package JCSP.Container;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.PrintStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import ru.CryptoPro.JCP.KeyStore.JCPPrivateKeyEntry;
import ru.CryptoPro.JCP.params.JCPProtectionParameter;
import ru.CryptoPro.JCP.tools.AlgorithmTools;
import ru.CryptoPro.JCP.tools.Array;
import ru.CryptoPro.JCP.tools.Encoder;
import ru.CryptoPro.JCSP.JCSP;
import ru.CryptoPro.JCSP.support.BKSTrustStore;

/* loaded from: classes.dex */
public class PFXStoreImportExportExample {
    public static final String EXPORT_ALIAS = "export_key";
    public static final int FLAG_OPEN_ENTRY = 32;
    public static final int FLAG_OPEN_KEY = 16;
    public static final String PROVIDER = "JCSP";
    public static final byte[] SIGN_DATA = BKSTrustStore.STORAGE_DIRECTORY.getBytes();
    public static final String PFX_IN_FILE = System.getProperty("user.dir") + File.separator + "import_test.pfx";
    public static final String PFX_OUT_FILE = System.getProperty("user.dir") + File.separator + "export_test.pfx";
    public static final char[] PFX_PASSWORD = "123456".toCharArray();
    public static final char[] EXPORT_PASSWORD = "654321".toCharArray();

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r5v2 */
    /* JADX WARN: Type inference failed for: r5v5 */
    public static void checkStore(KeyStore keyStore, boolean z, int i, String str, String str2, String str3, char[] cArr) throws Exception {
        Certificate[] certificateArr;
        PrivateKey privateKey;
        boolean z2;
        byte[] bArr;
        System.out.println("Starting check of the store...");
        Enumeration<String> aliases = keyStore.aliases();
        System.out.println("Items have been found...");
        int i2 = 1;
        boolean z3 = true;
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            System.out.println("%% ALIAS = " + nextElement);
            boolean isKeyEntry = keyStore.isKeyEntry(nextElement);
            System.out.println("\tIs key entry: " + isKeyEntry);
            boolean isCertificateEntry = keyStore.isCertificateEntry(nextElement);
            System.out.println("\tIs certificate entry: " + isCertificateEntry);
            if (isKeyEntry) {
                int i3 = i & 16;
                if (i3 != 0) {
                    privateKey = (PrivateKey) keyStore.getKey(nextElement, null);
                    System.out.println("\tPrivate key: " + privateKey);
                } else {
                    System.out.println("\tReading of key is disabled.");
                    privateKey = null;
                }
                Certificate certificate = keyStore.getCertificate(nextElement);
                if (!z || i3 == 0) {
                    System.out.println("\tSigning check is disabled or key has not been read.");
                    bArr = null;
                } else {
                    bArr = testSign(privateKey, str);
                }
                if (certificate != null) {
                    System.out.println("\tCertificate: " + ((X509Certificate) certificate).getSubjectDN());
                    Certificate[] certificateArr2 = new Certificate[i2];
                    if (z && bArr != null) {
                        testVerify(certificate.getPublicKey(), str, bArr);
                    }
                }
                certificateArr = keyStore.getCertificateChain(nextElement);
                int i4 = i & 32;
                if (i4 != 0) {
                    JCPPrivateKeyEntry jCPPrivateKeyEntry = (JCPPrivateKeyEntry) keyStore.getEntry(nextElement, new JCPProtectionParameter(null, i2, i2));
                    privateKey = jCPPrivateKeyEntry.getPrivateKey();
                    certificateArr = jCPPrivateKeyEntry.getCertificateChain();
                } else {
                    System.out.println("\tReading of entry is disabled.");
                }
                if (!z || i4 == 0) {
                    System.out.println("\tSigning check is disabled or entry has not been read.");
                } else {
                    bArr = testSign(privateKey, str);
                }
                if (certificateArr != null && certificateArr.length > 0) {
                    System.out.println("\tCertificate[0] from chain: " + ((X509Certificate) certificateArr[0]).getSubjectDN());
                    if (z && bArr != null) {
                        testVerify(certificateArr[0].getPublicKey(), str, bArr);
                    }
                }
            } else {
                certificateArr = null;
                privateKey = null;
            }
            if (isCertificateEntry) {
                Certificate certificate2 = keyStore.getCertificate(nextElement);
                if (certificate2 != null) {
                    System.out.println("\tCertificate only: " + ((X509Certificate) certificate2).getSubjectDN());
                }
                KeyStore.TrustedCertificateEntry trustedCertificateEntry = (KeyStore.TrustedCertificateEntry) keyStore.getEntry(nextElement, null);
                if (trustedCertificateEntry != null && trustedCertificateEntry.getTrustedCertificate() != null) {
                    System.out.println("\tTrusted certificate only: " + ((X509Certificate) trustedCertificateEntry.getTrustedCertificate()).getSubjectDN());
                }
                certificateArr = keyStore.getCertificateChain(nextElement);
                if (certificateArr != null && certificateArr.length > 0) {
                    z2 = false;
                    System.out.println("\tCertificate[0] only from chain: " + ((X509Certificate) certificateArr[0]).getSubjectDN());
                    if (z3 || !isKeyEntry || str2 == null || privateKey == null || certificateArr == null || certificateArr.length <= 0) {
                        System.out.println("Ignore export for " + nextElement);
                    } else {
                        KeyStore keyStore2 = KeyStore.getInstance(str2, str);
                        keyStore2.load(null, null);
                        try {
                            System.out.println("Deleting " + str3);
                            keyStore2.deleteEntry(str3);
                        } catch (Exception unused) {
                        }
                        System.out.println("Saving " + str3);
                        keyStore2.setEntry(str3, new JCPPrivateKeyEntry(privateKey, certificateArr), new JCPProtectionParameter(cArr));
                        z3 = z2;
                    }
                    i2 = 1;
                }
            }
            z2 = false;
            if (z3) {
            }
            System.out.println("Ignore export for " + nextElement);
            i2 = 1;
        }
        System.out.println("Check completed.");
    }

    public static void exportToPfx() throws Exception {
        PrintStream printStream = System.out;
        StringBuilder append = new StringBuilder().append("Starting export to ");
        String str = PFX_OUT_FILE;
        printStream.println(append.append(str).toString());
        KeyStore keyStore = KeyStore.getInstance("HDIMAGE", "JCSP");
        keyStore.load(null, null);
        System.out.println("Reading key store...");
        JCPPrivateKeyEntry jCPPrivateKeyEntry = (JCPPrivateKeyEntry) keyStore.getEntry(EXPORT_ALIAS, new JCPProtectionParameter(EXPORT_PASSWORD));
        KeyStore keyStore2 = KeyStore.getInstance(JCSP.PFX_STORE_NAME, "JCSP");
        keyStore2.load(null, null);
        System.out.println("Exporting...");
        keyStore2.setEntry(EXPORT_ALIAS, jCPPrivateKeyEntry, null);
        keyStore2.store(new FileOutputStream(str), PFX_PASSWORD);
        System.out.println("PFX:\n" + new Encoder().encode(Array.readFile(str)));
        System.out.println("Export completed.");
    }

    public static void importFromPfx() throws Exception {
        PrintStream printStream = System.out;
        StringBuilder append = new StringBuilder().append("Starting import from ");
        String str = PFX_IN_FILE;
        printStream.println(append.append(str).toString());
        KeyStore keyStore = KeyStore.getInstance(JCSP.PFX_STORE_NAME, "JCSP");
        keyStore.load(new FileInputStream(str), PFX_PASSWORD);
        checkStore(keyStore, true, 48, "JCSP", "HDIMAGE", EXPORT_ALIAS, EXPORT_PASSWORD);
        System.out.println("Import completed.");
    }

    public static void main(String[] strArr) throws Exception {
        importFromPfx();
        exportToPfx();
    }

    public static byte[] testSign(PrivateKey privateKey, String str) throws Exception {
        String signatureAlgorithmByPrivateKey = AlgorithmTools.getSignatureAlgorithmByPrivateKey(privateKey);
        System.out.println("\tSigning with algorithm " + signatureAlgorithmByPrivateKey + "...");
        Signature signature = Signature.getInstance(signatureAlgorithmByPrivateKey, str);
        signature.initSign(privateKey);
        signature.update(SIGN_DATA);
        byte[] sign = signature.sign();
        System.out.println("\tSignature: " + new Encoder().encode(sign));
        return sign;
    }

    public static void testVerify(PublicKey publicKey, String str, byte[] bArr) throws Exception {
        String signatureAlgorithmByPrivateKey = AlgorithmTools.getSignatureAlgorithmByPrivateKey(publicKey);
        System.out.println("\tVerifying with algorithm " + signatureAlgorithmByPrivateKey + "...");
        Signature signature = Signature.getInstance(signatureAlgorithmByPrivateKey, str);
        signature.initVerify(publicKey);
        signature.update(SIGN_DATA);
        if (!signature.verify(bArr)) {
            throw new Exception("Invalid signature.");
        }
        System.out.println("\tSignature has been verified.");
    }
}
