodes.IINC);
                System.arraycopy(decode, Opcodes.IINC, bArr2, 0, 68);
                importKeyPair(bArr2, bArr);
                return;
            }
            return;
        }
        byte[] bArr3 = new byte[4];
        byte[] bArr4 = new byte[64];
        byte[] bArr5 = new byte[180];
        System.arraycopy(decode, 4, bArr3, 0, 4);
        System.arraycopy(decode, 12, bArr4, 0, 64);
        System.arraycopy(decode, 76, bArr, 0, Opcodes.IINC);
        System.arraycopy(decode, 208, bArr5, 0, 180);
        if (bArr3[0] == 1 && bArr3[1] == 4 && bArr3[2] == 0 && bArr3[3] == 0) {
            importWappedKeyPair(SymCrypter.SMS4_ECB_NoPadding, bArr5, bArr4, bArr);
        }
    }

    private byte[] getPlainEncrypt(byte[] bArr) {
        int keyLen = getKeyLen(true) / 8;
        ASN1Sequence aSN1Sequence = ASN1Sequence.getInstance(bArr);
        DERInteger dERInteger = DERInteger.getInstance(aSN1Sequence.getObjectAt(0));
        DERInteger dERInteger2 = DERInteger.getInstance(aSN1Sequence.getObjectAt(1));
        ASN1OctetString dEROctetString = DEROctetString.getInstance(aSN1Sequence.getObjectAt(2));
        ASN1OctetString dEROctetString2 = DEROctetString.getInstance(aSN1Sequence.getObjectAt(3));
        byte[] bArr2 = new byte[dEROctetString2.getOctets().length + 96];
        byte[] byteArray = dERInteger.getValue().toByteArray();
        System.arraycopy(byteArray, byteArray.length - keyLen, bArr2, 32 - keyLen, 32);
        byte[] byteArray2 = dERInteger2.getValue().toByteArray();
        System.arraycopy(byteArray2, byteArray2.length - keyLen, bArr2, 64 - keyLen, 32);
        System.arraycopy(dEROctetString.getOctets(), 0, bArr2, 64, 32);
        byte[] octets = dEROctetString2.getOctets();
        System.arraycopy(octets, 0, bArr2, 96, octets.length);
        return bArr2;
    }

    @Override // com.hebca.crypto.imp.ContainerBase, com.hebca.crypto.Container
    public AsymCrypter createAsymCrypter(boolean z) throws AsymCryptException, LoginException, DeviceException, NoCertExistException, InterruptedException, CertException {
        try {
            if (!getDevice().isOpened()) {
                getDevice().open();
            }
            if (isPubDev(this.mContext)) {
                getDevice().login(getDevice().getCryptPwd());
            } else if (!z) {
                getDevice().logout();
                login();
            }
            try {
                getCryptPrivate(((CertInfoDataBean) ((DeviceSanSec) getDevice()).getManager().getCert(((DeviceSanSec) getDevice()).getUsername()).getMsg()).info.encPrivate);
            } catch (ImportKeyPairException e) {
                e.printStackTrace();
            } catch (SymCryptException e2) {
                e2.printStackTrace();
            }
            try {
                return new AsymCrypterSanSec(this, "SM2", z, this.mContext);
            } catch (Exception e3) {
                throw new AsymCryptException(e3);
            }
        } catch (Exception e4) {
            throw new ConnectionException(e4);
        }
    }

    @Override // com.hebca.crypto.Container
    public AsymCrypter createAsymCrypter(boolean z, Context context) throws AsymCryptException, LoginException, DeviceException, InterruptedException, NoCertExistException, CertException {
        try {
            if (!getDevice().isOpened()) {
                getDevice().open();
            }
            if (isPubDev(this.mContext)) {
                getDevice().login(getDevice().getCryptPwd());
            } else if (!z) {
                getDevice().logout();
                login(context);
            }
            try {
                getCryptPrivate(((CertInfoDataBean) ((DeviceSanSec) getDevice()).getManager().getCert(((DeviceSanSec) getDevice()).getUsername()).getMsg()).info.encPrivate);
            } catch (ImportKeyPairException e) {
                e.printStackTrace();
            } catch (SymCryptException e2) {
                e2.printStackTrace();
            }
            try {
                return new AsymCrypterSanSec(this, "SM2", z, this.mContext);
            } catch (Exception e3) {
                throw new AsymCryptException(e3);
            }
        } catch (Exception e4) {
            throw new ConnectionException(e4);
        }
    }

    @Override // com.hebca.crypto.Container
    public AsymCrypter createAsymCrypter(boolean z, ContainerBase.LoginResultListener loginResultListener) throws AsymCryptException, LoginException, DeviceException, InterruptedException, NoCertExistException, CertException {
        try {
            if (!getDevice().isOpened()) {
                getDevice().open();
            }
            if (!z) {
                getDevice().logout();
                login(loginResultListener);
            }
            try {
                getCryptPrivate(((CertInfoDataBean) ((DeviceSanSec) getDevice()).getManager().getCert(((DeviceSanSec) getDevice()).getUsername()).getMsg()).info.encPrivate);
            } catch (ImportKeyPairException e) {
                e.printStackTrace();
            } catch (SymCryptException e2) {
                e2.printStackTrace();
            }
            try {
                return new AsymCrypterSanSec(this, "SM2", z, this.mContext);
            } catch (Exception e3) {
                throw new AsymCryptException(e3);
            }
        } catch (Exception e4) {
            throw new ConnectionException(e4);
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    @Override // com.hebca.crypto.imp.ContainerBase, com.hebca.crypto.Container
    public Signer createSigner(String str) throws SignException, DeviceException, LoginException, InterruptedException, NoCertExistException, CertException {
        login();
        try {
            if (!getDevice().isOpened()) {
                getDevice().open();
            }
            if (isPubDev(this.mContext)) {
                if (getDevice().isLogined()) {
                    try {
                        return new SignerSanSec(this, str, this.type, this.mContext);
                    } catch (Exception e) {
                        throw new SignException(e);
                    }
                }
                LoginException loginException = new LoginException();
                loginException.setDetailMessage("证书登录错误");
                throw loginException;
            }
            if (!getDevice().isBiometricSettingEnable(this.mContext)) {
                if (getDevice().isLogined()) {
                    try {
                        return new SignerSanSec(this, str, this.type, this.mContext);
                    } catch (Exception e2) {
                        throw new SignException(e2);
                    }
                }
                LoginException loginException2 = new LoginException();
                loginException2.setDetailMessage("证书登录错误");
                throw loginException2;
            }
            do {
            } while (!DeviceSanSec.threadstatus);
            if (getDevice().isLogined()) {
                try {
                    return new SignerSanSec(this, str, this.type, this.mContext);
                } catch (Exception e3) {
                    throw new SignException(e3);
                }
            }
            LoginException loginException3 = new LoginException();
            loginException3.setDetailMessage("证书登录错误");
            throw loginException3;
        } catch (DeviceOpenException e4) {
            e4.printStackTrace();
            throw new SignException(e4);
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    @Override // com.hebca.crypto.Container
    public Signer createSigner(String str, Context context) throws SignException, DeviceException, LoginException, InterruptedException, NoCertExistException, CertException {
        login(context);
        try {
            if (!getDevice().isOpened()) {
                getDevice().open();
            }
            if (isPubDev(this.mContext)) {
                if (getDevice().isLogined()) {
                    try {
                        return new SignerSanSec(this, str, this.type, this.mContext);
                    } catch (Exception e) {
                        throw new SignException(e);
                    }
                }
                LoginException loginException = new LoginException();
                loginException.setDetailMessage("证书登录错误");
                throw loginException;
            }
            if (!getDevice().isBiometricSettingEnable(this.mContext)) {
                if (getDevice().isLogined()) {
                    try {
                        return new SignerSanSec(this, str, this.type, this.mContext);
                    } catch (Exception e2) {
                        throw new SignException(e2);
                    }
                }
                LoginException loginException2 = new LoginException();
                loginException2.setDetailMessage("证书登录错误");
                throw loginException2;
            }
            do {
            } while (!DeviceSanSec.threadstatus);
            if (getDevice().isLogined()) {
                try {
                    return new SignerSanSec(this, str, this.type, this.mContext);
                } catch (Exception e3) {
                    throw new SignException(e3);
                }
            }
            LoginException loginException3 = new LoginException();
            loginException3.setDetailMessage("证书登录错误");
            throw loginException3;
        } catch (DeviceOpenException e4) {
            e4.printStackTrace();
            throw new SignException(e4);
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    @Override // com.hebca.crypto.Container
    public Signer createSigner(String str, ContainerBase.LoginResultListener loginResultListener) throws SignException, LoginException, DeviceException, InterruptedException, NoCertExistException, CertException {
        login(loginResultListener);
        try {
            if (!getDevice().isOpened()) {
                getDevice().open();
            }
            if (!getDevice().isBiometricSettingEnable(this.mContext)) {
                if (getDevice().isLogined()) {
                    try {
                        return new SignerSanSec(this, str, this.type, this.mContext);
                    } catch (Exception e) {
                        throw new SignException(e);
                    }
                }
                LoginException loginException = new LoginException();
                loginException.setDetailMessage("证书登录错误");
                throw loginException;
            }
            do {
            } while (!DeviceSanSec.threadstatus);
            if (getDevice().isLogined()) {
                try {
                    return new SignerSanSec(this, str, this.type, this.mContext);
                } catch (Exception e2) {
                    throw new SignException(e2);
                }
            }
            LoginException loginException2 = new LoginException();
            loginException2.setDetailMessage("证书登录错误");
            throw loginException2;
        } catch (DeviceOpenException e3) {
            e3.printStackTrace();
            throw new SignException(e3);
        }
    }

    @Override // com.hebca.crypto.imp.ContainerBase, com.hebca.crypto.Container
    public void generateKeyPair(int i) throws LoginException, ConnectionException {
        DeviceSanSec deviceSanSec = (DeviceSanSec) getDevice();
        if (!deviceSanSec.isLogined()) {
            deviceSanSec.login();
        }
        if (i != 1024 && i != 2048) {
            Result pubKey = deviceSanSec.getManager().getPubKey(deviceSanSec.getUsername(), i);
            if (pubKey.getCode().equals(SanSecSynManager.success)) {
                setSignPubKey(pubKey.getMsg().toString());
                deviceSanSec.getManager().setPubKey(pubKey.getMsg().toString());
                return;
            } else {
                LoginException loginException = new LoginException();
                loginException.setDetailMessage(pubKey.getMsg().toString());
                throw loginException;
            }
        }
        Result csr = deviceSanSec.getManager().getCSR(deviceSanSec.getUsername(), i);
        if (csr.getCode().equals(SanSecSynManager.success)) {
            setSignPubKey(csr.getMsg().toString());
            deviceSanSec.getManager().setPubKey(csr.getMsg().toString());
            return;
        }
        SanSecSynManager.showToast(this.mContext, "" + csr.getMsg().toString());
    }

    @Override // com.hebca.crypto.imp.ContainerBase, com.hebca.crypto.Container
    public Cert getCert(boolean z) throws NoCertExistException {
        if (z) {
            X509Certificate x509Certificate = this.signCert;
            if (x509Certificate != null) {
                return new CertImp(this, x509Certificate);
            }
            throw new NoCertExistException();
        }
        X509Certificate x509Certificate2 = this.cryptCert;
        if (x509Certificate2 != null) {
            return new CertImp(this, x509Certificate2);
        }
        throw new NoCertExistException();
    }

    public X509Certificate getCryptX509Cert() {
        return this.cryptCert;
    }

    public int getKeyLen(boolean z) {
        return z ? this.signKeyLen : this.cryptKeyLen;
    }

    public byte[] getPrivateKey() {
        return this.privateKey;
    }

    @Override // com.hebca.crypto.imp.ContainerBase, com.hebca.crypto.Container
    public byte[] getPubKey(boolean z) throws ContainerException {
        if (z) {
            byte[] bArr = this.signPubKey;
            if (bArr != null) {
                return bArr;
            }
            ContainerException containerException = new ContainerException();
            containerException.setDetailMessage("公钥不存在");
            throw containerException;
        }
        byte[] bArr2 = this.cryptPubKey;
        if (bArr2 != null) {
            return bArr2;
        }
        ContainerException containerException2 = new ContainerException();
        containerException2.setDetailMessage("公钥不存在");
        throw containerException2;
    }

    public byte[] getSM2CryptPubKey() {
        return this.sm2CryptPubKey;
    }

    public byte[] getSM2SignPubKey() {
        return this.sm2SignPubKey;
    }

    public byte[] getSignPubKey() {
        return this.signPubKey;
    }

    public X509Certificate getSignX509Cert() {
        return this.signCert;
    }

    @Override // com.hebca.crypto.imp.ContainerBase, com.hebca.crypto.Container
    public String getType() {
        return this.type;
    }

    public byte[] getcryptPubKey() {
        return this.cryptPubKey;
    }

    @Override // com.hebca.crypto.imp.ContainerBase, com.hebca.crypto.Container
    public void importKeyPair(byte[] bArr, byte[] bArr2) throws ImportKeyPairException {
        try {
            if (getType().equals(Container.TYPE_RSA)) {
                KeyFactory keyFactory = KeyFactory.getInstance(Container.TYPE_RSA, BC);
                this.cryptKeyPair = new KeyPair(keyFactory.generatePublic(new X509EncodedKeySpec(bArr2)), keyFactory.generatePrivate(new PKCS8EncodedKeySpec(bArr)));
                return;
            }
            SM2KeyPairGenerator.GetParameterSpec();
            byte[] bArr3 = new byte[64];
            byte[] bArr4 = new byte[64];
            System.arraycopy(bArr2, 4, bArr3, 0, 64);
            System.arraycopy(bArr2, 68, bArr4, 0, 64);
            byte[] bArr5 = new byte[64];
            System.arraycopy(bArr, 0, bArr5, 0, 64);
            KeyFactory keyFactory2 = KeyFactory.getInstance("EC", BC);
            this.cryptKeyPair = new KeyPair(keyFactory2.generatePublic(SM2KeyPairGenerator.CreatePublicKeySpec(new BigInteger(bArr3), new BigInteger(bArr4))), keyFactory2.generatePrivate(SM2KeyPairGenerator.CreatePrivateKeySpec(new BigInteger(bArr5))));
        } catch (Exception unused) {
            throw new ImportKeyPairException();
        }
    }

    @Override // com.hebca.crypto.imp.ContainerBase, com.hebca.crypto.Container
    public void importWappedKeyPair(String str, byte[] bArr, byte[] bArr2, byte[] bArr3) throws ImportKeyPairException, AsymCryptException, LoginException, ConnectionException, NoCertExistException, InterruptedException {
        byte[] decryptWappedSymKey = decryptWappedSymKey(bArr);
        byte[] bArr4 = new byte[32];
        byte[] bArr5 = new byte[32];
        System.arraycopy(bArr2, 32, bArr4, 0, 32);
        Result SM4SymDecrypt = ((DeviceSanSec) getDevice()).getManager().SM4SymDecrypt(bArr4, decryptWappedSymKey);
        if (SM4SymDecrypt.getCode().equals(SanSecSynManager.success)) {
            setPrivateKey((byte[]) SM4SymDecrypt.getMsg());
        } else {
            SanSecSynManager.showToast(this.mContext, SM4SymDecrypt.getMsg().toString());
        }
    }

    @Override // com.hebca.crypto.imp.ContainerBase, com.hebca.crypto.Container
    public void setCert(boolean z, Cert cert) {
        if (z) {
            this.signCert = cert.getX509Certificate();
        } else {
            this.cryptCert = cert.getX509Certificate();
        }
    }

    public void setCryptX509Cert(X509Certificate x509Certificate) {
        this.cryptCert = x509Certificate;
    }

    public void setKeyLen(boolean z, int i) {
        if (z) {
            this.signKeyLen = i;
        } else {
            this.cryptKeyLen = i;
        }
    }

    public void setPrivateKey(byte[] bArr) {
        this.privateKey = bArr;
    }

    public void setSM2CryptPubKey(byte[] bArr) {
        this.sm2CryptPubKey = new byte[bArr.length];
        System.arraycopy(bArr, 0, this.sm2CryptPubKey, 0, bArr.length);
    }

    public void setSM2SignPubKey(byte[] bArr) {
        this.sm2SignPubKey = new byte[bArr.length];
        System.arraycopy(bArr, 0, this.sm2SignPubKey, 0, bArr.length);
    }

    public void setSignPubKey(String str) {
        this.signPubKey = Base64.decode(str);
    }

    public void setSignX509Cert(X509Certificate x509Certificate) {
        this.signCert = x509Certificate;
    }

    public void setcryptPubKey(byte[] bArr) {
    }

    @Override // com.hebca.crypto.imp.ContainerBase, com.hebca.crypto.Container
    public String[] supportSignAlgs() {
        String str = this.type;
        return str == "SM2" ? new String[]{"SM3WithSM2"} : str == Container.TYPE_RSA ? new String[]{"SHA1WithRSA"} : new String[0];
    }
}
