package com.jrsys.mpki;

import android.content.Context;
import com.jrsys.bouncycastle.crypto.InvalidCipherTextException;
import com.jrsys.bouncycastle.crypto.engines.RSAEngine;
import com.jrsys.bouncycastle.crypto.params.RSAKeyParameters;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.Signature;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.TreeMap;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: classes2.dex */
public class MCryptoPFXImpl implements MCrypto {
    static String a = "RSA";
    static int b = 64;
    static int c = 128;
    static int d = 256;
    static String e = "PKCS12";
    static String i = "BC";
    String j;
    String k;
    Context o;
    File f = null;
    File g = null;
    String h = null;
    boolean l = false;
    KeyPair m = null;
    X509Certificate n = null;

    static {
        Security.addProvider(new BouncyCastleProvider());
    }

    public MCryptoPFXImpl(Context context, String str) {
        this.o = context;
        this.j = str;
    }

    public MCryptoPFXImpl(Context context, String str, String str2) {
        this.o = context;
        this.j = str;
        this.k = str2;
    }

    private void a() {
        X509Certificate x509Certificate;
        String str;
        X509Certificate x509Certificate2;
        X509Certificate x509Certificate3;
        String str2;
        String bigInteger;
        TreeMap treeMap = new TreeMap();
        TreeMap treeMap2 = new TreeMap();
        if (this.l) {
            x509Certificate = (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(new FileInputStream(this.k));
            str = ((RSAPublicKey) x509Certificate.getPublicKey()).getModulus().toString(16);
            this.n = x509Certificate;
            treeMap2.put(new Long(x509Certificate.getNotBefore().getTime()), x509Certificate);
        } else {
            x509Certificate = null;
            str = null;
        }
        KeyStore keyStore = KeyStore.getInstance(e, i);
        keyStore.load(new FileInputStream(this.f), this.h.toCharArray());
        Enumeration<String> aliases = keyStore.aliases();
        X509Certificate x509Certificate4 = x509Certificate;
        String str3 = str;
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            try {
                if (keyStore.getKey(nextElement, this.h.toCharArray()) instanceof PrivateKey) {
                    RSAPrivateKey rSAPrivateKey = (RSAPrivateKey) keyStore.getKey(nextElement, this.h.toCharArray());
                    String bigInteger2 = rSAPrivateKey.getModulus().toString(16);
                    if (this.l) {
                        x509Certificate3 = x509Certificate4;
                        str2 = str3;
                    } else {
                        try {
                            x509Certificate2 = (X509Certificate) keyStore.getCertificate(nextElement);
                            if (x509Certificate2 != null) {
                                try {
                                    bigInteger = ((RSAPublicKey) x509Certificate2.getPublicKey()).getModulus().toString(16);
                                } catch (Exception e2) {
                                    x509Certificate3 = x509Certificate2;
                                    str2 = str3;
                                    if (str2 != null) {
                                        treeMap.put(new Long(x509Certificate3.getNotBefore().getTime()), new KeyPair(x509Certificate3.getPublicKey(), rSAPrivateKey));
                                        treeMap2.put(new Long(x509Certificate3.getNotBefore().getTime()), x509Certificate3);
                                        str2 = null;
                                    }
                                    x509Certificate4 = x509Certificate3;
                                    str3 = str2;
                                }
                            } else {
                                bigInteger = null;
                            }
                            str2 = bigInteger;
                            x509Certificate3 = x509Certificate2;
                        } catch (Exception e3) {
                            x509Certificate2 = x509Certificate4;
                        }
                    }
                    if (str2 != null && str2.equals(bigInteger2)) {
                        treeMap.put(new Long(x509Certificate3.getNotBefore().getTime()), new KeyPair(x509Certificate3.getPublicKey(), rSAPrivateKey));
                        treeMap2.put(new Long(x509Certificate3.getNotBefore().getTime()), x509Certificate3);
                        str2 = null;
                    }
                    x509Certificate4 = x509Certificate3;
                    str3 = str2;
                }
            } catch (Exception e4) {
                e4.printStackTrace();
                throw new MCryptoException(e4);
            }
        }
        if (treeMap.size() <= 0) {
            throw new MCryptoException("no key-pair!");
        }
        Iterator it = treeMap.keySet().iterator();
        while (it.hasNext()) {
            if (treeMap.size() == 1) {
                Long l = (Long) it.next();
                this.m = (KeyPair) treeMap.get(l);
                this.n = (X509Certificate) treeMap2.get(l);
                return;
            }
            treeMap.remove(it.next());
        }
    }

    private boolean a(byte[] bArr, byte[] bArr2) {
        Signature signature = Signature.getInstance("SHA1WithRSA");
        signature.initVerify(this.m.getPublic());
        signature.update(bArr2);
        return signature.verify(bArr);
    }

    private static boolean a(byte[] bArr, byte[] bArr2, PublicKey publicKey) {
        Signature signature = Signature.getInstance("SHA1WithRSA");
        signature.initVerify(publicKey);
        signature.update(bArr2);
        return signature.verify(bArr);
    }

    private byte[] a(RSAKeyParameters rSAKeyParameters, byte[] bArr) {
        RSAEngine rSAEngine = new RSAEngine();
        rSAEngine.init(true, rSAKeyParameters);
        return rSAEngine.processBlock(bArr, 0, bArr.length);
    }

    private static byte[] a(byte[] bArr, KeyPair keyPair) {
        Signature signature = Signature.getInstance("SHA1WithRSA");
        signature.initSign(keyPair.getPrivate());
        signature.update(bArr);
        return signature.sign();
    }

    private RSAKeyParameters b() {
        RSAPrivateKey rSAPrivateKey = (RSAPrivateKey) this.m.getPrivate();
        return new RSAKeyParameters(true, rSAPrivateKey.getModulus(), rSAPrivateKey.getPrivateExponent());
    }

    private byte[] b(RSAKeyParameters rSAKeyParameters, byte[] bArr) {
        RSAEngine rSAEngine = new RSAEngine();
        rSAEngine.init(false, rSAKeyParameters);
        return rSAEngine.processBlock(bArr, 0, bArr.length);
    }

    private RSAKeyParameters c() {
        RSAPublicKey rSAPublicKey = (RSAPublicKey) this.m.getPublic();
        return new RSAKeyParameters(false, rSAPublicKey.getModulus(), rSAPublicKey.getPublicExponent());
    }

    @Override // com.jrsys.mpki.MCrypto
    public void changePin(String str, String str2) {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public byte[] decrypt(byte[] bArr) {
        try {
            return b(b(), bArr);
        } catch (Exception e2) {
            return null;
        }
    }

    @Override // com.jrsys.mpki.MCrypto
    public void deleteCert() {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public byte[] des3Decrypt(byte[] bArr) {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public byte[] des3Encrypt(byte[] bArr) {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public void disconnect() {
        this.f = null;
    }

    @Override // com.jrsys.mpki.MCrypto
    public byte[] encrypt(byte[] bArr) {
        try {
            return a(c(), bArr);
        } catch (Exception e2) {
            throw new MCryptoException(e2);
        }
    }

    @Override // com.jrsys.mpki.MCrypto
    public byte[] exportCert() {
        try {
            return getX509Certificate().getEncoded();
        } catch (Exception e2) {
            throw new MCryptoException(e2);
        }
    }

    @Override // com.jrsys.mpki.MCrypto
    public byte[] exportPublicKeyE() {
        return ((RSAPublicKey) this.n.getPublicKey()).getPublicExponent().toByteArray();
    }

    @Override // com.jrsys.mpki.MCrypto
    public byte[] exportPublicKeyM() {
        return ((RSAPublicKey) this.n.getPublicKey()).getModulus().toByteArray();
    }

    @Override // com.jrsys.mpki.MCrypto
    public void genRSAKeyPair() {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public X509Certificate getEncryptCertificate() {
        return getX509Certificate();
    }

    @Override // com.jrsys.mpki.MCrypto
    public String getHotp() {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public String getSIPInfo() {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public X509Certificate getSignCertificate() {
        return getX509Certificate();
    }

    @Override // com.jrsys.mpki.MCrypto
    public X509Certificate getX509Certificate() {
        return this.n;
    }

    @Override // com.jrsys.mpki.MCrypto
    public void importCert(byte[] bArr) {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public void importPrivateKey(byte[] bArr, byte[] bArr2) {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public void importPublicKey(byte[] bArr, byte[] bArr2) {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public void init(String str) {
        new MCryptoSDKInit().init(this.o, this.o.getAssets(), str);
        this.f = new File(this.j);
        if (!this.f.exists()) {
            throw new MCryptoException("pfx file not found.");
        }
        if (this.k != null) {
            this.g = new File(this.k);
            if (!this.g.exists()) {
                throw new MCryptoException("cert file not found.");
            }
        }
    }

    @Override // com.jrsys.mpki.MCrypto
    public void listKey() {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public byte[] listPin() {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public void login(String str) {
        this.h = str;
        try {
            KeyStore keyStore = KeyStore.getInstance(e, i);
            keyStore.load(new FileInputStream(this.f), this.h.toCharArray());
            keyStore.aliases();
            try {
                a();
                byte[] bytes = "hello world".getBytes();
                System.out.println("keypair verified:" + a(a(bytes, this.m), bytes, this.m.getPublic()));
            } catch (Exception e2) {
                if (!(e2 instanceof MCryptoException)) {
                    throw new MCryptoException(e2);
                }
                throw ((MCryptoException) e2);
            }
        } catch (Exception e3) {
            throw new MCryptoException("login error", e3);
        }
    }

    @Override // com.jrsys.mpki.MCrypto
    public void logout() {
        this.h = null;
        this.m = null;
        this.n = null;
    }

    @Override // com.jrsys.mpki.MCrypto
    public byte[] sign(byte[] bArr) {
        return sign(bArr, "SHA1");
    }

    @Override // com.jrsys.mpki.MCrypto
    public byte[] sign(byte[] bArr, String str) {
        try {
            DigestSignature generateDigestRSAEncryption = DigestRSAEncryptionFactory.getInstance().generateDigestRSAEncryption(str);
            generateDigestRSAEncryption.initSign(b());
            return generateDigestRSAEncryption.sign(bArr);
        } catch (InvalidCipherTextException e2) {
            throw new MCryptoException(e2);
        } catch (IOException e3) {
            throw new MCryptoException(e3);
        } catch (NoSuchAlgorithmException e4) {
            throw new MCryptoException(e4);
        }
    }

    @Override // com.jrsys.mpki.MCrypto
    public byte[] signRecovery(byte[] bArr) {
        try {
            return a(b(), bArr);
        } catch (InvalidCipherTextException e2) {
            throw new MCryptoException(e2);
        }
    }

    @Override // com.jrsys.mpki.MCrypto
    public int unblock(String str) {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    public int verifyPin(String str) {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public byte[] verifyRecovery(byte[] bArr) {
        try {
            return b(c(), bArr);
        } catch (InvalidCipherTextException e2) {
            throw new MCryptoException(e2);
        }
    }
}
