package com.sevenprinciples.android.mdm.safeclient.thirdparty.afw;

import android.net.Uri;
import android.util.Log;
import com.sevenprinciples.android.mdm.safeclient.base.ApplicationContext;
import com.sevenprinciples.android.mdm.safeclient.base.Constants;
import com.sevenprinciples.android.mdm.safeclient.thirdparty.afw.CertificateUtil;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.HashMap;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.DERBMPString;
import org.bouncycastle.asn1.pkcs.Attribute;
import org.bouncycastle.asn1.pkcs.ContentInfo;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.InputDecryptorProvider;
import org.bouncycastle.operator.bc.BcDefaultDigestProvider;
import org.bouncycastle.pkcs.PKCS12PfxPdu;
import org.bouncycastle.pkcs.PKCS12SafeBag;
import org.bouncycastle.pkcs.PKCS12SafeBagFactory;
import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
import org.bouncycastle.pkcs.bc.BcPKCS12MacCalculatorBuilderProvider;
import org.bouncycastle.pkcs.jcajce.JcePKCSPBEInputDecryptorProviderBuilder;

/* loaded from: classes2.dex */
public class BCHelper {
    private static final String TAG = Constants.TAG_PREFFIX + "BCH";

    public static CertificateUtil.PKCS12ParseInfo load(PKCS12PfxPdu pKCS12PfxPdu, String str) throws Exception {
        JcaX509CertificateConverter jcaX509CertificateConverter;
        CertificateUtil.PKCS12ParseInfo pKCS12ParseInfo = new CertificateUtil.PKCS12ParseInfo();
        char[] charArray = str.toCharArray();
        if (!pKCS12PfxPdu.isMacValid(new BcPKCS12MacCalculatorBuilderProvider(BcDefaultDigestProvider.INSTANCE), charArray)) {
            System.err.println("PKCS#12 MAC test failed!");
        }
        ContentInfo[] contentInfos = pKCS12PfxPdu.getContentInfos();
        HashMap hashMap = new HashMap();
        HashMap hashMap2 = new HashMap();
        HashMap hashMap3 = new HashMap();
        HashMap hashMap4 = new HashMap();
        BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider();
        Security.addProvider(bouncyCastleProvider);
        InputDecryptorProvider build = new JcePKCSPBEInputDecryptorProviderBuilder().setProvider(bouncyCastleProvider).build(charArray);
        JcaX509CertificateConverter provider = new JcaX509CertificateConverter().setProvider(bouncyCastleProvider);
        PrivateKey privateKey = null;
        int i = 0;
        while (i != contentInfos.length) {
            if (contentInfos[i].getContentType().equals((ASN1Primitive) PKCSObjectIdentifiers.encryptedData)) {
                PKCS12SafeBag[] safeBags = new PKCS12SafeBagFactory(contentInfos[i], build).getSafeBags();
                int i2 = 0;
                while (i2 != safeBags.length) {
                    PKCS12SafeBag pKCS12SafeBag = safeBags[i2];
                    X509Certificate certificate = provider.getCertificate((X509CertificateHolder) pKCS12SafeBag.getBagValue());
                    Attribute[] attributes = pKCS12SafeBag.getAttributes();
                    JcaX509CertificateConverter jcaX509CertificateConverter2 = provider;
                    int i3 = 0;
                    while (i3 != attributes.length) {
                        Attribute attribute = attributes[i3];
                        PKCS12SafeBag[] pKCS12SafeBagArr = safeBags;
                        Attribute[] attributeArr = attributes;
                        if (attribute.getAttrType().equals((ASN1Primitive) PKCS12SafeBag.friendlyNameAttribute)) {
                            hashMap.put(((DERBMPString) attribute.getAttributeValues()[0]).getString(), certificate);
                        } else if (attribute.getAttrType().equals((ASN1Primitive) PKCS12SafeBag.localKeyIdAttribute)) {
                            hashMap2.put(attribute.getAttributeValues()[0], certificate);
                        }
                        i3++;
                        safeBags = pKCS12SafeBagArr;
                        attributes = attributeArr;
                    }
                    i2++;
                    provider = jcaX509CertificateConverter2;
                }
                jcaX509CertificateConverter = provider;
            } else {
                jcaX509CertificateConverter = provider;
                PKCS12SafeBag[] safeBags2 = new PKCS12SafeBagFactory(contentInfos[i]).getSafeBags();
                PrivateKeyInfo decryptPrivateKeyInfo = ((PKCS8EncryptedPrivateKeyInfo) safeBags2[0].getBagValue()).decryptPrivateKeyInfo(build);
                PrivateKey generatePrivate = KeyFactory.getInstance(decryptPrivateKeyInfo.getPrivateKeyAlgorithm().getAlgorithm().getId(), bouncyCastleProvider).generatePrivate(new PKCS8EncodedKeySpec(decryptPrivateKeyInfo.getEncoded()));
                Attribute[] attributes2 = safeBags2[0].getAttributes();
                for (int i4 = 0; i4 != attributes2.length; i4++) {
                    Attribute attribute2 = attributes2[i4];
                    if (attribute2.getAttrType().equals((ASN1Primitive) PKCS12SafeBag.friendlyNameAttribute)) {
                        hashMap3.put(((DERBMPString) attribute2.getAttributeValues()[0]).getString(), generatePrivate);
                    } else if (attribute2.getAttrType().equals((ASN1Primitive) PKCS12SafeBag.localKeyIdAttribute)) {
                        hashMap4.put(generatePrivate, attribute2.getAttributeValues()[0]);
                    }
                }
                privateKey = generatePrivate;
            }
            i++;
            provider = jcaX509CertificateConverter;
        }
        Log.i(TAG, "########## PFX Dump");
        for (String str2 : hashMap3.keySet()) {
            pKCS12ParseInfo.setPrivateKey(privateKey);
            Log.i(TAG, "Key Entry: " + str2 + ", Subject: " + ((X509Certificate) hashMap2.get(hashMap4.get(hashMap3.get(str2)))).getSubjectDN());
        }
        for (String str3 : hashMap.keySet()) {
            pKCS12ParseInfo.setAlias(str3);
            pKCS12ParseInfo.setCertificate((X509Certificate) hashMap.get(str3));
            Log.i(TAG, "Certificate Entry: " + str3 + ", Subject: " + ((X509Certificate) hashMap.get(str3)).getSubjectDN());
        }
        return pKCS12ParseInfo;
    }

    public static CertificateUtil.PKCS12ParseInfo smartLoad(byte[] bArr, String str) throws Exception {
        File file = new File(ApplicationContext.getContext().getFilesDir(), "cert.txt");
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(file);
            try {
                fileOutputStream.write(bArr);
                fileOutputStream.close();
                Security.addProvider(new BouncyCastleProvider());
                try {
                    try {
                        CertificateUtil.PKCS12ParseInfo parsePKCS12Certificate = CertificateUtil.parsePKCS12Certificate(ApplicationContext.getContext().getContentResolver(), Uri.fromFile(file), str);
                        Log.i(TAG, "ROOT_CAUSE_CERT " + str + ": old code parses OK");
                        return parsePKCS12Certificate;
                    } catch (Throwable unused) {
                        try {
                            CertificateUtil.PKCS12ParseInfo load = load(new PKCS12PfxPdu(bArr), str);
                            Log.i(TAG, "ROOT_CAUSE_CERT " + str + ": only new code OK");
                            return load;
                        } catch (Exception e) {
                            Log.i(TAG, "ROOT_CAUSE_CERT " + str + ": error with old and new code");
                            throw e;
                        }
                    }
                } finally {
                    file.delete();
                }
            } finally {
            }
        } catch (IOException e2) {
            throw new RuntimeException(e2);
        }
    }
}
