package com.ca;

import android.content.Context;
import android.util.Log;
import com.cairh.app.sjkh.common.Util;
import com.cairh.app.sjkh.util.LogUtil;
import com.iflytek.cloud.msc.util.DataUtil;
import com.taobao.weex.el.parse.Operators;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.cms.CMSProcessable;
import org.bouncycastle.cms.CMSProcessableByteArray;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.CMSSignedDataGenerator;
import org.bouncycastle.cms.CMSSignedGenerator;
import org.bouncycastle.jce.PKCS10CertificationRequest;
import org.bouncycastle.jce.X509Principal;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.encoders.Base64;

/* loaded from: classes3.dex */
public class CertificateHandle {
    public static final String CSRFILENAME = "certification.csr";
    public static String DEFAULTCRTNAME = "crh_default.crt";
    public static final String DEFAULTKEYENTRY_ALIAS = "savePrivateKey";
    public static final String DEFAULTKEYPASS = "keypass.key";
    public static final String DEFAULTPRIVATEKEYFILENAME = "savePrivateKey.keystore";
    public static final String DEFAULTSTOREPASS = "123456";
    public static final String DN = "OU=Customers01,CN=csdcca,C=CN";
    public static final String MD5WITHRSA = "MD5withRSA";
    public static String PASSWORD = "";
    public static final String SHA1WITHRSA = "SHA1withRSA";
    public static final String X509 = "X.509";
    public static PrivateKey privateKey;

    public static String CreateRequestCsr(Context context, String str, String str2) {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", new BouncyCastleProvider());
            SecureRandom secureRandom = new SecureRandom();
            secureRandom.nextBytes(new byte[20]);
            keyPairGenerator.initialize(2048, secureRandom);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            KeyFactory keyFactory = KeyFactory.getInstance("RSA", new BouncyCastleProvider());
            PublicKey generatePublic = keyFactory.generatePublic(new X509EncodedKeySpec(generateKeyPair.getPublic().getEncoded()));
            privateKey = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(generateKeyPair.getPrivate().getEncoded()));
            PKCS10CertificationRequest pKCS10CertificationRequest = new PKCS10CertificationRequest(MD5WITHRSA, new X509Principal(str), generatePublic, (ASN1Set) null, privateKey, (String) null);
            Log.e("CertificateHandle.createRequestCert", "生成证书请求文件操作成功");
            SavePrivateKeyToPrivatekeyStore(context, privateKey, null, DEFAULTSTOREPASS);
            return new String(Base64.encode(pKCS10CertificationRequest.getEncoded()));
        } catch (Exception e) {
            e.printStackTrace();
            return "";
        }
    }

    public static X509Certificate GetCertificationFromCertStore(Context context, String str) {
        try {
            String readSnPassFile = CertFileUtil.readSnPassFile(context, str);
            if (!"-10".equals(readSnPassFile) && !"-1".equals(readSnPassFile) && !"-2".equals(readSnPassFile)) {
                String str2 = CertFileUtil.getCertFileDir(context) + "/cert_" + str + ".keystore";
                KeyStore keyStore = KeyStore.getInstance("PKCS12", new BouncyCastleProvider());
                FileInputStream fileInputStream = new FileInputStream(str2);
                keyStore.load(fileInputStream, readSnPassFile.toCharArray());
                X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificateChain(str)[0];
                fileInputStream.close();
                return x509Certificate;
            }
            return null;
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public static String GetCsrFromFile(Context context, String str) {
        try {
            FileInputStream fileInputStream = new FileInputStream(new File(context.getFilesDir().getPath() + Operators.DIV + str));
            byte[] bArr = new byte[fileInputStream.available()];
            fileInputStream.read(bArr);
            fileInputStream.close();
            return new String(bArr);
        } catch (Exception e) {
            Log.e("getCsrFromFile", "异常：" + e.getMessage());
            e.printStackTrace();
            return "";
        }
    }

    public static PrivateKey GetPrivateFromCertStore(Context context, String str) {
        PrivateKey privateKey2;
        FileInputStream fileInputStream;
        try {
            String readSnPassFile = CertFileUtil.readSnPassFile(context, str);
            String str2 = CertFileUtil.getCertFileDir(context) + "/cert_" + str + ".keystore";
            KeyStore keyStore = KeyStore.getInstance("PKCS12", new BouncyCastleProvider());
            fileInputStream = new FileInputStream(str2);
            keyStore.load(fileInputStream, readSnPassFile.toCharArray());
            privateKey2 = (PrivateKey) keyStore.getKey(str, readSnPassFile.toCharArray());
        } catch (Exception e) {
            e = e;
            privateKey2 = null;
        }
        try {
            fileInputStream.close();
        } catch (Exception e2) {
            e = e2;
            e.printStackTrace();
            return privateKey2;
        }
        return privateKey2;
    }

    public static PrivateKey GetPrivateFromPrivatekeyStore(Context context, String str) {
        PrivateKey privateKey2;
        FileInputStream fileInputStream;
        try {
            String str2 = CertFileUtil.getCertFileDir(context) + Operators.DIV + DEFAULTPRIVATEKEYFILENAME;
            KeyStore keyStore = KeyStore.getInstance("PKCS12", new BouncyCastleProvider());
            fileInputStream = new FileInputStream(str2);
            keyStore.load(fileInputStream, str.toCharArray());
            privateKey2 = (PrivateKey) keyStore.getKey(DEFAULTKEYENTRY_ALIAS, str.toCharArray());
        } catch (Exception e) {
            e = e;
            privateKey2 = null;
        }
        try {
            fileInputStream.close();
        } catch (Exception e2) {
            e = e2;
            e.printStackTrace();
            return privateKey2;
        }
        return privateKey2;
    }

    public static void SaveCertificateToCertKeystore(Context context, PrivateKey privateKey2, Certificate certificate, String str, String str2) {
        if (privateKey2 == null) {
            try {
                privateKey2 = GetPrivateFromPrivatekeyStore(context, DEFAULTSTOREPASS);
            } catch (Exception e) {
                e.printStackTrace();
                return;
            }
        }
        if ("0".equals(CertFileUtil.saveSnPassFile(context, str2, str))) {
            String str3 = CertFileUtil.getCertFileDir(context) + "/cert_" + str2 + ".keystore";
            KeyStore keyStore = KeyStore.getInstance("PKCS12", new BouncyCastleProvider());
            keyStore.load(null, null);
            keyStore.setKeyEntry(str2, privateKey2, str.toCharArray(), new Certificate[]{certificate});
            FileOutputStream fileOutputStream = new FileOutputStream(str3);
            keyStore.store(fileOutputStream, str.toCharArray());
            fileOutputStream.flush();
            fileOutputStream.close();
        }
    }

    public static void SavePrivateKeyToPrivatekeyStore(Context context, PrivateKey privateKey2, Certificate certificate, String str) {
        if (certificate == null) {
            try {
                if (!Util.isAssetsFileExists(context, "crh_default.crt")) {
                    LogUtil.i(">>>>>>load default crt");
                    DEFAULTCRTNAME = "default.crt";
                }
                InputStream open = context.getResources().getAssets().open(DEFAULTCRTNAME);
                byte[] bArr = new byte[open.available()];
                open.read(bArr);
                byte[] decode = Base64.decode(bArr);
                Security.getProvider("BC");
                CertificateFactory certificateFactory = CertificateFactory.getInstance(X509, new BouncyCastleProvider());
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(decode);
                certificate = certificateFactory.generateCertificate(byteArrayInputStream);
                byteArrayInputStream.close();
            } catch (Exception e) {
                e.printStackTrace();
                return;
            }
        }
        String str2 = CertFileUtil.getCertFileDir(context) + Operators.DIV + DEFAULTPRIVATEKEYFILENAME;
        KeyStore keyStore = KeyStore.getInstance("PKCS12", new BouncyCastleProvider());
        keyStore.load(null, null);
        keyStore.setKeyEntry(DEFAULTKEYENTRY_ALIAS, privateKey2, str.toCharArray(), new Certificate[]{certificate});
        FileOutputStream fileOutputStream = new FileOutputStream(str2);
        keyStore.store(fileOutputStream, str.toCharArray());
        fileOutputStream.flush();
        fileOutputStream.close();
    }

    public static String Signature(Context context, String str, String str2) {
        CMSSignedData cMSSignedData;
        try {
            X509Certificate GetCertificationFromCertStore = GetCertificationFromCertStore(context, str);
            if (GetCertificationFromCertStore == null) {
                return "-101";
            }
            PrivateKey GetPrivateFromCertStore = GetPrivateFromCertStore(context, str);
            if (GetPrivateFromCertStore == null) {
                return "-102";
            }
            Security.addProvider(new BouncyCastleProvider());
            try {
                CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
                cMSSignedDataGenerator.addSigner(GetPrivateFromCertStore, GetCertificationFromCertStore, CMSSignedGenerator.DIGEST_MD5);
                cMSSignedData = cMSSignedDataGenerator.generate((CMSProcessable) new CMSProcessableByteArray(str2.getBytes(DataUtil.UTF8)), true, (Provider) new BouncyCastleProvider());
            } catch (Exception e) {
                e.printStackTrace();
                cMSSignedData = null;
            }
            return new String(Base64.encode(cMSSignedData.getEncoded()));
        } catch (Exception unused) {
            return null;
        }
    }

    public static X509Certificate String2Certificate(String str) {
        if (str == null || "".equals(str)) {
            return null;
        }
        Security.getProvider("BC");
        try {
            return (X509Certificate) CertificateFactory.getInstance(X509, new BouncyCastleProvider()).generateCertificate(new ByteArrayInputStream(Base64.decode(str.getBytes())));
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public String checkCertWithSn(Context context, String str) {
        return CertFileUtil.readSnPassFile(context, str);
    }

    public String readKeyPassFromfile(Context context, String str) {
        return CertFileUtil.readSnPassFile(context, str);
    }

    public String saveKeyPassTofile(Context context, String str, String str2) {
        return CertFileUtil.saveSnPassFile(context, str, str2);
    }
}
