package com.echoworx.edt.internal.credential;

import com.echoworx.edt.common.pki.EDTCertificate;
import com.echoworx.edt.common.pki.EDTKeyPair;
import com.echoworx.edt.common.pki.EDTX509Certificate;
import com.echoworx.edt.common.pki.PKCS12Container;
import com.echoworx.edt.common.pki.PKCS7Container;
import com.echoworx.edt.common.registry.CryptographyFacade;
import com.echoworx.edt.common.registry.HandlerRegistry;
import com.echoworx.edt.common.registry.HandlerType;
import com.echoworx.edt.common.registry.LoggingFacade;
import com.echoworx.edt.common.registry.PKIFacade;
import com.echoworx.edt.credential.domain.Password;
import com.echoworx.edt.internal.configuration.fileparsers.ParserConstants;
import com.echoworx.edt.internal.util.Base64;
import com.echoworx.edt.internal.util.PKIUtils;
import java.util.Vector;

/* loaded from: classes.dex */
public class CSRRequestDataModel {
    protected static final String CIPHER_KEY_ALIAS = "cipher";
    protected static final String SIGNING_KEY_ALIAS = "signing";
    protected PKCS7Container cipherCredential;
    protected EDTKeyPair cipherKeys;
    protected CredentialPackageDataModel credentialsDataModel;
    protected Password fPassword;
    protected String fSecureId;
    private EDTX509Certificate fTemplateCertificate;
    private EDTKeyPair fTemplateCertificateKeys;
    protected PKCS7Container signCredential;
    protected EDTKeyPair signingKeys;
    protected LoggingFacade logger = ((LoggingFacade) HandlerRegistry.getHandler(HandlerType.LOG_FACADE)).getLogger(KeyDrawModel.class);
    protected CryptographyFacade crypto_helper = (CryptographyFacade) HandlerRegistry.getHandler(HandlerType.CRYPTOGRAPHY_FACADE);
    protected PKIFacade pki_helper = (PKIFacade) HandlerRegistry.getHandler(HandlerType.PKI_FACADE);
    protected Vector keyAuthorityGroups = new Vector();

    public CSRRequestDataModel(String str, Password password) {
        this.fSecureId = str;
        this.fPassword = password;
    }

    public void addKeyAuthorityGroup(KeyAuthorityGroup keyAuthorityGroup) {
        this.keyAuthorityGroups.add(keyAuthorityGroup);
    }

    public ProtectedCredentialsPackage buildCredentialPackage() {
        PKCS12Container loadPKCS12Container;
        int i = 0;
        PKCS12Container loadPKCS12Container2 = this.pki_helper.loadPKCS12Container(null, this.fPassword);
        if (this.credentialsDataModel != null) {
            this.credentialsDataModel.setSigningKeyContainer(loadPKCS12Container2);
            loadPKCS12Container = this.credentialsDataModel.getCipherKeyContainer();
        } else {
            loadPKCS12Container = this.pki_helper.loadPKCS12Container(null, new Password(""));
            this.credentialsDataModel = new CredentialPackageDataModel(this.fSecureId, this.fPassword, loadPKCS12Container2, loadPKCS12Container);
        }
        loadPKCS12Container2.setKeyEntry(SIGNING_KEY_ALIAS, this.signingKeys, getSignCredential().getCertificateChain(), null);
        EDTX509Certificate[] certificateChain = getSignCredential().getCertificateChain();
        EDTX509Certificate[] eDTX509CertificateArr = new EDTX509Certificate[certificateChain.length + 1];
        eDTX509CertificateArr[0] = getTemplateCertificate();
        for (int i2 = 0; i2 < certificateChain.length; i2++) {
            eDTX509CertificateArr[i2 + 1] = certificateChain[i2];
        }
        loadPKCS12Container2.setKeyEntry(PKIUtils.KEY_SERVICE_TEMPORARY_CERTIFICATE_NAME, getTemplateCertificateKeys(), eDTX509CertificateArr, null);
        EDTCertificate[] allCertificatesWithPrivateKey = loadPKCS12Container.getAllCertificatesWithPrivateKey();
        if (allCertificatesWithPrivateKey != null && allCertificatesWithPrivateKey.length != 0) {
            i = allCertificatesWithPrivateKey.length;
        }
        loadPKCS12Container.setKeyEntry("cipher." + i, this.cipherKeys, getCipherCredential().getCertificateChain(), null);
        return this.credentialsDataModel.generateProtectedCredentials(getSignCredential().getLeafCertificate());
    }

    public String buildKeyEscrowsList(byte[] bArr) {
        String str = "";
        for (int i = 0; i < this.keyAuthorityGroups.size(); i++) {
            KeyAuthorityGroup keyAuthorityGroup = (KeyAuthorityGroup) this.keyAuthorityGroups.elementAt(i);
            byte[][] splitKey = new ShareSecret().splitKey(bArr, keyAuthorityGroup.getKeyAuthorities().size(), keyAuthorityGroup.getKeyAuthorityMinimum().intValue());
            this.logger.debug("Got key parts: " + splitKey.length);
            String str2 = str;
            for (int i2 = 0; i2 < keyAuthorityGroup.getKeyAuthorities().size(); i2++) {
                KeyAuthorityEntry keyAuthorityEntry = (KeyAuthorityEntry) keyAuthorityGroup.getKeyAuthorities().elementAt(i2);
                str2 = str2 + "<KeyAuthority authRef=\"" + keyAuthorityEntry.getEntryId() + "\">" + Base64.encode(this.pki_helper.encryptPKCS7(splitKey[i], new EDTX509Certificate[]{keyAuthorityEntry.getCertificate()})) + "</KeyAuthority>";
            }
            str = str2 + ParserConstants.LINE_BREAK;
        }
        return str;
    }

    public PKCS7Container getCipherCredential() {
        return this.cipherCredential;
    }

    public EDTKeyPair getCipherKeys() {
        return this.cipherKeys;
    }

    public CredentialPackageDataModel getCredentialsDataModel() {
        return this.credentialsDataModel;
    }

    public Vector getKeyAuthorityGroups() {
        return this.keyAuthorityGroups;
    }

    public Password getPassword() {
        return this.fPassword;
    }

    public String getSecureId() {
        return this.fSecureId;
    }

    public PKCS7Container getSignCredential() {
        return this.signCredential;
    }

    public EDTKeyPair getSigningKeys() {
        return this.signingKeys;
    }

    public EDTX509Certificate getTemplateCertificate() {
        if (this.fTemplateCertificate == null) {
            PKCS12Container loadPKCS12Container = this.pki_helper.loadPKCS12Container(null, this.fPassword);
            loadPKCS12Container.setKeyEntry(SIGNING_KEY_ALIAS, this.signingKeys, getSignCredential().getCertificateChain(), null);
            this.fTemplateCertificate = this.pki_helper.generateSHA1SignedCertificate("CN=EWKeyService TemplateCertificate , O=Echoworx", getSignCredential().getLeafCertificate().getSubjectDN(), getTemplateCertificateKeys(), loadPKCS12Container.getKeyRelatedToCertificate(getSignCredential().getLeafCertificate(), null));
        }
        return this.fTemplateCertificate;
    }

    protected EDTKeyPair getTemplateCertificateKeys() {
        if (this.fTemplateCertificateKeys == null) {
            this.fTemplateCertificateKeys = this.pki_helper.generateRSAKeyPair(2048);
        }
        return this.fTemplateCertificateKeys;
    }

    public void setCipherCredential(PKCS7Container pKCS7Container) {
        this.cipherCredential = pKCS7Container;
    }

    public void setCipherKeys(EDTKeyPair eDTKeyPair) {
        this.cipherKeys = eDTKeyPair;
    }

    public void setCredentialsDataModel(CredentialPackageDataModel credentialPackageDataModel) {
        this.credentialsDataModel = credentialPackageDataModel;
    }

    public void setSignCredential(PKCS7Container pKCS7Container) {
        this.signCredential = pKCS7Container;
    }

    public void setSigningKeys(EDTKeyPair eDTKeyPair) {
        this.signingKeys = eDTKeyPair;
    }

    public void setTemplateCertificate(EDTCertificate eDTCertificate) {
        if (eDTCertificate instanceof EDTX509Certificate) {
            this.fTemplateCertificate = (EDTX509Certificate) eDTCertificate;
        }
    }
}
