package com.genexus.cryptography;

import com.genexus.GXutil;
import com.genexus.util.Base64;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertPath;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXParameters;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.Date;
import java.util.Enumeration;

/* loaded from: classes.dex */
public class GXCertificate {
    private static KeyStore trustStore;
    private String _alias;
    private X509Certificate _cert;
    private int _lastError;
    private String _lastErrorDescription;
    private PrivateKey _privateKey;
    private PublicKey _publicKey;

    public GXCertificate() {
    }

    public GXCertificate(String str, String str2) {
        load(str, str2);
    }

    public GXCertificate(String str, String str2, String str3) {
        load(str, str2, str3);
    }

    private void setError(int i) {
        setError(i, "");
    }

    private void setError(int i, String str) {
        this._lastError = i;
        switch (i) {
            case 0:
                this._lastErrorDescription = "";
                break;
            case 1:
                this._lastErrorDescription = Constants.CERT_NOT_LOADED;
                break;
            case 2:
                this._lastErrorDescription = Constants.CERT_NOT_TRUSTED;
                break;
            case 3:
                this._lastErrorDescription = Constants.CERT_NOT_FOUND;
                break;
            case 4:
                this._lastErrorDescription = Constants.CERT_NOT_INITIALIZED;
                break;
            case 5:
                this._lastErrorDescription = Constants.PRIVATEKEY_NOT_PRESENT;
                break;
            case 6:
                this._lastErrorDescription = Constants.CERT_ENCODING_EXCEPTION;
                break;
        }
        if (str.equals("")) {
            return;
        }
        if (this._lastErrorDescription.equals("")) {
            this._lastErrorDescription = str;
        } else {
            this._lastErrorDescription = String.format("%s - %s", this._lastErrorDescription, str);
        }
    }

    private static boolean verifyCertificate(X509Certificate x509Certificate, X509Certificate[] x509CertificateArr) throws GeneralSecurityException {
        x509Certificate.checkValidity();
        for (X509Certificate x509Certificate2 : x509CertificateArr) {
            try {
                x509Certificate.verify(x509Certificate2.getPublicKey());
                return true;
            } catch (GeneralSecurityException e) {
            }
        }
        return false;
    }

    private boolean verifyCertificateFromCaCerts() {
        try {
            FileInputStream fileInputStream = new FileInputStream(System.getProperty("java.home") + "/lib/security/cacerts".replace('/', File.separatorChar));
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(fileInputStream, "changeit".toCharArray());
            Enumeration<String> aliases = keyStore.aliases();
            ArrayList arrayList = new ArrayList();
            while (aliases.hasMoreElements()) {
                arrayList.add((X509Certificate) keyStore.getCertificate(aliases.nextElement()));
            }
            return verifyCertificate(this._cert, (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]));
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    public boolean certLoaded() {
        return this._cert != null;
    }

    public void check() {
        try {
            this._cert.checkValidity();
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            ArrayList arrayList = new ArrayList();
            arrayList.add(this._cert);
            CertPath generateCertPath = certificateFactory.generateCertPath(arrayList);
            PKIXParameters pKIXParameters = new PKIXParameters(getTrustStore());
            pKIXParameters.setRevocationEnabled(false);
        } catch (Exception e) {
        }
    }

    public int fromBase64(String str) {
        try {
            this._cert = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.decode(str)));
        } catch (CertificateException e) {
            setError(1);
            Utils.logError(e);
        }
        return this._lastError;
    }

    public X509Certificate getCertificate() {
        return this._cert;
    }

    public int getErrCode() {
        return this._lastError;
    }

    public String getErrDescription() {
        return this._lastErrorDescription;
    }

    public String getIssuer() {
        return certLoaded() ? this._cert.getIssuerDN().getName() : "";
    }

    public Date getNotAfter() {
        return certLoaded() ? this._cert.getNotAfter() : GXutil.resetTime(GXutil.nullDate());
    }

    public Date getNotBefore() {
        return certLoaded() ? this._cert.getNotBefore() : GXutil.resetTime(GXutil.nullDate());
    }

    public PrivateKey getPrivateKey() {
        return this._privateKey;
    }

    public PublicKey getPublicKey() {
        return this._publicKey;
    }

    public String getSerialNumber() {
        return certLoaded() ? this._cert.getSerialNumber().toString() : "";
    }

    public String getSubject() {
        return certLoaded() ? this._cert.getSubjectDN().getName() : "";
    }

    public String getThumbprint() {
        return "";
    }

    public KeyStore getTrustStore() {
        if (trustStore == null) {
            try {
                FileInputStream fileInputStream = new FileInputStream(System.getProperty("java.home") + "/lib/security/cacerts".replace('/', File.separatorChar));
                KeyStore.getInstance("JKS").load(fileInputStream, "changeit".toCharArray());
                fileInputStream.close();
            } catch (FileNotFoundException e) {
                e.printStackTrace();
            } catch (IOException e2) {
                e2.printStackTrace();
            } catch (KeyStoreException e3) {
                e3.printStackTrace();
            } catch (NoSuchAlgorithmException e4) {
                e4.printStackTrace();
            } catch (CertificateException e5) {
                e5.printStackTrace();
            }
        }
        return trustStore;
    }

    public int getVersion() {
        if (certLoaded()) {
            return this._cert.getVersion();
        }
        return 0;
    }

    public boolean hasPrivateKey() {
        return certLoaded() && this._privateKey != null;
    }

    public int load(String str, String str2) {
        return load(str, str2, str2);
    }

    public int load(String str, String str2, String str3) {
        setError(0);
        try {
            FileInputStream fileInputStream = new FileInputStream(str);
            String lowerCase = str.toLowerCase();
            if (lowerCase.endsWith(".pfx") || lowerCase.endsWith(".jks") || lowerCase.endsWith(".bks")) {
                KeyStore keyStore = lowerCase.endsWith(".pfx") ? KeyStore.getInstance("PKCS12") : lowerCase.endsWith(".bks") ? KeyStore.getInstance("BKS") : KeyStore.getInstance("JKS");
                keyStore.load(fileInputStream, str2.toCharArray());
                this._alias = keyStore.aliases().nextElement();
                this._cert = (X509Certificate) keyStore.getCertificate(this._alias);
                this._publicKey = this._cert.getPublicKey();
                try {
                    this._privateKey = KeyFactory.getInstance(Constants.DEFAULT_DIGITAL_SIGNATURE_ALGORITHM_NAME).generatePrivate(new PKCS8EncodedKeySpec(keyStore.getKey(this._alias, str3.toCharArray()).getEncoded()));
                } catch (UnrecoverableKeyException e) {
                    setError(5);
                }
            } else if (str.endsWith(".cer")) {
                this._cert = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(fileInputStream);
            } else {
                setError(1);
            }
        } catch (FileNotFoundException e2) {
            setError(3);
        } catch (IOException e3) {
            setError(1);
            Utils.logError(e3);
        } catch (KeyStoreException e4) {
            setError(1);
            Utils.logError(e4);
        } catch (NoSuchAlgorithmException e5) {
            Utils.logError(e5);
        } catch (CertificateException e6) {
            setError(1);
            Utils.logError(e6);
        } catch (InvalidKeySpecException e7) {
            setError(1);
            Utils.logError(e7);
        }
        return 0;
    }

    public String toBase64() {
        String str = "";
        if (!certLoaded()) {
            setError(1);
            return "";
        }
        try {
            str = Base64.encodeBytes(this._cert.getEncoded());
            setError(0);
            return str;
        } catch (CertificateEncodingException e) {
            setError(6);
            Utils.logError(e);
            return str;
        }
    }

    public boolean verify() {
        if (certLoaded()) {
            return verifyCertificateFromCaCerts();
        }
        return false;
    }
}
