package tw.com.chttl;

import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Security;
import java.security.Signature;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import org.apache.commons.io.IOUtils;
import tw.com.chttl.TokenException;
import tw.com.chttl.provider.ChungHwaProvider;

/* loaded from: classes3.dex */
public class P12PrivateKey extends PrivateKeyRetrievable {
    private static final long d = 2520108701454761733L;
    KeyStore a;
    StringBuffer b;

    static {
        Security.addProvider(new ChungHwaProvider());
    }

    public P12PrivateKey(InputStream inputStream, String str) {
        StringBuffer stringBuffer = new StringBuffer();
        this.b = stringBuffer;
        this.a = a(inputStream, str, stringBuffer);
    }

    public P12PrivateKey(String str, String str2) {
        try {
            FileInputStream fileInputStream = new FileInputStream(str);
            StringBuffer stringBuffer = new StringBuffer();
            this.b = stringBuffer;
            this.a = a(fileInputStream, str2, stringBuffer);
        } catch (FileNotFoundException unused) {
            throw new TokenException(TokenException.HiSecureError.P12_KEYSTORE_FILE_NOT_FOUND);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:18:0x0039, code lost:
    
        r6.append(r5);
     */
    /* JADX WARN: Code restructure failed: missing block: B:19:0x003c, code lost:
    
        r4 = true;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private java.security.KeyStore a(java.io.InputStream r4, java.lang.String r5, java.lang.StringBuffer r6) {
        /*
            r3 = this;
            java.lang.String r0 = "PKCS12"
            java.security.KeyStore r0 = java.security.KeyStore.getInstance(r0)     // Catch: java.security.KeyStoreException -> L99
            if (r5 == 0) goto L1a
            java.lang.String r1 = r5.trim()
            java.lang.String r2 = ""
            boolean r1 = r1.equals(r2)
            if (r1 == 0) goto L15
            goto L1a
        L15:
            char[] r5 = r5.toCharArray()
            goto L1b
        L1a:
            r5 = 0
        L1b:
            r0.load(r4, r5)     // Catch: java.io.IOException -> L58 java.security.cert.CertificateException -> L89 java.security.NoSuchAlgorithmException -> L91
            r4.close()     // Catch: java.io.IOException -> L58 java.security.cert.CertificateException -> L89 java.security.NoSuchAlgorithmException -> L91
            java.util.Enumeration r4 = r0.aliases()     // Catch: java.security.KeyStoreException -> L50
        L25:
            boolean r5 = r4.hasMoreElements()
            if (r5 != 0) goto L2d
            r4 = 0
            goto L3d
        L2d:
            java.lang.Object r5 = r4.nextElement()
            java.lang.String r5 = (java.lang.String) r5
            boolean r1 = r0.isKeyEntry(r5)     // Catch: java.security.KeyStoreException -> L48
            if (r1 == 0) goto L25
            r6.append(r5)     // Catch: java.security.KeyStoreException -> L48
            r4 = 1
        L3d:
            if (r4 == 0) goto L40
            return r0
        L40:
            tw.com.chttl.TokenException r4 = new tw.com.chttl.TokenException
            tw.com.chttl.TokenException$HiSecureError r5 = tw.com.chttl.TokenException.HiSecureError.P12_KEYSTORE_KEY_NOT_FOUND
            r4.<init>(r5)
            throw r4
        L48:
            tw.com.chttl.TokenException r4 = new tw.com.chttl.TokenException
            tw.com.chttl.TokenException$HiSecureError r5 = tw.com.chttl.TokenException.HiSecureError.P12_KEYSTORE_WRONG_FORMAT
            r4.<init>(r5)
            throw r4
        L50:
            tw.com.chttl.TokenException r4 = new tw.com.chttl.TokenException
            tw.com.chttl.TokenException$HiSecureError r5 = tw.com.chttl.TokenException.HiSecureError.P12_KEYSTORE_WRONG_FORMAT
            r4.<init>(r5)
            throw r4
        L58:
            r4 = move-exception
            java.lang.String r5 = r4.getMessage()
            java.lang.String r6 = "failed to decrypt safe contents entry"
            boolean r5 = r5.contains(r6)
            if (r5 != 0) goto L81
            java.lang.String r4 = r4.getMessage()
            java.lang.String r5 = "PKCS12 key store mac invalid - wrong password or corrupted file."
            boolean r4 = r4.contains(r5)
            if (r4 == 0) goto L79
            tw.com.chttl.TokenException r4 = new tw.com.chttl.TokenException
            tw.com.chttl.TokenException$HiSecureError r5 = tw.com.chttl.TokenException.HiSecureError.P12_KEYSTORE_WRONG_PASSWORD
            r4.<init>(r5)
            throw r4
        L79:
            tw.com.chttl.TokenException r4 = new tw.com.chttl.TokenException
            tw.com.chttl.TokenException$HiSecureError r5 = tw.com.chttl.TokenException.HiSecureError.P12_KEYSTORE_WRONG_FORMAT
            r4.<init>(r5)
            throw r4
        L81:
            tw.com.chttl.TokenException r4 = new tw.com.chttl.TokenException
            tw.com.chttl.TokenException$HiSecureError r5 = tw.com.chttl.TokenException.HiSecureError.P12_KEYSTORE_WRONG_PASSWORD
            r4.<init>(r5)
            throw r4
        L89:
            tw.com.chttl.TokenException r4 = new tw.com.chttl.TokenException
            tw.com.chttl.TokenException$HiSecureError r5 = tw.com.chttl.TokenException.HiSecureError.P12_KEYSTORE_WRONG_FORMAT
            r4.<init>(r5)
            throw r4
        L91:
            tw.com.chttl.TokenException r4 = new tw.com.chttl.TokenException
            tw.com.chttl.TokenException$HiSecureError r5 = tw.com.chttl.TokenException.HiSecureError.P12_KEYSTORE_WRONG_FORMAT
            r4.<init>(r5)
            throw r4
        L99:
            tw.com.chttl.TokenException r4 = new tw.com.chttl.TokenException
            tw.com.chttl.TokenException$HiSecureError r5 = tw.com.chttl.TokenException.HiSecureError.P12_KEYSTORE_NAME_NOT_EXIST
            r4.<init>(r5)
            throw r4
        */
        throw new UnsupportedOperationException("Method not decompiled: tw.com.chttl.P12PrivateKey.a(java.io.InputStream, java.lang.String, java.lang.StringBuffer):java.security.KeyStore");
    }

    public static String generatePFX(X509Certificate x509Certificate, KeyPair keyPair, String str) {
        return generatePFX(x509Certificate == null ? null : new X509Certificate[]{x509Certificate}, keyPair, str);
    }

    public static String generatePFX(X509Certificate[] x509CertificateArr, KeyPair keyPair, String str) {
        PrivateKey privateKey;
        boolean z = false;
        int i = 0;
        while (true) {
            if (i >= x509CertificateArr.length) {
                break;
            }
            if (x509CertificateArr[i].getPublicKey().equals(keyPair.getPublic())) {
                z = true;
                break;
            }
            i++;
        }
        if (!z) {
            throw new TokenException(TokenException.HiSecureError.P12_KEYSTORE_GENPFX_CERTS_KEY_NOT_MATCH);
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            char[] cArr = null;
            keyStore.load(null, str == null ? null : str.toCharArray());
            if (keyPair == null) {
                privateKey = null;
            } else {
                try {
                    privateKey = keyPair.getPrivate();
                } catch (Exception e) {
                    e.printStackTrace();
                    throw new TokenException(TokenException.HiSecureError.P12_KEYSTORE_GENPFX_IMPORT_KEY_CERTS_PWD_FAIL);
                }
            }
            keyStore.setKeyEntry("chtKeyAlias", privateKey, str == null ? null : str.toCharArray(), x509CertificateArr);
            try {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                if (str != null) {
                    cArr = str.toCharArray();
                }
                keyStore.store(byteArrayOutputStream, cArr);
                return Base64.encodeLines(byteArrayOutputStream.toByteArray()).replace("\r\n", "").replace(IOUtils.LINE_SEPARATOR_UNIX, "");
            } catch (Exception unused) {
                throw new TokenException(TokenException.HiSecureError.P12_KEYSTORE_GENPFX_STORE_KEYSTORE_FAIL);
            }
        } catch (Exception e2) {
            e2.printStackTrace();
            throw new TokenException(TokenException.HiSecureError.P12_KEYSTORE_GENPFX_INIT_KEYSTORE_FAIL);
        }
    }

    public static void main(String[] strArr) {
        P12PrivateKey p12PrivateKey = new P12PrivateKey("D:/GTestCA.pfx", "12345678");
        X509Certificate certificate = p12PrivateKey.getCertificate();
        testPKCS1(p12PrivateKey, certificate, certificate);
        testPKCS7(p12PrivateKey, certificate, certificate);
    }

    public static void testPKCS1(ChtRsaPrivateKey chtRsaPrivateKey, X509Certificate x509Certificate, X509Certificate x509Certificate2) {
        System.out.println("********* PKCS#1 Test { *********");
        if (chtRsaPrivateKey.login("12345678")) {
            System.out.println(String.valueOf(1) + ". login success");
            Signature signature = Signature.getInstance("SHA1withRSA", "CHT");
            signature.initSign(chtRsaPrivateKey);
            signature.update("Test Text (to be signed)".getBytes());
            byte[] sign = signature.sign();
            signature.initVerify(x509Certificate);
            signature.update("Test Text (to be signed)".getBytes());
            if (signature.verify(sign)) {
                System.out.println(String.valueOf(2) + ". PKCS#1 signature verify(through Certificate) ok");
            } else {
                System.err.println(String.valueOf(2) + ". PKCS#1 signature verify(through Certificate) fail");
            }
            byte[] bArr = null;
            try {
                Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                cipher.init(1, x509Certificate2.getPublicKey());
                bArr = cipher.doFinal("Test Text (to be decrypted)".getBytes());
            } catch (BadPaddingException e) {
                e.printStackTrace();
            } catch (IllegalBlockSizeException e2) {
                e2.printStackTrace();
            } catch (NoSuchPaddingException e3) {
                e3.printStackTrace();
            }
            if (new String(chtRsaPrivateKey.decryptPKCS1(bArr, "RSA/ECB/PKCS1Padding")).equals("Test Text (to be decrypted)")) {
                System.out.println(String.valueOf(3) + ". PKCS#1 decryption ok");
            } else {
                System.err.println(String.valueOf(3) + ". PKCS#1 decryption fail");
            }
            chtRsaPrivateKey.logout();
        } else {
            System.err.println(String.valueOf(1) + ". login fail");
        }
        System.out.println("********* PKCS#1 Test } *********");
    }

    public static void testPKCS7(ChtRsaPrivateKey chtRsaPrivateKey, X509Certificate x509Certificate, X509Certificate x509Certificate2) {
        System.out.println("********* PKCS#7 Test { *********");
        if (chtRsaPrivateKey.login("12345678")) {
            System.out.println(String.valueOf(1) + ". login success");
            if (P7Utility.verifyData(P7Utility.signedData(chtRsaPrivateKey, x509Certificate, "Test Text (to be signed)".getBytes()))) {
                System.out.println(String.valueOf(2) + ". PKCS#7 signature verify ok");
            } else {
                System.err.println(String.valueOf(2) + ". PKCS#7 signature verify fail");
            }
            if (new String(P7Utility.decryptData(chtRsaPrivateKey, P7Utility.envelopedData(x509Certificate2, "Test Text (to be decrypted)"))).equals("Test Text (to be decrypted)")) {
                System.out.println(String.valueOf(3) + ". PKCS#7 decryption verify ok");
            } else {
                System.err.println(String.valueOf(3) + ". PKCS#7 decryption verify fail");
            }
            chtRsaPrivateKey.logout();
        } else {
            System.err.println(String.valueOf(1) + ". login fail");
        }
        System.out.println("********* PKCS#7 Test } *********");
    }

    @Override // java.security.Key
    public String getAlgorithm() {
        return this.c.getAlgorithm();
    }

    public X509Certificate getCertificate() {
        try {
            return (X509Certificate) this.a.getCertificate(this.b.toString());
        } catch (KeyStoreException unused) {
            throw new TokenException(TokenException.HiSecureError.P12_KEYSTORE_GETCERT_FAIL);
        }
    }

    public X509Certificate[] getCertificateChain() {
        Certificate[] certificateChain = this.a.getCertificateChain(this.b.toString());
        X509Certificate[] x509CertificateArr = new X509Certificate[certificateChain.length];
        for (int i = 0; i < certificateChain.length; i++) {
            x509CertificateArr[i] = (X509Certificate) certificateChain[i];
        }
        return x509CertificateArr;
    }

    @Override // tw.com.chttl.ChtRsaPrivateKey
    public X509Certificate getEncCertificate() {
        return getCertificate();
    }

    @Override // java.security.Key
    public byte[] getEncoded() {
        return this.c.getEncoded();
    }

    @Override // java.security.Key
    public String getFormat() {
        return this.c.getFormat();
    }

    public X509Certificate getIssuer() {
        X509Certificate certificate = getCertificate();
        X509Certificate[] certificateChain = getCertificateChain();
        for (int i = 0; i < certificateChain.length; i++) {
            if (certificate.getIssuerDN().equals(certificateChain[i].getSubjectDN())) {
                return certificateChain[i];
            }
        }
        return null;
    }

    @Override // java.security.interfaces.RSAKey
    public BigInteger getModulus() {
        return this.c.getModulus();
    }

    @Override // java.security.interfaces.RSAPrivateKey
    public BigInteger getPrivateExponent() {
        return this.c.getPrivateExponent();
    }

    @Override // tw.com.chttl.PrivateKeyRetrievable
    public PrivateKey getPrivateKey() {
        return this.c;
    }

    @Override // tw.com.chttl.ChtRsaPrivateKey
    public X509Certificate getSignCertificate() {
        return getCertificate();
    }

    @Override // tw.com.chttl.PrivateKeyRetrievable, tw.com.chttl.ChtRsaPrivateKey
    public boolean login(String str) {
        try {
            this.c = (RSAPrivateKey) this.a.getKey(this.b.toString(), (str == null || str.trim().equals("")) ? null : str.toCharArray());
            return true;
        } catch (KeyStoreException e) {
            e.printStackTrace();
            return false;
        } catch (NoSuchAlgorithmException e2) {
            e2.printStackTrace();
            return false;
        } catch (UnrecoverableKeyException unused) {
            return false;
        }
    }

    @Override // tw.com.chttl.PrivateKeyRetrievable, tw.com.chttl.ChtRsaPrivateKey
    public void logout() {
    }
}
