package userSamples.ca20;

import com.objsys.asn1j.runtime.Asn1DerEncodeBuffer;
import com.objsys.asn1j.runtime.Asn1Integer;
import com.objsys.asn1j.runtime.Asn1ObjectIdentifier;
import com.objsys.asn1j.runtime.Asn1OctetString;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Vector;
import ru.CryptoPro.CAdES.CAdESSignature;
import ru.CryptoPro.CAdES.CAdESType;
import ru.CryptoPro.JCP.ASN.CA_Definitions.CertificateTemplate;
import ru.CryptoPro.JCP.ASN.PKIX1Explicit88.Extension;
import ru.CryptoPro.JCP.JCP;
import ru.CryptoPro.JCP.KeyStore.JCPPrivateKeyEntry;
import ru.CryptoPro.JCP.KeyStore.StoreInputStream;
import ru.CryptoPro.JCP.params.JCPProtectionParameter;
import ru.CryptoPro.JCP.params.OID;
import ru.CryptoPro.JCP.tools.Encoder;
import ru.CryptoPro.JCP.tools.Platform;
import ru.CryptoPro.JCPRequest.ca20.decoder.CA20CertificateRecord;
import ru.CryptoPro.JCPRequest.ca20.decoder.CA20CertificateRequestRecord;
import ru.CryptoPro.JCPRequest.ca20.decoder.CA20GostTemplateField;
import ru.CryptoPro.JCPRequest.ca20.decoder.CA20RevocationRecord;
import ru.CryptoPro.JCPRequest.ca20.decoder.CA20UserRegistrationField;
import ru.CryptoPro.JCPRequest.ca20.request.CA20GostCertificateRequest;
import ru.CryptoPro.JCPRequest.ca20.status.CA20RequestStatus;
import ru.CryptoPro.JCPRequest.ca20.status.CA20Status;
import ru.CryptoPro.JCPRequest.ca20.status.CA20UserRegisterInfoStatus;
import ru.CryptoPro.JCPRequest.ca20.user.CA20AuxiliaryUserInfo;
import ru.CryptoPro.JCPRequest.ca20.user.CA20CertAuthUser;
import ru.CryptoPro.JCPRequest.ca20.user.CA20User;
import userSamples.ca15.CAConfiguration;
import userSamples.ca15.Configuration;

/* loaded from: classes5.dex */
public class CA20StepByStepExample extends CAConfiguration {
    public static final String CA20_TEMPLATE_USER = "1.2.643.2.2.46.0.8";
    public static final CA20AuxiliaryUserInfo USER_INFO = new CA20AuxiliaryUserInfo("comment", "description", "test@cryptopro.ru", "key phrase");

    public CA20StepByStepExample(boolean z) {
        super(z);
    }

    public static CA20RequestStatus checkCertificateStatus(String str, CA20User cA20User, String str2) throws Exception {
        CA20RequestStatus checkCertificateStatus = CA20GostCertificateRequest.checkCertificateStatus(str, cA20User, str2);
        System.out.println(checkCertificateStatus);
        return checkCertificateStatus;
    }

    public static CA20Status checkUserStatus(String str, CA20User cA20User) throws Exception {
        CA20Status checkUserStatus = cA20User.checkUserStatus(str);
        System.out.println(checkUserStatus);
        System.out.println(CA20Status.getDescriptionByStatus(checkUserStatus.getStatus(), CA20Status.StatusGroup.sgRequest));
        return checkUserStatus;
    }

    public static String convertRegFieldsToSubject(Map<String, String> map) {
        StringBuilder sb = new StringBuilder();
        Iterator<Map.Entry<String, String>> it = map.entrySet().iterator();
        while (it.hasNext()) {
            Map.Entry<String, String> next = it.next();
            sb.append(next.getKey());
            sb.append("=");
            sb.append(next.getValue());
            if (it.hasNext()) {
                sb.append(",");
            }
        }
        return sb.toString();
    }

    public static CA20RequestStatus generateAndSendCertificateRequest(String str, CA20User cA20User, String str2, boolean z, String str3, char[] cArr, CA20GostTemplateField cA20GostTemplateField, String str4, String str5, String str6, String str7, String str8, String str9, char[] cArr2, boolean z2, X509Certificate[] x509CertificateArr) throws Exception {
        KeyPair keyPair;
        CA20GostCertificateRequest cA20GostCertificateRequest;
        String str10;
        System.out.println("Generating and sending certificate request...");
        CA20GostCertificateRequest cA20GostCertificateRequest2 = new CA20GostCertificateRequest(str7);
        KeyPair generateKeyPair = KeyPairGenerator.getInstance(str4, str5).generateKeyPair();
        cA20GostCertificateRequest2.init(str4, z);
        cA20GostCertificateRequest2.setPublicKeyInfo(generateKeyPair.getPublic());
        cA20GostCertificateRequest2.setSubjectInfo(str2);
        OID oid = new OID("1.3.6.1.4.1.311.21.7");
        CertificateTemplate certificateTemplate = new CertificateTemplate(new Asn1ObjectIdentifier(new OID(cA20GostTemplateField.getOid()).value), new Asn1Integer(1L), new Asn1Integer(0L));
        Asn1DerEncodeBuffer asn1DerEncodeBuffer = new Asn1DerEncodeBuffer();
        certificateTemplate.encode(asn1DerEncodeBuffer);
        cA20GostCertificateRequest2.addExtension(new Extension(new Asn1ObjectIdentifier(oid.value), new Asn1OctetString(asn1DerEncodeBuffer.getMsgCopy())));
        cA20GostCertificateRequest2.encodeAndSign(generateKeyPair.getPrivate(), str6);
        byte[] encoded = cA20GostCertificateRequest2.getEncoded();
        if (str9 != null) {
            KeyStore keyStore = KeyStore.getInstance(str8, str7);
            keyStore.load(null, null);
            PrivateKey privateKey = str7.equalsIgnoreCase("JCSP") ? ((JCPPrivateKeyEntry) keyStore.getEntry(str9, new JCPProtectionParameter(cArr2))).getPrivateKey() : (PrivateKey) keyStore.getKey(str9, cArr2);
            X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(str9);
            System.out.println("Current time: " + Calendar.getInstance().getTime());
            System.out.println("Signing certificate: " + x509Certificate);
            System.out.println("Sign...");
            CAdESSignature cAdESSignature = new CAdESSignature();
            ArrayList arrayList = new ArrayList();
            arrayList.add(x509Certificate);
            if (x509CertificateArr != null) {
                for (X509Certificate x509Certificate2 : x509CertificateArr) {
                    arrayList.add(x509Certificate2);
                }
            }
            keyPair = generateKeyPair;
            cA20GostCertificateRequest = cA20GostCertificateRequest2;
            str10 = str8;
            cAdESSignature.addSigner(str7, null, null, privateKey, arrayList, CAdESType.CAdES_BES, null, false, null, null, null, true);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            cAdESSignature.open(byteArrayOutputStream);
            cAdESSignature.update(encoded);
            cAdESSignature.close();
            byteArrayOutputStream.close();
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            if (z2) {
                System.out.println("Sign again...");
                CAdESSignature cAdESSignature2 = new CAdESSignature();
                cAdESSignature2.addSigner(str7, null, null, privateKey, arrayList, CAdESType.CAdES_BES, null, false, null, null, null, true);
                ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
                cAdESSignature2.open(byteArrayOutputStream2);
                cAdESSignature2.update(byteArray);
                cAdESSignature2.close();
                byteArrayOutputStream2.close();
                encoded = byteArrayOutputStream2.toByteArray();
            } else {
                encoded = byteArray;
            }
        } else {
            keyPair = generateKeyPair;
            cA20GostCertificateRequest = cA20GostCertificateRequest2;
            str10 = str8;
        }
        KeyStore keyStore2 = KeyStore.getInstance(str10, str7);
        keyStore2.load(null, null);
        KeyPair keyPair2 = keyPair;
        Certificate generateCertificate = CertificateFactory.getInstance(JCP.CERTIFICATE_FACTORY_NAME).generateCertificate(new ByteArrayInputStream(cA20GostCertificateRequest.getEncodedSelfCert(keyPair2, str2, str6)));
        X509Certificate[] x509CertificateArr2 = new X509Certificate[(x509CertificateArr != null ? x509CertificateArr.length : 0) + 1];
        x509CertificateArr2[0] = (X509Certificate) generateCertificate;
        if (x509CertificateArr != null) {
            System.arraycopy(x509CertificateArr, 0, x509CertificateArr2, 1, x509CertificateArr.length);
        }
        keyStore2.setEntry(str3, new JCPPrivateKeyEntry(keyPair2.getPrivate(), x509CertificateArr2), new JCPProtectionParameter(cArr));
        System.out.println(new Encoder().encode(encoded));
        CA20RequestStatus sendCertificateRequest = CA20GostCertificateRequest.sendCertificateRequest(str, cA20User, encoded);
        System.out.println(sendCertificateRequest);
        System.out.println(CA20Status.getDescriptionByStatus(sendCertificateRequest.getStatus(), CA20Status.StatusGroup.sgRequest));
        return sendCertificateRequest;
    }

    public static CA20CertAuthUser getCA20UserAuthorizedByCertificate(String str, char[] cArr, String str2, String str3, String str4, String str5, String str6) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("CertStore", Platform.isAndroid ? str3 : "JCP");
        keyStore.load(new FileInputStream(str), cArr);
        KeyStore keyStore2 = KeyStore.getInstance(str2, str3);
        if (str4 != null) {
            keyStore2.load(new StoreInputStream(str4), null);
        } else {
            keyStore2.load(null, null);
        }
        return new CA20CertAuthUser(keyStore2, str5, keyStore, str6);
    }

    public static X509Certificate getCertificateByRequestId(String str, CA20User cA20User, String str2, String str3, String str4, String str5, String str6) throws Exception {
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance(JCP.CERTIFICATE_FACTORY_NAME).generateCertificate(new ByteArrayInputStream(CA20GostCertificateRequest.getCertificateByRequestId(str, cA20User, str6)));
        System.out.println("$$ User certificate $$");
        System.out.println("Serial number: " + x509Certificate.getSerialNumber().toString(16));
        System.out.println("Subject: " + x509Certificate.getSubjectDN());
        System.out.println("Public key algorithm: " + x509Certificate.getPublicKey().getAlgorithm());
        System.out.println(x509Certificate);
        KeyStore keyStore = KeyStore.getInstance(str2, str3);
        keyStore.load(null, null);
        keyStore.setCertificateEntry(str4 + "::::" + str5, x509Certificate);
        return x509Certificate;
    }

    public static Vector<CA20CertificateRecord> getCertificateList(String str, CA20User cA20User) throws Exception {
        Vector<CA20CertificateRecord> certificateList = CA20GostCertificateRequest.getCertificateList(str, cA20User);
        Iterator<CA20CertificateRecord> it = certificateList.iterator();
        while (it.hasNext()) {
            System.out.println(it.next());
        }
        return certificateList;
    }

    public static Vector<CA20CertificateRequestRecord> getCertificateRequestList(String str, CA20User cA20User) throws Exception {
        Vector<CA20CertificateRequestRecord> certificateRequestList = CA20GostCertificateRequest.getCertificateRequestList(str, cA20User);
        Iterator<CA20CertificateRequestRecord> it = certificateRequestList.iterator();
        while (it.hasNext()) {
            System.out.println(it.next());
        }
        return certificateRequestList;
    }

    private static Map<String, String> getRegFields(String str) {
        HashMap hashMap = new HashMap();
        hashMap.put("2.5.4.3", str);
        hashMap.put("2.5.4.6", Configuration.COUNTRY_NAME);
        return hashMap;
    }

    public static Vector<CA20RevocationRecord> getRequestRevocationList(String str, CA20User cA20User) throws Exception {
        Vector<CA20RevocationRecord> requestRevocationList = CA20GostCertificateRequest.getRequestRevocationList(str, cA20User);
        Iterator<CA20RevocationRecord> it = requestRevocationList.iterator();
        while (it.hasNext()) {
            System.out.println(it.next());
        }
        return requestRevocationList;
    }

    public static Vector<CA20GostTemplateField> getUserCertificateTemplates(String str, CA20User cA20User) throws Exception {
        Vector<CA20GostTemplateField> userCertificateTemplates = cA20User.getUserCertificateTemplates(str);
        Iterator<CA20GostTemplateField> it = userCertificateTemplates.iterator();
        while (it.hasNext()) {
            System.out.println(it.next());
        }
        return userCertificateTemplates;
    }

    public static Vector<CA20UserRegistrationField> getUserRegistrationFields(String str, String str2) throws Exception {
        Vector<CA20UserRegistrationField> userRegistrationFields = CA20User.getUserRegistrationFields(str, str2);
        Iterator<CA20UserRegistrationField> it = userRegistrationFields.iterator();
        while (it.hasNext()) {
            System.out.println(it.next());
        }
        return userRegistrationFields;
    }

    public static void main(String[] strArr) throws Exception {
        new CA20StepByStepExample(true).main();
    }

    public static CA20RequestStatus markCertificateInstalled(String str, CA20User cA20User, String str2) throws Exception {
        CA20RequestStatus markCertificateInstalled = CA20GostCertificateRequest.markCertificateInstalled(str, cA20User, str2);
        System.out.println(markCertificateInstalled);
        return markCertificateInstalled;
    }

    public static CA20UserRegisterInfoStatus registerUser(String str, String str2, Map<String, String> map, CA20AuxiliaryUserInfo cA20AuxiliaryUserInfo) throws Exception {
        CA20UserRegisterInfoStatus registerUser = new CA20User(map, str2).registerUser(str, cA20AuxiliaryUserInfo);
        System.out.println(registerUser);
        return registerUser;
    }

    public CA20User execute(String str, String str2, Map<String, String> map, CA20AuxiliaryUserInfo cA20AuxiliaryUserInfo, String str3, String str4, String str5, String str6, String str7, String str8, boolean z, boolean z2, String str9, char[] cArr, X509Certificate[] x509CertificateArr) throws Exception {
        CA20GostTemplateField cA20GostTemplateField;
        String str10;
        CA20User cA20User;
        CA20User cA20User2;
        boolean z3;
        getUserRegistrationFields(str, str2);
        CA20UserRegisterInfoStatus registerUser = registerUser(str, str2, map, cA20AuxiliaryUserInfo);
        CA20User cA20User3 = new CA20User(registerUser.getTokenID(), registerUser.getPassword(), str2);
        boolean z4 = true;
        int i = 5;
        if (!registerUser.getStatus().equalsIgnoreCase("C")) {
            int i2 = 5;
            while (true) {
                if (i2 <= 0) {
                    z3 = false;
                    break;
                }
                Thread.sleep(1000L);
                i2--;
                CA20Status checkUserStatus = checkUserStatus(str, cA20User3);
                System.out.println(checkUserStatus);
                if (checkUserStatus.getStatus().equalsIgnoreCase("C")) {
                    z3 = true;
                    break;
                }
            }
            if (!z3) {
                System.err.println("Hmm... Still not complete? Trying to continue...");
            }
        }
        Iterator<CA20GostTemplateField> it = getUserCertificateTemplates(str, cA20User3).iterator();
        while (true) {
            if (!it.hasNext()) {
                cA20GostTemplateField = null;
                break;
            }
            CA20GostTemplateField next = it.next();
            if (next.getOid().equalsIgnoreCase(str3)) {
                cA20GostTemplateField = next;
                break;
            }
        }
        if (cA20GostTemplateField == null) {
            throw new Exception("Hmm... Actual template not found!");
        }
        String convertRegFieldsToSubject = convertRegFieldsToSubject(map);
        String tokenID = cA20User3.getTokenID();
        String password = cA20User3.getPassword();
        System.out.println("Key alias: " + tokenID + ", key password: " + password);
        CA20User cA20User4 = cA20User3;
        CA20RequestStatus generateAndSendCertificateRequest = generateAndSendCertificateRequest(str, cA20User3, convertRegFieldsToSubject, z, tokenID, password.toCharArray(), cA20GostTemplateField, str4, str5, str6, str7, str8, null, null, false, x509CertificateArr);
        String certRequestId = generateAndSendCertificateRequest.getCertRequestId();
        if (generateAndSendCertificateRequest.getStatus().equalsIgnoreCase("C")) {
            str10 = str;
            cA20User = cA20User4;
        } else {
            while (true) {
                if (i <= 0) {
                    str10 = str;
                    cA20User = cA20User4;
                    z4 = false;
                    break;
                }
                Thread.sleep(1000L);
                i--;
                str10 = str;
                cA20User = cA20User4;
                CA20RequestStatus checkCertificateStatus = checkCertificateStatus(str10, cA20User, certRequestId);
                System.out.println(checkCertificateStatus);
                if (checkCertificateStatus.getStatus().equalsIgnoreCase("C")) {
                    break;
                }
                cA20User4 = cA20User;
            }
            if (!z4) {
                System.err.println("Hmm... Still not complete? Trying to continue...");
            }
        }
        getCertificateByRequestId(str, cA20User, str8, str7, tokenID, password, certRequestId);
        if (z2) {
            System.out.println("Notify CA about installation...");
            if (!markCertificateInstalled(str10, cA20User, certRequestId).getStatus().equalsIgnoreCase("K")) {
                throw new Exception("Hmm... Bad response about installed certificate!");
            }
            cA20User2 = getCA20UserAuthorizedByCertificate(str9, cArr, str8, str7, tokenID, password, str2);
            cA20User2.setTokenID(cA20User.getTokenID());
            cA20User2.setPassword(cA20User.getPassword());
        } else {
            cA20User2 = cA20User;
        }
        getCertificateRequestList(str10, cA20User2);
        getCertificateList(str10, cA20User2);
        getRequestRevocationList(str10, cA20User2);
        return cA20User2;
    }

    public void executeOne(String str, String str2, String str3) throws Exception {
        execute(Configuration.CA20_ADDRESS, Configuration.CS20_USER_FOLDER, getRegFields(str), USER_INFO, CA20_TEMPLATE_USER, str2, "Crypto", str3, "JCP", "HDImageStore", false, true, TRUST_STORE, "1".toCharArray(), null);
    }

    @Override // userSamples.ca15.CAConfiguration
    public void main() throws Exception {
        executeOne("Два Тест", "GOST3410DH_2012_256", "GOST3411_2012_256withGOST3410_2012_256");
        executeOne("Три Тест", "GOST3410DH_2012_512", "GOST3411_2012_512withGOST3410_2012_512");
    }
}
