package ksign.jce.provider.pkcs;

import com.ksign.KCaseLogging;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.cert.Certificate;
import ksign.jce.provider.keystore.PKCS12KeyStore;

/* loaded from: classes2.dex */
public class PKCS12 {
    private KeyAndCerts kc = null;

    /* loaded from: classes2.dex */
    class KeyAndCerts {
        Certificate cert = null;
        Certificate[] certs;
        PrivateKey key;

        KeyAndCerts(InputStream inputStream, char[] cArr) {
            this.key = null;
            this.certs = null;
            try {
                PKCS12KeyStore pKCS12KeyStore = new PKCS12KeyStore();
                pKCS12KeyStore.engineLoad(inputStream, cArr);
                inputStream.close();
                this.key = pKCS12KeyStore.getPrivateKeyForKsign();
                this.certs = pKCS12KeyStore.getCertificatesChainForKsign();
            } catch (Exception e) {
                KCaseLogging.println("(KSign) PKCS12's keyAndCerts Error : " + e.toString());
            }
        }

        Certificate getCert() {
            Certificate certificate = this.cert;
            if (certificate != null) {
                return certificate;
            }
            try {
                Signature signature = Signature.getInstance(this.key.getAlgorithm(), "Ksign");
                signature.initSign(this.key);
                byte[] sign = signature.sign();
                for (int i = 0; i < this.certs.length; i = i + 1 + 1) {
                    try {
                        Signature.getInstance(this.key.getAlgorithm(), "Ksign").initVerify(this.certs[i]);
                    } catch (Exception unused) {
                    }
                    if (signature.verify(sign)) {
                        this.cert = this.certs[i];
                        break;
                    }
                    continue;
                }
                Certificate certificate2 = this.cert;
                if (certificate2 != null) {
                    return certificate2;
                }
                throw new Exception("(KSign) PKCS12's Nothing");
            } catch (Exception unused2) {
                return null;
            }
        }

        Certificate[] getCertChain() {
            return this.certs;
        }

        PrivateKey getKey() {
            return this.key;
        }
    }

    public PKCS12(InputStream inputStream, char[] cArr) {
        new KeyAndCerts(inputStream, cArr);
    }

    public static void storePKCS12(String str, Certificate[] certificateArr, PrivateKey privateKey, char[] cArr, OutputStream outputStream) throws Exception {
        try {
            PKCS12KeyStore pKCS12KeyStore = new PKCS12KeyStore();
            pKCS12KeyStore.engineLoad(null, null);
            pKCS12KeyStore.engineSetKeyEntry(str, privateKey, null, certificateArr);
            pKCS12KeyStore.engineStore(outputStream, cArr);
        } catch (Exception e) {
            KCaseLogging.print(e);
            throw new Exception("(KSign) Don't store PKCS12 : " + e.toString());
        }
    }

    public Certificate getCertificate() {
        return this.kc.getCert();
    }

    public Certificate[] getCertificates() {
        return this.kc.getCertChain();
    }

    public PrivateKey getPrivateKey() {
        return this.kc.getKey();
    }
}
