package com.lankapay.justpay.classes;

import com.lankapay.justpay.util.Constants;
import com.lankapay.justpay.util.jscep.message.CertRep;
import com.lankapay.justpay.util.jscep.message.PkcsPkiEnvelopeDecoder;
import com.lankapay.justpay.util.jscep.message.PkcsPkiEnvelopeEncoder;
import com.lankapay.justpay.util.jscep.message.PkcsReq;
import com.lankapay.justpay.util.jscep.message.PkiMessageDecoder;
import com.lankapay.justpay.util.jscep.message.PkiMessageEncoder;
import com.lankapay.justpay.util.jscep.transaction.Nonce;
import com.lankapay.justpay.util.jscep.transaction.PkiStatus;
import com.lankapay.justpay.util.jscep.transaction.TransactionId;
import com.lankapay.justpay.util.jscep.util.CertStoreUtils;
import com.lankapay.justpay.util.jscep.x509.X509Util;
import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Iterator;
import javax.security.auth.x500.X500Principal;
import okhttp3.HttpUrl;
import org.spongycastle.asn1.DERPrintableString;
import org.spongycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.spongycastle.cert.jcajce.JcaX509CertificateConverter;
import org.spongycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.spongycastle.cms.CMSSignedData;
import org.spongycastle.operator.jcajce.JcaContentSignerBuilder;
import org.spongycastle.pkcs.PKCS10CertificationRequest;
import org.spongycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder;
import org.spongycastle.util.encoders.Base64;

/* loaded from: classes.dex */
public class PKCSUtil {
    private static PKCSUtil pkcsUtil;
    private final int KEY_LENGTH = 1024;

    private X500Principal createPrincipal(Identity identity) throws NoSuchAlgorithmException {
        return new X500Principal(("CN=" + identity.getUserId() + "-" + identity.getUserName()) + "," + ("O=" + identity.getJustPayCode()) + "," + ("OU=Android-" + identity.getDeviceId()) + ",C=LK," + ("emailaddress=" + identity.getEmailId()) + "," + ("L=" + Constants.PACKAGE) + "," + ("1.2.840.113549.1.9.8=" + identity.getMobileNo()));
    }

    private PKCS10CertificationRequest generatePKCS10CSR(X500Principal x500Principal, PrivateKey privateKey, PublicKey publicKey, String str) {
        try {
            JcaPKCS10CertificationRequestBuilder jcaPKCS10CertificationRequestBuilder = new JcaPKCS10CertificationRequestBuilder(x500Principal, publicKey);
            jcaPKCS10CertificationRequestBuilder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_challengePassword, new DERPrintableString(str));
            return jcaPKCS10CertificationRequestBuilder.build(new JcaContentSignerBuilder("SHA256withRSA").build(privateKey));
        } catch (Exception e) {
            return null;
        }
    }

    private X509Certificate generateSelfSignedCertificate(X500Principal x500Principal, X500Principal x500Principal2, PrivateKey privateKey, PublicKey publicKey) {
        try {
            return new JcaX509CertificateConverter().getCertificate(new JcaX509v3CertificateBuilder(x500Principal, BigInteger.valueOf(1L), new Date(System.currentTimeMillis()), new Date(System.currentTimeMillis() + 31536000000L), x500Principal2, publicKey).build(new JcaContentSignerBuilder("SHA256withRSA").build(privateKey)));
        } catch (Exception e) {
            return null;
        }
    }

    private PkiMessageDecoder getDecoder(X509Certificate x509Certificate, PrivateKey privateKey, X509Certificate x509Certificate2) {
        return new PkiMessageDecoder(new PkcsPkiEnvelopeDecoder(x509Certificate, privateKey), x509Certificate2);
    }

    public static PKCSUtil getInstance() {
        if (pkcsUtil == null) {
            pkcsUtil = new PKCSUtil();
        }
        return pkcsUtil;
    }

    public X509Certificate convertToX509Cert(String str) {
        try {
            return (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(Base64.decode(str)));
        } catch (CertificateException e) {
            return null;
        }
    }

    public X509Certificate extractSignedCertificate(String str, IdentityAttributes identityAttributes) {
        try {
            CertRep certRep = (CertRep) getDecoder(identityAttributes.getCertificate(), identityAttributes.getPrivateKey(), Constants.KEY_SIGNER).decode(new CMSSignedData(Base64.decode(str)));
            if (certRep.getPkiStatus() != PkiStatus.SUCCESS) {
                return null;
            }
            Certificate[] certificateArr = new Certificate[1];
            Iterator<? extends Certificate> it = CertStoreUtils.fromSignedData(certRep.getMessageData()).getCertificates(null).iterator();
            while (it.hasNext()) {
                certificateArr[0] = it.next();
            }
            return (X509Certificate) certificateArr[0];
        } catch (Exception e) {
            return null;
        }
    }

    public PKCS7Data generatePKCS7CSR(Identity identity) {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(1024);
            KeyPair genKeyPair = keyPairGenerator.genKeyPair();
            X500Principal createPrincipal = createPrincipal(identity);
            X509Certificate generateSelfSignedCertificate = generateSelfSignedCertificate(createPrincipal, createPrincipal, genKeyPair.getPrivate(), genKeyPair.getPublic());
            PkiMessageEncoder pkiMessageEncoder = new PkiMessageEncoder(genKeyPair.getPrivate(), generateSelfSignedCertificate, new PkcsPkiEnvelopeEncoder(Constants.KEY_ENCIPHER));
            PKCS10CertificationRequest generatePKCS10CSR = generatePKCS10CSR(createPrincipal, genKeyPair.getPrivate(), genKeyPair.getPublic(), HttpUrl.FRAGMENT_ENCODE_SET);
            return new PKCS7Data(new String(Base64.encode(pkiMessageEncoder.encode(new PkcsReq(TransactionId.createTransactionId(X509Util.getPublicKey(generatePKCS10CSR), "SHA-1"), Nonce.nextNonce(), generatePKCS10CSR)).getEncoded())), new IdentityAttributes(identity.getJustPayCode(), genKeyPair.getPrivate(), generateSelfSignedCertificate));
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public PKCS7Data generatePKCS7CSR(IdentityAttributes identityAttributes) {
        try {
            PkiMessageEncoder pkiMessageEncoder = new PkiMessageEncoder(identityAttributes.getPrivateKey(), identityAttributes.getCertificate(), new PkcsPkiEnvelopeEncoder(Constants.KEY_ENCIPHER));
            PKCS10CertificationRequest generatePKCS10CSR = generatePKCS10CSR(identityAttributes.getCertificate().getSubjectX500Principal(), identityAttributes.getPrivateKey(), identityAttributes.getCertificate().getPublicKey(), HttpUrl.FRAGMENT_ENCODE_SET);
            return new PKCS7Data(new String(Base64.encode(pkiMessageEncoder.encode(new PkcsReq(TransactionId.createTransactionId(X509Util.getPublicKey(generatePKCS10CSR), "SHA-1"), Nonce.nextNonce(), generatePKCS10CSR)).getEncoded())), identityAttributes);
        } catch (Exception e) {
            return null;
        }
    }

    public String getPEM(X509Certificate x509Certificate) {
        try {
            return new String(Base64.encode(x509Certificate.getEncoded()), "UTF-8");
        } catch (Exception e) {
            return HttpUrl.FRAGMENT_ENCODE_SET;
        }
    }
}
