package com.jrsys.mpki.impl;

import android.content.Context;
import android.security.keystore.KeyInfo;
import android.util.Log;
import com.jrsys.mpki.MCrypto;
import com.jrsys.mpki.MCryptoException;
import com.jrsys.mpki.MCryptoSDKInit;
import java.io.ByteArrayInputStream;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.Map;
import java.util.TreeMap;

/* loaded from: classes.dex */
public class MCryptoAndroidKeyStoreImpl implements MCrypto {
    public static final String DEFAULT_ALGORITHM = "SHA1";
    private static final String TAG = "MCryptoAndroidKeyStoreImpl";
    private String alias;
    private AndroidKeyStoreType androidKeyStoreType;
    private final Context context;
    private X509Certificate userCert;
    private final Map<Long, X509Certificate> mapKSCerts = new TreeMap();
    private final Map<String, Long> mapAliases = new TreeMap();

    public MCryptoAndroidKeyStoreImpl(Context context) {
        this.context = context;
    }

    private AndroidKeyStoreType getKeyType(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance(AndroidKeyGenerateUtil.ANDROID_KEY_STORE);
            keyStore.load(null);
            return ((PrivateKey) keyStore.getKey(str, null)).getAlgorithm().equals("EC") ? new AndroidKeyStoreTypeECImpl(str) : new AndroidKeyStoreTypeRSAImpl(str);
        } catch (Exception e10) {
            throw new MCryptoException(e10);
        }
    }

    @Override // com.jrsys.mpki.MCrypto
    public void changePin(String str, String str2) {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public byte[] decrypt(String str, byte[] bArr) {
        return getKeyType(str).decrypt(str, bArr);
    }

    @Override // com.jrsys.mpki.MCrypto
    public byte[] decrypt(byte[] bArr) {
        return this.androidKeyStoreType.decrypt(bArr);
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized void deleteCert() {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized void deleteCert(String str) {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    public void deleteKey(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance(AndroidKeyGenerateUtil.ANDROID_KEY_STORE);
            keyStore.load(null);
            keyStore.deleteEntry(str);
            login(null);
        } catch (Exception e10) {
            throw new MCryptoException(e10);
        }
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized byte[] des3Decrypt(byte[] bArr) {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized byte[] des3Encrypt(byte[] bArr) {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized void disconnect() {
    }

    @Override // com.jrsys.mpki.MCrypto
    public byte[] encrypt(String str, byte[] bArr) {
        return this.androidKeyStoreType.encrypt(str, bArr);
    }

    @Override // com.jrsys.mpki.MCrypto
    public byte[] encrypt(byte[] bArr) {
        return this.androidKeyStoreType.encrypt(bArr);
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized byte[] exportCert() {
        try {
        } catch (Exception e10) {
            throw new MCryptoException(e10);
        }
        return getX509Certificate().getEncoded();
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized byte[] exportCert(String str) {
        try {
        } catch (Exception e10) {
            throw new MCryptoException(e10);
        }
        return getX509Certificate(str).getEncoded();
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized byte[] exportPublicKeyE() {
        return ((RSAPublicKey) getX509Certificate().getPublicKey()).getPublicExponent().toByteArray();
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized byte[] exportPublicKeyE(String str) {
        return ((RSAPublicKey) getX509Certificate(str).getPublicKey()).getPublicExponent().toByteArray();
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized byte[] exportPublicKeyM() {
        return ((RSAPublicKey) getX509Certificate().getPublicKey()).getModulus().toByteArray();
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized byte[] exportPublicKeyM(String str) {
        return ((RSAPublicKey) getX509Certificate(str).getPublicKey()).getModulus().toByteArray();
    }

    @Override // com.jrsys.mpki.MCrypto
    public String findKeyLabelByCert(byte[] bArr, byte[] bArr2) {
        String[] listKey = listKey();
        for (int i10 = 0; i10 < listKey.length; i10++) {
            X509Certificate x509Certificate = getX509Certificate(listKey[i10]);
            if (Arrays.equals(x509Certificate.getIssuerX500Principal().getEncoded(), bArr) && Arrays.equals(x509Certificate.getSerialNumber().toString().getBytes(), bArr2)) {
                return listKey[i10];
            }
        }
        throw new MCryptoException("can not find matched key label");
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized void genRSAKeyPair() {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized void genRSAKeyPair(String str) {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized X509Certificate getEncryptCertificate() {
        return getX509Certificate();
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized X509Certificate getEncryptCertificate(String str) {
        return getX509Certificate(str);
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized String getHotp() {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    public PrivateKey getPrivateKey(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance(AndroidKeyGenerateUtil.ANDROID_KEY_STORE);
            keyStore.load(null);
            return (PrivateKey) keyStore.getKey(str, null);
        } catch (Exception e10) {
            throw new MCryptoException(e10);
        }
    }

    public PublicKey getPublicKey(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance(AndroidKeyGenerateUtil.ANDROID_KEY_STORE);
            keyStore.load(null);
            return keyStore.getCertificate(str).getPublicKey();
        } catch (Exception e10) {
            throw new MCryptoException(e10);
        }
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized String getSIPInfo() {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized X509Certificate getSignCertificate() {
        return getX509Certificate();
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized X509Certificate getSignCertificate(String str) {
        return getX509Certificate(str);
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized X509Certificate getX509Certificate() {
        Log.i(TAG, "key label of certificate : " + this.alias);
        return this.userCert;
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized X509Certificate getX509Certificate(String str) {
        return this.mapKSCerts.get(this.mapAliases.get(str));
    }

    public String getkeyType() {
        return this.androidKeyStoreType.getKeyType();
    }

    @Override // com.jrsys.mpki.MCrypto
    public void importCert(String str, byte[] bArr) {
        try {
            KeyStore keyStore = KeyStore.getInstance(AndroidKeyGenerateUtil.ANDROID_KEY_STORE);
            keyStore.load(null);
            keyStore.setKeyEntry(str, (PrivateKey) keyStore.getKey(str, null), null, new Certificate[]{(X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(bArr))});
        } catch (Exception e10) {
            throw new MCryptoException(e10);
        }
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized void importCert(byte[] bArr) {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized void importPrivateKey(String str, byte[] bArr, byte[] bArr2) {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized void importPrivateKey(byte[] bArr, byte[] bArr2) {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized void importPublicKey(String str, byte[] bArr, byte[] bArr2) {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized void importPublicKey(byte[] bArr, byte[] bArr2) {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public void init(String str) {
        MCryptoSDKInit mCryptoSDKInit = new MCryptoSDKInit();
        Context context = this.context;
        mCryptoSDKInit.init(context, context.getAssets(), str);
    }

    public boolean isInsideSecureHardware() {
        try {
            KeyStore keyStore = KeyStore.getInstance(AndroidKeyGenerateUtil.ANDROID_KEY_STORE);
            keyStore.load(null);
            if (listKey().length <= 0) {
                throw new MCryptoException("no key pair");
            }
            PrivateKey privateKey = (PrivateKey) keyStore.getKey(this.alias, null);
            return ((KeyInfo) KeyFactory.getInstance(privateKey.getAlgorithm(), AndroidKeyGenerateUtil.ANDROID_KEY_STORE).getKeySpec(privateKey, KeyInfo.class)).isInsideSecureHardware();
        } catch (Exception e10) {
            throw new MCryptoException(e10);
        }
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized String[] listKey() {
        if (this.mapAliases.isEmpty()) {
            return new String[0];
        }
        return (String[]) this.mapAliases.keySet().toArray(new String[this.mapAliases.values().size()]);
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized byte[] listPin() {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public void login(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance(AndroidKeyGenerateUtil.ANDROID_KEY_STORE);
            keyStore.load(null);
            Enumeration<String> aliases = keyStore.aliases();
            int i10 = 0;
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                Key key = keyStore.getKey(nextElement, null);
                X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(nextElement);
                if (key instanceof PrivateKey) {
                    if (key.getAlgorithm().equals("EC")) {
                        this.androidKeyStoreType = new AndroidKeyStoreTypeECImpl(nextElement);
                    } else {
                        this.androidKeyStoreType = new AndroidKeyStoreTypeRSAImpl(nextElement);
                    }
                    if (x509Certificate != null) {
                        this.mapAliases.put(nextElement, Long.valueOf(x509Certificate.getNotBefore().getTime()));
                        this.mapKSCerts.put(Long.valueOf(x509Certificate.getNotBefore().getTime()), x509Certificate);
                        this.userCert = x509Certificate;
                        this.alias = nextElement;
                    }
                    i10++;
                }
            }
            if (i10 > 0) {
            } else {
                throw new MCryptoException("no key-pair!");
            }
        } catch (Exception e10) {
            throw new MCryptoException(e10);
        }
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized void logout() {
        this.userCert = null;
        this.mapAliases.clear();
        this.mapKSCerts.clear();
    }

    @Override // com.jrsys.mpki.MCrypto
    public byte[] sign(String str, byte[] bArr) {
        return getKeyType(str).sign(str, bArr);
    }

    @Override // com.jrsys.mpki.MCrypto
    public byte[] sign(String str, byte[] bArr, String str2) {
        return this.androidKeyStoreType.sign(str, bArr, str2);
    }

    @Override // com.jrsys.mpki.MCrypto
    public byte[] sign(byte[] bArr) {
        return this.androidKeyStoreType.sign(bArr);
    }

    @Override // com.jrsys.mpki.MCrypto
    public byte[] sign(byte[] bArr, String str) {
        return this.androidKeyStoreType.sign(bArr, str);
    }

    @Override // com.jrsys.mpki.MCrypto
    public byte[] signRecovery(byte[] bArr) {
        return this.androidKeyStoreType.signRecovery(bArr);
    }

    @Override // com.jrsys.mpki.MCrypto
    public synchronized int unblock(String str) {
        throw new UnsupportedOperationException("Not supported yet.");
    }

    @Override // com.jrsys.mpki.MCrypto
    public byte[] verifyRecovery(byte[] bArr) {
        return this.androidKeyStoreType.verifyRecovery(bArr);
    }
}
