package cn.com.jit.android.ida.util.pki.keystore;

import cn.com.jit.android.ida.util.pki.pkcs.PKCS12;
import cn.com.jit.ida.util.pki.Parser;
import cn.com.jit.ida.util.pki.asn1.ASN1Sequence;
import cn.com.jit.ida.util.pki.asn1.pkcs.PKCSObjectIdentifiers;
import cn.com.jit.ida.util.pki.asn1.x509.AlgorithmIdentifier;
import cn.com.jit.ida.util.pki.cert.X509Cert;
import cn.com.jit.ida.util.pki.cipher.JCrypto;
import cn.com.jit.ida.util.pki.cipher.JKey;
import cn.com.jit.ida.util.pki.cipher.JKeyPair;
import cn.com.jit.ida.util.pki.cipher.Mechanism;
import cn.com.jit.ida.util.pki.cipher.Session;
import cn.com.jit.ida.util.pki.cipher.param.GenKeyAttribute;
import cn.com.jit.ida.util.pki.encoders.Base64;
import cn.com.jit.ida.util.pki.keystore.KeyEntry;
import cn.com.jit.ida.util.pki.pkcs.P7B;
import cn.com.jit.ida.util.pki.pkcs.PKCS10;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.List;

/* loaded from: classes.dex */
public class KeyStoreManager {
    public static final String TRUST_CERT_ID = "trustcertid";
    public static final String tmpCertStr = "MIIC5DCCAk2gAwIBAgIQa6gl/TivVSqXP8dPnZucXDANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJDTjEMMAoGA1UEChMDSklUMRcwFQYDVQQLEw53d3cuaml0LmNvbS5jbjEPMA0GA1UEAxMGSklUIENBMB4XDTA1MDgxOTA4MTgxOFoXDTI1MDgxNDA4MTgxOFowRTELMAkGA1UEBhMCQ04xDDAKBgNVBAoTA0pJVDEXMBUGA1UECxMOd3d3LmppdC5jb20uY24xDzANBgNVBAMTBkpJVCBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApoZCiaMfa8RFFVKZrUP+9QWHNk8c/clRiJIKl2WrUYYnUrL4KVYt7rA8NJdUAA63OM6w4Bd6uVuudGz949p3AkjiY0tOQNMsdsQfZoCdCykvsOazzboY2zTSAzwFZUt33+4nCCsxrxLbqvVSVwuN2x9+VKa327u8+hbYXOq+/JkCAwEAAaOB1DCB0TAfBgNVHSMEGDAWgBTPVrW0/9er9lukYtIum4uhHyzQBzAMBgNVHRMEBTADAQH/MHQGA1UdHwRtMGswQKA+oDykOjA4MQswCQYDVQQGEwJDTjEMMAoGA1UEChMDSklUMQwwCgYDVQQLEwNDUkwxDTALBgNVBAMTBENSTDEwJ6AloCOGIWh0dHA6Ly9qaXRjcmwuaml0LmNvbS5jbi9jcmwxLmNybDALBgNVHQ8EBAMCAf4wHQYDVR0OBBYEFM9WtbT/16v2W6Ri0i6bi6EfLNAHMA0GCSqGSIb3DQEBBQUAA4GBAH3FBD56Hebdyp1dh85vOmbxF/AVckS5aXUSkGlKzXJDOIGtr3mPb0r4m6NSJowDwrYpT+RcezFDacg9o+uLuU/q/9LaI4qmFVP1xISx+LG0liUDNoiySMa4TbV45RpkNOxUasLmhlx6oWXRMxTKuiv357yf0M6zGCuiseqNv6P3";
    private String sType = "JKS";
    private boolean isUserPriKeyPW = false;
    private String privateKeyPassWord = "";
    private FileOutputStream privateFfous = null;
    private FileInputStream privateFin = null;
    private File privateFile = null;

    private Certificate convert2JavaCert(X509Cert x509Cert) throws Exception {
        return CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(x509Cert.getEncoded()));
    }

    private String genP10Request(String str, int i, String str2, String str3, String str4, String str5, int i2) throws Exception {
        Mechanism mechanism;
        String str6;
        Session openSession = openSession(str);
        if (str5.equalsIgnoreCase("RSA")) {
            mechanism = new Mechanism("RSA");
            str6 = "SHA1withRSAEncryption";
        } else if (str5.equalsIgnoreCase(Mechanism.DSA)) {
            mechanism = new Mechanism(Mechanism.DSA);
            str6 = "SHA1withDSA";
        } else if (str5.equalsIgnoreCase("SM2")) {
            mechanism = new Mechanism("SM2");
            str6 = "SM3withSM2Encryption";
        } else {
            mechanism = new Mechanism(Mechanism.ECDSA);
            str6 = "SHA1withECDSA";
        }
        JCrypto.getInstance().initialize(JCrypto.JSOFT_LIB, null);
        if (str.equalsIgnoreCase(JCrypto.JSJY05B_LIB)) {
            GenKeyAttribute genKeyAttribute = new GenKeyAttribute();
            genKeyAttribute.setKeyNum(i);
            genKeyAttribute.setIsExport(false);
            mechanism.setParam(genKeyAttribute);
        }
        JKeyPair generateKeyPair = openSession.generateKeyPair(mechanism, i2);
        JKey publicKey = generateKeyPair.getPublicKey();
        JKey privateKey = generateKeyPair.getPrivateKey();
        byte[] generateCertificationRequestData_B64 = new PKCS10(openSession).generateCertificationRequestData_B64(str6, str4, publicKey, null, privateKey);
        File file = this.privateFile == null ? new File(str2) : this.privateFile;
        if (!file.exists() && !file.getParentFile().exists()) {
            file.getParentFile().mkdirs();
        }
        file.createNewFile();
        KeyStore keyStore = KeyStore.getInstance(this.sType);
        keyStore.load(null, null);
        Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.decode("MIIC5DCCAk2gAwIBAgIQa6gl/TivVSqXP8dPnZucXDANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJDTjEMMAoGA1UEChMDSklUMRcwFQYDVQQLEw53d3cuaml0LmNvbS5jbjEPMA0GA1UEAxMGSklUIENBMB4XDTA1MDgxOTA4MTgxOFoXDTI1MDgxNDA4MTgxOFowRTELMAkGA1UEBhMCQ04xDDAKBgNVBAoTA0pJVDEXMBUGA1UECxMOd3d3LmppdC5jb20uY24xDzANBgNVBAMTBkpJVCBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApoZCiaMfa8RFFVKZrUP+9QWHNk8c/clRiJIKl2WrUYYnUrL4KVYt7rA8NJdUAA63OM6w4Bd6uVuudGz949p3AkjiY0tOQNMsdsQfZoCdCykvsOazzboY2zTSAzwFZUt33+4nCCsxrxLbqvVSVwuN2x9+VKa327u8+hbYXOq+/JkCAwEAAaOB1DCB0TAfBgNVHSMEGDAWgBTPVrW0/9er9lukYtIum4uhHyzQBzAMBgNVHRMEBTADAQH/MHQGA1UdHwRtMGswQKA+oDykOjA4MQswCQYDVQQGEwJDTjEMMAoGA1UEChMDSklUMQwwCgYDVQQLEwNDUkwxDTALBgNVBAMTBENSTDEwJ6AloCOGIWh0dHA6Ly9qaXRjcmwuaml0LmNvbS5jbi9jcmwxLmNybDALBgNVHQ8EBAMCAf4wHQYDVR0OBBYEFM9WtbT/16v2W6Ri0i6bi6EfLNAHMA0GCSqGSIb3DQEBBQUAA4GBAH3FBD56Hebdyp1dh85vOmbxF/AVckS5aXUSkGlKzXJDOIGtr3mPb0r4m6NSJowDwrYpT+RcezFDacg9o+uLuU/q/9LaI4qmFVP1xISx+LG0liUDNoiySMa4TbV45RpkNOxUasLmhlx6oWXRMxTKuiv357yf0M6zGCuiseqNv6P3".getBytes())));
        if (str.equalsIgnoreCase(JCrypto.JSOFT_LIB)) {
            keyStore.setKeyEntry(getAlias(publicKey), Parser.convertPrivateKey(privateKey), this.isUserPriKeyPW ? this.privateKeyPassWord.toCharArray() : str3.toCharArray(), new Certificate[]{generateCertificate});
        } else {
            keyStore.setCertificateEntry(str4.toLowerCase(), generateCertificate);
        }
        FileOutputStream fileOutputStream = this.privateFfous == null ? new FileOutputStream(file) : this.privateFfous;
        keyStore.store(fileOutputStream, str3.toCharArray());
        fileOutputStream.flush();
        fileOutputStream.close();
        return new String(generateCertificationRequestData_B64);
    }

    private String genP10Request4Update(String str, int i, String str2, String str3, String str4, int i2, String str5) throws Exception {
        Mechanism mechanism;
        String str6;
        Session openSession = openSession(str);
        if (str4.equalsIgnoreCase("RSA")) {
            mechanism = new Mechanism("RSA");
            str6 = "SHA1withRSAEncryption";
        } else if (str4.equalsIgnoreCase(Mechanism.DSA)) {
            mechanism = new Mechanism(Mechanism.DSA);
            str6 = "SHA1withDSA";
        } else if (str4.equalsIgnoreCase("SM2")) {
            mechanism = new Mechanism("SM2");
            str6 = "SM3withSM2Encryption";
        } else {
            mechanism = new Mechanism(Mechanism.ECDSA);
            str6 = "SHA1withECDSA";
        }
        if (str.equalsIgnoreCase(JCrypto.JSJY05B_LIB)) {
            GenKeyAttribute genKeyAttribute = new GenKeyAttribute();
            genKeyAttribute.setKeyNum(i);
            genKeyAttribute.setIsExport(false);
            mechanism.setParam(genKeyAttribute);
        }
        JKeyPair generateKeyPair = openSession.generateKeyPair(mechanism, i2);
        JKey publicKey = generateKeyPair.getPublicKey();
        JKey privateKey = generateKeyPair.getPrivateKey();
        byte[] generateCertificationRequestData_B64 = new PKCS10(openSession).generateCertificationRequestData_B64(str6, str5, publicKey, null, privateKey);
        File file = this.privateFile == null ? new File(str2) : this.privateFile;
        if (!file.getParentFile().exists()) {
            throw new Exception("keyStore file [" + str2 + "] doesn't exists. please select a correct keyStore file to execute update.");
        }
        KeyStore openKeyStore = openKeyStore(str2, str3);
        if (str.equalsIgnoreCase(JCrypto.JSOFT_LIB)) {
            PrivateKey convertPrivateKey = Parser.convertPrivateKey(privateKey);
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            byte[] decode = Base64.decode("MIIC5DCCAk2gAwIBAgIQa6gl/TivVSqXP8dPnZucXDANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJDTjEMMAoGA1UEChMDSklUMRcwFQYDVQQLEw53d3cuaml0LmNvbS5jbjEPMA0GA1UEAxMGSklUIENBMB4XDTA1MDgxOTA4MTgxOFoXDTI1MDgxNDA4MTgxOFowRTELMAkGA1UEBhMCQ04xDDAKBgNVBAoTA0pJVDEXMBUGA1UECxMOd3d3LmppdC5jb20uY24xDzANBgNVBAMTBkpJVCBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApoZCiaMfa8RFFVKZrUP+9QWHNk8c/clRiJIKl2WrUYYnUrL4KVYt7rA8NJdUAA63OM6w4Bd6uVuudGz949p3AkjiY0tOQNMsdsQfZoCdCykvsOazzboY2zTSAzwFZUt33+4nCCsxrxLbqvVSVwuN2x9+VKa327u8+hbYXOq+/JkCAwEAAaOB1DCB0TAfBgNVHSMEGDAWgBTPVrW0/9er9lukYtIum4uhHyzQBzAMBgNVHRMEBTADAQH/MHQGA1UdHwRtMGswQKA+oDykOjA4MQswCQYDVQQGEwJDTjEMMAoGA1UEChMDSklUMQwwCgYDVQQLEwNDUkwxDTALBgNVBAMTBENSTDEwJ6AloCOGIWh0dHA6Ly9qaXRjcmwuaml0LmNvbS5jbi9jcmwxLmNybDALBgNVHQ8EBAMCAf4wHQYDVR0OBBYEFM9WtbT/16v2W6Ri0i6bi6EfLNAHMA0GCSqGSIb3DQEBBQUAA4GBAH3FBD56Hebdyp1dh85vOmbxF/AVckS5aXUSkGlKzXJDOIGtr3mPb0r4m6NSJowDwrYpT+RcezFDacg9o+uLuU/q/9LaI4qmFVP1xISx+LG0liUDNoiySMa4TbV45RpkNOxUasLmhlx6oWXRMxTKuiv357yf0M6zGCuiseqNv6P3".getBytes());
            Certificate generateCertificate = certificateFactory.generateCertificate(new ByteArrayInputStream(decode));
            new X509Cert(decode);
            String alias = getAlias(publicKey);
            Enumeration<String> aliases = openKeyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (openKeyStore.isKeyEntry(nextElement) && nextElement.equals(alias)) {
                    openKeyStore.deleteEntry(alias);
                }
            }
            openKeyStore.setKeyEntry(alias, convertPrivateKey, this.isUserPriKeyPW ? this.privateKeyPassWord.toCharArray() : str3.toCharArray(), new Certificate[]{generateCertificate});
        }
        FileOutputStream fileOutputStream = this.privateFfous == null ? new FileOutputStream(file) : this.privateFfous;
        openKeyStore.store(fileOutputStream, str3.toCharArray());
        fileOutputStream.flush();
        fileOutputStream.close();
        return new String(generateCertificationRequestData_B64);
    }

    private KeyStore openKeyStore(String str, String str2) throws Exception {
        KeyStore keyStore = KeyStore.getInstance(this.sType);
        File file = this.privateFile == null ? new File(str) : this.privateFile;
        if (!file.getParentFile().exists()) {
            file.getParentFile().mkdirs();
        }
        if (file.exists()) {
            FileInputStream fileInputStream = this.privateFin != null ? this.privateFin : new FileInputStream(str);
            keyStore.load(fileInputStream, str2.toCharArray());
            fileInputStream.close();
        } else {
            file.createNewFile();
            keyStore.load(null, null);
        }
        return keyStore;
    }

    private Session openSession(String str) throws Exception {
        JCrypto jCrypto = JCrypto.getInstance();
        jCrypto.initialize(str, null);
        return jCrypto.openSession(str);
    }

    private void setKeyCertWithPfx(String str, String str2, JKey jKey, X509Cert[] x509CertArr) throws Exception {
        X509Cert[] x509CertArr2 = null;
        X509Cert x509Cert = null;
        if (x509CertArr != null) {
            if (x509CertArr.length >= 2) {
                x509CertArr2 = new X509Cert[x509CertArr.length - 1];
                Session openSession = openSession(JCrypto.JSOFT_LIB);
                int i = 0;
                for (int i2 = 0; i2 < x509CertArr.length; i2++) {
                    JKey publicKey = x509CertArr[i2].getPublicKey();
                    Mechanism mechanism = publicKey.getKeyType().equals("RSA_Public") ? new Mechanism("SHA1withRSAEncryption") : new Mechanism("SHA1withECDSA");
                    byte[] bytes = "JIT".getBytes();
                    if (openSession.verifySign(mechanism, publicKey, bytes, openSession.sign(mechanism, jKey, bytes))) {
                        x509Cert = x509CertArr[i2];
                    } else {
                        x509CertArr2[i] = x509CertArr[i2];
                        i++;
                    }
                }
            } else {
                x509Cert = x509CertArr[0];
            }
        }
        KeyStore openKeyStore = openKeyStore(str, str2);
        Enumeration<String> aliases = openKeyStore.aliases();
        while (aliases.hasMoreElements()) {
            openKeyStore.deleteEntry(aliases.nextElement());
        }
        x509Cert.getSubject().toLowerCase();
        openKeyStore.setKeyEntry(getAlias(x509Cert), Parser.convertPrivateKey(jKey), this.isUserPriKeyPW ? this.privateKeyPassWord.toCharArray() : str2.toCharArray(), new Certificate[]{convert2JavaCert(x509Cert)});
        FileOutputStream fileOutputStream = this.privateFfous == null ? new FileOutputStream(str) : this.privateFfous;
        openKeyStore.store(fileOutputStream, str2.toCharArray());
        fileOutputStream.flush();
        fileOutputStream.close();
        if (x509CertArr2 != null) {
            setTrustCerts(str, str2, x509CertArr2);
        }
    }

    public void ClearPrivateKeyPassWord() {
        this.privateKeyPassWord = "";
    }

    public void UserPrivateKeyPassWord() {
        this.isUserPriKeyPW = true;
    }

    public KeyEntry addKeyCertWithPfx(String str, String str2, JKey jKey, X509Cert[] x509CertArr) throws Exception {
        X509Cert[] x509CertArr2 = null;
        X509Cert x509Cert = null;
        if (x509CertArr != null) {
            if (x509CertArr.length >= 2) {
                x509CertArr2 = new X509Cert[x509CertArr.length - 1];
                Session openSession = openSession(JCrypto.JSOFT_LIB);
                int i = 0;
                for (int i2 = 0; i2 < x509CertArr.length; i2++) {
                    JKey publicKey = x509CertArr[i2].getPublicKey();
                    Mechanism mechanism = publicKey.getKeyType().equals("RSA_Public") ? new Mechanism("SHA1withRSAEncryption") : new Mechanism("SHA1withECDSA");
                    byte[] bytes = "JIT".getBytes();
                    if (openSession.verifySign(mechanism, publicKey, bytes, openSession.sign(mechanism, jKey, bytes))) {
                        x509Cert = x509CertArr[i2];
                    } else {
                        x509CertArr2[i] = x509CertArr[i2];
                        i++;
                    }
                }
            } else {
                x509Cert = x509CertArr[0];
            }
        }
        KeyStore openKeyStore = openKeyStore(str, str2);
        x509Cert.getSubject().toLowerCase();
        PrivateKey convertPrivateKey = Parser.convertPrivateKey(jKey);
        Certificate convert2JavaCert = convert2JavaCert(x509Cert);
        String alias = getAlias(x509Cert.getPublicKey());
        Enumeration<String> aliases = openKeyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (openKeyStore.isKeyEntry(nextElement) && nextElement.equals(alias)) {
                openKeyStore.deleteEntry(alias);
            }
        }
        openKeyStore.setKeyEntry(alias, convertPrivateKey, this.isUserPriKeyPW ? this.privateKeyPassWord.toCharArray() : str2.toCharArray(), new Certificate[]{convert2JavaCert});
        FileOutputStream fileOutputStream = this.privateFfous == null ? new FileOutputStream(str) : this.privateFfous;
        openKeyStore.store(fileOutputStream, str2.toCharArray());
        fileOutputStream.flush();
        fileOutputStream.close();
        if (x509CertArr2 != null) {
            setTrustCerts(str, str2, x509CertArr2);
        }
        KeyEntry keyEntry = new KeyEntry();
        keyEntry.setAilas(alias);
        keyEntry.setKey(jKey);
        keyEntry.setCert(x509Cert);
        return keyEntry;
    }

    public KeyEntry addKeyStoreWithPfx(String str, String str2, String str3, char[] cArr) throws Exception {
        openSession(JCrypto.JSOFT_LIB);
        PKCS12 pkcs12 = new PKCS12();
        pkcs12.load(str3);
        pkcs12.decrypt(cArr);
        return addKeyCertWithPfx(str, str2, pkcs12.getPrivateKey(), pkcs12.getCerts());
    }

    public Enumeration alias(String str, String str2) throws Exception {
        return openKeyStore(str, str2).aliases();
    }

    public boolean delAlias(String str, String str2, String str3) throws Exception {
        File file = this.privateFile == null ? new File(str) : this.privateFile;
        if (!file.getParentFile().exists()) {
            throw new Exception("keyStore file [" + str + "] doesn't exists. please select a correct keyStore file to execute update.");
        }
        KeyStore openKeyStore = openKeyStore(str, str2);
        openKeyStore.deleteEntry(str3);
        FileOutputStream fileOutputStream = this.privateFfous == null ? new FileOutputStream(file) : this.privateFfous;
        openKeyStore.store(fileOutputStream, str2.toCharArray());
        fileOutputStream.flush();
        fileOutputStream.close();
        return true;
    }

    public void genKeyStoreWithPfx(String str, String str2, InputStream inputStream, char[] cArr) throws Exception {
        openSession(JCrypto.JSOFT_LIB);
        PKCS12 pkcs12 = new PKCS12();
        pkcs12.load(inputStream);
        pkcs12.decrypt(cArr);
        setKeyCertWithPfx(str, str2, pkcs12.getPrivateKey(), pkcs12.getCerts());
    }

    public void genKeyStoreWithPfx(String str, String str2, String str3, char[] cArr) throws Exception {
        openSession(JCrypto.JSOFT_LIB);
        PKCS12 pkcs12 = new PKCS12();
        pkcs12.load(str3);
        pkcs12.decrypt(cArr);
        setKeyCertWithPfx(str, str2, pkcs12.getPrivateKey(), pkcs12.getCerts());
    }

    public void genKeyStoreWithPfx(String str, String str2, byte[] bArr, char[] cArr) throws Exception {
        openSession(JCrypto.JSOFT_LIB);
        PKCS12 pkcs12 = new PKCS12();
        pkcs12.load(bArr);
        pkcs12.decrypt(cArr);
        setKeyCertWithPfx(str, str2, pkcs12.getPrivateKey(), pkcs12.getCerts());
    }

    public String genP10Request4UpdateWithHardLib(int i, String str, String str2, String str3, String str4, int i2) throws Exception {
        return genP10Request4Update(JCrypto.JSJY05B_LIB, i, str, str2, str4, i2, str3);
    }

    public String genP10Request4UpdateWithSoftLib(String str, String str2, String str3, String str4, int i) throws Exception {
        return genP10Request4Update(JCrypto.JSOFT_LIB, 0, str, str2, str4, i, str3);
    }

    public String genP10RequestWithHardLib(int i, String str, String str2, String str3, String str4, int i2) throws Exception {
        return genP10Request(JCrypto.JSJY05B_LIB, i, str, str2, str3, str4, i2);
    }

    public String genP10RequestWithSoftLib(String str, String str2, String str3, String str4, int i) throws Exception {
        return genP10Request(JCrypto.JSOFT_LIB, 0, str, str2, str3, str4, i);
    }

    public String getAlias(X509Cert x509Cert) throws Exception {
        return getAlias(x509Cert.getPublicKey());
    }

    public String getAlias(JKey jKey) throws Exception {
        return new String(Base64.encode(openSession(JCrypto.JSOFT_LIB).digest(new Mechanism("SHA1"), jKey.getKey())));
    }

    public X509Cert getCertEntry(String str, String str2, String str3) throws Exception {
        Certificate certificate = openKeyStore(str, str2).getCertificate(str3);
        if (certificate != null) {
            return new X509Cert(certificate.getEncoded());
        }
        return null;
    }

    public JKey getJKey(String str, String str2, String str3) throws Exception {
        Key key = openKeyStore(str, str2).getKey(str3, this.isUserPriKeyPW ? this.privateKeyPassWord.toCharArray() : str2.toCharArray());
        return AlgorithmIdentifier.getInstance(((ASN1Sequence) Parser.writeBytes2DERObj(key.getEncoded())).getObjectAt(1)).getObjectId().equals(PKCSObjectIdentifiers.rsaEncryption) ? new JKey(JKey.RSA_PRV_KEY, key.getEncoded()) : new JKey(JKey.ECDSA_PRV_KEY, key.getEncoded());
    }

    public KeyEntry getKeyEntry(String str, String str2) throws Exception {
        KeyEntry keyEntry = new KeyEntry();
        KeyStore openKeyStore = openKeyStore(str, str2);
        Enumeration<String> aliases = openKeyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (openKeyStore.isKeyEntry(nextElement)) {
                JKey jKey = null;
                if (!this.isUserPriKeyPW) {
                    Key key = openKeyStore.getKey(nextElement, str2.toCharArray());
                    jKey = AlgorithmIdentifier.getInstance(((ASN1Sequence) Parser.writeBytes2DERObj(key.getEncoded())).getObjectAt(1)).getObjectId().equals(PKCSObjectIdentifiers.rsaEncryption) ? new JKey(JKey.RSA_PRV_KEY, key.getEncoded()) : new JKey(JKey.ECDSA_PRV_KEY, key.getEncoded());
                }
                X509Cert x509Cert = new X509Cert(openKeyStore.getCertificate(nextElement).getEncoded());
                keyEntry.setAilas(nextElement);
                keyEntry.setCert(x509Cert);
                keyEntry.setKey(jKey);
            }
        }
        return keyEntry;
    }

    public List<KeyEntry> getKeyEntryList(String str, String str2) throws Exception {
        ArrayList arrayList = new ArrayList();
        KeyStore openKeyStore = openKeyStore(str, str2);
        Enumeration<String> aliases = openKeyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (openKeyStore.isKeyEntry(nextElement)) {
                JKey jKey = null;
                if (!this.isUserPriKeyPW) {
                    Key key = openKeyStore.getKey(nextElement, str2.toCharArray());
                    jKey = AlgorithmIdentifier.getInstance(((ASN1Sequence) Parser.writeBytes2DERObj(key.getEncoded())).getObjectAt(1)).getObjectId().equals(PKCSObjectIdentifiers.rsaEncryption) ? new JKey(JKey.RSA_PRV_KEY, key.getEncoded()) : new JKey(JKey.ECDSA_PRV_KEY, key.getEncoded());
                }
                X509Cert x509Cert = new X509Cert(openKeyStore.getCertificate(nextElement).getEncoded());
                KeyEntry keyEntry = new KeyEntry();
                keyEntry.setAilas(nextElement);
                keyEntry.setCert(x509Cert);
                keyEntry.setKey(jKey);
                arrayList.add(keyEntry);
            }
        }
        return arrayList;
    }

    public List<KeyEntry> getTrustCertList(String str, String str2) throws Exception {
        ArrayList arrayList = new ArrayList();
        KeyStore openKeyStore = openKeyStore(str, str2);
        Enumeration<String> aliases = openKeyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (openKeyStore.isCertificateEntry(nextElement)) {
                X509Cert x509Cert = new X509Cert(openKeyStore.getCertificate(nextElement).getEncoded());
                KeyEntry keyEntry = new KeyEntry();
                keyEntry.setAilas(nextElement);
                keyEntry.setCert(x509Cert);
                keyEntry.setKey(null);
                arrayList.add(keyEntry);
            }
        }
        return arrayList;
    }

    public void setKeyCertWithHardLib(int i, String str, String str2, X509Cert x509Cert) throws Exception {
        Session openSession = openSession(JCrypto.JSJY05B_LIB);
        GenKeyAttribute genKeyAttribute = new GenKeyAttribute();
        genKeyAttribute.setKeyNum(i);
        genKeyAttribute.setIsExport(false);
        JKey publicKey = x509Cert.getPublicKey();
        Mechanism mechanism = publicKey.getKeyType().equals("RSA_Public") ? new Mechanism("RSA") : new Mechanism(Mechanism.ECDSA);
        mechanism.setParam(genKeyAttribute);
        if (!Arrays.equals(openSession.generateKeyPair(mechanism, 1024).getPublicKey().getKey(), publicKey.getKey())) {
            throw new Exception("verify certificate public key failure.");
        }
        openSession.destroyCertObject(null, openSession.getCfgTag().getNoExportRSAKey(i).getBytes());
        openSession.createCertObject(x509Cert.getSubject().getBytes(), x509Cert.getEncoded(), openSession.getCfgTag().getNoExportRSAKey(i).getBytes());
        setTrustCert(str, str2, x509Cert);
    }

    public void setKeyCertWithHardLib(int i, String str, String str2, X509Cert x509Cert, String str3) throws Exception {
        Session openSession = JCrypto.getInstance().openSession(JCrypto.JSJY05B_LIB, str3);
        GenKeyAttribute genKeyAttribute = new GenKeyAttribute();
        genKeyAttribute.setKeyNum(i);
        genKeyAttribute.setIsExport(false);
        JKey publicKey = x509Cert.getPublicKey();
        Mechanism mechanism = publicKey.getKeyType().equals("RSA_Public") ? new Mechanism("RSA") : new Mechanism(Mechanism.ECDSA);
        mechanism.setParam(genKeyAttribute);
        if (!Arrays.equals(openSession.generateKeyPair(mechanism, 1024).getPublicKey().getKey(), publicKey.getKey())) {
            throw new Exception("verify certificate public key failure.");
        }
        openSession.destroyCertObject(null, openSession.getCfgTag().getNoExportRSAKey(i).getBytes());
        openSession.createCertObject(x509Cert.getSubject().getBytes(), x509Cert.getEncoded(), openSession.getCfgTag().getNoExportRSAKey(i).getBytes());
        setTrustCert(str, str2, x509Cert);
    }

    public void setKeyCertWithSoftLib(String str, String str2, X509Cert x509Cert) throws Exception {
        KeyStore openKeyStore = openKeyStore(str, str2);
        String alias = getAlias(x509Cert.getPublicKey());
        Key key = openKeyStore.getKey(alias, this.isUserPriKeyPW ? this.privateKeyPassWord.toCharArray() : str2.toCharArray());
        if (key == null) {
            throw new Exception("KeyStore doesn't contain key enry named [" + alias + "]");
        }
        JKey jKey = new JKey(JKey.RSA_PRV_KEY, key.getEncoded());
        JKey publicKey = x509Cert.getPublicKey();
        Mechanism mechanism = publicKey.getKeyType().equals("RSA_Public") ? new Mechanism("SHA1withRSAEncryption") : new Mechanism("SHA1withECDSA");
        byte[] bytes = "JIT".getBytes();
        Session openSession = openSession(JCrypto.JSOFT_LIB);
        if (!openSession.verifySign(mechanism, publicKey, bytes, openSession.sign(mechanism, jKey, bytes))) {
            throw new Exception("verify certificate public key failure.");
        }
        openKeyStore.deleteEntry(alias);
        openKeyStore.setKeyEntry(alias, key, this.isUserPriKeyPW ? this.privateKeyPassWord.toCharArray() : str2.toCharArray(), new Certificate[]{convert2JavaCert(x509Cert)});
        FileOutputStream fileOutputStream = this.privateFfous == null ? new FileOutputStream(str) : this.privateFfous;
        openKeyStore.store(fileOutputStream, str2.toCharArray());
        fileOutputStream.flush();
        fileOutputStream.close();
    }

    public void setPrivateFile(File file) {
        this.privateFile = file;
    }

    public void setPrivateFileInputStream(FileInputStream fileInputStream) {
        this.privateFin = fileInputStream;
    }

    public void setPrivateFileOutputStream(FileOutputStream fileOutputStream) {
        this.privateFfous = fileOutputStream;
    }

    public void setPrivateKeyPassWord(String str) {
        this.privateKeyPassWord = str;
    }

    public void setStoreType(String str) throws Exception {
        this.sType = str;
    }

    public void setTrustCert(String str, String str2, X509Cert x509Cert) throws Exception {
        KeyStore openKeyStore = openKeyStore(str, str2);
        String alias = getAlias(x509Cert);
        if (openKeyStore.containsAlias(alias)) {
            openKeyStore.deleteEntry(alias);
        }
        openKeyStore.setCertificateEntry(alias, convert2JavaCert(x509Cert));
        FileOutputStream fileOutputStream = this.privateFfous == null ? new FileOutputStream(str) : this.privateFfous;
        openKeyStore.store(fileOutputStream, str2.toCharArray());
        fileOutputStream.flush();
        fileOutputStream.close();
    }

    public void setTrustCertWithP7B(String str, String str2, String str3) throws Exception {
        setTrustCerts(str, str2, new P7B().parseP7b(str3));
    }

    public void setTrustCertWithP7B(String str, String str2, byte[] bArr) throws Exception {
        setTrustCerts(str, str2, new P7B().parseP7b(bArr));
    }

    public void setTrustCerts(String str, String str2, X509Cert[] x509CertArr) throws Exception {
        KeyStore openKeyStore = openKeyStore(str, str2);
        for (int i = 0; i < x509CertArr.length; i++) {
            String alias = getAlias(x509CertArr[i]);
            if (openKeyStore.containsAlias(alias)) {
                openKeyStore.deleteEntry(alias);
            }
            openKeyStore.setCertificateEntry(alias, convert2JavaCert(x509CertArr[i]));
        }
        FileOutputStream fileOutputStream = this.privateFfous == null ? new FileOutputStream(str) : this.privateFfous;
        openKeyStore.store(fileOutputStream, str2.toCharArray());
        fileOutputStream.flush();
        fileOutputStream.close();
    }
}
