package ir.co.pki.dastinelib;

import android.content.Context;
import android.os.Handler;
import android.util.Log;
import com.RNRSA.RSA;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPublicKeySpec;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import org.apache.commons.lang3.CharEncoding;
import org.spongycastle.crypto.tls.CipherSuite;

/* loaded from: classes2.dex */
public class Crypto {
    private Context context;
    private String sdkCert = "MIIDijCCAnKgAwIBAgIICzJOTIGR8swwDQYJKoZIhvcNAQELBQAwNTEVMBMGA1UE\nAwwMVGVzdEJNSVN1YkNBMQ8wDQYDVQQKDAZQZW5kYXIxCzAJBgNVBAYTAklSMB4X\nDTIyMDkxNjE2MTMzOVoXDTI0MDkxNTE2MTMzOVowFTETMBEGA1UEAwwKU0RLTGlj\nZW5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIBsK/vTI9u9uHfO\niBbsAa9gpjJE3nP08FnNWxjtqIv3IIfNfxmMk4S02lJjsJlxXwNC0jZd7EoPbwc3\nKDm79NqYNwZ2nThf3F+yrUiwGlOkNsvVsqIKEo/INWruDTwSmvp4ZnwYMWKJoQ4R\nO/pSUyFiK+fBZRE3a0sppLrBi0m3qxs+v70LBGfSIJLZAJK4aqPF8kmJnI1vwsqp\nfjxkbxxdVSZSM1BotfswvLrYADKZwLnF6TQC6Nj5HurX3xv1vF0/XOKgUbOjmkXC\niYl+S9Z6NTvmQdiwVcvzBwBkKn7lcZSAZlCqWiwO3+37jja6uQA0q/i9bYR0LGwY\nwex7VJ8CAwEAAaOBvTCBujAxBggrBgEFBQcBAQQlMCMwIQYIKwYBBQUHMAGGFWh0\ndHA6Ly92YS5ibWkuaXIvb2NzcDAdBgNVHQ4EFgQUeCsBGByyijp6J3/ENahIFdWA\nJjwwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBR53S98DsAKYHGf530ytJr9xMRW\n6jAnBgNVHR8EIDAeMBygGqAYhhZodHRwOi8vdmEuYm1pLmlyL3N1YmNhMA4GA1Ud\nDwEB/wQEAwIGwDANBgkqhkiG9w0BAQsFAAOCAQEAMlluXZE7q2Z7yQhMfknxqUQN\nyj0jAI2O5dZKGJwZ8cpUDhCT6u183iPxjpTiUsJIJSIEADz1Pn0HKSCrn9nXv/MR\niNujdsx+uOxE8F5AxYtnp2XZt2EE0ag4U2FJLEruODgH95TNjo9OxdA8Cll90EZD\nJ2TFygtfI4IsX2v12yrKTIiqaqYs0BJGyF8w9Pa3X1o0JoMRlmUEQfICGHUeKUL1\nGNThSz212sht9a+bhyyTt8gUJo6cWPPos+RoHrxbG8I/ovhL06EGnj5Ff38I2eaE\nkKEOP0Bc/3wlWdTxZ+O97SElQs0yvZ9/fGZBhEfZxLEEoA2i/ew+qInYLlPGpw==";
    private X509Certificate2 selectedCertificate;
    private Token token;

    public Crypto(Context context) {
        this.context = context;
        this.token = new Token(context);
    }

    public Crypto(Context context, String str) throws Exception {
        this.context = context;
        this.token = new Token(context);
        String unicodeToBase64 = unicodeToBase64(context.getPackageName());
        X509Certificate convertB64StringToX509Cert = Common.convertB64StringToX509Cert(this.sdkCert);
        Log.wtf("PKI", "Package Name: " + unicodeToBase64);
        if (!verify(unicodeToBase64, str, convertB64StringToX509Cert)) {
            throw new LicenseException();
        }
    }

    public static String base64ToUnicode(String str) throws UnsupportedEncodingException {
        try {
            return new String(Common.convertFromBase64(str), CharEncoding.UTF_16LE);
        } catch (Exception unused) {
            return DastineErrorCode.E_INPUT_DATA_NOT_B64.toString();
        }
    }

    public static PublicKey createPublicKeyFromString(String str) throws NoSuchAlgorithmException, InvalidKeySpecException {
        byte[] convertFromBase64 = Common.convertFromBase64(str);
        return KeyFactory.getInstance(RSA.ALGORITHM).generatePublic(new RSAPublicKeySpec(new BigInteger(Arrays.copyOfRange(convertFromBase64, 6, CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA)), new BigInteger(Arrays.copyOfRange(convertFromBase64, CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA, CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA))));
    }

    private X509Certificate2 findCertificateForDecryption(BigInteger bigInteger) throws Exception {
        for (X509Certificate2 x509Certificate2 : getAllCertificatesFromToken("", "")) {
            if (x509Certificate2.getCertificate().getSerialNumber().equals(bigInteger)) {
                return x509Certificate2;
            }
        }
        return null;
    }

    private native byte[] returnArray(byte[] bArr);

    public static String unicodeToBase64(String str) throws UnsupportedEncodingException {
        return Common.convertToBase64(str.getBytes(CharEncoding.UTF_16LE));
    }

    public static boolean verify(String str, String str2, PublicKey publicKey) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        byte[] convertFromBase64 = Common.convertFromBase64(str);
        byte[] convertFromBase642 = Common.convertFromBase64(str2);
        Signature signature = Signature.getInstance("SHA1withRSA");
        signature.initVerify(publicKey);
        signature.update(convertFromBase64);
        return signature.verify(convertFromBase642);
    }

    public static boolean verifyConfig(String str, String str2, String str3) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, UnsupportedEncodingException, InvalidKeySpecException {
        return verify(str, str2, createPublicKeyFromString(str3));
    }

    public String changePIN(String str, String str2) throws Exception {
        return String.valueOf(this.token.changePin(str, str2));
    }

    public String cmsDecrypt(String str, String str2) throws Exception {
        return "0";
    }

    public String cmsSign(String str, String str2, X509Certificate x509Certificate, String str3, boolean z, String str4) throws IOException {
        return this.token.cmsSign(str, str2, x509Certificate, str3, z, str4);
    }

    public String cmsSign(String str, boolean z, String str2, String str3) throws Exception {
        return this.selectedCertificate == null ? String.valueOf(DastineErrorCode.E_CERTIFICATE_NOT_SELECTED.getValue()) : str.equals("") ? String.valueOf(DastineErrorCode.E_INPUT_DATA_NOT_B64.getValue()) : cmsSign(str, this.selectedCertificate.getKeyHandler(), this.selectedCertificate.getCertificate(), str3, z, str2);
    }

    public boolean deleteKey(String str) throws KeyStoreException, CertificateException, IOException, NoSuchAlgorithmException {
        return this.token.deleteKey(str);
    }

    public String findCertificateFromToken() throws Exception {
        String str = "";
        Iterator<X509Certificate2> it = getAllCertificatesFromToken("", "").iterator();
        while (it.hasNext()) {
            str = str + it.next().getCertificate().getSubjectDN().toString() + "|";
        }
        return unicodeToBase64(str);
    }

    public String generateCSR(KeyPair keyPair, UserData userData, String str, String str2) {
        return this.token.generateCSR(keyPair, userData, str, str2);
    }

    public KeyPair generateKey(String str) {
        return this.token.generateKeyPair(str);
    }

    public String generateKeyPairAndCsr(String str, KeyAlgorithm keyAlgorithm, int i, UserData userData, String str2, String str3) {
        return this.token.generateKeyPairAndCsr(str, keyAlgorithm, i, userData, str2, str3);
    }

    public String generateKeyPairAndCsr(String str, KeyAlgorithm keyAlgorithm, int i, UserData userData, String str2, String str3, String str4) {
        return this.token.generateKeyPairAndCsr(str, keyAlgorithm, i, userData, str2, str3, str4);
    }

    public List<X509Certificate2> getAllCertificatesFromToken(String str, String str2) throws Exception {
        X509Certificate convertB64StringToX509Cert;
        ArrayList arrayList = new ArrayList();
        for (String str3 : this.token.listPrivateKeyNames()) {
            String readCertificate = readCertificate(str3);
            if (readCertificate != null && !readCertificate.equals("") && (convertB64StringToX509Cert = Common.convertB64StringToX509Cert(readCertificate)) != null) {
                arrayList.add(new X509Certificate2(TokenProvider.RAMZINEH, str3, convertB64StringToX509Cert, true));
            }
        }
        return arrayList;
    }

    public List<X509Certificate2> getIDinCertificatesFromToken(String str, String str2) throws Exception {
        return null;
    }

    public PrivateKey getPrivateKey(String str) {
        return this.token.getPrivateKey(str);
    }

    public String getSelectedCertificate() throws CertificateEncodingException {
        X509Certificate2 x509Certificate2 = this.selectedCertificate;
        return x509Certificate2 != null ? Common.convertToBase64(x509Certificate2.getCertificate().getEncoded()) : String.valueOf(DastineErrorCode.E_CERTIFICATE_NOT_SELECTED.getValue());
    }

    public String getVersion() {
        Log.wtf("PKI", "Crypto GetVersion");
        return "1.0.0.1";
    }

    public String importCertificate(String str, String str2, String str3) {
        return this.token.importCertificate(str, str2, str3);
    }

    public String importIssuedCertificate(String str) {
        return String.valueOf(DastineErrorCode.E_NOT_SUPPORTED.getValue());
    }

    public void initializeToken(String str, String str2) throws Exception {
        this.token.initializeToken(str, str2);
    }

    public int isTokenInitialized() throws UnrecoverableEntryException, CertificateException, KeyStoreException, NoSuchAlgorithmException, IOException {
        boolean z = listPrivateKeys().size() > 0;
        boolean isTokenProtected = this.token.isTokenProtected();
        if (z && isTokenProtected) {
            return 3;
        }
        if (z) {
            return 1;
        }
        return isTokenProtected ? 2 : 0;
    }

    public List<String> listPrivateKeys() throws UnrecoverableEntryException, KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        return this.token.listPrivateKeyNames();
    }

    public String readCardSerialNumber() throws Exception {
        return String.valueOf(DastineErrorCode.E_NOT_SUPPORTED.getValue());
    }

    public String readCertificate(String str) {
        return this.token.readCertificate(str);
    }

    public String readCustomField(String str, String str2) {
        return String.valueOf(DastineErrorCode.E_NOT_SUPPORTED.getValue());
    }

    public String readExtendedPrintedData(String str) {
        return String.valueOf(DastineErrorCode.E_NOT_SUPPORTED.getValue());
    }

    public String readFaceImage(String str) {
        return String.valueOf(DastineErrorCode.E_NOT_SUPPORTED.getValue());
    }

    public String readFingerprintImage(String str) {
        return String.valueOf(DastineErrorCode.E_NOT_SUPPORTED.getValue());
    }

    public String readPrintedInformation(String str) {
        return String.valueOf(DastineErrorCode.E_NOT_SUPPORTED.getValue());
    }

    public String readSignatureImage(String str) {
        return String.valueOf(DastineErrorCode.E_NOT_SUPPORTED.getValue());
    }

    public String readValidationData(String str) {
        return String.valueOf(DastineErrorCode.E_NOT_SUPPORTED.getValue());
    }

    public String reset() {
        try {
            this.selectedCertificate = null;
            return String.valueOf(DastineErrorCode.SUCCESSFUL.getValue());
        } catch (Exception unused) {
            return String.valueOf(DastineErrorCode.E_UNKNOWN.getValue());
        }
    }

    public String selectCertificateBySubject(String str) throws Exception {
        for (X509Certificate2 x509Certificate2 : getAllCertificatesFromToken("", "")) {
            if (x509Certificate2.getCertificate().getSubjectDN().toString().equals(str)) {
                this.selectedCertificate = x509Certificate2;
                return DastineErrorCode.SUCCESSFUL.toString();
            }
        }
        return DastineErrorCode.E_SELECTCERTIFICATE_NO_CERTIFICATE_ON_TOKEN.toString();
    }

    public String selectCertificateFromTokenBySerialNumber(BigInteger bigInteger) throws Exception {
        for (X509Certificate2 x509Certificate2 : getAllCertificatesFromToken("", "")) {
            if (x509Certificate2.getCertificate().getSerialNumber().equals(bigInteger)) {
                this.selectedCertificate = x509Certificate2;
                return String.valueOf(DastineErrorCode.SUCCESSFUL.getValue());
            }
        }
        return String.valueOf(DastineErrorCode.E_SELECTCERTIFICATE_NOT_FOUND.getValue());
    }

    public String selectCertificateFromTokenBySubject(String str) throws Exception {
        for (X509Certificate2 x509Certificate2 : new ArrayList()) {
            if (x509Certificate2.getCertificate().getSubjectDN().toString().equals(str)) {
                this.selectedCertificate = x509Certificate2;
                return String.valueOf(DastineErrorCode.SUCCESSFUL.getValue());
            }
        }
        return String.valueOf(DastineErrorCode.E_SELECTCERTIFICATE_NOT_FOUND.getValue());
    }

    public String setPermisionEvent(Handler handler) {
        return String.valueOf(DastineErrorCode.E_NOT_SUPPORTED.getValue());
    }

    public String setRemoveEvent(Handler handler) {
        return String.valueOf(DastineErrorCode.E_NOT_SUPPORTED.getValue());
    }

    public String sign(String str, String str2, String str3) throws Exception {
        try {
            return this.selectedCertificate == null ? String.valueOf(DastineErrorCode.E_CERTIFICATE_NOT_SELECTED.getValue()) : str.equals("") ? String.valueOf(DastineErrorCode.E_INPUT_DATA_NOT_B64.getValue()) : sign(str, this.selectedCertificate.getKeyHandler(), str3, str2);
        } catch (Exception e) {
            Log.wtf("PKI", e.toString());
            return "";
        }
    }

    public String sign(String str, String str2, String str3, String str4) throws NoSuchPaddingException, IllegalBlockSizeException, NoSuchAlgorithmException, BadPaddingException, InvalidKeyException {
        return this.token.sign(str, str2, str3, str4);
    }

    public String sign(String str, PrivateKey privateKey, String str2) throws NoSuchPaddingException, IllegalBlockSizeException, NoSuchAlgorithmException, BadPaddingException, InvalidKeyException {
        return this.token.sign(str, privateKey, str2);
    }

    public native String stringFromJNI();

    public String unblockPIN(String str, String str2) throws Exception {
        return String.valueOf(this.token.unblockPin(str, str2));
    }

    public boolean verify(String str, String str2, X509Certificate x509Certificate) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, UnsupportedEncodingException {
        byte[] bArr;
        byte[] convertFromBase64 = Common.convertFromBase64(str);
        try {
            bArr = Common.convertFromBase64(str2);
        } catch (Exception unused) {
            bArr = new byte[1];
        }
        x509Certificate.getPublicKey();
        Signature signature = Signature.getInstance("SHA1withRSA");
        signature.initVerify(x509Certificate);
        signature.update(convertFromBase64);
        return signature.verify(bArr);
    }
}
