package pl.unizeto.android.mobilesign.acr32.sign;

import android.content.Context;
import iaik.pkcs.pkcs11.TokenException;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.util.Collection;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import pl.unizeto.android.cryptoapi.keystore.FileAndPkcs11KeyStoreSpi;
import pl.unizeto.android.cryptoapi.pkcs11.CertificateEntry;
import pl.unizeto.android.cryptoapi.provider.ProviderManager;
import pl.unizeto.android.mobilesign.acr32.R;

/* loaded from: classes.dex */
public class CertificateManager {
    private static CertificateManager INSTANCE;
    private static final Logger log = LoggerFactory.getLogger(CertificateManager.class.getSimpleName());
    private FileAndPkcs11KeyStoreSpi pkcs11;
    private ProviderManager providerManager;

    private CertificateManager() {
    }

    public static synchronized CertificateManager getInstance(Context context) {
        CertificateManager certificateManager;
        synchronized (CertificateManager.class) {
            if (INSTANCE == null) {
                INSTANCE = new CertificateManager();
                INSTANCE.initializeProviderManager(context);
            }
            certificateManager = INSTANCE;
        }
        return certificateManager;
    }

    public void deinitialize() {
        deinitializeKeyStore();
        deinitializeProviderManager();
    }

    protected void deinitializeKeyStore() {
        if (this.pkcs11 != null) {
            log.debug("Deinicjalizacja modułu pkcs11 i plikowego magazynu kluczy");
            this.pkcs11.logout();
            this.pkcs11 = null;
        }
    }

    protected void deinitializeProviderManager() {
        if (this.providerManager != null) {
            log.debug("Deicjalizacja providerów");
            this.providerManager.cleanupProviders();
            this.providerManager = null;
        }
    }

    public Collection<CertificateEntry> getCertificates(String str) throws CertificateException, TokenException, IOException, NoSuchAlgorithmException {
        deinitializeKeyStore();
        initializeKeyStore(str);
        return this.pkcs11.getCertificates();
    }

    public PrivateKey getPrivateKey(CertificateEntry certificateEntry, char[] cArr) throws Exception {
        return this.pkcs11.getPrivateKey(certificateEntry, cArr);
    }

    protected void initializeKeyStore(String str) throws NoSuchAlgorithmException, CertificateException, IOException {
        log.debug("Inicjalizacja modułu pkcs11 i plikowego magazynu kluczy");
        String[] strArr = {"libcrypto3PKCS-2.0.0.39-ACR.so", "libcryptoCertum3PKCS-2.0.0.43-ACR.so"};
        String[] strArr2 = new String[0];
        if (StringUtils.isNotBlank(str)) {
            strArr2 = new String[]{str};
        }
        this.pkcs11 = new FileAndPkcs11KeyStoreSpi(strArr2, strArr);
        this.pkcs11.engineLoad(null, null);
    }

    protected void initializeProviderManager(Context context) {
        if (this.providerManager != null) {
            log.debug("Providery już zostały zainicjalizowane");
            return;
        }
        log.debug("Inicjalizacja providerów");
        try {
            this.providerManager = ProviderManager.getInstance();
            this.providerManager.setupProviders();
        } catch (Exception e) {
            throw new RuntimeException(context.getString(R.string.SignException_ErrorWhileCryptographicModuleInitialization, e.getMessage()), e);
        }
    }
}
