package com.dean.aadtcert.certutil;

import com.dean.asn1.ASN1Encodable;
import com.dean.asn1.DERObjectIdentifier;
import com.dean.asn1.x509.CRLNumber;
import com.dean.asn1.x509.X509Extensions;
import com.dean.jce.PrincipalUtil;
import com.dean.x509.X509V2CRLGenerator;
import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509CRLEntry;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;

/* loaded from: classes.dex */
public class DaCRL {
    private HashMap<String, String> CertAtri_Provider;
    private PrivateKey CertPrivKey;
    private String CertSignAlg;
    private String ProviderName;
    List<String> RevkCrlArray;
    private String SignHardType;
    private String SignKeyLen;
    private String SignKeyNum;
    private String SignKeyType;
    private Date crlThisTime = null;
    private Date crlNextTime = null;
    private BigInteger crlCertSN = null;
    private byte[] bCaCertArray = null;
    private X509CRL myX509Crl = null;
    private Iterator myIterator = null;
    private X509CRLEntry myEntry = null;

    public DaCRL() {
        this.CertPrivKey = null;
        this.CertAtri_Provider = null;
        this.ProviderName = "";
        this.SignHardType = "";
        this.SignKeyType = "";
        this.SignKeyLen = "";
        this.CertSignAlg = "";
        this.SignKeyNum = "";
        this.RevkCrlArray = null;
        this.CertPrivKey = null;
        this.CertAtri_Provider = null;
        this.ProviderName = "";
        this.SignHardType = "";
        this.SignKeyType = "";
        this.SignKeyLen = "";
        this.CertSignAlg = "";
        this.SignKeyNum = "";
        this.RevkCrlArray = new ArrayList();
    }

    private static String parseRevokeInfo(String str, String str2) {
        String[] split = str.split(";");
        int length = split.length;
        if (!"".equals(str)) {
            for (int i = 0; i < length; i++) {
                if (split[i].indexOf(str2) >= 0) {
                    return split[i].replaceAll(str2, "");
                }
            }
        }
        return "";
    }

    public void CrlDecode(byte[] bArr) throws Exception {
        try {
            this.myX509Crl = (X509CRL) CertificateFactory.getInstance("X.509", "BC").generateCRL(new ByteArrayInputStream(bArr));
            this.myIterator = this.myX509Crl.getRevokedCertificates().iterator();
        } catch (Exception e) {
            e.printStackTrace();
            throw new RuntimeException("CrlDecode 失败" + e.getMessage());
        }
    }

    public void CrlEncode() throws Exception {
        try {
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509", "BC").generateCertificate(new ByteArrayInputStream(this.bCaCertArray));
            Security.removeProvider("BC");
            X509V2CRLGenerator x509V2CRLGenerator = new X509V2CRLGenerator();
            x509V2CRLGenerator.setIssuerDN(PrincipalUtil.getSubjectX509Principal(x509Certificate));
            x509V2CRLGenerator.setThisUpdate(this.crlThisTime);
            x509V2CRLGenerator.setNextUpdate(this.crlNextTime);
            x509V2CRLGenerator.setSignatureAlgorithm("SHA1WithRSAEncryption");
            for (int i = 0; i < this.RevkCrlArray.size(); i++) {
                String str = this.RevkCrlArray.get(i);
                x509V2CRLGenerator.addCRLEntry(new BigInteger(parseRevokeInfo(str, "crlRevokeSN="), 16), new SimpleDateFormat("yyyy-MM-dd kk:mm:ss").parse(parseRevokeInfo(str, "crlRevokeSNTime=")), Integer.valueOf(parseRevokeInfo(str, "crlRevokeReson=")).intValue());
            }
            x509V2CRLGenerator.addExtension((DERObjectIdentifier) X509Extensions.CRLNumber, false, (ASN1Encodable) new CRLNumber(this.crlCertSN));
            if (!this.ProviderName.equals("DatechCrypto")) {
                this.myX509Crl = x509V2CRLGenerator.generate(this.CertPrivKey, "BC");
                return;
            }
            SecureRandom secureRandom = SecureRandom.getInstance("RsaKey" + this.SignKeyNum, this.ProviderName);
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(this.SignKeyType, this.ProviderName);
            keyPairGenerator.initialize(Integer.parseInt(this.SignKeyLen), secureRandom);
            this.CertPrivKey = keyPairGenerator.genKeyPair().getPrivate();
            if (this.CertPrivKey == null) {
                System.out.println("this.CertPrivKey is null");
            }
            this.myX509Crl = x509V2CRLGenerator.generate(this.CertPrivKey, this.ProviderName, secureRandom);
        } catch (Exception e) {
            e.printStackTrace();
            e.getMessage();
            throw new RuntimeException("\n 1.编码CRL失败，请检查得安JCE配置是否正确，用得安JCE工具测试能否连接密码设备\n 2.请检查你输入的Provider--->\n " + this.CertAtri_Provider.toString() + "\n 3.请查看异常信息:" + e.getMessage() + "\n ");
        }
    }

    public byte[] CrlGetCoded() throws Exception {
        if (this.myX509Crl == null) {
            throw new RuntimeException("CRL没有编码错误 CRL must be signed");
        }
        return this.myX509Crl.getEncoded();
    }

    public Object GetCRLAttiObject(int i) throws Exception {
        if (i <= 0 || i > 10000) {
            throw new RuntimeException("iAttriType--->" + i + "iAttriType <=0 || iAttriType > 10000 ");
        }
        try {
            throw new RuntimeException("iAttriType--->" + i);
        } catch (Exception e) {
            e.printStackTrace();
            throw new RuntimeException("iAttriType--->" + i + " 异常 \n" + e.getMessage());
        }
    }

    public String GetCRLAttribute(int i) throws Exception {
        if (i <= 0 || i > 10000) {
            throw new RuntimeException("iAttriType--->" + i + "<=0, >10000");
        }
        try {
            switch (i) {
                case 311:
                    return new SimpleDateFormat("yyyy-MM-dd kk:mm:ss").format(this.myX509Crl.getThisUpdate());
                case 312:
                    return new SimpleDateFormat("yyyy-MM-dd kk:mm:ss").format(this.myX509Crl.getNextUpdate());
                case 322:
                    return this.myEntry.getSerialNumber().toString(16);
                case 323:
                    return new SimpleDateFormat("yyyy-MM-dd kk:mm:ss").format(this.myEntry.getRevocationDate());
                case DaCertCode.CRL_CERT_REVOCATION_REASON /* 324 */:
                    return "";
                case 325:
                    if (!this.myIterator.hasNext()) {
                        return "NO";
                    }
                    this.myEntry = (X509CRLEntry) this.myIterator.next();
                    return "YES";
                default:
                    throw new RuntimeException("iAttriType--->" + i + "not support");
            }
        } catch (Exception e) {
            e.printStackTrace();
            throw new RuntimeException("iAttriType--->" + i + " 异常\n" + e.getMessage());
        }
    }

    public void SetCRLAttiObject(int i, Object obj) throws Exception {
        if (obj == null) {
            throw new RuntimeException("iAttriType--->" + i + " is null");
        }
        try {
            switch (i) {
                case 304:
                    if (!(obj instanceof PrivateKey)) {
                        throw new RuntimeException("iCertAttriType--->" + i + "cCertAttri not java.security.PrivateKey");
                    }
                    this.CertPrivKey = (PrivateKey) obj;
                    return;
                case 305:
                    if (!(obj instanceof HashMap)) {
                        throw new RuntimeException("iCertAttriType--->" + i + "锟斤拷锟斤拷私钥锟斤拷锟酵非凤拷  cCertAttri not java.security.PrivateKey");
                    }
                    this.CertAtri_Provider = (HashMap) obj;
                    this.ProviderName = this.CertAtri_Provider.get("ProviderName");
                    this.SignHardType = this.CertAtri_Provider.get("SignHardType");
                    this.SignKeyType = this.CertAtri_Provider.get("SignKeyType");
                    this.SignKeyLen = this.CertAtri_Provider.get("SignKeyLen");
                    this.CertSignAlg = this.CertAtri_Provider.get("CertSignAlg");
                    this.SignKeyNum = this.CertAtri_Provider.get("SignKeyNum");
                    if (!this.ProviderName.equals("DatechCrypto") && !this.ProviderName.equals("BC")) {
                        throw new RuntimeException("ProviderName--->" + this.ProviderName);
                    }
                    if (this.ProviderName.equals("DatechCrypto") && !this.SignHardType.equals("JMJ") && !this.SignHardType.equals("CARD") && !this.SignHardType.equals("KEY")) {
                        throw new RuntimeException("ProviderName--->" + this.ProviderName + "SignHardType--->" + this.SignHardType);
                    }
                    if (!this.CertSignAlg.equals("SHA1WithRSA") || this.CertSignAlg.equals(DaCertCode.CERT_SM3WithSM2)) {
                        throw new RuntimeException("ProviderName--->" + this.ProviderName + "CertSignAlg--->" + this.CertSignAlg);
                    }
                    return;
                case 306:
                    if (!(obj instanceof byte[])) {
                        throw new RuntimeException("iCertAttriType--->" + i + "cCertAttri not byte[]");
                    }
                    byte[] bArr = (byte[]) obj;
                    if (bArr[0] != 48) {
                        throw new RuntimeException("iCertAttriType--->" + i);
                    }
                    this.bCaCertArray = new byte[bArr.length];
                    System.arraycopy(bArr, 0, this.bCaCertArray, 0, bArr.length);
                    return;
                default:
                    throw new RuntimeException("iCertAttriType--->" + i + "not support \ncCertAttri--->" + obj.toString());
            }
        } catch (Exception e) {
            e.printStackTrace();
            throw new RuntimeException("iCertAttriType--->" + i + " 异常\ncCertAttri--->" + obj.toString() + e.getMessage());
        }
    }

    public void SetCRLAttribute(int i, String str) throws Exception {
        if (str == null || str.equals("")) {
            throw new RuntimeException("iAttriType--->" + str + "is null");
        }
        try {
            switch (i) {
                case 311:
                    this.crlThisTime = new SimpleDateFormat("yyyy-MM-dd kk:mm:ss").parse(str);
                    return;
                case 312:
                    this.crlNextTime = new SimpleDateFormat("yyyy-MM-dd kk:mm:ss").parse(str);
                    return;
                case 313:
                    this.crlCertSN = new BigInteger(str, 16);
                    return;
                case 321:
                    String str2 = "crlRevokeSN=486f5d5640754a75ecb190cc426ae984;crlRevokeSNTime=2012-11-25 01:02:03;crlRevokeReson=1;";
                    String[] split = str.split(";");
                    if (split.length != 3 || split[1].length() != "2012-11-25 01:02:03".length() + "crlRevokeSNTime=".length()) {
                        throw new RuntimeException("iCertAttriType--->" + i + "1.锟斤拷锟斤拷值锟角凤拷锟斤拷\n2锟斤拷确锟斤拷锟斤拷:\n" + str2 + "\ncCertAttri--->" + str);
                    }
                    this.RevkCrlArray.add(str);
                    return;
                default:
                    throw new RuntimeException("iCertAttriType--->" + i + " 锟斤拷锟斤拷锟斤拷锟斤拷欠锟絓ncCertAttri--->" + str);
            }
        } catch (Exception e) {
            e.printStackTrace();
            throw new RuntimeException("iCertAttriType--->" + i + " 锟斤拷锟皆达拷锟斤拷锟届常\ncCertAttri--->" + str + e.getMessage());
        }
    }
}
