package net.netca.pki.mkey;

import java.math.BigInteger;
import java.util.ArrayList;
import java.util.List;
import net.netca.pki.CertReq;
import net.netca.pki.Certificate;
import net.netca.pki.Device;
import net.netca.pki.GeneralDevice;
import net.netca.pki.ICertReq;
import net.netca.pki.ICertReqSignHash;
import net.netca.pki.IEnvelopedDataDecryptKey;
import net.netca.pki.IPersistentData;
import net.netca.pki.IPrivateKeyDecrypt;
import net.netca.pki.ISignHash;
import net.netca.pki.IVerifyPwd;
import net.netca.pki.PkiException;
import net.netca.pki.PublicKey;
import net.netca.pki.Signature;
import net.netca.pki.UnsupportedException;
import net.netca.pki.Util;
import net.netca.pki.algorithm.ecc.Curve;
import net.netca.pki.algorithm.ecc.ECCPublicKey;
import net.netca.pki.algorithm.ecc.SM2Cipher;
import net.netca.pki.crypto.android.err.DeviceErrorInfo;
import net.netca.pki.encoding.asn1.ASN1Object;
import net.netca.pki.encoding.asn1.ASN1TypeManager;
import net.netca.pki.encoding.asn1.BitString;
import net.netca.pki.encoding.asn1.Sequence;
import net.netca.pki.encoding.asn1.SequenceType;
import net.netca.pki.encoding.asn1.pki.AlgorithmIdentifier;

/* loaded from: classes3.dex */
public class MKGeneralDevice extends GeneralDevice implements ICertReq, IPersistentData {
    private MKeyDevice m_device;
    private String m_pwd;
    private String m_sn;
    private String m_label = "mkey";
    private IVerifyPwd m_iVerifyPwd = null;
    private int m_type = 67;
    private DeviceErrorInfo m_err = DeviceErrorInfo.getInstance();

    private int GetFileRight(String str, int[] iArr, int[] iArr2) throws PkiException {
        if (str.length() != 8) {
            return 0;
        }
        byte[] HexDecode = Util.HexDecode(str);
        if (HexDecode[0] != 4) {
            return 0;
        }
        if ((HexDecode[1] & 1) == 0) {
            if ((HexDecode[2] & 1) != 0) {
                iArr[0] = 1;
            }
            return 0;
        }
        iArr[0] = 0;
        if ((HexDecode[1] & 2) == 0) {
            if ((HexDecode[2] & 2) != 0) {
                iArr2[0] = 1;
            }
            return 0;
        }
        iArr2[0] = 0;
        return 1;
    }

    private byte[] encodeSM2Keyblob(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[85];
        System.arraycopy("_PUBKEY_".getBytes(), 0, bArr3, 0, 8);
        System.arraycopy(int2bigdian(4), 0, bArr3, 8, 4);
        System.arraycopy(int2bigdian(69), 0, bArr3, 12, 4);
        System.arraycopy(int2bigdian(7), 0, bArr3, 16, 4);
        bArr3[20] = 4;
        System.arraycopy(bArr, 0, bArr3, 21, 32);
        System.arraycopy(bArr2, 0, bArr3, 53, 32);
        return bArr3;
    }

    private byte[] exportCertBlob(String str, int i2) {
        try {
            return this.m_device.exportCertificate(str, i2);
        } catch (MKeyException unused) {
            return null;
        }
    }

    private String findKeypairId(Certificate certificate) throws PkiException {
        PublicKey publicKey = (certificate.getKeyUsage() & 1) != 0 ? certificate.getPublicKey(Certificate.PURPOSE_VERIFY_OLD_DATA) : certificate.getPublicKey(1);
        if (publicKey == null) {
            throw new PkiException("get publice key from certificate fail.");
        }
        byte[] export = publicKey.export();
        try {
            int keyPairCount = this.m_device.getKeyPairCount();
            for (int i2 = 0; i2 < keyPairCount; i2++) {
                NetcaKeyPairInfo keyPairInfo = this.m_device.getKeyPairInfo(i2);
                String keyPairID = keyPairInfo.getKeyPairID();
                int type = keyPairInfo.getType();
                keyPairInfo.free();
                byte[] exportPublicKeyArray = this.m_device.exportPublicKeyArray(keyPairID, type);
                byte[] bArr = new byte[32];
                byte[] bArr2 = new byte[32];
                System.arraycopy(exportPublicKeyArray, 0, bArr, 0, 32);
                System.arraycopy(exportPublicKeyArray, 32, bArr2, 0, 32);
                if (isEqualByteArray(export, encodeSM2Keyblob(bArr, bArr2))) {
                    return keyPairID;
                }
            }
            throw new PkiException("not find KeyPair.");
        } catch (MKeyException e2) {
            throw new PkiException(e2.getMessage());
        }
    }

    private int importKeypair(String str, String str2, NetcaSM2EnvelopedKeyBlob netcaSM2EnvelopedKeyBlob) {
        try {
            this.m_device.importSM2KeyPair(str, str2, netcaSM2EnvelopedKeyBlob);
            return 1;
        } catch (MKeyException unused) {
            return 0;
        }
    }

    private byte[] int2bigdian(int i2) {
        return new byte[]{(byte) ((i2 >> 24) & 255), (byte) ((i2 >> 16) & 255), (byte) ((i2 >> 8) & 255), (byte) (i2 & 255)};
    }

    private final boolean isEqualByteArray(byte[] bArr, byte[] bArr2) {
        if (bArr.length != bArr2.length) {
            return false;
        }
        for (int i2 = 0; i2 < bArr.length; i2++) {
            if (bArr[i2] != bArr2[i2]) {
                return false;
            }
        }
        return true;
    }

    private final boolean isEqualCertificate(Certificate certificate, Certificate certificate2) {
        if (certificate == null || certificate2 == null) {
            return false;
        }
        return isEqualByteArray(certificate.derEncode(), certificate2.derEncode());
    }

    private NetcaSM2EnvelopedKeyBlob parseEncKeypair(byte[] bArr) throws PkiException {
        Sequence sequence = (Sequence) ASN1Object.decode(bArr, (SequenceType) ASN1TypeManager.getInstance().get("SM2EnvelopedKey"));
        if (!AlgorithmIdentifier.decode(sequence.get(0).encode()).getOid().equals("1.2.156.10197.1.104")) {
            throw new PkiException("only support sm4 enveloped keypair.");
        }
        SM2Cipher parse = SM2Cipher.parse(Curve.getSM2Curve(), sequence.get(1).encode());
        byte[] encode = parse.getC1().encode();
        byte[] c2 = parse.getC2();
        byte[] c3 = parse.getC3();
        byte[] bArr2 = new byte[((encode.length + c2.length) + c3.length) - 1];
        System.arraycopy(encode, 1, bArr2, 0, encode.length - 1);
        System.arraycopy(c3, 0, bArr2, encode.length - 1, c3.length);
        System.arraycopy(c2, 0, bArr2, (encode.length + c3.length) - 1, c2.length);
        byte[] encode2 = ECCPublicKey.Parse(Curve.getSM2Curve(), ((BitString) sequence.get(2)).getValue()).encode();
        byte[] bArr3 = new byte[32];
        byte[] bArr4 = new byte[32];
        if (encode2.length == 65) {
            System.arraycopy(encode2, 1, bArr3, 0, 32);
            System.arraycopy(encode2, 33, bArr4, 0, 32);
        } else {
            if (encode2.length != 64) {
                throw new PkiException("encKeypair error. publlic key length error.");
            }
            System.arraycopy(encode2, 0, bArr3, 0, 32);
            System.arraycopy(encode2, 32, bArr4, 0, 32);
        }
        byte[] value = ((BitString) sequence.get(3)).getValue();
        NetcaSM2EnvelopedKeyBlob netcaSM2EnvelopedKeyBlob = new NetcaSM2EnvelopedKeyBlob();
        try {
            netcaSM2EnvelopedKeyBlob.setVersion(1);
            netcaSM2EnvelopedKeyBlob.setEncAlgo(MKeyCipher.ALGO_SM4_ECB);
            netcaSM2EnvelopedKeyBlob.setEncryptedSessionKey(bArr2);
            netcaSM2EnvelopedKeyBlob.setEncryptedPrivateKey(value);
            NetcaSM2PublicKey netcaSM2PublicKey = new NetcaSM2PublicKey();
            netcaSM2PublicKey.setX(bArr3);
            netcaSM2PublicKey.setY(bArr4);
            netcaSM2EnvelopedKeyBlob.setNetcaSM2PublicKey(netcaSM2PublicKey);
            return netcaSM2EnvelopedKeyBlob;
        } catch (MKeyException e2) {
            throw new PkiException(e2.getMessage());
        }
    }

    public static void unsignedBigIntegerEncode(int i2, BigInteger bigInteger, byte[] bArr, int i3) {
        int i4 = (i2 + 7) / 8;
        byte[] byteArray = bigInteger.toByteArray();
        if (byteArray.length > i4) {
            System.arraycopy(byteArray, byteArray.length - i4, bArr, i3, i4);
            return;
        }
        for (int i5 = 0; i5 < i4 - byteArray.length; i5++) {
            bArr[i3 + i5] = 0;
        }
        System.arraycopy(byteArray, 0, bArr, (i3 + i4) - byteArray.length, byteArray.length);
    }

    private boolean verifyUserPwd() throws PkiException {
        IVerifyPwd iVerifyPwd = this.m_iVerifyPwd;
        if (iVerifyPwd == null) {
            return false;
        }
        return verifyPwd(1, iVerifyPwd.getPwd());
    }

    public byte[] DecryptKey(int i2, byte[] bArr, int i3, byte[] bArr2, StringBuffer stringBuffer) throws PkiException {
        String str;
        Certificate certificate;
        IVerifyPwd iVerifyPwd = this.m_iVerifyPwd;
        if (iVerifyPwd != null) {
            str = iVerifyPwd.getPwd();
        } else {
            str = this.m_pwd;
            if (str == null) {
                throw new PkiException("not verify pin.");
            }
        }
        try {
            int keyPairCount = this.m_device.getKeyPairCount();
            for (int i4 = 0; i4 < keyPairCount; i4++) {
                NetcaKeyPairInfo keyPairInfo = this.m_device.getKeyPairInfo(i4);
                String keyPairID = keyPairInfo.getKeyPairID();
                int type = keyPairInfo.getType();
                keyPairInfo.free();
                try {
                    certificate = new Certificate(this.m_device.exportCertificate(keyPairID, type));
                } catch (Exception e2) {
                    e2.printStackTrace();
                }
                if (certificate.match(i2, bArr)) {
                    byte[] sm2Decrypt = this.m_device.sm2Decrypt(str, keyPairID, type, bArr2);
                    stringBuffer.append(certificate.pemEncode());
                    certificate.free();
                    return sm2Decrypt;
                }
                certificate.free();
            }
            throw new PkiException("not find KeyPair.");
        } catch (MKeyException e3) {
            throw new PkiException(e3.getMessage());
        }
    }

    public byte[] SignHash(Certificate certificate, int i2, byte[] bArr) throws PkiException {
        String str;
        Certificate certificate2;
        if (!certificate.isInValidity()) {
            throw new PkiException("cert not in validity");
        }
        if (i2 != 25) {
            throw new PkiException("algorithm error");
        }
        IVerifyPwd iVerifyPwd = this.m_iVerifyPwd;
        if (iVerifyPwd != null) {
            str = iVerifyPwd.getPwd();
        } else {
            str = this.m_pwd;
            if (str == null) {
                throw new PkiException("not verify pin.");
            }
        }
        try {
            int keyPairCount = this.m_device.getKeyPairCount();
            for (int i3 = 0; i3 < keyPairCount; i3++) {
                NetcaKeyPairInfo keyPairInfo = this.m_device.getKeyPairInfo(i3);
                String keyPairID = keyPairInfo.getKeyPairID();
                int type = keyPairInfo.getType();
                keyPairInfo.free();
                try {
                    certificate2 = new Certificate(this.m_device.exportCertificate(keyPairID, type));
                } catch (Exception unused) {
                }
                if (isEqualCertificate(certificate2, certificate)) {
                    certificate2.free();
                    return this.m_device.sm2Sign(str, keyPairID, type, bArr);
                }
                certificate2.free();
            }
            throw new PkiException("not find KeyPair.");
        } catch (MKeyException e2) {
            throw new PkiException(e2.getMessage());
        }
    }

    public byte[] SignHash2(String str, int i2, byte[] bArr) throws PkiException {
        String str2;
        if (i2 != 25) {
            throw new PkiException("algorithm error");
        }
        IVerifyPwd iVerifyPwd = this.m_iVerifyPwd;
        if (iVerifyPwd != null) {
            str2 = iVerifyPwd.getPwd();
        } else {
            str2 = this.m_pwd;
            if (str2 == null) {
                throw new PkiException("not verify pin.");
            }
        }
        try {
            int keyPairCount = this.m_device.getKeyPairCount();
            for (int i3 = 0; i3 < keyPairCount; i3++) {
                NetcaKeyPairInfo keyPairInfo = this.m_device.getKeyPairInfo(i3);
                String keyPairID = keyPairInfo.getKeyPairID();
                int type = keyPairInfo.getType();
                keyPairInfo.free();
                if (type == 2) {
                    if (str.equals(keyPairID + "#S")) {
                        return this.m_device.sm2Sign(str2, keyPairID, type, bArr);
                    }
                }
                if (type == 1) {
                    if (str.equals(keyPairID + "#E")) {
                        return this.m_device.sm2Sign(str2, keyPairID, type, bArr);
                    }
                }
            }
            throw new PkiException("not find KeyPair.");
        } catch (MKeyException e2) {
            throw new PkiException(e2.getMessage());
        }
    }

    @Override // net.netca.pki.GeneralDevice
    public boolean changePwd(int i2, String str, String str2) throws PkiException {
        if (i2 != 1) {
            throw new UnsupportedException("unsupported type");
        }
        try {
            this.m_device.changePIN(str, str2);
            this.m_pwd = str2;
            return true;
        } catch (MKeyException e2) {
            this.m_pwd = null;
            if (16777227 == e2.getCode()) {
                return false;
            }
            throw new PkiException(e2.getMessage());
        }
    }

    public void clearDevice() throws PkiException {
        try {
            this.m_device.clearDevice();
        } catch (MKeyException e2) {
            throw new PkiException(e2.getMessage());
        }
    }

    @Override // net.netca.pki.IPersistentData
    public void createData(int i2, String str, int i3) throws PkiException {
        String str2;
        IVerifyPwd iVerifyPwd = this.m_iVerifyPwd;
        if (iVerifyPwd != null) {
            str2 = iVerifyPwd.getPwd();
        } else {
            str2 = this.m_pwd;
            if (str2 == null) {
                throw new PkiException("not verify pin.");
            }
        }
        String str3 = str2;
        int[] iArr = new int[1];
        int[] iArr2 = new int[1];
        if (GetFileRight(str, iArr, iArr2) != 1) {
            throw new PkiException("mode error");
        }
        try {
            this.m_device.createFile(str3, "" + i2, i3, iArr[0], iArr2[0]);
        } catch (MKeyException e2) {
            throw new PkiException(e2.getMessage());
        }
    }

    public byte[] createEncryptedSoPin(PublicKey publicKey, String str) throws PkiException {
        byte[] bArr = new byte[32];
        byte[] bArr2 = new byte[32];
        if (!publicKey.isSM2()) {
            throw new PkiException("must be a sm2 publickey.");
        }
        unsignedBigIntegerEncode(256, publicKey.getX(), bArr, 0);
        unsignedBigIntegerEncode(256, publicKey.getY(), bArr2, 0);
        try {
            NetcaSM2PublicKey netcaSM2PublicKey = new NetcaSM2PublicKey();
            netcaSM2PublicKey.setX(bArr);
            netcaSM2PublicKey.setY(bArr2);
            byte[] createEncryptedSoPin = this.m_device.createEncryptedSoPin(str, netcaSM2PublicKey);
            byte[] bArr3 = new byte[createEncryptedSoPin.length + 1];
            bArr3[0] = 4;
            System.arraycopy(createEncryptedSoPin, 0, bArr3, 1, 64);
            System.arraycopy(createEncryptedSoPin, 96, bArr3, 65, createEncryptedSoPin.length - 96);
            System.arraycopy(createEncryptedSoPin, 64, bArr3, createEncryptedSoPin.length - 31, 32);
            return bArr3;
        } catch (MKeyException e2) {
            throw new PkiException(e2.getMessage());
        }
    }

    @Override // net.netca.pki.ICertReq
    public void deleteCert(Certificate certificate) throws PkiException {
        String str;
        Certificate certificate2;
        IVerifyPwd iVerifyPwd = this.m_iVerifyPwd;
        if (iVerifyPwd != null) {
            str = iVerifyPwd.getPwd();
        } else {
            str = this.m_pwd;
            if (str == null) {
                throw new PkiException("not verify pin.");
            }
        }
        try {
            int keyPairCount = this.m_device.getKeyPairCount();
            for (int i2 = 0; i2 < keyPairCount; i2++) {
                NetcaKeyPairInfo keyPairInfo = this.m_device.getKeyPairInfo(i2);
                String keyPairID = keyPairInfo.getKeyPairID();
                int type = keyPairInfo.getType();
                keyPairInfo.free();
                try {
                    certificate2 = new Certificate(this.m_device.exportCertificate(keyPairID, type));
                } catch (Exception e2) {
                    e2.printStackTrace();
                }
                if (isEqualCertificate(certificate2, certificate)) {
                    certificate2.free();
                    this.m_device.deleteCertificate(str, keyPairID, type);
                    return;
                }
                certificate2.free();
            }
            throw new PkiException("not find KeyPair.");
        } catch (MKeyException e3) {
            throw new PkiException(e3.getMessage());
        }
    }

    @Override // net.netca.pki.IPersistentData
    public void deleteData(int i2) throws PkiException {
        String str;
        IVerifyPwd iVerifyPwd = this.m_iVerifyPwd;
        if (iVerifyPwd != null) {
            str = iVerifyPwd.getPwd();
        } else {
            str = this.m_pwd;
            if (str == null) {
                throw new PkiException("not verify pin.");
            }
        }
        try {
            this.m_device.deleteFile(str, "" + i2);
        } catch (MKeyException e2) {
            throw new PkiException(e2.getMessage());
        }
    }

    @Override // net.netca.pki.ICertReq
    public void deleteKeyPair(String str) throws PkiException {
        String str2;
        IVerifyPwd iVerifyPwd = this.m_iVerifyPwd;
        if (iVerifyPwd != null) {
            str2 = iVerifyPwd.getPwd();
        } else {
            str2 = this.m_pwd;
            if (str2 == null) {
                throw new PkiException("not verify pin.");
            }
        }
        try {
            int keyPairCount = this.m_device.getKeyPairCount();
            for (int i2 = 0; i2 < keyPairCount; i2++) {
                NetcaKeyPairInfo keyPairInfo = this.m_device.getKeyPairInfo(i2);
                String keyPairID = keyPairInfo.getKeyPairID();
                int type = keyPairInfo.getType();
                keyPairInfo.free();
                if (type == 2) {
                    if (str.equals(keyPairID + "#S")) {
                        this.m_device.deleteKeyPair(str2, keyPairID, type);
                        return;
                    }
                }
                if (type == 1) {
                    if (str.equals(keyPairID + "#E")) {
                        this.m_device.deleteKeyPair(str2, keyPairID, type);
                        return;
                    }
                }
            }
            throw new PkiException("not find KeyPair.");
        } catch (MKeyException e2) {
            throw new PkiException(e2.getMessage());
        }
    }

    @Override // net.netca.pki.Freeable
    public void free() {
    }

    @Override // net.netca.pki.ICertReq
    public String generateKeyPair(int i2) throws PkiException {
        if (i2 != 4) {
            throw new PkiException("KeyPair type error.");
        }
        try {
            String HexEncode = Util.HexEncode(true, Device.getPseudoDevice().generateRandom(16));
            this.m_device.genSM2KeyPair(this.m_iVerifyPwd.getPwd(), HexEncode).free();
            return HexEncode + "#S";
        } catch (MKeyException e2) {
            throw new PkiException(e2.getMessage());
        }
    }

    @Override // net.netca.pki.ICertReq
    public byte[] generatePKCS10CertReq(String str, String str2, int i2, Object obj) throws PkiException {
        CertReq certReq = new CertReq();
        certReq.setSubject(str);
        MKCertReqSignHash mKCertReqSignHash = new MKCertReqSignHash(this, str2);
        byte[] publicKeyBlob = getPublicKeyBlob(str2);
        Device pseudoDevice = Device.getPseudoDevice();
        PublicKey importPublicKey = pseudoDevice.importPublicKey(publicKeyBlob);
        byte[] encode = importPublicKey.encode();
        importPublicKey.free();
        pseudoDevice.free();
        byte[] sign = certReq.sign(mKCertReqSignHash, encode, i2);
        certReq.free();
        return sign;
    }

    public String getAppId() throws PkiException {
        try {
            return this.m_device.getAppId();
        } catch (MKeyException e2) {
            throw new PkiException(e2.getMessage());
        }
    }

    @Override // net.netca.pki.ICertReq
    public ICertReqSignHash getCertReqSignHashObject(String str) throws PkiException {
        return new MKCertReqSignHash(this, str);
    }

    @Override // net.netca.pki.GeneralDevice
    public List<Certificate> getCerts(String str) throws PkiException {
        ArrayList arrayList = new ArrayList();
        try {
            int keyPairCount = this.m_device.getKeyPairCount();
            for (int i2 = 0; i2 < keyPairCount; i2++) {
                NetcaKeyPairInfo keyPairInfo = this.m_device.getKeyPairInfo(i2);
                String keyPairID = keyPairInfo.getKeyPairID();
                int type = keyPairInfo.getType();
                keyPairInfo.free();
                if (type == 2) {
                    if (str.equals(keyPairID + "#S")) {
                        arrayList.add(new Certificate(this.m_device.exportCertificate(keyPairID, type)));
                        return arrayList;
                    }
                } else {
                    if (str.equals(keyPairID + "#E")) {
                        arrayList.add(new Certificate(this.m_device.exportCertificate(keyPairID, type)));
                        return arrayList;
                    }
                }
            }
            throw new PkiException("not find KeyPair.");
        } catch (MKeyException e2) {
            if (16777265 == e2.getCode()) {
                return new ArrayList();
            }
            throw new PkiException(e2.getMessage());
        }
    }

    @Override // net.netca.pki.IPersistentData
    public int getDataLength(int i2) throws PkiException {
        try {
            return this.m_device.getFileInfo("" + i2).getLength();
        } catch (MKeyException e2) {
            throw new PkiException(e2.getMessage());
        }
    }

    public int getDeviceInfo() throws PkiException {
        try {
            MKeyModule.getInstance();
            MKeyDevice mKeyDevice = MKeyDevice.getInstance();
            this.m_device = mKeyDevice;
            NetcaDeviceInfo deviceInfo = mKeyDevice.getDeviceInfo();
            String str = deviceInfo.getStatus() + "";
            if (deviceInfo.getStatus() == 5 || deviceInfo.getStatus() == 1 || deviceInfo.getStatus() == 9) {
                throw new PkiException("device's status not init.");
            }
            this.m_sn = deviceInfo.getSn();
            deviceInfo.free();
            return 1;
        } catch (MKeyException e2) {
            if (e2.getCode() == 16777225) {
                return 0;
            }
            throw new PkiException(e2.getMessage());
        }
    }

    @Override // net.netca.pki.GeneralDevice
    public IEnvelopedDataDecryptKey getEnvelopedDataDecryptKeyObject() throws PkiException {
        return new MKEnvelopedDataDecryptKey(this);
    }

    @Override // net.netca.pki.GeneralDevice
    public String getId() throws PkiException {
        return "67#" + this.m_sn;
    }

    @Override // net.netca.pki.GeneralDevice
    public int getKeyPairBits(String str) throws PkiException {
        try {
            int keyPairCount = this.m_device.getKeyPairCount();
            for (int i2 = 0; i2 < keyPairCount; i2++) {
                NetcaKeyPairInfo keyPairInfo = this.m_device.getKeyPairInfo(i2);
                String keyPairID = keyPairInfo.getKeyPairID();
                int type = keyPairInfo.getType();
                keyPairInfo.free();
                if (type == 2) {
                    if (str.equals(keyPairID + "#S")) {
                        return 256;
                    }
                } else {
                    if (str.equals(keyPairID + "#E")) {
                        return 256;
                    }
                }
            }
            throw new PkiException("not find KeyPair.");
        } catch (MKeyException e2) {
            throw new PkiException(e2.getMessage());
        }
    }

    @Override // net.netca.pki.GeneralDevice
    public String getKeyPairName(Certificate certificate) throws PkiException {
        try {
            int keyPairCount = this.m_device.getKeyPairCount();
            for (int i2 = 0; i2 < keyPairCount; i2++) {
                NetcaKeyPairInfo keyPairInfo = this.m_device.getKeyPairInfo(i2);
                String keyPairID = keyPairInfo.getKeyPairID();
                int type = keyPairInfo.getType();
                keyPairInfo.free();
                byte[] exportCertBlob = exportCertBlob(keyPairID, type);
                if (exportCertBlob != null) {
                    Certificate certificate2 = new Certificate(exportCertBlob);
                    if (isEqualCertificate(certificate2, certificate)) {
                        certificate2.free();
                        if (type == 2) {
                            return keyPairID + "#S";
                        }
                        return keyPairID + "#E";
                    }
                    certificate2.free();
                }
            }
            throw new PkiException("not find KeyPair.");
        } catch (MKeyException e2) {
            throw new PkiException(e2.getMessage());
        }
    }

    @Override // net.netca.pki.GeneralDevice
    public List<String> getKeyPairNames() throws PkiException {
        ArrayList arrayList = new ArrayList();
        try {
            int keyPairCount = this.m_device.getKeyPairCount();
            for (int i2 = 0; i2 < keyPairCount; i2++) {
                NetcaKeyPairInfo keyPairInfo = this.m_device.getKeyPairInfo(i2);
                String keyPairID = keyPairInfo.getKeyPairID();
                if (keyPairInfo.getType() == 2) {
                    arrayList.add(keyPairID + "#S");
                } else {
                    arrayList.add(keyPairID + "#E");
                }
                keyPairInfo.free();
            }
            return arrayList;
        } catch (MKeyException e2) {
            throw new PkiException(e2.getMessage());
        }
    }

    @Override // net.netca.pki.GeneralDevice
    public int getKeyPairType(String str) throws PkiException {
        try {
            int keyPairCount = this.m_device.getKeyPairCount();
            for (int i2 = 0; i2 < keyPairCount; i2++) {
                NetcaKeyPairInfo keyPairInfo = this.m_device.getKeyPairInfo(i2);
                String keyPairID = keyPairInfo.getKeyPairID();
                int type = keyPairInfo.getType();
                keyPairInfo.free();
                if (type == 2) {
                    if (str.equals(keyPairID + "#S")) {
                        return 4;
                    }
                } else {
                    if (str.equals(keyPairID + "#E")) {
                        return 4;
                    }
                }
            }
            throw new PkiException("not find KeyPair.");
        } catch (MKeyException e2) {
            throw new PkiException(e2.getMessage());
        }
    }

    @Override // net.netca.pki.GeneralDevice
    public IPrivateKeyDecrypt getPrivateKeyDecryptObject(String str) throws PkiException {
        return new MKPrivateKeyDecrypt(this, str);
    }

    public byte[] getPublicKeyBlob(String str) throws PkiException {
        try {
            int keyPairCount = this.m_device.getKeyPairCount();
            for (int i2 = 0; i2 < keyPairCount; i2++) {
                NetcaKeyPairInfo keyPairInfo = this.m_device.getKeyPairInfo(i2);
                String keyPairID = keyPairInfo.getKeyPairID();
                int type = keyPairInfo.getType();
                keyPairInfo.free();
                if (type == 2) {
                    if (str.equals(keyPairID + "#S")) {
                        byte[] exportPublicKeyArray = this.m_device.exportPublicKeyArray(keyPairID, type);
                        byte[] bArr = new byte[32];
                        byte[] bArr2 = new byte[32];
                        System.arraycopy(exportPublicKeyArray, 0, bArr, 0, 32);
                        System.arraycopy(exportPublicKeyArray, 32, bArr2, 0, 32);
                        return encodeSM2Keyblob(bArr, bArr2);
                    }
                }
                if (type == 1) {
                    if (str.equals(keyPairID + "#E")) {
                        byte[] exportPublicKeyArray2 = this.m_device.exportPublicKeyArray(keyPairID, type);
                        byte[] bArr3 = new byte[32];
                        byte[] bArr22 = new byte[32];
                        System.arraycopy(exportPublicKeyArray2, 0, bArr3, 0, 32);
                        System.arraycopy(exportPublicKeyArray2, 32, bArr22, 0, 32);
                        return encodeSM2Keyblob(bArr3, bArr22);
                    }
                }
            }
            throw new PkiException("not find KeyPair.");
        } catch (MKeyException e2) {
            throw new PkiException(e2.getMessage());
        }
    }

    @Override // net.netca.pki.GeneralDevice
    public int getPwdRetryNumber(int i2) throws PkiException {
        if (i2 != 1) {
            throw new UnsupportedException("unsupported type");
        }
        try {
            return this.m_device.getPINRetryCount();
        } catch (MKeyException e2) {
            throw new PkiException(e2.getMessage());
        }
    }

    @Override // net.netca.pki.GeneralDevice
    public ISignHash getSignHashObject() throws PkiException {
        return new MKSignHash(this);
    }

    @Override // net.netca.pki.GeneralDevice
    public Signature getSignatureObjectForSign(Certificate certificate, int i2, Object obj) throws PkiException {
        return new Signature(getSignHashObject(), certificate, i2, obj);
    }

    @Override // net.netca.pki.GeneralDevice
    public String getTypeName() throws PkiException {
        return this.m_label;
    }

    @Override // net.netca.pki.ICertReq
    public void installCert(Certificate certificate) throws PkiException {
        String str;
        IVerifyPwd iVerifyPwd = this.m_iVerifyPwd;
        if (iVerifyPwd != null) {
            str = iVerifyPwd.getPwd();
        } else {
            str = this.m_pwd;
            if (str == null) {
                throw new PkiException("not verify pin.");
            }
        }
        PublicKey publicKey = (certificate.getKeyUsage() & 1) != 0 ? certificate.getPublicKey(Certificate.PURPOSE_VERIFY_OLD_DATA) : certificate.getPublicKey(1);
        if (publicKey == null) {
            throw new PkiException("get publice key from certificate fail.");
        }
        byte[] export = publicKey.export();
        try {
            int keyPairCount = this.m_device.getKeyPairCount();
            for (int i2 = 0; i2 < keyPairCount; i2++) {
                NetcaKeyPairInfo keyPairInfo = this.m_device.getKeyPairInfo(i2);
                String keyPairID = keyPairInfo.getKeyPairID();
                int type = keyPairInfo.getType();
                keyPairInfo.free();
                byte[] exportPublicKeyArray = this.m_device.exportPublicKeyArray(keyPairID, type);
                byte[] bArr = new byte[32];
                byte[] bArr2 = new byte[32];
                System.arraycopy(exportPublicKeyArray, 0, bArr, 0, 32);
                System.arraycopy(exportPublicKeyArray, 32, bArr2, 0, 32);
                if (isEqualByteArray(export, encodeSM2Keyblob(bArr, bArr2))) {
                    this.m_device.importCertificate(str, keyPairID, type, certificate.derEncode());
                    return;
                }
            }
            throw new PkiException("not find KeyPair.");
        } catch (MKeyException e2) {
            throw new PkiException(e2.getMessage());
        }
    }

    @Override // net.netca.pki.ICertReq
    public void installCert(Certificate certificate, Certificate certificate2, int i2, byte[] bArr) throws PkiException {
        String str;
        if (i2 != 5) {
            throw new PkiException("only support enckeypair type GBT_35276 ");
        }
        IVerifyPwd iVerifyPwd = this.m_iVerifyPwd;
        if (iVerifyPwd != null) {
            str = iVerifyPwd.getPwd();
        } else {
            str = this.m_pwd;
            if (str == null) {
                throw new PkiException("not verify pin.");
            }
        }
        NetcaSM2EnvelopedKeyBlob parseEncKeypair = parseEncKeypair(bArr);
        String findKeypairId = findKeypairId(certificate2);
        try {
            this.m_device.importSM2KeyPair(str, findKeypairId, parseEncKeypair);
            this.m_device.importCertificate(str, findKeypairId, 2, certificate2.derEncode());
            this.m_device.importCertificate(str, findKeypairId, 1, certificate.derEncode());
        } catch (MKeyException e2) {
            throw new PkiException(e2.getMessage());
        }
    }

    @Override // net.netca.pki.ICertReq
    public void installEncCert(byte[] bArr, int i2, byte[] bArr2) throws PkiException {
        String str;
        if (i2 != 5) {
            throw new PkiException("only support enckeypair type GBT_35276 ");
        }
        IVerifyPwd iVerifyPwd = this.m_iVerifyPwd;
        if (iVerifyPwd != null) {
            str = iVerifyPwd.getPwd();
        } else {
            str = this.m_pwd;
            if (str == null) {
                throw new PkiException("not verify pin.");
            }
        }
        NetcaSM2EnvelopedKeyBlob parseEncKeypair = parseEncKeypair(bArr2);
        try {
            int keyPairCount = this.m_device.getKeyPairCount();
            for (int i3 = 0; i3 < keyPairCount; i3++) {
                NetcaKeyPairInfo keyPairInfo = this.m_device.getKeyPairInfo(i3);
                String keyPairID = keyPairInfo.getKeyPairID();
                keyPairInfo.free();
                if (importKeypair(str, keyPairID, parseEncKeypair) == 1) {
                    this.m_device.importCertificate(str, keyPairID, 1, bArr);
                    return;
                }
            }
            throw new PkiException("import keypair fail.");
        } catch (MKeyException e2) {
            throw new PkiException(e2.getMessage());
        }
    }

    public byte[] privateKeyDecrypt(String str, byte[] bArr) throws PkiException {
        String str2;
        IVerifyPwd iVerifyPwd = this.m_iVerifyPwd;
        if (iVerifyPwd != null) {
            str2 = iVerifyPwd.getPwd();
        } else {
            str2 = this.m_pwd;
            if (str2 == null) {
                throw new PkiException("not verify pin.");
            }
        }
        try {
            int keyPairCount = this.m_device.getKeyPairCount();
            for (int i2 = 0; i2 < keyPairCount; i2++) {
                NetcaKeyPairInfo keyPairInfo = this.m_device.getKeyPairInfo(i2);
                String keyPairID = keyPairInfo.getKeyPairID();
                int type = keyPairInfo.getType();
                keyPairInfo.free();
                if (type == 2) {
                    if (str.equals(keyPairID + "#S")) {
                        return this.m_device.sm2Decrypt(str2, keyPairID, type, bArr);
                    }
                } else {
                    if (str.equals(keyPairID + "#E")) {
                        return this.m_device.sm2Decrypt(str2, keyPairID, type, bArr);
                    }
                }
            }
            throw new PkiException("not find KeyPair.");
        } catch (MKeyException e2) {
            throw new PkiException(e2.getMessage());
        }
    }

    @Override // net.netca.pki.IPersistentData
    public int readData(int i2, int i3, byte[] bArr, int i4, int i5) throws PkiException {
        String str;
        try {
            String str2 = "" + i2;
            if (this.m_device.getFileInfo(str2).getReadRight() != 1) {
                byte[] readFile = this.m_device.readFile("12345678", str2, i3, i5);
                System.arraycopy(readFile, 0, bArr, i4, readFile.length);
                return readFile.length;
            }
            IVerifyPwd iVerifyPwd = this.m_iVerifyPwd;
            if (iVerifyPwd != null) {
                str = iVerifyPwd.getPwd();
            } else {
                str = this.m_pwd;
                if (str == null) {
                    throw new PkiException("not verify pin.");
                }
            }
            byte[] readFile2 = this.m_device.readFile(str, str2, i3, i5);
            System.arraycopy(readFile2, 0, bArr, i4, readFile2.length);
            return readFile2.length;
        } catch (MKeyException e2) {
            throw new PkiException(e2.getMessage());
        }
    }

    public void resetUserPin(byte[] bArr, String str) throws PkiException {
        try {
            this.m_device.resetUserPin(bArr, str);
        } catch (MKeyException e2) {
            throw new PkiException(e2.getMessage());
        }
    }

    public void setErrorInfo(String str) {
        this.m_err.setErrorMsg(this.m_type, str);
    }

    @Override // net.netca.pki.GeneralDevice
    public void setTypeName(String str) throws PkiException {
        this.m_label = str;
    }

    @Override // net.netca.pki.GeneralDevice
    public void setVerifyPwdUIObject(IVerifyPwd iVerifyPwd) throws PkiException {
        this.m_iVerifyPwd = iVerifyPwd;
    }

    @Override // net.netca.pki.GeneralDevice
    public boolean unlockPwd(int i2, String str, String str2) throws PkiException {
        throw new UnsupportedException("unsupported");
    }

    @Override // net.netca.pki.GeneralDevice
    public boolean verifyPwd(int i2, String str) throws PkiException {
        if (i2 != 1) {
            throw new UnsupportedException("unsupported type");
        }
        try {
            this.m_device.verifyPIN(str);
            this.m_pwd = str;
            return true;
        } catch (MKeyException e2) {
            this.m_pwd = null;
            if (16777227 == e2.getCode()) {
                return false;
            }
            throw new PkiException(e2.getMessage());
        }
    }

    @Override // net.netca.pki.IPersistentData
    public void writeData(int i2, int i3, byte[] bArr) throws PkiException {
        String str;
        try {
            String str2 = "" + i2;
            if (this.m_device.getFileInfo(str2).getWriteRight() != 1) {
                this.m_device.writeFile("12345678", str2, i3, bArr);
                return;
            }
            IVerifyPwd iVerifyPwd = this.m_iVerifyPwd;
            if (iVerifyPwd != null) {
                str = iVerifyPwd.getPwd();
            } else {
                str = this.m_pwd;
                if (str == null) {
                    throw new PkiException("not verify pin.");
                }
            }
            this.m_device.writeFile(str, str2, i3, bArr);
        } catch (MKeyException e2) {
            throw new PkiException(e2.getMessage());
        }
    }
}
