package com.nitrodesk.crypto;

import android.database.sqlite.SQLiteDatabase;
import com.certgate.android.security.SmartCardProvider;
import com.echoworx.edt.internal.configuration.fileparsers.ParserConstants;
import com.nitrodesk.crypto.ew.impl.BouncyCastlePKIFacade;
import com.nitrodesk.data.appobjects.SMIMECerts;
import com.nitrodesk.nitroid.Constants;
import com.nitrodesk.nitroid.MainApp;
import com.nitrodesk.nitroid.helpers.CallLogger;
import com.nitrodesk.nitroid.helpers.MyTrustManagerFactory;
import com.nitrodesk.nitroid.helpers.StoopidHelpers;
import com.nitrodesk.servicemanager.BaseServiceProvider;
import java.io.IOException;
import java.security.AuthProvider;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.Security;
import java.security.cert.CertStore;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.Enumeration;
import java.util.Iterator;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import org.ndbouncycastle.cms.CMSSignedDataGenerator;
import org.ndbouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: classes.dex */
public class CertgateStorageProvider extends BaseCertStorageProvider {
    String mProviderName = null;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class CertgateCallbackHandler implements CallbackHandler {
        private CertgateCallbackHandler() {
        }

        /* synthetic */ CertgateCallbackHandler(CertgateStorageProvider certgateStorageProvider, CertgateCallbackHandler certgateCallbackHandler) {
            this();
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            for (int i = 0; i < callbackArr.length; i++) {
                if (!(callbackArr[i] instanceof PasswordCallback)) {
                    throw new UnsupportedCallbackException(callbackArr[i], "Unrecognized Callback");
                }
                PasswordCallback passwordCallback = (PasswordCallback) callbackArr[i];
                String pin = SMIMEUtils.getPIN();
                if (pin != null) {
                    passwordCallback.setPassword(pin.toCharArray());
                }
            }
        }
    }

    protected void doLogin() throws LoginException {
        ((AuthProvider) Security.getProvider("CERTGATE")).login(null, new CertgateCallbackHandler(this, null));
    }

    @Override // com.nitrodesk.crypto.BaseCertStorageProvider
    public boolean fetchAndSaveCerts(String str, StringBuilder sb) {
        try {
            doLogin();
            KeyStore keyStore = KeyStore.getInstance(BouncyCastlePKIFacade.ALGORITHM_RSA, this.mProviderName);
            keyStore.load(null, str.toCharArray());
            Enumeration<String> aliases = keyStore.aliases();
            int i = 0;
            SMIMECerts sMIMECerts = new SMIMECerts();
            SQLiteDatabase appDatabase = BaseServiceProvider.getAppDatabase();
            sMIMECerts.deleteWhere(appDatabase, "StoreType=?", new String[]{"100"}, null);
            while (aliases.hasMoreElements()) {
                i++;
                try {
                    String nextElement = aliases.nextElement();
                    X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(nextElement);
                    sMIMECerts = new SMIMECerts();
                    try {
                        sMIMECerts.CertificateBlob = new byte[1];
                        sMIMECerts.CertificateBlob[0] = (byte) i;
                        sMIMECerts.CertificatePurpose = MyTrustManagerFactory.getPurpose(x509Certificate);
                        sMIMECerts.CertKey = null;
                        String certificateFriendlyName = SMIMEUtils.getCertificateFriendlyName(x509Certificate);
                        if (StoopidHelpers.isNullOrEmpty(sMIMECerts.CertName)) {
                            sMIMECerts.CertName = "Slot " + i;
                            if (certificateFriendlyName != null) {
                                sMIMECerts.CertName = String.valueOf(sMIMECerts.CertName) + " (" + certificateFriendlyName + ")";
                            }
                        }
                        sMIMECerts.IsActive = true;
                        sMIMECerts.IsActiveForEncryption = sMIMECerts.CertificatePurpose.contains(Constants.CERT_PURPOSE_ENC);
                        sMIMECerts.IsActiveForSigning = sMIMECerts.CertificatePurpose.contains(Constants.CERT_PURPOSE_SIGN);
                        sMIMECerts.OriginalPath = null;
                        sMIMECerts.StoreParams = nextElement;
                        sMIMECerts.StoreType = 100;
                        sMIMECerts.UploadedAt = new Date();
                        sMIMECerts.ValidFrom = x509Certificate.getNotBefore();
                        sMIMECerts.ValidTo = x509Certificate.getNotAfter();
                        sMIMECerts.save(appDatabase, null);
                    } catch (Exception e) {
                        e = e;
                        sb.append("Exception :" + e.getMessage());
                        CallLogger.Log("Exception creating certificate store", e);
                        return false;
                    }
                } catch (Exception e2) {
                    e = e2;
                }
            }
            return true;
        } catch (Exception e3) {
            sb.append("Exception :" + e3.getMessage());
            return false;
        }
    }

    @Override // com.nitrodesk.crypto.BaseCertStorageProvider
    protected boolean getEncryptionCertInfo(SMIMECerts sMIMECerts, SigningInfo signingInfo) throws KeyStoreException {
        try {
            doLogin();
            KeyStore keyStore = KeyStore.getInstance(BouncyCastlePKIFacade.ALGORITHM_RSA, this.mProviderName);
            keyStore.load(null, SMIMEUtils.getPIN().toCharArray());
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                try {
                    String nextElement = aliases.nextElement();
                    if (nextElement.equals(sMIMECerts.StoreParams)) {
                        signingInfo.EncPvtKey = (PrivateKey) keyStore.getKey(nextElement, null);
                        signingInfo.enccert = (X509Certificate) keyStore.getCertificate(nextElement);
                    }
                } catch (Exception e) {
                    CallLogger.Log("Exception creating certificate store", e);
                    return false;
                }
            }
            if (signingInfo.enccert == null) {
                CallLogger.Log("ERROR: Trying to send encrypted message, but cert was not found");
                return false;
            }
            signingInfo.encryptionOID = "RSA/ECB/PKCS1Padding";
            return true;
        } catch (Exception e2) {
            CallLogger.Log("Exception loading cert store from certgate", e2);
            return false;
        }
    }

    @Override // com.nitrodesk.crypto.BaseCertStorageProvider
    public String getEncryptionProvider() {
        return this.mProviderName;
    }

    @Override // com.nitrodesk.crypto.BaseCertStorageProvider
    public KeyStore getKeyStore(SMIMECerts sMIMECerts, String str) {
        try {
            doLogin();
            KeyStore keyStore = KeyStore.getInstance(BouncyCastlePKIFacade.ALGORITHM_RSA, this.mProviderName);
            keyStore.load(null, null);
            return keyStore;
        } catch (Exception e) {
            return null;
        }
    }

    @Override // com.nitrodesk.crypto.BaseCertStorageProvider
    protected boolean getSigningCertInfo(SMIMECerts sMIMECerts, SigningInfo signingInfo) throws KeyStoreException {
        try {
            if (this.mProviderName != null) {
                signingInfo.signingProvider = this.mProviderName;
            }
            doLogin();
            KeyStore keyStore = KeyStore.getInstance(BouncyCastlePKIFacade.ALGORITHM_RSA, this.mProviderName);
            keyStore.load(null, SMIMEUtils.getPIN().toCharArray());
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                try {
                    String nextElement = aliases.nextElement();
                    if (nextElement.equals(sMIMECerts.StoreParams)) {
                        signingInfo.SignPvtKey = (PrivateKey) keyStore.getKey(nextElement, null);
                        signingInfo.signcert = (X509Certificate) keyStore.getCertificate(nextElement);
                        ArrayList arrayList = new ArrayList();
                        arrayList.add(signingInfo.signcert);
                        signingInfo.cstore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(arrayList), "NDBC");
                    }
                } catch (Exception e) {
                    CallLogger.Log("Exception creating certificate store", e);
                    return false;
                }
            }
            if (signingInfo.signcert == null) {
                CallLogger.Log("ERROR: Trying to send a signed message, but cert was not found");
                return false;
            }
            signingInfo.encryptionOID = CMSSignedDataGenerator.ENCRYPTION_RSA;
            return true;
        } catch (Exception e2) {
            CallLogger.Log("Exception loading cert store from certgate", e2);
            return false;
        }
    }

    @Override // com.nitrodesk.crypto.BaseCertStorageProvider
    public boolean initialize(String str, StringBuilder sb) {
        try {
            AuthProvider authProvider = (AuthProvider) Security.getProvider("CERTGATE");
            doLogin();
            CallLogger.Log("Provider Name: " + authProvider.getName() + ParserConstants.LINE_BREAK);
            CallLogger.Log("Provider Version: " + authProvider.getVersion() + ParserConstants.LINE_BREAK);
            CallLogger.Log("Provider Info: " + authProvider.getInfo() + ParserConstants.LINE_BREAK);
            CallLogger.Log("Provider Services: \n");
            Iterator<Provider.Service> it = authProvider.getServices().iterator();
            while (it.hasNext()) {
                CallLogger.Log(String.valueOf(it.next().toString()) + ParserConstants.LINE_BREAK);
            }
            KeyStore keyStore = KeyStore.getInstance(BouncyCastlePKIFacade.ALGORITHM_RSA, this.mProviderName);
            keyStore.load(null, str.toCharArray());
            return keyStore.aliases().hasMoreElements();
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    @Override // com.nitrodesk.crypto.BaseCertStorageProvider
    public boolean isAvailable() {
        try {
            if (MainApp.Instance.getPackageManager().getPackageInfo(Constants.CERTGATE_PACKAGE_PREFIX, 64) != null) {
                SMIMEUtils.ListProviders();
                try {
                    Security.removeProvider(this.mProviderName);
                } catch (Exception e) {
                }
                SmartCardProvider smartCardProvider = new SmartCardProvider(MainApp.Instance);
                this.mProviderName = smartCardProvider.getName();
                Security.addProvider(smartCardProvider);
                BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider();
                try {
                    Security.removeProvider("NDBC");
                    Security.insertProviderAt(bouncyCastleProvider, 1);
                    CallLogger.Log("Added bouncy castle provider, position 1");
                } catch (Exception e2) {
                    CallLogger.Log("Failed");
                    CallLogger.Log("Adding ND bouncy castle provider, position " + Security.addProvider(new BouncyCastleProvider()));
                }
                SMIMEUtils.ListProviders();
                return true;
            }
        } catch (Exception e3) {
        }
        return false;
    }
}
