package cn.com.jit.android.ida.util.pki.keystore;

import cn.com.jit.android.ida.util.pki.pkcs.PKCS12;
import cn.com.jit.android.ida.util.pki.util.SmSplitFile;
import cn.com.jit.ida.util.pki.PKIException;
import cn.com.jit.ida.util.pki.Parser;
import cn.com.jit.ida.util.pki.asn1.ASN1EncodableVector;
import cn.com.jit.ida.util.pki.asn1.ASN1Sequence;
import cn.com.jit.ida.util.pki.asn1.DERBitString;
import cn.com.jit.ida.util.pki.asn1.DERInteger;
import cn.com.jit.ida.util.pki.asn1.DERNull;
import cn.com.jit.ida.util.pki.asn1.DEROctetString;
import cn.com.jit.ida.util.pki.asn1.DERSequence;
import cn.com.jit.ida.util.pki.asn1.DERSet;
import cn.com.jit.ida.util.pki.asn1.pkcs.PKCSObjectIdentifiers;
import cn.com.jit.ida.util.pki.asn1.pkcs.pkcs7.RecipientInfo;
import cn.com.jit.ida.util.pki.asn1.pkcs.pkcs7.SignedAndEnvelopedData;
import cn.com.jit.ida.util.pki.asn1.x509.AlgorithmIdentifier;
import cn.com.jit.ida.util.pki.cert.X509Cert;
import cn.com.jit.ida.util.pki.cipher.JCrypto;
import cn.com.jit.ida.util.pki.cipher.JKey;
import cn.com.jit.ida.util.pki.cipher.JKeyPair;
import cn.com.jit.ida.util.pki.cipher.Mechanism;
import cn.com.jit.ida.util.pki.cipher.Session;
import cn.com.jit.ida.util.pki.cipher.param.GenKeyAttribute;
import cn.com.jit.ida.util.pki.cipher.softsm.Util;
import cn.com.jit.ida.util.pki.encoders.Base64;
import cn.com.jit.ida.util.pki.keystore.KeyEntry;
import cn.com.jit.ida.util.pki.pkcs.P7B;
import cn.com.jit.ida.util.pki.pkcs.PKCS10;
import cn.com.jit.ida.util.pki.util.SMFileTool;
import cn.com.jit.mctk.cert.constant.CertConfigConstant;
import cn.com.jit.mctk.log.config.MLog;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.RandomAccessFile;
import java.security.Key;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.httpclient.cookie.CookieSpec;

/* loaded from: classes.dex */
public class KeyStoreManager extends StorageManager {
    public static final String TRUST_CERT_ID = "trustcertid";
    public static final String tmpCertStr = "MIIC5DCCAk2gAwIBAgIQa6gl/TivVSqXP8dPnZucXDANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJDTjEMMAoGA1UEChMDSklUMRcwFQYDVQQLEw53d3cuaml0LmNvbS5jbjEPMA0GA1UEAxMGSklUIENBMB4XDTA1MDgxOTA4MTgxOFoXDTI1MDgxNDA4MTgxOFowRTELMAkGA1UEBhMCQ04xDDAKBgNVBAoTA0pJVDEXMBUGA1UECxMOd3d3LmppdC5jb20uY24xDzANBgNVBAMTBkpJVCBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApoZCiaMfa8RFFVKZrUP+9QWHNk8c/clRiJIKl2WrUYYnUrL4KVYt7rA8NJdUAA63OM6w4Bd6uVuudGz949p3AkjiY0tOQNMsdsQfZoCdCykvsOazzboY2zTSAzwFZUt33+4nCCsxrxLbqvVSVwuN2x9+VKa327u8+hbYXOq+/JkCAwEAAaOB1DCB0TAfBgNVHSMEGDAWgBTPVrW0/9er9lukYtIum4uhHyzQBzAMBgNVHRMEBTADAQH/MHQGA1UdHwRtMGswQKA+oDykOjA4MQswCQYDVQQGEwJDTjEMMAoGA1UEChMDSklUMQwwCgYDVQQLEwNDUkwxDTALBgNVBAMTBENSTDEwJ6AloCOGIWh0dHA6Ly9qaXRjcmwuaml0LmNvbS5jbi9jcmwxLmNybDALBgNVHQ8EBAMCAf4wHQYDVR0OBBYEFM9WtbT/16v2W6Ri0i6bi6EfLNAHMA0GCSqGSIb3DQEBBQUAA4GBAH3FBD56Hebdyp1dh85vOmbxF/AVckS5aXUSkGlKzXJDOIGtr3mPb0r4m6NSJowDwrYpT+RcezFDacg9o+uLuU/q/9LaI4qmFVP1xISx+LG0liUDNoiySMa4TbV45RpkNOxUasLmhlx6oWXRMxTKuiv357yf0M6zGCuiseqNv6P3";
    private String sType = "JKS";
    private boolean isUserPriKeyPW = false;
    private String privateKeyPassWord = "";
    private FileOutputStream privateFfous = null;
    private FileInputStream privateFin = null;
    private File privateFile = null;
    private Map<String, String> softSM2Prikey = new HashMap();

    private Certificate convert2JavaCert(X509Cert x509Cert) throws Exception {
        return CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(x509Cert.getEncoded()));
    }

    private byte[] create3DesByte(String str) {
        byte[] bytes = str.getBytes();
        byte[] bArr = new byte[24];
        System.arraycopy(bytes, 0, bArr, 0, bytes.length);
        for (int length = bytes.length; length < bArr.length; length++) {
            bArr[length] = 10;
        }
        return bArr;
    }

    private String genP10Request(String str, int i, String str2, String str3, String str4, String str5, int i2) throws Exception {
        Mechanism mechanism;
        String str6;
        Session openSession = openSession(str);
        if (str5.equalsIgnoreCase("RSA")) {
            mechanism = new Mechanism("RSA");
            str6 = "SHA1withRSAEncryption";
        } else if (str5.equalsIgnoreCase(Mechanism.DSA)) {
            mechanism = new Mechanism(Mechanism.DSA);
            str6 = "SHA1withDSA";
        } else if (str5.equalsIgnoreCase("SM2")) {
            mechanism = new Mechanism("SM2");
            str6 = "SM3withSM2Encryption";
        } else {
            mechanism = new Mechanism(Mechanism.ECDSA);
            str6 = "SHA1withECDSA";
        }
        JCrypto.getInstance().initialize(JCrypto.JSOFT_LIB, null);
        if (str.equalsIgnoreCase(JCrypto.JSJY05B_LIB)) {
            GenKeyAttribute genKeyAttribute = new GenKeyAttribute();
            genKeyAttribute.setKeyNum(i);
            genKeyAttribute.setIsExport(false);
            mechanism.setParam(genKeyAttribute);
        }
        JKeyPair generateKeyPair = openSession.generateKeyPair(mechanism, i2);
        JKey publicKey = generateKeyPair.getPublicKey();
        JKey privateKey = generateKeyPair.getPrivateKey();
        byte[] generateCertificationRequestData_B64 = new PKCS10(openSession).generateCertificationRequestData_B64(str6, str4, publicKey, null, privateKey);
        if (str5.equalsIgnoreCase("SM2")) {
            this.softSM2Prikey.put(getAlias(publicKey), new String(Base64.encode(openSession.encrypt(new Mechanism("RC4"), new JKey("RC4", this.privateKeyPassWord.getBytes()), privateKey.getKey()))));
        } else {
            File file = this.privateFile == null ? new File(str2) : this.privateFile;
            if (!file.exists() && !file.getParentFile().exists()) {
                file.getParentFile().mkdirs();
            }
            file.createNewFile();
            KeyStore keyStore = KeyStore.getInstance(this.sType);
            keyStore.load(null, null);
            Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.decode("MIIC5DCCAk2gAwIBAgIQa6gl/TivVSqXP8dPnZucXDANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJDTjEMMAoGA1UEChMDSklUMRcwFQYDVQQLEw53d3cuaml0LmNvbS5jbjEPMA0GA1UEAxMGSklUIENBMB4XDTA1MDgxOTA4MTgxOFoXDTI1MDgxNDA4MTgxOFowRTELMAkGA1UEBhMCQ04xDDAKBgNVBAoTA0pJVDEXMBUGA1UECxMOd3d3LmppdC5jb20uY24xDzANBgNVBAMTBkpJVCBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApoZCiaMfa8RFFVKZrUP+9QWHNk8c/clRiJIKl2WrUYYnUrL4KVYt7rA8NJdUAA63OM6w4Bd6uVuudGz949p3AkjiY0tOQNMsdsQfZoCdCykvsOazzboY2zTSAzwFZUt33+4nCCsxrxLbqvVSVwuN2x9+VKa327u8+hbYXOq+/JkCAwEAAaOB1DCB0TAfBgNVHSMEGDAWgBTPVrW0/9er9lukYtIum4uhHyzQBzAMBgNVHRMEBTADAQH/MHQGA1UdHwRtMGswQKA+oDykOjA4MQswCQYDVQQGEwJDTjEMMAoGA1UEChMDSklUMQwwCgYDVQQLEwNDUkwxDTALBgNVBAMTBENSTDEwJ6AloCOGIWh0dHA6Ly9qaXRjcmwuaml0LmNvbS5jbi9jcmwxLmNybDALBgNVHQ8EBAMCAf4wHQYDVR0OBBYEFM9WtbT/16v2W6Ri0i6bi6EfLNAHMA0GCSqGSIb3DQEBBQUAA4GBAH3FBD56Hebdyp1dh85vOmbxF/AVckS5aXUSkGlKzXJDOIGtr3mPb0r4m6NSJowDwrYpT+RcezFDacg9o+uLuU/q/9LaI4qmFVP1xISx+LG0liUDNoiySMa4TbV45RpkNOxUasLmhlx6oWXRMxTKuiv357yf0M6zGCuiseqNv6P3".getBytes())));
            if (str.equalsIgnoreCase(JCrypto.JSOFT_LIB)) {
                keyStore.setKeyEntry(getAlias(publicKey), Parser.convertPrivateKey(privateKey), this.isUserPriKeyPW ? this.privateKeyPassWord.toCharArray() : str3.toCharArray(), new Certificate[]{generateCertificate});
            } else {
                keyStore.setCertificateEntry(str4.toLowerCase(), generateCertificate);
            }
            FileOutputStream fileOutputStream = this.privateFfous == null ? new FileOutputStream(file) : this.privateFfous;
            keyStore.store(fileOutputStream, str3.toCharArray());
            fileOutputStream.flush();
            fileOutputStream.close();
        }
        return new String(generateCertificationRequestData_B64);
    }

    private String genP10Request4Update(String str, int i, String str2, String str3, String str4, int i2, String str5) throws Exception {
        Mechanism mechanism;
        String str6;
        Session openSession = openSession(str);
        if (str4.equalsIgnoreCase("RSA")) {
            mechanism = new Mechanism("RSA");
            str6 = "SHA1withRSAEncryption";
        } else if (str4.equalsIgnoreCase(Mechanism.DSA)) {
            mechanism = new Mechanism(Mechanism.DSA);
            str6 = "SHA1withDSA";
        } else if (str4.equalsIgnoreCase("SM2")) {
            mechanism = new Mechanism("SM2");
            str6 = "SM3withSM2Encryption";
        } else {
            mechanism = new Mechanism(Mechanism.ECDSA);
            str6 = "SHA1withECDSA";
        }
        if (str.equalsIgnoreCase(JCrypto.JSJY05B_LIB)) {
            GenKeyAttribute genKeyAttribute = new GenKeyAttribute();
            genKeyAttribute.setKeyNum(i);
            genKeyAttribute.setIsExport(false);
            mechanism.setParam(genKeyAttribute);
        }
        JKeyPair generateKeyPair = openSession.generateKeyPair(mechanism, i2);
        JKey publicKey = generateKeyPair.getPublicKey();
        JKey privateKey = generateKeyPair.getPrivateKey();
        byte[] generateCertificationRequestData_B64 = new PKCS10(openSession).generateCertificationRequestData_B64(str6, str5, publicKey, null, privateKey);
        File file = this.privateFile == null ? new File(str2) : this.privateFile;
        if (!file.getParentFile().exists()) {
            throw new Exception("keyStore file [" + str2 + "] doesn't exists. please select a correct keyStore file to execute update.");
        }
        KeyStore openKeyStore = openKeyStore(str2, str3);
        if (str.equalsIgnoreCase(JCrypto.JSOFT_LIB)) {
            PrivateKey convertPrivateKey = Parser.convertPrivateKey(privateKey);
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            byte[] decode = Base64.decode("MIIC5DCCAk2gAwIBAgIQa6gl/TivVSqXP8dPnZucXDANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJDTjEMMAoGA1UEChMDSklUMRcwFQYDVQQLEw53d3cuaml0LmNvbS5jbjEPMA0GA1UEAxMGSklUIENBMB4XDTA1MDgxOTA4MTgxOFoXDTI1MDgxNDA4MTgxOFowRTELMAkGA1UEBhMCQ04xDDAKBgNVBAoTA0pJVDEXMBUGA1UECxMOd3d3LmppdC5jb20uY24xDzANBgNVBAMTBkpJVCBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApoZCiaMfa8RFFVKZrUP+9QWHNk8c/clRiJIKl2WrUYYnUrL4KVYt7rA8NJdUAA63OM6w4Bd6uVuudGz949p3AkjiY0tOQNMsdsQfZoCdCykvsOazzboY2zTSAzwFZUt33+4nCCsxrxLbqvVSVwuN2x9+VKa327u8+hbYXOq+/JkCAwEAAaOB1DCB0TAfBgNVHSMEGDAWgBTPVrW0/9er9lukYtIum4uhHyzQBzAMBgNVHRMEBTADAQH/MHQGA1UdHwRtMGswQKA+oDykOjA4MQswCQYDVQQGEwJDTjEMMAoGA1UEChMDSklUMQwwCgYDVQQLEwNDUkwxDTALBgNVBAMTBENSTDEwJ6AloCOGIWh0dHA6Ly9qaXRjcmwuaml0LmNvbS5jbi9jcmwxLmNybDALBgNVHQ8EBAMCAf4wHQYDVR0OBBYEFM9WtbT/16v2W6Ri0i6bi6EfLNAHMA0GCSqGSIb3DQEBBQUAA4GBAH3FBD56Hebdyp1dh85vOmbxF/AVckS5aXUSkGlKzXJDOIGtr3mPb0r4m6NSJowDwrYpT+RcezFDacg9o+uLuU/q/9LaI4qmFVP1xISx+LG0liUDNoiySMa4TbV45RpkNOxUasLmhlx6oWXRMxTKuiv357yf0M6zGCuiseqNv6P3".getBytes());
            Certificate generateCertificate = certificateFactory.generateCertificate(new ByteArrayInputStream(decode));
            new X509Cert(decode);
            String alias = getAlias(publicKey);
            Enumeration<String> aliases = openKeyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (openKeyStore.isKeyEntry(nextElement) && nextElement.equals(alias)) {
                    openKeyStore.deleteEntry(alias);
                }
            }
            openKeyStore.setKeyEntry(alias, convertPrivateKey, this.isUserPriKeyPW ? this.privateKeyPassWord.toCharArray() : str3.toCharArray(), new Certificate[]{generateCertificate});
        }
        FileOutputStream fileOutputStream = this.privateFfous == null ? new FileOutputStream(file) : this.privateFfous;
        openKeyStore.store(fileOutputStream, str3.toCharArray());
        fileOutputStream.flush();
        fileOutputStream.close();
        return new String(generateCertificationRequestData_B64);
    }

    private String genUpdatedP10Request(String str, String str2, KeyEntry keyEntry, String str3, String str4, String str5) throws Exception {
        String str6;
        if (!(this.privateFile == null ? new File(str3) : this.privateFile).getParentFile().exists()) {
            throw new Exception("keyStore file [" + str3 + "] doesn't exists. please select a correct keyStore file to execute update.");
        }
        Session openSession = openSession(str5);
        if (str2.equalsIgnoreCase("RSA")) {
            new Mechanism("RSA");
            str6 = "SHA1withRSAEncryption";
        } else if (str2.equalsIgnoreCase("SM2")) {
            new Mechanism("SM2");
            str6 = "SM3withSM2Encryption";
        } else {
            new Mechanism(Mechanism.ECDSA);
            str6 = "SHA1withECDSA";
        }
        return new String(new PKCS10(openSession).generateCertificationRequestData_B64(str6, str, keyEntry.getCert().getPublicKey(), null, keyEntry.getKey()));
    }

    private void generateCertFile(String str, byte[] bArr) throws IOException {
        FileOutputStream fileOutputStream = new FileOutputStream(str);
        fileOutputStream.write(bArr);
        fileOutputStream.close();
    }

    private void generateSmFile(JKey jKey, X509Cert x509Cert, String str, String str2) throws PKIException, IOException {
        byte[] genSM2FileFromJIT = SMFileTool.genSM2FileFromJIT(str, x509Cert, jKey);
        if (str2.lastIndexOf(".jit") != -1) {
            SmSplitFile.genAllSm2File(genSM2FileFromJIT, str2);
        } else if (str2.lastIndexOf(".doublejit") != -1) {
            SmSplitFile.genAllSm2File(genSM2FileFromJIT, str2);
        } else {
            SmSplitFile.createsm2File(genSM2FileFromJIT, str2);
        }
    }

    private byte[] getRsaPrvJkey(byte[] bArr) throws PKIException {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(PKCSObjectIdentifiers.rsaEncryption);
        aSN1EncodableVector.add(new DERNull());
        DERSequence dERSequence = new DERSequence(aSN1EncodableVector);
        DEROctetString dEROctetString = new DEROctetString(bArr);
        ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
        aSN1EncodableVector2.add(new DERInteger(0));
        aSN1EncodableVector2.add(dERSequence);
        aSN1EncodableVector2.add(dEROctetString);
        return Parser.writeDERObj2Bytes(new DERSequence(aSN1EncodableVector2));
    }

    private KeyStore openKeyStore(String str, String str2) throws Exception {
        KeyStore keyStore = KeyStore.getInstance(this.sType);
        File file = this.privateFile == null ? new File(str) : this.privateFile;
        if (!file.getParentFile().exists()) {
            file.getParentFile().mkdirs();
        }
        if (file.exists()) {
            FileInputStream fileInputStream = this.privateFin != null ? this.privateFin : new FileInputStream(str);
            keyStore.load(fileInputStream, str2.toCharArray());
            fileInputStream.close();
        } else {
            file.createNewFile();
            keyStore.load(null, null);
        }
        return keyStore;
    }

    private Session openSession(String str) throws Exception {
        JCrypto jCrypto = JCrypto.getInstance();
        jCrypto.initialize(str, null);
        return jCrypto.openSession(str);
    }

    private byte[] parsePriFileKey(String str, String str2) throws Exception {
        RandomAccessFile randomAccessFile = new RandomAccessFile(str, "rw");
        byte[] bArr = new byte[(int) randomAccessFile.length()];
        randomAccessFile.read(bArr);
        randomAccessFile.close();
        JKey jKey = new JKey();
        jKey.setKey(create3DesByte(str2));
        jKey.setKeyType("DESede");
        byte[] decrypt = openSession(JCrypto.JSOFT_LIB).decrypt(new Mechanism(Mechanism.DES3_ECB), jKey, bArr);
        if (decrypt == null) {
            throw new Exception("私钥解析错误");
        }
        return decrypt;
    }

    private Key parsePriKey(String str, String str2) throws Exception {
        RandomAccessFile randomAccessFile = new RandomAccessFile(str, "rw");
        byte[] bArr = new byte[(int) randomAccessFile.length()];
        randomAccessFile.read(bArr);
        randomAccessFile.close();
        JKey jKey = new JKey();
        jKey.setKey(create3DesByte(str2));
        jKey.setKeyType("DESede");
        byte[] decrypt = openSession(JCrypto.JSOFT_LIB).decrypt(new Mechanism(Mechanism.DES3_ECB), jKey, bArr);
        if (decrypt == null) {
            throw new Exception("私钥解析错误");
        }
        return Parser.convertPrivateKey(new JKey(JKey.RSA_PRV_KEY, decrypt));
    }

    private String replacePath(String str, String str2) {
        return str.replace(str.substring(str.lastIndexOf(CookieSpec.PATH_DELIM) + 1, str.lastIndexOf(".")), str2);
    }

    private void saveCertToKeyStore(KeyStore keyStore, String str, X509Cert x509Cert, String str2) throws Exception {
        Key key = keyStore.getKey(str2, this.isUserPriKeyPW ? this.privateKeyPassWord.toCharArray() : str.toCharArray());
        if (key == null) {
            throw new Exception("KeyStore doesn't contain key enry named [" + str2 + "]");
        }
        keyStore.deleteEntry(str2);
        keyStore.setKeyEntry(str2, key, this.isUserPriKeyPW ? this.privateKeyPassWord.toCharArray() : str.toCharArray(), new Certificate[]{convert2JavaCert(x509Cert)});
    }

    private void setKeyCertWithPfx(String str, String str2, JKey jKey, X509Cert[] x509CertArr) throws Exception {
        X509Cert[] x509CertArr2 = null;
        X509Cert x509Cert = null;
        if (x509CertArr != null) {
            if (x509CertArr.length >= 2) {
                x509CertArr2 = new X509Cert[x509CertArr.length - 1];
                Session openSession = openSession(JCrypto.JSOFT_LIB);
                int i = 0;
                for (int i2 = 0; i2 < x509CertArr.length; i2++) {
                    JKey publicKey = x509CertArr[i2].getPublicKey();
                    Mechanism mechanism = publicKey.getKeyType().equals("RSA_Public") ? new Mechanism("SHA1withRSAEncryption") : new Mechanism("SHA1withECDSA");
                    byte[] bytes = "JIT".getBytes();
                    if (openSession.verifySign(mechanism, publicKey, bytes, openSession.sign(mechanism, jKey, bytes))) {
                        x509Cert = x509CertArr[i2];
                    } else {
                        x509CertArr2[i] = x509CertArr[i2];
                        i++;
                    }
                }
            } else {
                x509Cert = x509CertArr[0];
            }
        }
        KeyStore openKeyStore = openKeyStore(str, str2);
        Enumeration<String> aliases = openKeyStore.aliases();
        while (aliases.hasMoreElements()) {
            openKeyStore.deleteEntry(aliases.nextElement());
        }
        x509Cert.getSubject().toLowerCase();
        openKeyStore.setKeyEntry(getAlias(x509Cert), Parser.convertPrivateKey(jKey), this.isUserPriKeyPW ? this.privateKeyPassWord.toCharArray() : str2.toCharArray(), new Certificate[]{convert2JavaCert(x509Cert)});
        FileOutputStream fileOutputStream = this.privateFfous == null ? new FileOutputStream(str) : this.privateFfous;
        openKeyStore.store(fileOutputStream, str2.toCharArray());
        fileOutputStream.flush();
        fileOutputStream.close();
        if (x509CertArr2 != null) {
            setTrustCerts(str, str2, x509CertArr2);
        }
    }

    public void ClearPrivateKeyPassWord() {
        this.privateKeyPassWord = "";
    }

    public void UserPrivateKeyPassWord() {
        this.isUserPriKeyPW = true;
    }

    public KeyEntry addKeyCertWithPfx(String str, String str2, JKey jKey, X509Cert[] x509CertArr) throws Exception {
        X509Cert[] x509CertArr2 = null;
        X509Cert x509Cert = null;
        if (x509CertArr != null) {
            if (x509CertArr.length >= 2) {
                x509CertArr2 = new X509Cert[x509CertArr.length - 1];
                Session openSession = openSession(JCrypto.JSOFT_LIB);
                int i = 0;
                for (int i2 = 0; i2 < x509CertArr.length; i2++) {
                    JKey publicKey = x509CertArr[i2].getPublicKey();
                    Mechanism mechanism = publicKey.getKeyType().equals("RSA_Public") ? new Mechanism("SHA1withRSAEncryption") : new Mechanism("SHA1withECDSA");
                    byte[] bytes = "JIT".getBytes();
                    if (openSession.verifySign(mechanism, publicKey, bytes, openSession.sign(mechanism, jKey, bytes))) {
                        x509Cert = x509CertArr[i2];
                    } else {
                        x509CertArr2[i] = x509CertArr[i2];
                        i++;
                    }
                }
            } else {
                x509Cert = x509CertArr[0];
            }
        }
        KeyStore openKeyStore = openKeyStore(str, str2);
        x509Cert.getSubject().toLowerCase();
        PrivateKey convertPrivateKey = Parser.convertPrivateKey(jKey);
        Certificate convert2JavaCert = convert2JavaCert(x509Cert);
        String alias = getAlias(x509Cert.getPublicKey());
        Enumeration<String> aliases = openKeyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (openKeyStore.isKeyEntry(nextElement) && nextElement.equals(alias)) {
                openKeyStore.deleteEntry(alias);
            }
        }
        openKeyStore.setKeyEntry(alias, convertPrivateKey, this.isUserPriKeyPW ? this.privateKeyPassWord.toCharArray() : str2.toCharArray(), new Certificate[]{convert2JavaCert});
        FileOutputStream fileOutputStream = this.privateFfous == null ? new FileOutputStream(str) : this.privateFfous;
        openKeyStore.store(fileOutputStream, str2.toCharArray());
        fileOutputStream.flush();
        fileOutputStream.close();
        if (x509CertArr2 != null) {
            setTrustCerts(str, str2, x509CertArr2);
        }
        KeyEntry keyEntry = new KeyEntry();
        keyEntry.setAilas(alias);
        keyEntry.setKey(jKey);
        keyEntry.setCert(x509Cert);
        return keyEntry;
    }

    public KeyEntry addKeyCertWithPfxWithalias(String str, String str2, JKey jKey, X509Cert[] x509CertArr, String str3) throws Exception {
        X509Cert[] x509CertArr2 = null;
        X509Cert x509Cert = null;
        if (x509CertArr != null) {
            if (x509CertArr.length >= 2) {
                x509CertArr2 = new X509Cert[x509CertArr.length - 1];
                Session openSession = openSession(JCrypto.JSOFT_LIB);
                int i = 0;
                for (int i2 = 0; i2 < x509CertArr.length; i2++) {
                    JKey publicKey = x509CertArr[i2].getPublicKey();
                    Mechanism mechanism = publicKey.getKeyType().equals("RSA_Public") ? new Mechanism("SHA1withRSAEncryption") : new Mechanism("SHA1withECDSA");
                    byte[] bytes = "JIT".getBytes();
                    if (openSession.verifySign(mechanism, publicKey, bytes, openSession.sign(mechanism, jKey, bytes))) {
                        x509Cert = x509CertArr[i2];
                    } else {
                        x509CertArr2[i] = x509CertArr[i2];
                        i++;
                    }
                }
            } else {
                x509Cert = x509CertArr[0];
            }
        }
        KeyStore openKeyStore = openKeyStore(str, str2);
        x509Cert.getSubject().toLowerCase();
        PrivateKey convertPrivateKey = Parser.convertPrivateKey(jKey);
        Certificate convert2JavaCert = convert2JavaCert(x509Cert);
        Enumeration<String> aliases = openKeyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (openKeyStore.isKeyEntry(nextElement) && nextElement.equals(str3)) {
                openKeyStore.deleteEntry(str3);
            }
        }
        openKeyStore.setKeyEntry(str3, convertPrivateKey, this.isUserPriKeyPW ? this.privateKeyPassWord.toCharArray() : str2.toCharArray(), new Certificate[]{convert2JavaCert});
        FileOutputStream fileOutputStream = this.privateFfous == null ? new FileOutputStream(str) : this.privateFfous;
        openKeyStore.store(fileOutputStream, str2.toCharArray());
        fileOutputStream.flush();
        fileOutputStream.close();
        if (x509CertArr2 != null) {
            setTrustCerts(str, str2, x509CertArr2);
        }
        KeyEntry keyEntry = new KeyEntry();
        keyEntry.setAilas(str3);
        keyEntry.setKey(jKey);
        keyEntry.setCert(x509Cert);
        return keyEntry;
    }

    public KeyEntry addKeyStoreWithPfx(String str, String str2, String str3, char[] cArr) throws Exception {
        openSession(JCrypto.JSOFT_LIB);
        PKCS12 pkcs12 = new PKCS12();
        pkcs12.load(str3);
        pkcs12.decrypt(cArr);
        return addKeyCertWithPfx(str, str2, pkcs12.getPrivateKey(), pkcs12.getCerts());
    }

    public Enumeration alias(String str, String str2) throws Exception {
        return openKeyStore(str, str2).aliases();
    }

    public void createFileByByte(List<byte[]> list, String str) throws Exception {
        FileOutputStream fileOutputStream = new FileOutputStream(new File(str));
        Iterator<byte[]> it = list.iterator();
        while (it.hasNext()) {
            fileOutputStream.write(it.next());
        }
        fileOutputStream.close();
    }

    public boolean delAlias(String str, String str2, String str3, String str4) throws Exception {
        File file = this.privateFile == null ? new File(str) : this.privateFile;
        if (!file.getParentFile().exists()) {
            throw new Exception("keyStore file [" + str + "] doesn't exists. please select a correct keyStore file to execute update.");
        }
        KeyStore openKeyStore = openKeyStore(str, str2);
        openKeyStore.deleteEntry(str3);
        MLog.i("delAlias", "alias:" + str3 + " ,del success");
        String str5 = String.valueOf(str3) + str4;
        if (openKeyStore.containsAlias(str5)) {
            openKeyStore.deleteEntry(str5);
            MLog.i("delAlias", "encCertAlias:" + str5 + ",del success");
        }
        FileOutputStream fileOutputStream = this.privateFfous == null ? new FileOutputStream(file) : this.privateFfous;
        openKeyStore.store(fileOutputStream, str2.toCharArray());
        fileOutputStream.flush();
        fileOutputStream.close();
        return true;
    }

    public void genKeyStoreWithPfx(String str, String str2, InputStream inputStream, char[] cArr) throws Exception {
        openSession(JCrypto.JSOFT_LIB);
        PKCS12 pkcs12 = new PKCS12();
        pkcs12.load(inputStream);
        pkcs12.decrypt(cArr);
        setKeyCertWithPfx(str, str2, pkcs12.getPrivateKey(), pkcs12.getCerts());
    }

    public void genKeyStoreWithPfx(String str, String str2, String str3, char[] cArr) throws Exception {
        openSession(JCrypto.JSOFT_LIB);
        PKCS12 pkcs12 = new PKCS12();
        pkcs12.load(str3);
        pkcs12.decrypt(cArr);
        setKeyCertWithPfx(str, str2, pkcs12.getPrivateKey(), pkcs12.getCerts());
    }

    public void genKeyStoreWithPfx(String str, String str2, byte[] bArr, char[] cArr) throws Exception {
        openSession(JCrypto.JSOFT_LIB);
        PKCS12 pkcs12 = new PKCS12();
        pkcs12.load(bArr);
        pkcs12.decrypt(cArr);
        setKeyCertWithPfx(str, str2, pkcs12.getPrivateKey(), pkcs12.getCerts());
    }

    public String genP10Request4UpdateWithHardLib(int i, String str, String str2, String str3, String str4, int i2) throws Exception {
        return genP10Request4Update(JCrypto.JSJY05B_LIB, i, str, str2, str4, i2, str3);
    }

    public String genP10Request4UpdateWithSoftLib(String str, String str2, String str3, String str4, int i) throws Exception {
        return genP10Request4Update(JCrypto.JSOFT_LIB, 0, str, str2, str4, i, str3);
    }

    public String genP10RequestWithHardLib(int i, String str, String str2, String str3, String str4, int i2) throws Exception {
        return genP10Request(JCrypto.JSJY05B_LIB, i, str, str2, str3, str4, i2);
    }

    public String genP10RequestWithSoftLib(String str, String str2, String str3, String str4, int i) throws Exception {
        return genP10Request(JCrypto.JSOFT_LIB, 0, str, str2, str3, str4, i);
    }

    public String genP10RequestWithSubject(String str, String str2, String str3, String str4, String str5, int i) throws Exception {
        Session openSession = openSession(JCrypto.JSOFT_LIB);
        Mechanism mechanism = null;
        String str6 = null;
        if (str5.equalsIgnoreCase("RSA")) {
            mechanism = new Mechanism("RSA");
            str6 = "SHA1withRSAEncryption";
        }
        if (str5.equalsIgnoreCase("SM2")) {
            mechanism = new Mechanism("SM2");
            str6 = "SM3withSM2Encryption";
        }
        JCrypto.getInstance().initialize(JCrypto.JSOFT_LIB, null);
        JKeyPair generateKeyPair = openSession.generateKeyPair(mechanism, i);
        JKey publicKey = generateKeyPair.getPublicKey();
        JKey privateKey = generateKeyPair.getPrivateKey();
        byte[] generateCertificationRequestData_B64 = new PKCS10(openSession).generateCertificationRequestData_B64(str6, str4, publicKey, null, privateKey);
        String replaceAll = getAlias(publicKey).replaceAll(CookieSpec.PATH_DELIM, "-");
        String replacePath = replacePath(str, replaceAll);
        String replacePath2 = replacePath(str2, replaceAll);
        JKey jKey = new JKey("DESede", create3DesByte(str3));
        SmSplitFile.createsm2File(openSession.encrypt(new Mechanism(Mechanism.DES3_ECB), jKey, privateKey.getKey()), replacePath2);
        byte[] encode = Base64.encode(openSession.encrypt(new Mechanism(Mechanism.DES3_ECB), jKey, generateCertificationRequestData_B64));
        ArrayList arrayList = new ArrayList();
        arrayList.add(generateCertificationRequestData_B64);
        arrayList.add("\n".getBytes());
        arrayList.add(encode);
        createFileByByte(arrayList, replacePath);
        return new String(generateCertificationRequestData_B64);
    }

    public String genSM2P10RequestWithSoftLib(String str, String str2, String str3, int i) throws Exception {
        return genP10Request(JCrypto.JSOFT_LIB, 0, "", str, str2, str3, i);
    }

    public String genUpdatedP10Request(String str, String str2, KeyEntry keyEntry, String str3, String str4) throws Exception {
        return genUpdatedP10Request(str, str2, keyEntry, str3, str4, JCrypto.JSOFT_LIB);
    }

    public String getAlias(X509Cert x509Cert) throws Exception {
        return getAlias(x509Cert.getPublicKey());
    }

    public String getAlias(JKey jKey) throws Exception {
        return new String(Base64.encode(openSession(JCrypto.JSOFT_LIB).digest(new Mechanism("SHA1"), jKey.getKey())));
    }

    public X509Cert getCertEntry(String str, String str2, String str3) throws Exception {
        Certificate certificate = openKeyStore(str, str2).getCertificate(str3);
        if (certificate != null) {
            return new X509Cert(certificate.getEncoded());
        }
        return null;
    }

    public JKey getJKey(String str, String str2, String str3) throws Exception {
        Key key = openKeyStore(str, str2).getKey(str3, this.privateKeyPassWord.toCharArray());
        return AlgorithmIdentifier.getInstance(((ASN1Sequence) Parser.writeBytes2DERObj(key.getEncoded())).getObjectAt(1)).getObjectId().equals(PKCSObjectIdentifiers.rsaEncryption) ? new JKey(JKey.RSA_PRV_KEY, key.getEncoded()) : new JKey(JKey.ECDSA_PRV_KEY, key.getEncoded());
    }

    public KeyEntry getKeyEntry(String str, String str2) throws Exception {
        KeyEntry keyEntry = new KeyEntry();
        KeyStore openKeyStore = openKeyStore(str, str2);
        Enumeration<String> aliases = openKeyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (openKeyStore.isKeyEntry(nextElement)) {
                JKey jKey = null;
                if (!this.isUserPriKeyPW) {
                    Key key = openKeyStore.getKey(nextElement, str2.toCharArray());
                    jKey = AlgorithmIdentifier.getInstance(((ASN1Sequence) Parser.writeBytes2DERObj(key.getEncoded())).getObjectAt(1)).getObjectId().equals(PKCSObjectIdentifiers.rsaEncryption) ? new JKey(JKey.RSA_PRV_KEY, key.getEncoded()) : new JKey(JKey.ECDSA_PRV_KEY, key.getEncoded());
                }
                X509Cert x509Cert = new X509Cert(openKeyStore.getCertificate(nextElement).getEncoded());
                keyEntry.setAilas(nextElement);
                keyEntry.setCert(x509Cert);
                keyEntry.setKey(jKey);
            }
        }
        return keyEntry;
    }

    public List<KeyEntry> getKeyEntryList(String str, String str2) throws Exception {
        ArrayList arrayList = new ArrayList();
        KeyStore openKeyStore = openKeyStore(str, str2);
        Enumeration<String> aliases = openKeyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (openKeyStore.isKeyEntry(nextElement)) {
                JKey jKey = null;
                if (!this.isUserPriKeyPW) {
                    Key key = openKeyStore.getKey(nextElement, str2.toCharArray());
                    jKey = AlgorithmIdentifier.getInstance(((ASN1Sequence) Parser.writeBytes2DERObj(key.getEncoded())).getObjectAt(1)).getObjectId().equals(PKCSObjectIdentifiers.rsaEncryption) ? new JKey(JKey.RSA_PRV_KEY, key.getEncoded()) : new JKey(JKey.ECDSA_PRV_KEY, key.getEncoded());
                }
                X509Cert x509Cert = new X509Cert(openKeyStore.getCertificate(nextElement).getEncoded());
                KeyEntry keyEntry = new KeyEntry();
                keyEntry.setAilas(nextElement);
                keyEntry.setCert(x509Cert);
                keyEntry.setKey(jKey);
                arrayList.add(keyEntry);
            }
        }
        return arrayList;
    }

    public List<KeyEntry> getTrustCertList(String str, String str2) throws Exception {
        ArrayList arrayList = new ArrayList();
        KeyStore openKeyStore = openKeyStore(str, str2);
        Enumeration<String> aliases = openKeyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (openKeyStore.isCertificateEntry(nextElement)) {
                X509Cert x509Cert = new X509Cert(openKeyStore.getCertificate(nextElement).getEncoded());
                KeyEntry keyEntry = new KeyEntry();
                keyEntry.setAilas(nextElement);
                keyEntry.setCert(x509Cert);
                keyEntry.setKey(null);
                arrayList.add(keyEntry);
            }
        }
        return arrayList;
    }

    public void saveEnvCertToKeyStore(String str, String str2, KeyEntry keyEntry, String str3) throws Exception {
        KeyStore openKeyStore = openKeyStore(str, str2);
        PrivateKey convertPrivateKey = Parser.convertPrivateKey(keyEntry.getKey());
        if (openKeyStore.containsAlias(str3)) {
            openKeyStore.deleteEntry(str3);
            MLog.i("KeyStoreManager", "alias:[" + str3 + "],del success");
        }
        openKeyStore.setKeyEntry(str3, convertPrivateKey, this.isUserPriKeyPW ? this.privateKeyPassWord.toCharArray() : str2.toCharArray(), new Certificate[]{convert2JavaCert(keyEntry.getCert())});
        FileOutputStream fileOutputStream = this.privateFfous == null ? new FileOutputStream(str) : this.privateFfous;
        openKeyStore.store(fileOutputStream, str2.toCharArray());
        fileOutputStream.flush();
        fileOutputStream.close();
    }

    public void setDoubleKeyCertWithP7b(String str, String str2, String str3, X509Cert x509Cert, X509Cert x509Cert2, String str4, String str5, String str6, String str7, String str8) throws Exception {
        String str9;
        String str10;
        Mechanism mechanism;
        if ("RC4".equals(str5)) {
            str9 = "RC4";
            str10 = "RC4";
        } else {
            if (!"3DES".equals(str5)) {
                throw new Exception("..temporary no support Mechanism ");
            }
            str9 = Mechanism.DES3_ECB;
            str10 = "DESede";
        }
        KeyStore openKeyStore = openKeyStore(str, str3);
        String alias = getAlias(x509Cert.getPublicKey());
        Session openSession = openSession(JCrypto.JSOFT_LIB);
        Key parsePriKey = parsePriKey(str8, str7);
        JKey jKey = new JKey(JKey.RSA_PRV_KEY, parsePriKey.getEncoded());
        JKey publicKey = x509Cert.getPublicKey();
        Mechanism mechanism2 = publicKey.getKeyType().equals("RSA_Public") ? new Mechanism("SHA1withRSAEncryption") : new Mechanism("SHA1withECDSA");
        byte[] bytes = "JIT".getBytes();
        if (!openSession.verifySign(mechanism2, publicKey, bytes, openSession.sign(mechanism2, jKey, bytes))) {
            MLog.e("setDoubleKeyCertWithP7b", "=======verify certificate public key failure.");
            throw new Exception("verify sign certificate public key failure.");
        }
        openKeyStore.setKeyEntry(alias, parsePriKey, str7.toCharArray(), new Certificate[]{convert2JavaCert(x509Cert)});
        if (publicKey.getKeyType().equals("RSA_Public")) {
            mechanism = new Mechanism(Mechanism.RSA_PKCS);
            mechanism.setPad(false);
        } else {
            mechanism = new Mechanism(Mechanism.ECDSA);
        }
        convert2JavaCert(x509Cert2);
        JKey jKey2 = new JKey(JKey.RSA_PRV_KEY, getRsaPrvJkey(openSession.decrypt(new Mechanism(str9), new JKey(str10, openSession.decrypt(mechanism, jKey, Base64.decode(str4))), Base64.decode(str6))));
        if (!"JIT".equals(new String(openSession.decrypt(mechanism, jKey2, openSession.encrypt(mechanism, x509Cert2.getPublicKey(), bytes))))) {
            MLog.e("setDoubleKeyCertWithP7b", "=======verify enc certificate public key failure.");
            throw new Exception("verify enc certificate public key failure.");
        }
        openKeyStore.setKeyEntry(String.valueOf(alias) + str2, Parser.convertPrivateKey(jKey2), str7.toCharArray(), new Certificate[]{convert2JavaCert(x509Cert2)});
        FileOutputStream fileOutputStream = this.privateFfous == null ? new FileOutputStream(str) : this.privateFfous;
        openKeyStore.store(fileOutputStream, str3.toCharArray());
        fileOutputStream.flush();
        fileOutputStream.close();
        MLog.i("setDoubleKeyCertWithP7b", "alias:[" + alias + "] is create file is success");
    }

    public void setDoubleKeyCertWithSoftLib(String str, String str2, String str3, X509Cert x509Cert, X509Cert x509Cert2, String str4, String str5, String str6, JKeyPair jKeyPair) throws Exception {
        String str7;
        String str8;
        Mechanism mechanism;
        if ("RC4".equals(str5)) {
            str7 = "RC4";
            str8 = "RC4";
        } else {
            if (!"3DES".equals(str5)) {
                throw new Exception("..temporary no support Mechanism ");
            }
            str7 = Mechanism.DES3_ECB;
            str8 = "DESede";
        }
        KeyStore openKeyStore = openKeyStore(str, str3);
        String alias = getAlias(x509Cert.getPublicKey());
        Key key = openKeyStore.getKey(alias, this.isUserPriKeyPW ? this.privateKeyPassWord.toCharArray() : str3.toCharArray());
        if (key == null) {
            throw new Exception("KeyStore doesn't contain key enry named [" + alias + "]");
        }
        JKey jKey = new JKey(JKey.RSA_PRV_KEY, key.getEncoded());
        JKey publicKey = x509Cert.getPublicKey();
        Mechanism mechanism2 = publicKey.getKeyType().equals("RSA_Public") ? new Mechanism("SHA1withRSAEncryption") : new Mechanism("SHA1withECDSA");
        byte[] bytes = "JIT".getBytes();
        Session openSession = openSession(JCrypto.JSOFT_LIB);
        if (!openSession.verifySign(mechanism2, publicKey, bytes, openSession.sign(mechanism2, jKey, bytes))) {
            MLog.e("KeyStoreManager", "=======verify certificate public key failure.");
            throw new Exception("verify sign certificate public key failure.");
        }
        openKeyStore.deleteEntry(alias);
        openKeyStore.setKeyEntry(alias, key, this.isUserPriKeyPW ? this.privateKeyPassWord.toCharArray() : str3.toCharArray(), new Certificate[]{convert2JavaCert(x509Cert)});
        if (publicKey.getKeyType().equals("RSA_Public")) {
            mechanism = new Mechanism(Mechanism.RSA_PKCS);
            mechanism.setPad(false);
        } else {
            mechanism = new Mechanism(Mechanism.ECDSA);
        }
        convert2JavaCert(x509Cert2);
        JKey jKey2 = new JKey(JKey.RSA_PRV_KEY, getRsaPrvJkey(openSession.decrypt(new Mechanism(str7), new JKey(str8, openSession.decrypt(mechanism, jKey, Base64.decode(str4))), Base64.decode(str6))));
        if (!"JIT".equals(new String(openSession.decrypt(mechanism, jKey2, openSession.encrypt(mechanism, x509Cert2.getPublicKey(), bytes))))) {
            MLog.e("KeyStoreManager", "=======verify enc certificate public key failure.");
            throw new Exception("verify enc certificate public key failure.");
        }
        openKeyStore.setKeyEntry(String.valueOf(alias) + str2, Parser.convertPrivateKey(jKey2), this.isUserPriKeyPW ? this.privateKeyPassWord.toCharArray() : str3.toCharArray(), new Certificate[]{convert2JavaCert(x509Cert2)});
        FileOutputStream fileOutputStream = this.privateFfous == null ? new FileOutputStream(str) : this.privateFfous;
        openKeyStore.store(fileOutputStream, str3.toCharArray());
        fileOutputStream.flush();
        fileOutputStream.close();
        MLog.i("KeyStoreManager", "alias:[" + alias + "] is create file is success");
    }

    public void setDoubleKeyCertWithSoftLibByDelay(String str, String str2, String str3, X509Cert x509Cert, X509Cert x509Cert2) throws Exception {
        KeyStore openKeyStore = openKeyStore(str, str3);
        String alias = getAlias(x509Cert.getPublicKey());
        saveCertToKeyStore(openKeyStore, str3, x509Cert, alias);
        saveCertToKeyStore(openKeyStore, str3, x509Cert2, String.valueOf(alias) + str2);
        FileOutputStream fileOutputStream = this.privateFfous == null ? new FileOutputStream(str) : this.privateFfous;
        openKeyStore.store(fileOutputStream, str3.toCharArray());
        fileOutputStream.flush();
        fileOutputStream.close();
        MLog.e("KeyStoreManager", "alias:[" + alias + "],delay is success");
    }

    public void setDoubleSM2KeyCertWithP7b(String str, String str2, String str3, String str4, String str5, X509Cert x509Cert, X509Cert x509Cert2, byte[] bArr, String str6) throws Exception {
        String str7;
        String str8;
        String str9;
        byte[] writeDERObj2Bytes;
        byte[] bytes;
        String alias = getAlias(x509Cert.getPublicKey());
        ASN1Sequence dERSequence = DERSequence.getInstance(Parser.writeBytes2DERObj(bArr));
        if (dERSequence.getObjectAt(0) instanceof DERInteger) {
            MLog.i("setDoubleSM2KeyCertWithP7b", "....go NEW CA ENV....");
            SignedAndEnvelopedData signedAndEnvelopedData = SignedAndEnvelopedData.getInstance(Parser.writeBytes2DERObj(bArr));
            String id = signedAndEnvelopedData.getEncryptedContentInfo().getContentEncryptionAlgorithm().getObjectId().getId();
            if (id.equals(PKCSObjectIdentifiers.gm_SM4.getId())) {
                str7 = "SM4";
                str8 = Mechanism.SM2_RAW;
                str9 = Mechanism.SM4_ECB;
            } else {
                if (id.equals(PKCSObjectIdentifiers.gm_SM1.getId())) {
                    throw new Exception("...not support Mechanism.");
                }
                str7 = "SF33";
                str8 = Mechanism.SM2_RAW;
                str9 = Mechanism.SF33_ECB;
            }
            writeDERObj2Bytes = RecipientInfo.getInstance(((DERSet) signedAndEnvelopedData.getRecipientInfos()).getObjectAt(0)).getEncryptedKey().getOctets();
            Util.hardKey2SoftPubKey(x509Cert2.getPublicKey());
            bytes = signedAndEnvelopedData.getEncryptedContentInfo().getEncryptedContent().getOctets();
        } else {
            MLog.i("setDoubleSM2KeyCertWithP7b", "....go OLD CA ENV....");
            String id2 = AlgorithmIdentifier.getInstance(dERSequence.getObjectAt(0)).getObjectId().getId();
            if (id2.equals(PKCSObjectIdentifiers.gm_SM4.getId())) {
                str7 = "SM4";
                str8 = Mechanism.SM2_RAW;
                str9 = Mechanism.SM4_ECB;
            } else {
                if (id2.equals(PKCSObjectIdentifiers.gm_SM1.getId())) {
                    throw new Exception("...not support Mechanism.");
                }
                str7 = "SF33";
                str8 = Mechanism.SM2_RAW;
                str9 = Mechanism.SF33_ECB;
            }
            writeDERObj2Bytes = Parser.writeDERObj2Bytes(dERSequence.getObjectAt(1));
            ((DERBitString) dERSequence.getObjectAt(2)).getBytes();
            bytes = ((DERBitString) dERSequence.getObjectAt(3)).getBytes();
        }
        MLog.i("setDoubleSM2KeyCertWithP7b", "encType : " + str7);
        Session openSession = openSession(JCrypto.JSOFT_LIB);
        JKey jKey = new JKey(JKey.SM2_PRV_KEY, parsePriFileKey(str6, str5));
        byte[] decrypt = openSession.decrypt(new Mechanism(str8), jKey, writeDERObj2Bytes);
        Mechanism mechanism = new Mechanism(str9);
        mechanism.setPad(false);
        byte[] decrypt2 = openSession.decrypt(mechanism, new JKey(str7, decrypt), bytes);
        this.privateKeyPassWord = str5;
        setSM2KeyCertWithSoftLib(str, str2, str5, x509Cert, jKey, alias);
        setSM2KeyCertWithSoftLib(str3, str4, str5, x509Cert2, Util.getPrvKey(decrypt2), alias);
        MLog.i("setDoubleSM2KeyCertWithP7b", "alias:[" + alias + "],is sm2 success");
    }

    public void setDoubleSM2KeyCertWithSoftLib(String str, String str2, String str3, String str4, String str5, X509Cert x509Cert, X509Cert x509Cert2, byte[] bArr) throws Exception {
        String str6;
        String str7;
        String str8;
        byte[] writeDERObj2Bytes;
        byte[] bytes;
        String alias = getAlias(x509Cert.getPublicKey());
        ASN1Sequence dERSequence = DERSequence.getInstance(Parser.writeBytes2DERObj(bArr));
        if (dERSequence.getObjectAt(0) instanceof DERInteger) {
            MLog.i("KeyStoreManager", "....go NEW CA ENV....");
            SignedAndEnvelopedData signedAndEnvelopedData = SignedAndEnvelopedData.getInstance(Parser.writeBytes2DERObj(bArr));
            String id = signedAndEnvelopedData.getEncryptedContentInfo().getContentEncryptionAlgorithm().getObjectId().getId();
            if (id.equals(PKCSObjectIdentifiers.gm_SM4.getId())) {
                str6 = "SM4";
                str7 = Mechanism.SM2_RAW;
                str8 = Mechanism.SM4_ECB;
            } else {
                if (id.equals(PKCSObjectIdentifiers.gm_SM1.getId())) {
                    throw new Exception("...not support Mechanism.");
                }
                str6 = "SF33";
                str7 = Mechanism.SM2_RAW;
                str8 = Mechanism.SF33_ECB;
            }
            writeDERObj2Bytes = RecipientInfo.getInstance(((DERSet) signedAndEnvelopedData.getRecipientInfos()).getObjectAt(0)).getEncryptedKey().getOctets();
            Util.hardKey2SoftPubKey(x509Cert2.getPublicKey());
            bytes = signedAndEnvelopedData.getEncryptedContentInfo().getEncryptedContent().getOctets();
        } else {
            MLog.i("KeyStoreManager", "....go OLD CA ENV....");
            String id2 = AlgorithmIdentifier.getInstance(dERSequence.getObjectAt(0)).getObjectId().getId();
            if (id2.equals(PKCSObjectIdentifiers.gm_SM4.getId())) {
                str6 = "SM4";
                str7 = Mechanism.SM2_RAW;
                str8 = Mechanism.SM4_ECB;
            } else {
                if (id2.equals(PKCSObjectIdentifiers.gm_SM1.getId())) {
                    throw new Exception("...not support Mechanism.");
                }
                str6 = "SF33";
                str7 = Mechanism.SM2_RAW;
                str8 = Mechanism.SF33_ECB;
            }
            writeDERObj2Bytes = Parser.writeDERObj2Bytes(dERSequence.getObjectAt(1));
            ((DERBitString) dERSequence.getObjectAt(2)).getBytes();
            bytes = ((DERBitString) dERSequence.getObjectAt(3)).getBytes();
        }
        MLog.i("KeyStoreManager", "encType : " + str6);
        Session openSession = openSession(JCrypto.JSOFT_LIB);
        JKey jKey = new JKey(JKey.SM2_PRV_KEY, openSession.decrypt(new Mechanism("RC4"), new JKey("RC4", this.privateKeyPassWord.getBytes()), Base64.decode(this.softSM2Prikey.get(alias))));
        byte[] decrypt = openSession.decrypt(new Mechanism(str7), jKey, writeDERObj2Bytes);
        Mechanism mechanism = new Mechanism(str8);
        mechanism.setPad(false);
        byte[] decrypt2 = openSession.decrypt(mechanism, new JKey(str6, decrypt), bytes);
        setSM2KeyCertWithSoftLib(str, str2, str5, x509Cert, jKey, alias);
        setSM2KeyCertWithSoftLib(str3, str4, str5, x509Cert2, Util.getPrvKey(decrypt2), alias);
        MLog.i("KeyStoreManager", "alias:[" + alias + "],is sm2 success");
    }

    public void setDoubleSM2KeyCertWithSoftLibByDelay(String str, String str2, String str3, String str4, String str5, X509Cert x509Cert, X509Cert x509Cert2) throws Exception {
        String alias = getAlias(x509Cert.getPublicKey());
        SMFileTool.parseSMFile(str, this.privateKeyPassWord);
        if (str.lastIndexOf(CertConfigConstant.P12_POSTFIX) != -1) {
            str = str.replace(CertConfigConstant.P12_POSTFIX, ".jit");
        }
        setSM2KeyCertWithSoftLib(str, str2, str5, x509Cert, SMFileTool.getPrvKey(), alias);
        SMFileTool.parseSMFile(str3, this.privateKeyPassWord);
        if (str3.lastIndexOf(CertConfigConstant.P12_POSTFIX) != -1) {
            str3 = str.replace(CertConfigConstant.P12_POSTFIX, ".doublejit");
        }
        setSM2KeyCertWithSoftLib(str3, str4, str5, x509Cert2, SMFileTool.getPrvKey(), alias);
        MLog.i("setDoubleSM2KeyCertWithSoftLibByDelay", "alias:[" + alias + "],delay is success");
    }

    public void setKeyCertWithHardLib(int i, String str, String str2, X509Cert x509Cert) throws Exception {
        Session openSession = openSession(JCrypto.JSJY05B_LIB);
        GenKeyAttribute genKeyAttribute = new GenKeyAttribute();
        genKeyAttribute.setKeyNum(i);
        genKeyAttribute.setIsExport(false);
        JKey publicKey = x509Cert.getPublicKey();
        Mechanism mechanism = publicKey.getKeyType().equals("RSA_Public") ? new Mechanism("RSA") : new Mechanism(Mechanism.ECDSA);
        mechanism.setParam(genKeyAttribute);
        if (!Arrays.equals(openSession.generateKeyPair(mechanism, 1024).getPublicKey().getKey(), publicKey.getKey())) {
            throw new Exception("verify certificate public key failure.");
        }
        openSession.destroyCertObject(null, openSession.getCfgTag().getNoExportRSAKey(i).getBytes());
        openSession.createCertObject(x509Cert.getSubject().getBytes(), x509Cert.getEncoded(), openSession.getCfgTag().getNoExportRSAKey(i).getBytes());
        setTrustCert(str, str2, x509Cert);
    }

    public void setKeyCertWithHardLib(int i, String str, String str2, X509Cert x509Cert, String str3) throws Exception {
        Session openSession = JCrypto.getInstance().openSession(JCrypto.JSJY05B_LIB, str3);
        GenKeyAttribute genKeyAttribute = new GenKeyAttribute();
        genKeyAttribute.setKeyNum(i);
        genKeyAttribute.setIsExport(false);
        JKey publicKey = x509Cert.getPublicKey();
        Mechanism mechanism = publicKey.getKeyType().equals("RSA_Public") ? new Mechanism("RSA") : new Mechanism(Mechanism.ECDSA);
        mechanism.setParam(genKeyAttribute);
        if (!Arrays.equals(openSession.generateKeyPair(mechanism, 1024).getPublicKey().getKey(), publicKey.getKey())) {
            throw new Exception("verify certificate public key failure.");
        }
        openSession.destroyCertObject(null, openSession.getCfgTag().getNoExportRSAKey(i).getBytes());
        openSession.createCertObject(x509Cert.getSubject().getBytes(), x509Cert.getEncoded(), openSession.getCfgTag().getNoExportRSAKey(i).getBytes());
        setTrustCert(str, str2, x509Cert);
    }

    public void setKeyCertWithP7b(String str, String str2, String str3, X509Cert x509Cert, String str4) throws Exception {
        KeyStore openKeyStore = openKeyStore(str, str2);
        String alias = getAlias(x509Cert.getPublicKey());
        MLog.e("setKeyCertWithP7b", "alias:" + alias);
        Session openSession = openSession(JCrypto.JSOFT_LIB);
        Key parsePriKey = parsePriKey(str3, str4);
        JKey jKey = new JKey(JKey.RSA_PRV_KEY, parsePriKey.getEncoded());
        JKey publicKey = x509Cert.getPublicKey();
        Mechanism mechanism = publicKey.getKeyType().equals("RSA_Public") ? new Mechanism("SHA1withRSAEncryption") : new Mechanism("SHA1withECDSA");
        byte[] bytes = "JIT".getBytes();
        if (!openSession.verifySign(mechanism, publicKey, bytes, openSession.sign(mechanism, jKey, bytes))) {
            throw new Exception("verify certificate public key failure.");
        }
        openKeyStore.setKeyEntry(alias, parsePriKey, str4.toCharArray(), new Certificate[]{convert2JavaCert(x509Cert)});
        FileOutputStream fileOutputStream = this.privateFfous == null ? new FileOutputStream(str) : this.privateFfous;
        openKeyStore.store(fileOutputStream, str2.toCharArray());
        fileOutputStream.flush();
        fileOutputStream.close();
    }

    public void setKeyCertWithSoftLib(String str, String str2, X509Cert x509Cert) throws Exception {
        KeyStore openKeyStore = openKeyStore(str, str2);
        String alias = getAlias(x509Cert.getPublicKey());
        MLog.i("setKeyCertWithSoftLib", "alias:" + alias);
        Key key = openKeyStore.getKey(alias, this.isUserPriKeyPW ? this.privateKeyPassWord.toCharArray() : str2.toCharArray());
        if (key == null) {
            throw new Exception("KeyStore doesn't contain key enry named [" + alias + "]");
        }
        JKey jKey = new JKey(JKey.RSA_PRV_KEY, key.getEncoded());
        JKey publicKey = x509Cert.getPublicKey();
        Mechanism mechanism = publicKey.getKeyType().equals("RSA_Public") ? new Mechanism("SHA1withRSAEncryption") : new Mechanism("SHA1withECDSA");
        byte[] bytes = "JIT".getBytes();
        Session openSession = openSession(JCrypto.JSOFT_LIB);
        if (!openSession.verifySign(mechanism, publicKey, bytes, openSession.sign(mechanism, jKey, bytes))) {
            throw new Exception("verify certificate public key failure.");
        }
        openKeyStore.deleteEntry(alias);
        openKeyStore.setKeyEntry(alias, key, this.isUserPriKeyPW ? this.privateKeyPassWord.toCharArray() : str2.toCharArray(), new Certificate[]{convert2JavaCert(x509Cert)});
        FileOutputStream fileOutputStream = this.privateFfous == null ? new FileOutputStream(str) : this.privateFfous;
        openKeyStore.store(fileOutputStream, str2.toCharArray());
        fileOutputStream.flush();
        fileOutputStream.close();
    }

    public void setPrivateFile(File file) {
        this.privateFile = file;
    }

    public void setPrivateFileInputStream(FileInputStream fileInputStream) {
        this.privateFin = fileInputStream;
    }

    public void setPrivateFileOutputStream(FileOutputStream fileOutputStream) {
        this.privateFfous = fileOutputStream;
    }

    public void setPrivateKeyPassWord(String str) {
        this.privateKeyPassWord = str;
    }

    public void setSM2KeyCertWithP7b(String str, String str2, String str3, X509Cert x509Cert, String str4) throws Exception {
        generateSmFile(new JKey(JKey.SM2_PRV_KEY, parsePriFileKey(str4, str3)), x509Cert, str3, str);
        generateCertFile(str2, x509Cert.getEncoded());
    }

    public void setSM2KeyCertWithSoftLib(String str, String str2, String str3, X509Cert x509Cert, JKey jKey, String str4) throws Exception {
        generateSmFile(jKey == null ? new JKey(JKey.SM2_PRV_KEY, openSession(JCrypto.JSOFT_LIB).decrypt(new Mechanism("RC4"), new JKey("RC4", this.privateKeyPassWord.getBytes()), Base64.decode(this.softSM2Prikey.get((str4 == null || str4.isEmpty()) ? getAlias(x509Cert.getPublicKey()) : "")))) : jKey, x509Cert, this.privateKeyPassWord, str);
        generateCertFile(str2, x509Cert.getEncoded());
    }

    public void setSM2KeyCertWithSoftLibByDelay(String str, String str2, String str3, X509Cert x509Cert) throws Exception {
        String alias = getAlias(x509Cert.getPublicKey());
        SMFileTool.parseSMFile(str, this.privateKeyPassWord);
        if (str.lastIndexOf(CertConfigConstant.P12_POSTFIX) != -1) {
            str = str.replace(CertConfigConstant.P12_POSTFIX, ".jit");
        }
        setSM2KeyCertWithSoftLib(str, str2, str3, x509Cert, SMFileTool.getPrvKey(), alias);
        MLog.i("setSM2KeyCertWithSoftLibByDelay", "alias:[" + alias + "],delay is success");
    }

    public void setSplitDoubleSM2KeyCertWithDelay(JKey jKey, JKey jKey2, String str, String str2, String str3, String str4, String str5, X509Cert x509Cert, X509Cert x509Cert2) throws Exception {
        String alias = getAlias(x509Cert.getPublicKey());
        setSM2KeyCertWithSoftLib(str, str2, str5, x509Cert, jKey, alias);
        setSM2KeyCertWithSoftLib(str3, str4, str5, x509Cert2, jKey2, alias);
        MLog.i("setSplitDoubleSM2KeyCertWithDelay", "alias:[" + alias + "],delay is success");
    }

    public void setSplitSM2KeyCertByDelay(String str, JKey jKey, String str2, String str3, X509Cert x509Cert) throws Exception {
        String alias = getAlias(x509Cert.getPublicKey());
        setSM2KeyCertWithSoftLib(str, str2, str3, x509Cert, jKey, alias);
        MLog.i("setSplitSM2KeyCertByDelay", "alias:[" + alias + "],delay is success");
    }

    public void setStoreType(String str) throws Exception {
        this.sType = str;
    }

    public void setTrustCert(String str, String str2, X509Cert x509Cert) throws Exception {
        KeyStore openKeyStore = openKeyStore(str, str2);
        String alias = getAlias(x509Cert);
        if (openKeyStore.containsAlias(alias)) {
            openKeyStore.deleteEntry(alias);
        }
        openKeyStore.setCertificateEntry(alias, convert2JavaCert(x509Cert));
        FileOutputStream fileOutputStream = this.privateFfous == null ? new FileOutputStream(str) : this.privateFfous;
        openKeyStore.store(fileOutputStream, str2.toCharArray());
        fileOutputStream.flush();
        fileOutputStream.close();
    }

    public void setTrustCertWithP7B(String str, String str2, String str3) throws Exception {
        setTrustCerts(str, str2, new P7B().parseP7b(str3));
    }

    public void setTrustCertWithP7B(String str, String str2, byte[] bArr) throws Exception {
        setTrustCerts(str, str2, new P7B().parseP7b(bArr));
    }

    public void setTrustCerts(String str, String str2, X509Cert[] x509CertArr) throws Exception {
        KeyStore openKeyStore = openKeyStore(str, str2);
        for (int i = 0; i < x509CertArr.length; i++) {
            String alias = getAlias(x509CertArr[i]);
            if (openKeyStore.containsAlias(alias)) {
                openKeyStore.deleteEntry(alias);
            }
            openKeyStore.setCertificateEntry(alias, convert2JavaCert(x509CertArr[i]));
        }
        FileOutputStream fileOutputStream = this.privateFfous == null ? new FileOutputStream(str) : this.privateFfous;
        openKeyStore.store(fileOutputStream, str2.toCharArray());
        fileOutputStream.flush();
        fileOutputStream.close();
    }
}
