package com.koalii.cert;

import com.koalii.crypto.RSAUtil;
import com.koalii.crypto.SignUtil;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;

/* loaded from: classes2.dex */
public class PfxStore extends SecretStore {
    public PfxStore() {
    }

    public PfxStore(String str, String str2) throws SecretStoreException {
        setCertAndKey(str, str2);
    }

    public PfxStore(PrivateKey privateKey, X509Certificate x509Certificate) throws SecretStoreException {
        this.privKey = privateKey;
        this.signCert = x509Certificate;
    }

    @Override // com.koalii.cert.SecretStore
    public byte[] decryptData(byte[] bArr) throws SecretStoreException {
        if (bArr == null) {
            throw new IllegalArgumentException();
        }
        try {
            return RSAUtil.privKeyDecrypt(this.privKey, bArr);
        } catch (Exception e) {
            throw new SecretStoreException(e);
        }
    }

    @Override // com.koalii.cert.SecretStore
    public byte[] encryptData(byte[] bArr) throws SecretStoreException {
        if (bArr == null) {
            throw new IllegalArgumentException();
        }
        try {
            return RSAUtil.privKeyEncrypt(this.privKey, bArr);
        } catch (Exception e) {
            throw new SecretStoreException(e);
        }
    }

    @Override // com.koalii.cert.SecretStore
    public String getAlgorithm() {
        return this.privKey != null ? this.privKey.getAlgorithm() : "";
    }

    protected boolean isMatched() {
        if (this.signCert != null && this.privKey != null) {
            byte[] bytes = new String("123456").getBytes();
            try {
                return SignUtil.verify(bytes, SignUtil.sign(bytes, this.privKey), this.signCert.getPublicKey());
            } catch (Exception unused) {
            }
        }
        return false;
    }

    public void setCertAndKey(String str, String str2) throws SecretStoreException {
        if (str2 == null || str2.length() <= 0) {
            throw new SecretStoreException("Password cannot be empty");
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load(new FileInputStream(str), str2.toCharArray());
            String nextElement = keyStore.aliases().nextElement();
            if (!keyStore.isKeyEntry(nextElement)) {
                throw new SecretStoreException("No key is found in pfx file");
            }
            try {
                this.privKey = (PrivateKey) keyStore.getKey(nextElement, str2.toCharArray());
                this.signCert = (X509Certificate) keyStore.getCertificate(nextElement);
            } catch (Exception e) {
                throw new SecretStoreException(e);
            }
        } catch (Exception e2) {
            throw new SecretStoreException("load pfx file " + str + " - " + e2);
        }
    }

    @Override // com.koalii.cert.SecretStore
    public byte[] signData(byte[] bArr) throws SecretStoreException {
        try {
            return SignUtil.sha1WithRsaSign(bArr, this.privKey);
        } catch (Exception e) {
            throw new SecretStoreException(e);
        }
    }

    public void toPfxFile(String str, String str2) throws SecretStoreException {
        try {
            Certificate[] certificateArr = {this.signCert};
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load(null, null);
            keyStore.setKeyEntry("koalii", this.privKey, str2.toCharArray(), certificateArr);
            FileOutputStream fileOutputStream = new FileOutputStream(str);
            keyStore.store(fileOutputStream, str2.toCharArray());
            fileOutputStream.close();
        } catch (Exception e) {
            throw new SecretStoreException("Save cert and key to pfx file - " + e);
        }
    }
}
