package cn.signit.pkcs.p12;

import cn.signit.pkcs.p7.V2SignitCertPath;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import org.bouncycastle.asn1.DERBMPString;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils;
import org.bouncycastle.crypto.engines.DESedeEngine;
import org.bouncycastle.crypto.engines.RC2Engine;
import org.bouncycastle.crypto.modes.CBCBlockCipher;
import org.bouncycastle.pkcs.PKCS12PfxPduBuilder;
import org.bouncycastle.pkcs.PKCS12SafeBag;
import org.bouncycastle.pkcs.bc.BcPKCS12MacCalculatorBuilder;
import org.bouncycastle.pkcs.bc.BcPKCS12PBEOutputEncryptorBuilder;
import org.bouncycastle.pkcs.jcajce.JcaPKCS12SafeBagBuilder;

/* loaded from: classes.dex */
public class PKCS12Maker {
    private Certificate[] certificateChain;
    private byte[] pfxOutBytes;
    private OutputStream pfxOutStream;
    private String pfxPassword;
    private PrivateKey privateKey;
    private String userKeyEntryName;

    public PKCS12Maker(PrivateKey privateKey, String str, String str2, Certificate[] certificateArr) {
        try {
            this.privateKey = privateKey;
            this.userKeyEntryName = str == null ? RandomMaker.get16FixedStr() : str;
            this.pfxPassword = str2;
            this.certificateChain = certificateArr;
            make();
        } catch (Exception e) {
            throw new ExceptionInInitializerError("初始化参数失败");
        }
    }

    public PKCS12Maker(PrivateKey privateKey, String str, String str2, Certificate[] certificateArr, OutputStream outputStream) {
        try {
            this.privateKey = privateKey;
            this.userKeyEntryName = str == null ? RandomMaker.get16FixedStr() : str;
            this.pfxPassword = str2;
            this.certificateChain = certificateArr;
            this.pfxOutStream = outputStream;
            make();
            FileHandler.writeBytes2Stream(this.pfxOutBytes, outputStream);
        } catch (Exception e) {
            throw new ExceptionInInitializerError("初始化参数失败");
        }
    }

    private String extractNameFromCert(X509Certificate x509Certificate) {
        int indexOf;
        for (String str : x509Certificate.getSubjectDN().getName().trim().toString().split(",")) {
            String trim = str.toUpperCase().trim();
            if (trim.indexOf("CN") == 0 && (indexOf = trim.indexOf("=") + 1) > 1) {
                return trim.substring(indexOf).trim();
            }
        }
        return RandomMaker.get16FixedStr();
    }

    private PKCS12Maker make() throws Exception {
        JcaX509ExtensionUtils jcaX509ExtensionUtils = new JcaX509ExtensionUtils();
        V2SignitCertPath v2SignitCertPath = V2SignitCertPath.getInstance(Arrays.asList(this.certificateChain));
        ArrayList arrayList = new ArrayList();
        PKCS12SafeBag[] pKCS12SafeBagArr = new PKCS12SafeBag[this.certificateChain.length];
        PKCS12PfxPduBuilder pKCS12PfxPduBuilder = new PKCS12PfxPduBuilder();
        if (v2SignitCertPath.getRootCert() != null) {
            JcaPKCS12SafeBagBuilder jcaPKCS12SafeBagBuilder = new JcaPKCS12SafeBagBuilder(v2SignitCertPath.getRootCert());
            jcaPKCS12SafeBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString(extractNameFromCert(v2SignitCertPath.getRootCert()) + "'s Primary Certificate"));
            arrayList.add(jcaPKCS12SafeBagBuilder.build());
        }
        if (v2SignitCertPath.getCACert().size() > 0) {
            for (X509Certificate x509Certificate : v2SignitCertPath.getCACert()) {
                JcaPKCS12SafeBagBuilder jcaPKCS12SafeBagBuilder2 = new JcaPKCS12SafeBagBuilder(x509Certificate);
                jcaPKCS12SafeBagBuilder2.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString(extractNameFromCert(x509Certificate) + "'s Intermediate Certificate"));
                arrayList.add(jcaPKCS12SafeBagBuilder2.build());
            }
        }
        if (v2SignitCertPath.getEntityCert() != null) {
            SubjectKeyIdentifier createSubjectKeyIdentifier = jcaX509ExtensionUtils.createSubjectKeyIdentifier(v2SignitCertPath.getEntityCert().getPublicKey());
            JcaPKCS12SafeBagBuilder jcaPKCS12SafeBagBuilder3 = new JcaPKCS12SafeBagBuilder(v2SignitCertPath.getEntityCert());
            jcaPKCS12SafeBagBuilder3.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString(this.userKeyEntryName + "'s Key"));
            jcaPKCS12SafeBagBuilder3.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId, createSubjectKeyIdentifier);
            JcaPKCS12SafeBagBuilder jcaPKCS12SafeBagBuilder4 = new JcaPKCS12SafeBagBuilder(this.privateKey, new BcPKCS12PBEOutputEncryptorBuilder(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, new CBCBlockCipher(new DESedeEngine())).build(this.pfxPassword.toCharArray()));
            jcaPKCS12SafeBagBuilder4.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString(this.userKeyEntryName + "'s Key"));
            jcaPKCS12SafeBagBuilder4.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId, createSubjectKeyIdentifier);
            arrayList.add(jcaPKCS12SafeBagBuilder3.build());
            pKCS12PfxPduBuilder.addData(jcaPKCS12SafeBagBuilder4.build());
        }
        arrayList.toArray(pKCS12SafeBagArr);
        pKCS12PfxPduBuilder.addEncryptedData(new BcPKCS12PBEOutputEncryptorBuilder(PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC2_CBC, new CBCBlockCipher(new RC2Engine())).build(this.pfxPassword.toCharArray()), pKCS12SafeBagArr);
        this.pfxOutBytes = pKCS12PfxPduBuilder.build(new BcPKCS12MacCalculatorBuilder(), this.pfxPassword.toCharArray()).getEncoded("DL");
        return this;
    }

    public Certificate[] getCertificateChain() {
        return this.certificateChain;
    }

    public byte[] getPfxOutBytes() {
        return this.pfxOutBytes;
    }

    public OutputStream getPfxOutStream() {
        return this.pfxOutStream;
    }

    public String getPfxPassword() {
        return this.pfxPassword;
    }

    public PrivateKey getPrivateKey() {
        return this.privateKey;
    }

    public String getUserKeyEntryName() {
        return this.userKeyEntryName;
    }

    public InputStream openInputStream() {
        return FileHandler.readBytes2Stream(this.pfxOutBytes);
    }

    public void setCertificateChain(Certificate[] certificateArr) {
        this.certificateChain = certificateArr;
    }

    public void setPfxOutBytes(byte[] bArr) {
        this.pfxOutBytes = bArr;
    }

    public void setPfxOutStream(OutputStream outputStream) {
        this.pfxOutStream = outputStream;
    }

    public void setPfxPassword(String str) {
        this.pfxPassword = str;
    }

    public void setPrivateKey(PrivateKey privateKey) {
        this.privateKey = privateKey;
    }

    public void setUserKeyEntryName(String str) {
        this.userKeyEntryName = str;
    }
}
