package ru.cprocsp.NGate.tools;

import android.content.Context;
import java.io.File;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Enumeration;
import java.util.LinkedList;
import java.util.List;
import ru.CryptoPro.JCP.KeyStore.InvalidPasswordException;
import ru.CryptoPro.JCP.KeyStore.JCPPrivateKeyEntry;
import ru.CryptoPro.JCP.KeyStore.StoreInputStream;
import ru.CryptoPro.JCP.Random.BioRandomFrame;
import ru.CryptoPro.JCP.params.JCPProtectionParameter;
import ru.CryptoPro.JCSP.CSPConfig;
import ru.CryptoPro.JCSP.JCSP;
import ru.CryptoPro.JCSP.support.BKSTrustStore;
import ru.cprocsp.NGate.tools.log.Logger;

/* loaded from: classes4.dex */
public class ProviderInit implements Constants {
    public static final String EXT_CLIENT_AUTH = "1.3.6.1.5.5.7.3.2";

    public static int check(String str, String str2, String str3) {
        try {
            if (str == null || str2 == null) {
                Logger.e("No data.");
                return 1006;
            }
            Logger.d("Opening key container " + str2 + " with store type of " + str + "...");
            KeyStore keyStore = KeyStore.getInstance(str, "JCSP");
            keyStore.load(new StoreInputStream(str2), null);
            JCPPrivateKeyEntry jCPPrivateKeyEntry = (JCPPrivateKeyEntry) keyStore.getEntry(str2, new JCPProtectionParameter(str3 != null ? str3.toCharArray() : null, true, true));
            Logger.d("Check private key and certificate...");
            PrivateKey privateKey = jCPPrivateKeyEntry.getPrivateKey();
            X509Certificate x509Certificate = (X509Certificate) jCPPrivateKeyEntry.getCertificate();
            if (privateKey == null) {
                Logger.e("Private key not found.");
                return 1008;
            }
            if (x509Certificate == null) {
                Logger.e("Certificate not found.");
                return 1002;
            }
            Logger.d("Check extended key usage of certificate...");
            try {
                List<String> extendedKeyUsage = x509Certificate.getExtendedKeyUsage();
                if (extendedKeyUsage == null) {
                    Logger.e("Extended key usage not found.");
                    return 1003;
                }
                Logger.d("Extended key usage found, validate client policy  1.3.6.1.5.5.7.3.2...");
                if (!extendedKeyUsage.contains("1.3.6.1.5.5.7.3.2")) {
                    Logger.e("No valid extended key usage.");
                    return 1003;
                }
                Logger.d("Client policy found.");
                Logger.d("Check certificate dates...");
                try {
                    try {
                        x509Certificate.checkValidity();
                        Logger.d("Certificate accepted.");
                        return 1280;
                    } catch (CertificateNotYetValidException e) {
                        Logger.e("Certificate not yet valid.", e);
                        return 1007;
                    }
                } catch (CertificateExpiredException e2) {
                    Logger.e("Certificate expired.", e2);
                    return 1007;
                }
            } catch (CertificateParsingException e3) {
                Logger.e("Certificate decoding failed", e3);
                return 1005;
            }
        } catch (Exception e4) {
            Logger.e("Error occurred", e4);
            if (e4 instanceof InvalidPasswordException) {
                Logger.e("Invalid password.");
                return 1001;
            }
            if (e4 instanceof UnrecoverableEntryException) {
                Logger.e("Private key not found.");
                return 1008;
            }
            Logger.e("Unknown error occurred during check of key container.");
            return 1004;
        }
    }

    public static boolean deleteKeyContainer(String str, String str2) {
        try {
            KeyStore keyStore = KeyStore.getInstance(str, "JCSP");
            keyStore.load(new StoreInputStream(str2), null);
            keyStore.deleteEntry(str2);
            return true;
        } catch (Exception e) {
            Logger.e("Key container deleting failed", e);
            return false;
        }
    }

    public static X509Certificate getCertificate(String str, String str2) {
        try {
            KeyStore keyStore = KeyStore.getInstance(str, "JCSP");
            keyStore.load(null, null);
            return (X509Certificate) keyStore.getCertificate(str2);
        } catch (IOException e) {
            Logger.e(e.getMessage(), e);
            return null;
        } catch (KeyStoreException e2) {
            Logger.e(e2.getMessage(), e2);
            return null;
        } catch (NoSuchAlgorithmException e3) {
            Logger.e(e3.getMessage(), e3);
            return null;
        } catch (NoSuchProviderException e4) {
            Logger.e(e4.getMessage(), e4);
            return null;
        } catch (CertificateException e5) {
            Logger.e(e5.getMessage(), e5);
            return null;
        }
    }

    public static List<String> getKeyAliases(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance(str, "JCSP");
            keyStore.load(null, null);
            Enumeration<String> aliases = keyStore.aliases();
            ArrayList arrayList = new ArrayList();
            while (aliases.hasMoreElements()) {
                arrayList.add(aliases.nextElement());
            }
            return Collections.unmodifiableList(arrayList);
        } catch (IOException e) {
            Logger.e(e.getMessage(), e);
            return Collections.emptyList();
        } catch (KeyStoreException e2) {
            Logger.e(e2.getMessage(), e2);
            return Collections.emptyList();
        } catch (NoSuchAlgorithmException e3) {
            Logger.e(e3.getMessage(), e3);
            return Collections.emptyList();
        } catch (NoSuchProviderException e4) {
            Logger.e(e4.getMessage(), e4);
            return Collections.emptyList();
        } catch (CertificateException e5) {
            Logger.e(e5.getMessage(), e5);
            return Collections.emptyList();
        }
    }

    public static List<String> getKeyStoreTypes() {
        LinkedList linkedList = new LinkedList();
        for (Provider.Service service : new JCSP().getServices()) {
            if (service.getType().equalsIgnoreCase("KeyStore")) {
                linkedList.add(service.getAlgorithm());
            }
        }
        linkedList.remove("HDIMAGE");
        linkedList.add(0, "HDIMAGE");
        linkedList.remove("CertStore");
        linkedList.remove(JCSP.PFX_STORE_NAME);
        linkedList.remove(JCSP.MY_STORE_NAME);
        linkedList.remove("ROOT");
        linkedList.remove(JCSP.CA_STORE_NAME);
        linkedList.remove(JCSP.ADDRESS_BOOK_STORE_NAME);
        linkedList.remove(JCSP.FILE_STORE_NAME);
        linkedList.remove(JCSP.SST_STORE_NAME);
        return Collections.unmodifiableList(linkedList);
    }

    public static String getTrustStore(Context context) {
        return context.getApplicationInfo().dataDir + File.separator + BKSTrustStore.STORAGE_DIRECTORY + File.separator + "cacerts";
    }

    public static String getTrustStorePassword() {
        return String.valueOf(BKSTrustStore.STORAGE_PASSWORD);
    }

    public static String getTrustStoreType() {
        return BKSTrustStore.STORAGE_TYPE;
    }

    public static synchronized boolean init(Context context) {
        synchronized (ProviderInit.class) {
            if (CSPConfig.initEx(context) != 0) {
                return false;
            }
            initJavaProviders(context);
            return true;
        }
    }

    private static void initJavaProviders(Context context) {
        System.setProperty("com.sun.security.enableCRLDP", BioRandomFrame.STR_DIALOG_PROPERTY_VALUE);
        System.setProperty("com.ibm.security.enableCRLDP", BioRandomFrame.STR_DIALOG_PROPERTY_VALUE);
        System.setProperty("ngate_set_jcsp_if_gost", BioRandomFrame.STR_DIALOG_PROPERTY_VALUE);
        String trustStoreType = getTrustStoreType();
        String trustStore = getTrustStore(context);
        String trustStorePassword = getTrustStorePassword();
        Logger.d("Default trust store (" + trustStoreType + "): " + trustStore);
        System.setProperty("javax.net.ssl.trustStoreType", trustStoreType);
        System.setProperty("javax.net.ssl.trustStore", trustStore);
        System.setProperty("javax.net.ssl.trustStorePassword", trustStorePassword);
    }
}
