package com.nitrodesk.crypto;

import android.os.Build;
import com.nitrodesk.data.appobjects.AccountParameters;
import com.nitrodesk.data.appobjects.SMIMECerts;
import com.nitrodesk.nitroid.helpers.CallLogger;
import com.nitrodesk.nitroid.helpers.MyTrustManagerFactory;
import com.nitrodesk.nitroid.helpers.StoopidHelpers;
import com.nitrodesk.servicemanager.BaseServiceProvider;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.cert.CertStore;
import java.security.cert.Certificate;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;

/* loaded from: classes.dex */
public class BaseCertStorageProvider {
    public static final int CERT_STORE_TYPE_ACTIVIDENTITY = 200;
    public static final int CERT_STORE_TYPE_BASE = 0;
    public static final int CERT_STORE_TYPE_CERTGATE = 100;
    protected static BaseCertStorageProvider mBase = null;
    protected static CertgateStorageProvider mCertGate = null;

    public static BaseCertStorageProvider getAvailableHardwareProvider() {
        if (mCertGate != null && mCertGate.isReady()) {
            return mCertGate;
        }
        CertgateStorageProvider certgateStorageProvider = new CertgateStorageProvider();
        if (!certgateStorageProvider.isAvailable()) {
            return null;
        }
        mCertGate = certgateStorageProvider;
        return certgateStorageProvider;
    }

    public static boolean getEncryptionCertInfoForStore(SMIMECerts sMIMECerts, SigningInfo signingInfo) throws KeyStoreException {
        try {
            return getProvider(sMIMECerts.StoreType).getEncryptionCertInfo(sMIMECerts, signingInfo);
        } catch (Exception e) {
            return false;
        }
    }

    public static BaseCertStorageProvider getProvider(int i) {
        switch (i) {
            case 0:
                if (mBase == null) {
                    mBase = new BaseCertStorageProvider();
                }
                return mBase;
            case 100:
                if (mCertGate == null) {
                    mCertGate = new CertgateStorageProvider();
                }
                return mCertGate;
            default:
                return null;
        }
    }

    public static boolean getSigningCertInfoForStore(SMIMECerts sMIMECerts, SigningInfo signingInfo) throws KeyStoreException {
        return getProvider(sMIMECerts.StoreType).getSigningCertInfo(sMIMECerts, signingInfo);
    }

    public static boolean validatePIN(AccountParameters accountParameters, String str, StringBuilder sb) {
        BaseCertStorageProvider provider = getProvider(accountParameters.CertStoreType);
        if (provider != null) {
            return provider.authenticatePIN(str, sb);
        }
        return false;
    }

    public boolean authenticatePIN(String str, StringBuilder sb) {
        ArrayList<SMIMECerts> certs = SMIMECerts.getCerts();
        if (certs != null && certs.size() > 0) {
            Iterator<SMIMECerts> it = certs.iterator();
            while (it.hasNext()) {
                SMIMECerts next = it.next();
                if (next.StoreType == 0) {
                    byte[] blob = next.getBlob(str);
                    if (blob == null) {
                        return false;
                    }
                    KeyStore keyStore = null;
                    try {
                        keyStore = SMIMEUtils.getKeyStore(next, new StringBuilder(), blob);
                    } catch (KeyStoreException e) {
                    }
                    if (keyStore == null) {
                        return false;
                    }
                }
            }
        }
        return true;
    }

    public boolean fetchAndSaveCerts(String str, StringBuilder sb) {
        return false;
    }

    public X509Certificate getCert(byte[] bArr, String str, String str2) {
        return null;
    }

    protected boolean getEncryptionCertInfo(SMIMECerts sMIMECerts, SigningInfo signingInfo) throws KeyStoreException {
        KeyStore keyStore;
        char[] charArray;
        StringBuilder sb = new StringBuilder();
        if (sMIMECerts == null) {
            keyStore = MyTrustManagerFactory.getKeyStore();
            String pFXKey = MyTrustManagerFactory.getPFXKey();
            if (pFXKey != null) {
                sb.append(pFXKey);
            }
        } else {
            keyStore = SMIMEUtils.getKeyStore(sMIMECerts, sb);
        }
        String sb2 = sb.toString();
        if (sb2.length() == 0) {
            sb2 = null;
        }
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(nextElement);
            if (sb2 != null) {
                try {
                    charArray = sb2.toCharArray();
                } catch (Exception e) {
                }
            } else {
                charArray = null;
            }
            signingInfo.EncPvtKey = (PrivateKey) keyStore.getKey(nextElement, charArray);
            if (signingInfo.EncPvtKey != null) {
                signingInfo.enccert = x509Certificate;
                Certificate[] certificateChain = keyStore.getCertificateChain(nextElement);
                ArrayList arrayList = new ArrayList();
                for (Certificate certificate : certificateChain) {
                    arrayList.add(certificate);
                }
                signingInfo.enccstore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(arrayList), "NDBC");
                break;
            }
            continue;
        }
        if (signingInfo.enccert != null) {
            return true;
        }
        CallLogger.Log("ERROR: Trying to send encrypted message, but cert was not found");
        return false;
    }

    public String getEncryptionProvider() {
        return "NDBC";
    }

    public KeyStore getKeyStore(SMIMECerts sMIMECerts, String str) {
        return null;
    }

    protected boolean getSigningCertInfo(SMIMECerts sMIMECerts, SigningInfo signingInfo) throws KeyStoreException {
        KeyStore keyStore;
        char[] charArray;
        StringBuilder sb = new StringBuilder();
        if (sMIMECerts == null) {
            keyStore = MyTrustManagerFactory.getKeyStore();
            String pFXKey = MyTrustManagerFactory.getPFXKey();
            if (pFXKey != null) {
                sb.append(pFXKey);
            }
        } else {
            keyStore = SMIMEUtils.getKeyStore(sMIMECerts, sb);
        }
        String sb2 = sb.toString();
        if (sb2.length() == 0) {
            sb2 = null;
        }
        if (keyStore == null) {
            CallLogger.Log("ERROR: Trying to send a signed message, but unable to load cert");
            return false;
        }
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            signingInfo.signcert = (X509Certificate) keyStore.getCertificate(nextElement);
            if (sb2 != null) {
                try {
                    charArray = sb2.toCharArray();
                } catch (Exception e) {
                }
            } else {
                charArray = null;
            }
            signingInfo.SignPvtKey = (PrivateKey) keyStore.getKey(nextElement, charArray);
            if (signingInfo.SignPvtKey != null) {
                Certificate[] certificateChain = keyStore.getCertificateChain(nextElement);
                ArrayList arrayList = new ArrayList();
                for (Certificate certificate : certificateChain) {
                    arrayList.add(certificate);
                }
                signingInfo.cstore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(arrayList), "NDBC");
                break;
            }
            continue;
            signingInfo.signcert = null;
        }
        if (signingInfo.signcert != null) {
            return true;
        }
        CallLogger.Log("ERROR: Trying to send a signed message, but cert was not found");
        return false;
    }

    public byte[] importCert(byte[] bArr, String str, String str2, StringBuilder sb, StringBuilder sb2) {
        return bArr;
    }

    public boolean initialize(String str, StringBuilder sb) {
        return true;
    }

    public boolean isAvailable() {
        return true;
    }

    public boolean isReady() {
        return false;
    }

    public byte[] loadCert(byte[] bArr, String str, String str2) {
        return StoopidHelpers.isNullOrEmpty(str) ? bArr : Build.VERSION.SDK_INT >= 18 ? new PBEAESBC(str).decrypt(bArr) : new PBEAES(str).decrypt(bArr);
    }

    public void saveCert(X509Certificate x509Certificate, String str) {
    }

    public byte[] saveCert(byte[] bArr, String str, StringBuilder sb, StringBuilder sb2) {
        return StoopidHelpers.isNullOrEmpty(str) ? bArr : Build.VERSION.SDK_INT >= 18 ? new PBEAESBC(str).encrypt(bArr) : new PBEAES(str).encrypt(bArr);
    }

    public boolean setPIN(String str, String str2) {
        byte[] blob;
        SMIMEUtils.setValidPIN(null);
        ArrayList<SMIMECerts> certs = SMIMECerts.getCerts();
        if (certs == null || certs.size() <= 0) {
            return true;
        }
        Iterator<SMIMECerts> it = certs.iterator();
        while (it.hasNext()) {
            SMIMECerts next = it.next();
            if (next.StoreType == 0 && (blob = next.getBlob(str2)) != null) {
                next.setBlob(blob, str, new StringBuilder());
                next.save(BaseServiceProvider.getAppDatabase(), null);
            }
        }
        return true;
    }
}
