package cfca.mobile.scap.impl;

import android.content.Context;
import cfca.mobile.constant.CFCAPublicConstant;
import cfca.mobile.constant.PKCSUtil;
import cfca.mobile.exception.CodeException;
import cfca.mobile.keydevice.NJGovPrivateInterface;
import cfca.mobile.scap.CFCACertificate;
import cfca.mobile.scap.CFCAKeyDevice;
import com.cfca.util.pki.PKIException;
import com.cfca.util.pki.Parser;
import com.cfca.util.pki.asn1.DERBitString;
import com.cfca.util.pki.asn1.pkcs.PKCSObjectIdentifiers;
import com.cfca.util.pki.asn1.pkcs.pkcs10.CertificationRequest;
import com.cfca.util.pki.asn1.pkcs.pkcs10.CertificationRequestInfo;
import com.cfca.util.pki.asn1.x509.AlgorithmIdentifier;
import com.cfca.util.pki.asn1.x509.X509Name;
import com.cfca.util.pki.cipher.JKey;
import com.cfca.util.pki.encoders.Base64;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;

/* loaded from: classes.dex */
public class CFCAKeyDeviceImpl implements CFCAKeyDevice, Serializable {
    private static final long serialVersionUID = -3537793758228766276L;
    private List<CFCACertificate> certificates;
    private CFCAKeyDriver driver;
    private int publicKeyLen_1024 = 1024;
    private int publicKeyLen_2048 = 2048;

    private CFCAKeyDeviceImpl() {
    }

    private String createP10Req(CFCAPublicConstant.CertificateType certificateType, String str, Context context) throws CodeException {
        if (str == null || str.length() == 0 || context == null) {
            throw new CodeException(CodeException.S_INVALID_PARAMETER, "参数无效");
        }
        try {
            int i = this.publicKeyLen_1024;
            byte[] bArr = PKCSUtil.CERT_1024_HEADER;
            if (certificateType == CFCAPublicConstant.CertificateType.RSA2048) {
                i = this.publicKeyLen_2048;
                bArr = PKCSUtil.CERT_2048_HEADER;
            }
            byte[] createRSAKey = this.driver.createRSAKey(str, context, i);
            byte[] bArr2 = new byte[bArr.length + createRSAKey.length];
            System.arraycopy(bArr, 0, bArr2, 0, bArr.length);
            System.arraycopy(createRSAKey, 0, bArr2, bArr.length, createRSAKey.length);
            JKey jKey = new JKey(JKey.RSA_PUB_KEY, bArr2);
            X509Name x509Name = new X509Name("CN=CFCA@Mobile@Android@1.0,OU=Customers,O=CFCA,C=CN");
            AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PKCSObjectIdentifiers.sha1WithRSAEncryption, null);
            CertificationRequestInfo certificationRequestInfo = new CertificationRequestInfo(x509Name, Parser.key2SPKI(jKey), null);
            return new String(Base64.encode(Parser.writeDERObj2Bytes(new CertificationRequest(certificationRequestInfo, algorithmIdentifier, new DERBitString(this.driver.signMessage(createRSAKey, str, context, Parser.writeDERObj2Bytes(certificationRequestInfo.getDERObject()), PKCSUtil.getStringFromAlgorithm(CFCAPublicConstant.HashAlgorithm.SHA1_RSA), PKCSUtil.getSignatureType(CFCAPublicConstant.SignatureType.SIGN_PKCS1), ""))).getDERObject())));
        } catch (CodeException e) {
            throw e;
        } catch (PKIException e2) {
            throw new CodeException(CodeException.S_UNKOWN_ERROR, "产生证书申请失败！", e2);
        }
    }

    public static CFCAKeyDeviceImpl getInstance(CFCAKeyDriver cFCAKeyDriver, int i, String str, Context context) throws CodeException {
        CFCAKeyDeviceImpl cFCAKeyDeviceImpl = new CFCAKeyDeviceImpl();
        cFCAKeyDeviceImpl.setDriver(cFCAKeyDriver);
        List<byte[]> x509Certificates = cFCAKeyDriver.getX509Certificates(context);
        ArrayList arrayList = new ArrayList();
        if (x509Certificates != null && x509Certificates.size() > 0) {
            Iterator<byte[]> it2 = x509Certificates.iterator();
            while (it2.hasNext()) {
                arrayList.add(CFCACertificateImpl.getInstance(it2.next(), cFCAKeyDeviceImpl));
            }
        }
        cFCAKeyDeviceImpl.setCertificates(arrayList);
        return cFCAKeyDeviceImpl;
    }

    private void initCerts(Context context) throws CodeException {
        List<byte[]> x509Certificates = this.driver.getX509Certificates(context);
        ArrayList arrayList = new ArrayList();
        if (x509Certificates != null && x509Certificates.size() > 0) {
            Iterator<byte[]> it2 = x509Certificates.iterator();
            while (it2.hasNext()) {
                arrayList.add(CFCACertificateImpl.getInstance(it2.next(), this));
            }
        }
        setCertificates(arrayList);
    }

    @Override // cfca.mobile.scap.CFCAKeyDevice
    public void changePassword(String str, String str2, Context context, CFCACertificate cFCACertificate) throws CodeException {
        if (str == null || str.length() == 0 || str2 == null || str2.length() == 0 || context == null) {
            throw new CodeException(CodeException.S_INVALID_PARAMETER, "参数无效");
        }
        List<CFCACertificate> list = this.certificates;
        if (list == null || list.size() == 0) {
            throw new CodeException(CodeException.S_INVALID_CERTIFICATE, "文件证书修改pin码必须存在证书");
        }
        if (str == null || str.length() == 0 || str2 == null || str2.length() == 0) {
            throw new CodeException(CodeException.S_INVALID_PARAMETER, "传入的pin码参数无效");
        }
        System.out.println("Certificate is:" + cFCACertificate.getCertEncode());
        this.driver.changePassword(Base64.decode(cFCACertificate.getCertEncode()), str, str2, context);
    }

    @Override // cfca.mobile.scap.CFCAKeyDevice
    public String createCertReq(CFCAPublicConstant.CertificateType certificateType, String str, Context context) throws CodeException {
        if (str == null || str.length() == 0 || context == null) {
            throw new CodeException(CodeException.S_INVALID_PARAMETER, "参数无效");
        }
        System.out.println("DevideImpl.createCertReq().Pin码是：" + str);
        try {
            return createP10Req(certificateType, str, context);
        } catch (CodeException e) {
            throw e;
        }
    }

    @Override // cfca.mobile.scap.CFCAKeyDevice
    public void deleteCertificate(Context context, CFCACertificate cFCACertificate) throws CodeException {
        if (context == null || cFCACertificate == null) {
            throw new CodeException(CodeException.S_INVALID_PARAMETER, "参数无效!");
        }
        ((NJGovPrivateInterface) this.driver).deleteCertificate(context, cFCACertificate);
        initCerts(context);
    }

    @Override // cfca.mobile.scap.CFCAKeyDevice
    public List<CFCACertificate> getCertificates() {
        return this.certificates;
    }

    public CFCAKeyDriver getDriver() {
        return this.driver;
    }

    @Override // cfca.mobile.scap.CFCAKeyDevice
    public void importX509Certificate(String str, Context context) throws CodeException {
        if (str == null || str.length() == 0 || context == null || str.length() % 4 != 0) {
            throw new CodeException(CodeException.S_INVALID_PARAMETER, "参数无效");
        }
        try {
            this.driver.importX509Certificate(Base64.decode(str), context);
            initCerts(context);
        } catch (Exception unused) {
            throw new CodeException(CodeException.S_INVALID_PARAMETER, "参数无效");
        }
    }

    public void setCertificates(List<CFCACertificate> list) {
        this.certificates = list;
    }

    public void setDriver(CFCAKeyDriver cFCAKeyDriver) {
        this.driver = cFCAKeyDriver;
    }
}
