package cn.com.syan.jcee.cm.impl;

import cn.com.syan.jcee.common.impl.key.SM2BCPublicKey;
import cn.com.syan.jcee.common.impl.pkcs10.PKCS10CertificateRequestBuilder;
import cn.com.syan.jcee.common.impl.utils.CertificateConverter;
import cn.unitid.spark.cm.sdk.business.Algorithm;
import java.io.OutputStream;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.spec.X509EncodedKeySpec;
import java.util.List;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.asn1.x509.AlgorithmIdentifier;
import org.spongycastle.asn1.x509.Extension;
import org.spongycastle.operator.ContentSigner;

/* loaded from: classes.dex */
public class g extends a {
    private d d;
    private X509CertificateEntity e;
    private int f;

    public g(X509CertificateEntity x509CertificateEntity, PrivateKeyEntity privateKeyEntity) throws cn.com.syan.jcee.cm.b.c {
        this.e = x509CertificateEntity;
        this.b = x509CertificateEntity.getAlias();
        a(x509CertificateEntity.getExtension());
        if (x509CertificateEntity.getStatus() != 1) {
            if (x509CertificateEntity.getStatus() != 0) {
                throw new cn.com.syan.jcee.cm.b.c("X509CertificateEntity is not a Certificate Entity");
            }
            this.f = 0;
            PublicKey a2 = a(cn.com.syan.jcee.a.a.a.a.a(x509CertificateEntity.getValue()));
            if (!e.a(a2).equals(x509CertificateEntity.getId())) {
                throw new cn.com.syan.jcee.cm.b.c("invalid key id:" + x509CertificateEntity.getId());
            }
            if (privateKeyEntity != null) {
                this.c = true;
                this.d = new d(a2, privateKeyEntity.getValue(), privateKeyEntity.getLastUpdateTime());
                return;
            }
            return;
        }
        this.f = 1;
        try {
            X509Certificate fromBase64 = CertificateConverter.fromBase64(x509CertificateEntity.getValue());
            if (!e.a(fromBase64).equals(x509CertificateEntity.getId())) {
                throw new cn.com.syan.jcee.cm.b.c("invalid key id:" + x509CertificateEntity.getId());
            }
            a(fromBase64);
            if (privateKeyEntity != null) {
                this.c = true;
                this.d = new d(fromBase64, privateKeyEntity.getValue(), privateKeyEntity.getLastUpdateTime());
            }
        } catch (CertificateException e) {
            throw new cn.com.syan.jcee.cm.b.c(e);
        }
    }

    private PublicKey a(byte[] bArr) throws cn.com.syan.jcee.cm.b.c {
        try {
            try {
                return KeyFactory.getInstance(Algorithm.RSA).generatePublic(new X509EncodedKeySpec(bArr));
            } catch (Exception unused) {
                return new SM2BCPublicKey(bArr);
            }
        } catch (InvalidKeyException unused2) {
            throw new cn.com.syan.jcee.cm.b.c("failed to derive public key");
        }
    }

    private byte[] a(byte[] bArr, String str) throws cn.com.syan.jcee.cm.b.b, cn.com.syan.jcee.cm.b.d, cn.com.syan.jcee.cm.b.c {
        if (isPrivateKeyAccessible()) {
            return getPrivateKey().decrypt(bArr, str);
        }
        throw new cn.com.syan.jcee.cm.b.d();
    }

    private byte[] a(byte[] bArr, boolean z, String str) throws cn.com.syan.jcee.cm.b.b, SignatureException, cn.com.syan.jcee.cm.b.d, cn.com.syan.jcee.cm.b.c {
        if (this.e.getStatus() == 0) {
            throw new cn.com.syan.jcee.cm.b.c("pkcs7 will not work until a certificate imported");
        }
        if (isPrivateKeyAccessible()) {
            return getPrivateKey().pkcs7Sign(bArr, z, str, this.f269a, null);
        }
        throw new cn.com.syan.jcee.cm.b.d();
    }

    private byte[] b(byte[] bArr, String str) throws cn.com.syan.jcee.cm.b.b, SignatureException, cn.com.syan.jcee.cm.b.d, cn.com.syan.jcee.cm.b.c {
        if (isPrivateKeyAccessible()) {
            return getPrivateKey().sign(bArr, str);
        }
        throw new cn.com.syan.jcee.cm.b.d();
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public byte[] envelopeOpen(byte[] bArr, String str) throws cn.com.syan.jcee.cm.b.d, cn.com.syan.jcee.cm.b.c, cn.com.syan.jcee.cm.b.b {
        if (isPrivateKeyAccessible()) {
            return getPrivateKey().envelopeOpen(bArr, str);
        }
        throw new cn.com.syan.jcee.cm.b.d();
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public IPrivateKey getPrivateKey() {
        return this.d;
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public int getStatus() {
        return this.f;
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public boolean isConnected() {
        return true;
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public byte[] pkcs1(String str, String str2) throws cn.com.syan.jcee.cm.b.b, SignatureException, cn.com.syan.jcee.cm.b.d, cn.com.syan.jcee.cm.b.c {
        return b(str.getBytes(), str2);
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public byte[] pkcs1(byte[] bArr, String str) throws cn.com.syan.jcee.cm.b.b, SignatureException, cn.com.syan.jcee.cm.b.d, cn.com.syan.jcee.cm.b.c {
        return b(bArr, str);
    }

    @Override // cn.com.syan.jcee.cm.impl.a, cn.com.syan.jcee.cm.impl.ICertificate
    public byte[] pkcs1Digest(byte[] bArr, String str, String str2) throws cn.com.syan.jcee.cm.b.b, cn.com.syan.jcee.cm.b.c, SignatureException, cn.com.syan.jcee.cm.b.d {
        if (isPrivateKeyAccessible()) {
            return getPrivateKey().digestSign(bArr, str, str2);
        }
        throw new cn.com.syan.jcee.cm.b.d();
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public byte[] pkcs7(String str, boolean z, String str2) throws cn.com.syan.jcee.cm.b.b, SignatureException, cn.com.syan.jcee.cm.b.d, cn.com.syan.jcee.cm.b.c {
        return a(str.getBytes(), z, str2);
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public byte[] pkcs7(byte[] bArr, boolean z, String str) throws cn.com.syan.jcee.cm.b.b, SignatureException, cn.com.syan.jcee.cm.b.d, cn.com.syan.jcee.cm.b.c {
        return a(bArr, z, str);
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public byte[] privateDecrypt(String str, String str2) throws cn.com.syan.jcee.cm.b.b, cn.com.syan.jcee.cm.b.d, cn.com.syan.jcee.cm.b.c {
        return a(cn.com.syan.jcee.a.a.a.a.a(str), str2);
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public byte[] privateDecrypt(byte[] bArr, String str) throws cn.com.syan.jcee.cm.b.b, cn.com.syan.jcee.cm.b.d, cn.com.syan.jcee.cm.b.c {
        return a(bArr, str);
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public byte[] privateEncrypt(byte[] bArr, String str, String str2) throws cn.com.syan.jcee.cm.b.b, cn.com.syan.jcee.cm.b.d, cn.com.syan.jcee.cm.b.c {
        return getPrivateKey().encrypt(bArr, str, str2);
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public PKCS10CertificationRequest recreatePKCS10(String str, String str2) {
        String name = this.f269a.getSubjectDN().getName();
        if (str == null || "".equals(str)) {
            str = name;
        }
        final f fVar = new f(this, str2);
        return new PKCS10CertificationRequest(PKCS10CertificateRequestBuilder.buildCertificationRequest(new X500Name(str), (List<Extension>) null, this.f269a.getPublicKey(), new ContentSigner() { // from class: cn.com.syan.jcee.cm.impl.g.1
            @Override // org.spongycastle.operator.ContentSigner
            public AlgorithmIdentifier getAlgorithmIdentifier() {
                return null;
            }

            @Override // org.spongycastle.operator.ContentSigner
            public OutputStream getOutputStream() {
                return fVar;
            }

            @Override // org.spongycastle.operator.ContentSigner
            public byte[] getSignature() {
                try {
                    return ((f) fVar).a();
                } catch (SignatureException e) {
                    e.printStackTrace();
                    return null;
                }
            }
        }));
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public boolean verifyPin(String str) throws cn.com.syan.jcee.cm.b.d {
        if (isPrivateKeyAccessible()) {
            return getPrivateKey().verifyPin(str);
        }
        throw new cn.com.syan.jcee.cm.b.d();
    }
}
