package com.android.WeytechSecurity;

import android.content.Context;
import android.util.Base64;
import android.util.Log;
import com.bc.operator.ContentSigner;
import com.bc.operator.OperatorCreationException;
import com.bc.operator.X509CertificateConverter;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.lang.reflect.Field;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Enumeration;
import java.util.Iterator;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.KeyUsage;
import org.bouncycastle.asn1.x509.X509CertificateStructure;
import org.suntongo.cert.PKCS10CertRequestBuilder;
import org.suntongo.cert.SM2SignerBuilder;
import org.suntongo.cert.X509v1CertBuilder;
import org.suntongo.gm.provider.SMProvider;

/* loaded from: classes.dex */
public class WeytechSecurity {
    private Context context;

    public WeytechSecurity(Context context) {
        this.context = context;
    }

    public static void addProvider() {
        if (Security.getProvider(Constant.PROVIDER) == null) {
            Security.addProvider(new SMProvider());
        }
    }

    private static KeyPair genSM2KeyPair() throws NoSuchAlgorithmException {
        KeyPairGenerator keyPairGenerator;
        try {
            keyPairGenerator = KeyPairGenerator.getInstance(Constant.ALGORITHM_SM2);
        } catch (NoSuchAlgorithmException unused) {
            addProvider();
            keyPairGenerator = KeyPairGenerator.getInstance(Constant.ALGORITHM_SM2);
        }
        return keyPairGenerator.generateKeyPair();
    }

    public static void getAllProviderMessage() {
        for (Provider provider : Security.getProviders()) {
            Log.i("CRYPTO", "provider: " + provider.getName());
            Log.i("CRYPTO", provider.getClass().getName());
            provider.getClass().getName().equals("org.bc.jce.provider.BouncyCastleProvider");
            for (Field field : provider.getClass().getDeclaredFields()) {
                Log.i("CRYPTO:filed", field.getName());
            }
            Iterator<Provider.Service> it2 = provider.getServices().iterator();
            while (it2.hasNext()) {
                Log.i("CRYPTO", "  algorithm: " + it2.next().getAlgorithm());
            }
        }
    }

    public String addZero(String str) {
        if (str.length() >= 64) {
            return str;
        }
        return String.format("%0" + (64 - str.length()) + "d", 0) + str;
    }

    public String weytechGenerateP10(String str, String str2, Date date) throws NoSuchAlgorithmException, IOException, OperatorCreationException, NoSuchProviderException, KeyStoreException, CertificateException {
        KeyPair genSM2KeyPair = genSM2KeyPair();
        PublicKey publicKey = genSM2KeyPair.getPublic();
        PrivateKey privateKey = genSM2KeyPair.getPrivate();
        PKCS10CertRequestBuilder pKCS10CertRequestBuilder = new PKCS10CertRequestBuilder(new X500Name(str), publicKey);
        pKCS10CertRequestBuilder.addAttribute(Extension.keyUsage, new KeyUsage(136));
        ContentSigner build = new SM2SignerBuilder(Constant.USER_ID).build(privateKey);
        byte[] encoded = pKCS10CertRequestBuilder.build(build).getEncoded();
        SecureRandom secureRandom = new SecureRandom();
        X500Principal x500Principal = new X500Principal("CN=Name_" + Integer.toHexString(secureRandom.nextInt() + 100));
        X509Certificate certificate = new X509CertificateConverter().setProvider(Constant.PROVIDER).getCertificate(new X509v1CertBuilder(x500Principal, new BigInteger(31, secureRandom).abs(), new Date(), date, x500Principal, publicKey).build(build));
        UtilK.toHexString(certificate.getPublicKey().getEncoded());
        KeyStore keyStore = KeyStore.getInstance(Constant.KEYSTORE_TYPE, Constant.PROVIDER);
        keyStore.load(null, null);
        keyStore.setKeyEntry(Constant.ALIAS, privateKey, str2.toCharArray(), new Certificate[]{certificate});
        FileOutputStream openFileOutput = this.context.openFileOutput(Constant.BKS_FILE_NAME, 0);
        keyStore.store(openFileOutput, str2.toCharArray());
        openFileOutput.close();
        return Base64.encodeToString(encoded, 2);
    }

    public String weytechGetPublicKey(String str) throws NoSuchProviderException, KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException {
        KeyStore keyStore = KeyStore.getInstance(Constant.KEYSTORE_TYPE, Constant.PROVIDER);
        keyStore.load(this.context.openFileInput(Constant.BKS_FILE_NAME), str.toCharArray());
        byte[] encoded = new X509CertificateStructure((ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(keyStore.getCertificate(Constant.ALIAS).getEncoded())).readObject()).getSubjectPublicKeyInfo().getPublicKeyData().getEncoded();
        byte[] bArr = new byte[64];
        System.arraycopy(encoded, 4, bArr, 0, bArr.length);
        UtilK.toHexString(bArr);
        byte[] bArr2 = new byte[32];
        byte[] bArr3 = new byte[32];
        System.arraycopy(bArr, 0, bArr3, 0, bArr3.length);
        System.arraycopy(bArr, 32, bArr2, 0, bArr2.length);
        String hexString = UtilK.toHexString(bArr3);
        if (new BigInteger(UtilK.hexStringToBytes(UtilK.toHexString(bArr2))).intValue() % 2 == 0) {
            return "02" + hexString;
        }
        return "03" + hexString;
    }

    public void weytechImportCert(String str, String str2) throws CertificateException, IOException, NoSuchProviderException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException {
        addProvider();
        KeyStore keyStore = KeyStore.getInstance(Constant.KEYSTORE_TYPE, Constant.PROVIDER);
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance(Constant.CERTIFICATE_TYPE).generateCertificate(new ByteArrayInputStream(Base64.decode(str.getBytes(), 2)));
        FileInputStream openFileInput = this.context.openFileInput(Constant.BKS_FILE_NAME);
        keyStore.load(openFileInput, str2.toCharArray());
        String nextElement = keyStore.aliases().nextElement();
        keyStore.setKeyEntry(nextElement, ((KeyStore.PrivateKeyEntry) keyStore.getEntry(nextElement, new KeyStore.PasswordProtection(str2.toCharArray()))).getPrivateKey(), str2.toCharArray(), new X509Certificate[]{x509Certificate});
        FileOutputStream openFileOutput = this.context.openFileOutput(Constant.BKS_FILE_NAME, Constant.OPERATING_MODE);
        keyStore.store(openFileOutput, str2.toCharArray());
        openFileOutput.close();
        openFileInput.close();
    }

    public byte[] weytechSignMessage(byte[] bArr, String str) throws SignatureException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableEntryException, InvalidKeyException, NoSuchProviderException, IOException, CertificateException {
        addProvider();
        if (bArr == null) {
            throw new NullPointerException();
        }
        if (bArr.length == 0) {
            throw new NullPointerException();
        }
        KeyStore keyStore = KeyStore.getInstance(Constant.KEYSTORE_TYPE, Constant.PROVIDER);
        keyStore.load(this.context.openFileInput(Constant.BKS_FILE_NAME), str.toCharArray());
        KeyStore.Entry entry = keyStore.getEntry(keyStore.aliases().nextElement(), new KeyStore.PasswordProtection(str.toCharArray()));
        PrivateKey privateKey = entry instanceof KeyStore.PrivateKeyEntry ? ((KeyStore.PrivateKeyEntry) entry).getPrivateKey() : null;
        Signature signature = Signature.getInstance(Constant.ALGORITHM_SM3W2);
        signature.initSign(privateKey);
        signature.setParameter("USER_ID", Constant.USER_ID);
        signature.update(bArr);
        Enumeration objects = ((ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(signature.sign())).readObject()).getObjects();
        BigInteger value = ((ASN1Integer) objects.nextElement()).getValue();
        BigInteger value2 = ((ASN1Integer) objects.nextElement()).getValue();
        String bigInteger = value.toString(16);
        String bigInteger2 = value2.toString(16);
        String addZero = addZero(bigInteger);
        String addZero2 = addZero(bigInteger2);
        UtilK.toHexString(UtilK.hexStringToBytes(addZero + addZero2));
        UtilK.hexStringToBytes(addZero + addZero2);
        return UtilK.hexStringToBytes(addZero + addZero2);
    }

    public boolean weytechVerifyMessage(byte[] bArr, byte[] bArr2, String str) throws SignatureException, NoSuchAlgorithmException, IOException, NoSuchProviderException, KeyStoreException, CertificateException, InvalidKeyException {
        Signature signature = Signature.getInstance(Constant.ALGORITHM_SM3W2);
        KeyStore keyStore = KeyStore.getInstance(Constant.KEYSTORE_TYPE, Constant.PROVIDER);
        keyStore.load(this.context.openFileInput(Constant.BKS_FILE_NAME), str.toCharArray());
        PublicKey publicKey = keyStore.getCertificate(Constant.ALIAS).getPublicKey();
        weytechGetPublicKey(str);
        signature.initVerify(publicKey);
        signature.setParameter("USER_ID", Constant.USER_ID);
        signature.update(bArr);
        return signature.verify(bArr2);
    }
}
