package com.comodo.mdm.certmanager;

import android.util.Base64;
import com.comodo.mdm.BuildConfig;
import com.comodo.mdm.Logger;
import com.samsung.android.knox.accounts.HostAuth;
import com.samsung.android.knox.keystore.CertificateProvisioning;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import org.spongycastle.jce.provider.BouncyCastleProvider;

/* loaded from: classes.dex */
public class CertsTransformer {
    private static Provider provider;

    static {
        BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider();
        provider = bouncyCastleProvider;
        Security.addProvider(bouncyCastleProvider);
    }

    private Certificate[] getCertificatesChain(byte[] bArr) throws CertificateException {
        Certificate[] certificateArr = new Certificate[2];
        for (Certificate certificate : CertificateFactory.getInstance("X.509").generateCertificates(new ByteArrayInputStream(bArr))) {
            if (certificate instanceof X509Certificate) {
                if (((X509Certificate) certificate).getBasicConstraints() < 0) {
                    certificateArr[0] = certificate;
                } else {
                    certificateArr[1] = certificate;
                }
            }
        }
        return certificateArr;
    }

    public byte[] convertP7toP12(String str, String str2) {
        try {
            PrivateKey generatePrivate = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.decode(new String(Base64.decode(str, 2)), 2)));
            Certificate[] certificateArr = new Certificate[2];
            for (Certificate certificate : CertificateFactory.getInstance("X.509").generateCertificates(new ByteArrayInputStream(Base64.decode(str2, 2)))) {
                if (certificate instanceof X509Certificate) {
                    if (((X509Certificate) certificate).getBasicConstraints() < 0) {
                        certificateArr[0] = certificate;
                    } else {
                        certificateArr[1] = certificate;
                    }
                }
            }
            KeyStore keyStore = KeyStore.getInstance(CertificateProvisioning.TYPE_PKCS12, "BC");
            keyStore.load(null, null);
            keyStore.setKeyEntry(BuildConfig.FLAVOR_customer, generatePrivate, "".toCharArray(), certificateArr);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            keyStore.store(byteArrayOutputStream, HostAuth.PASSWORD.toCharArray());
            byteArrayOutputStream.flush();
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e) {
            Logger.INSTANCE.e("Error : " + e.getMessage());
            return new byte[0];
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] getCertificateBytes(byte[] bArr) throws CertificateException {
        return getCertificatesChain(bArr)[0].getEncoded();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] getIntermidiateCertificateBytes(byte[] bArr) throws CertificateException {
        return getCertificatesChain(bArr)[1].getEncoded();
    }
}
