package com.pedi.iransign.local_token;

import android.content.Context;
import bf.b;
import com.pedi.iransign.local_token.IRSSupported;
import com.pedi.iransign.local_token.coders.Base64Coder;
import com.pedi.iransign.local_token.db.FindParams;
import com.pedi.iransign.local_token.db.IRSKeyInfo;
import com.pedi.iransign.local_token.db.TokenDatabase;
import com.pedi.iransign.local_token.db.binlist.OperationsBinList;
import com.pedi.iransign.local_token.exceptions.IRSErrorException;
import com.pedi.iransign.local_token.exceptions.StatusCode;
import com.pedi.iransign.local_token.key_manager.KeyManager;
import com.pedi.iransign.local_token.models.CreateObjectRequest;
import com.pedi.iransign.local_token.models.EditObjectModel;
import com.pedi.iransign.local_token.models.GenerateKeypairRequest;
import com.pedi.iransign.local_token.models.GenerateKeypairResult;
import com.pedi.iransign.local_token.utils.UtilsKt;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.util.Collections;
import java.util.Date;
import java.util.Hashtable;
import java.util.List;
import kotlin.jvm.internal.l;
import le.c;
import ne.e;
import ne.i;
import oe.a;
import org.bouncycastle.asn1.d1;
import org.bouncycastle.asn1.g1;
import qd.d;
import yb.n;
import zb.o;

/* compiled from: TokenManager.kt */
/* loaded from: classes16.dex */
public final class TokenManager {
    private final Integer authTimeout;
    private final Base64Coder coder;
    private final Context context;

    /* renamed from: db, reason: collision with root package name */
    private final TokenDatabase f14737db;
    private final KeyManager keyManager;

    /* compiled from: TokenManager.kt */
    /* loaded from: classes16.dex */
    public /* synthetic */ class WhenMappings {
        public static final /* synthetic */ int[] $EnumSwitchMapping$0;

        static {
            int[] iArr = new int[IRSSupported.ObjectType.values().length];
            iArr[IRSSupported.ObjectType.RSA_PRV.ordinal()] = 1;
            iArr[IRSSupported.ObjectType.ECC_PRV.ordinal()] = 2;
            iArr[IRSSupported.ObjectType.RSA_PUB.ordinal()] = 3;
            iArr[IRSSupported.ObjectType.ECC_PUB.ordinal()] = 4;
            $EnumSwitchMapping$0 = iArr;
        }
    }

    public TokenManager(Context context, TokenDatabase db2, KeyManager keyManager, Base64Coder coder, Integer num) {
        l.h(context, "context");
        l.h(db2, "db");
        l.h(keyManager, "keyManager");
        l.h(coder, "coder");
        this.context = context;
        this.f14737db = db2;
        this.keyManager = keyManager;
        this.coder = coder;
        this.authTimeout = num;
        a.a.d();
    }

    /* JADX WARN: 'this' call moved to the top of the method (can break code semantics) */
    public TokenManager(TokenConfig tokenConfig) {
        this(tokenConfig.getContext(), tokenConfig.getDb(), tokenConfig.getKeyManager(), tokenConfig.getCoder(), tokenConfig.getAuthTimeout());
        l.h(tokenConfig, "tokenConfig");
    }

    public final IRSKeyInfo createObject(CreateObjectRequest message) {
        List b10;
        l.h(message, "message");
        IRSSupported.ObjectType objType = message.getObjType();
        IRSSupported.ObjectType objectType = IRSSupported.ObjectType.Certificate;
        if (objType != objectType) {
            throw new IRSErrorException(StatusCode.InvalidMessage, "Only ObjectType=Certificate is supported by the token ");
        }
        String id2 = message.getId();
        b10 = o.b(objectType);
        if (!findObjects(new FindParams(null, id2, null, null, null, null, null, null, null, b10, null, null, null, 7677, null)).isEmpty()) {
            throw new IRSErrorException(StatusCode.OperationFailed, "KeyID " + message.getId() + " already exists.");
        }
        message.prepare();
        message.setValue(message.getCertificateContent());
        try {
            this.keyManager.setCertificateEntry(message.getKeyAlias(), UtilsKt.convertToX509Certificate(message.getCertificateContent()));
            IRSKeyInfo keyInfo = message.getKeyInfo();
            keyInfo.setIndex(Long.valueOf(this.f14737db.keyInfoDao().insert(keyInfo)));
            return keyInfo;
        } catch (Exception unused) {
            throw new IRSErrorException(StatusCode.InvalidMessage, "The object is not a certificate");
        }
    }

    public final void decrypt() {
        throw new n("An operation is not implemented: Not yet implemented.");
    }

    public final int deleteObjects(FindParams findParams) {
        l.h(findParams, "findParams");
        List<IRSKeyInfo> findObjects = this.f14737db.keyInfoDao().findObjects(FindParams.getSQLQuery$default(findParams, null, 1, null));
        for (IRSKeyInfo iRSKeyInfo : findObjects) {
            this.f14737db.keyInfoDao().delete(iRSKeyInfo);
            KeyManager keyManager = this.keyManager;
            String keyAlias = iRSKeyInfo.getKeyAlias();
            l.e(keyAlias);
            keyManager.deleteEntry(keyAlias);
        }
        return findObjects.size();
    }

    public final int editObjects(EditObjectModel editObjectModel, FindParams findParams) {
        l.h(editObjectModel, "editObjectModel");
        l.h(findParams, "findParams");
        List<IRSKeyInfo> findObjects = this.f14737db.keyInfoDao().findObjects(FindParams.getSQLQuery$default(findParams, null, 1, null));
        for (IRSKeyInfo iRSKeyInfo : findObjects) {
            if (editObjectModel.getId() != null) {
                iRSKeyInfo.setKeyID(editObjectModel.getId());
            }
            if (editObjectModel.getModifiable() != null) {
                iRSKeyInfo.setModifiable(editObjectModel.getModifiable());
            }
            if (editObjectModel.getApplicationName() != null) {
                iRSKeyInfo.setApplicationName(editObjectModel.getApplicationName());
            }
            if (editObjectModel.getOperations() != null) {
                List<IRSKeyInfo.Operations> operations = editObjectModel.getOperations();
                l.e(operations);
                iRSKeyInfo.setOperations(new OperationsBinList(operations));
            }
            if (editObjectModel.getLabel() != null) {
                iRSKeyInfo.setLabel(editObjectModel.getLabel());
            }
            if (editObjectModel.getExtractable() != null) {
                iRSKeyInfo.setExtractable(editObjectModel.getExtractable());
            }
            if (editObjectModel.getSensitive() != null) {
                iRSKeyInfo.setSensitive(editObjectModel.getSensitive());
            }
        }
        this.f14737db.keyInfoDao().updateObjects(findObjects);
        return findObjects.size();
    }

    public final void encrypt() {
        throw new n("An operation is not implemented: Not yet implemented.");
    }

    public final List<IRSKeyInfo> findObjects(FindParams findParams) {
        l.h(findParams, "findParams");
        return this.f14737db.keyInfoDao().findObjects(FindParams.getSQLQuery$default(findParams, null, 1, null));
    }

    public final GenerateKeypairResult generateKeyPair(GenerateKeypairRequest request) {
        l.h(request, "request");
        request.prepare();
        request.setAuthTimeout(this.authTimeout);
        if (!(!findObjects(new FindParams(null, request.getKeyID(), null, null, null, null, null, null, null, null, null, null, null, 8189, null)).isEmpty())) {
            KeyPair generateKeyPair = request.generateKeyPair(this.context, this.keyManager);
            List<IRSKeyInfo> keyInfos = request.getKeyInfos(generateKeyPair, this.coder);
            this.f14737db.keyInfoDao().insertAll(keyInfos.get(0), keyInfos.get(1));
            return new GenerateKeypairResult(generateKeyPair, keyInfos.get(0), keyInfos.get(1));
        }
        throw new IRSErrorException(StatusCode.OperationFailed, "KeyID " + request.getKeyID() + " already exists.");
    }

    public final byte[] generatePKCS7(byte[] tbs, FindParams findParams) {
        l.h(tbs, "tbs");
        l.h(findParams, "findParams");
        Boolean bool = Boolean.TRUE;
        findParams.set_private(bool);
        IRSKeyInfo findObject = this.f14737db.keyInfoDao().findObject(FindParams.getSQLQuery$default(findParams, null, 1, null));
        if (findObject == null) {
            throw new IRSErrorException(StatusCode.KeyNotFound, null, 2, null);
        }
        KeyManager keyManager = this.keyManager;
        String keyAlias = findObject.getKeyAlias();
        l.e(keyAlias);
        KeyStore.Entry entry = keyManager.getEntry(keyAlias, null);
        l.f(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
        findParams.set_private(Boolean.FALSE);
        findParams.setExtractable(bool);
        IRSKeyInfo findObject2 = this.f14737db.keyInfoDao().findObject(FindParams.getSQLQuery$default(findParams, null, 1, null));
        if (findObject2 == null) {
            throw new IRSErrorException(StatusCode.OperationFailed, null, 2, null);
        }
        KeyManager keyManager2 = this.keyManager;
        String keyAlias2 = findObject2.getKeyAlias();
        l.e(keyAlias2);
        Certificate certificate = keyManager2.getCertificate(keyAlias2);
        c cVar = new c(certificate.getEncoded());
        i iVar = new i();
        a aVar = new a(new b().b());
        Hashtable hashtable = new Hashtable();
        qd.a aVar2 = new qd.a(d.f22340c, new d1(new g1(new Date())));
        hashtable.put(aVar2.g(), aVar2);
        aVar.b(new ne.o(new qd.b(hashtable)));
        iVar.b(aVar.a(new bf.a("SHA256withRSA").b(privateKeyEntry.getPrivateKey()), cVar));
        iVar.a(new me.a(Collections.singletonList(certificate)));
        byte[] encoded = iVar.c(new e(tbs), true).getEncoded();
        l.g(encoded, "signedData.encoded");
        return encoded;
    }

    public final Integer getAuthTimeout() {
        return this.authTimeout;
    }

    public final Base64Coder getCoder() {
        return this.coder;
    }

    public final Context getContext() {
        return this.context;
    }

    public final TokenDatabase getDb() {
        return this.f14737db;
    }

    public final KeyManager getKeyManager() {
        return this.keyManager;
    }

    public final void initialize() {
        for (IRSKeyInfo iRSKeyInfo : this.f14737db.keyInfoDao().getAll()) {
            KeyManager keyManager = this.keyManager;
            String keyAlias = iRSKeyInfo.getKeyAlias();
            l.e(keyAlias);
            keyManager.deleteEntry(keyAlias);
        }
        this.f14737db.keyInfoDao().truncate();
    }

    public final byte[] sign(byte[] data, FindParams findParams, IRSSupported.SignMech signMech) {
        IRSSupported.Algorithm algorithm;
        l.h(data, "data");
        l.h(findParams, "findParams");
        findParams.set_private(Boolean.TRUE);
        IRSKeyInfo findObject = this.f14737db.keyInfoDao().findObject(FindParams.getSQLQuery$default(findParams, null, 1, null));
        if (findObject == null) {
            throw new IRSErrorException(StatusCode.KeyNotFound, null, 2, null);
        }
        KeyManager keyManager = this.keyManager;
        String keyAlias = findObject.getKeyAlias();
        l.e(keyAlias);
        KeyStore.Entry entry = keyManager.getEntry(keyAlias, null);
        l.f(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
        if (signMech == null) {
            IRSSupported.SignMech.Companion companion = IRSSupported.SignMech.Companion;
            IRSSupported.ObjectType objType = findObject.getObjType();
            int i10 = objType == null ? -1 : WhenMappings.$EnumSwitchMapping$0[objType.ordinal()];
            if (i10 == 1) {
                algorithm = IRSSupported.Algorithm.RSA;
            } else {
                if (i10 != 2) {
                    throw new Exception("Invalid ObjectType to sign");
                }
                algorithm = IRSSupported.Algorithm.EC;
            }
            signMech = IRSSupported.SignMech.Companion.getValue$default(companion, algorithm, null, null, 6, null);
        }
        KeyManager keyManager2 = this.keyManager;
        PrivateKey privateKey = privateKeyEntry.getPrivateKey();
        l.g(privateKey, "prvKeyEntry.privateKey");
        return keyManager2.sign(data, privateKey, signMech);
    }

    public final boolean verify(byte[] data, byte[] signature, IRSSupported.SignMech signMech, FindParams findParams) {
        IRSSupported.Algorithm algorithm;
        l.h(data, "data");
        l.h(signature, "signature");
        l.h(findParams, "findParams");
        findParams.set_private(Boolean.FALSE);
        IRSKeyInfo findObject = this.f14737db.keyInfoDao().findObject(FindParams.getSQLQuery$default(findParams, null, 1, null));
        if (findObject == null) {
            throw new IRSErrorException(StatusCode.KeyNotFound, null, 2, null);
        }
        KeyManager keyManager = this.keyManager;
        String keyAlias = findObject.getKeyAlias();
        l.e(keyAlias);
        PublicKey publicKey = keyManager.getCertificate(keyAlias).getPublicKey();
        if (signMech == null) {
            IRSSupported.SignMech.Companion companion = IRSSupported.SignMech.Companion;
            IRSSupported.ObjectType objType = findObject.getObjType();
            int i10 = objType == null ? -1 : WhenMappings.$EnumSwitchMapping$0[objType.ordinal()];
            if (i10 == 3) {
                algorithm = IRSSupported.Algorithm.RSA;
            } else {
                if (i10 != 4) {
                    throw new IRSErrorException(StatusCode.OperationFailed, "Invalid ObjectType for verify");
                }
                algorithm = IRSSupported.Algorithm.EC;
            }
            signMech = IRSSupported.SignMech.Companion.getValue$default(companion, algorithm, null, null, 6, null);
        }
        KeyManager keyManager2 = this.keyManager;
        l.g(publicKey, "publicKey");
        return keyManager2.verify(data, signature, publicKey, signMech);
    }
}
