package com.genexus.cryptography;

import com.genexus.CommonUtil;
import com.genexus.util.Base64;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertPath;
import java.security.cert.CertPathValidator;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXParameters;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.Enumeration;
import org.apache.commons.io.IOUtils;

/* loaded from: classes.dex */
public class GXCertificate {
    private static KeyStore trustStore;
    private String _alias;
    private X509Certificate _cert;
    private int _lastError;
    private String _lastErrorDescription;
    private PrivateKey _privateKey;
    private PublicKey _publicKey;

    public GXCertificate() {
    }

    public GXCertificate(String str, String str2) {
        load(str, str2);
    }

    public GXCertificate(String str, String str2, String str3) {
        load(str, str2, str3);
    }

    private void setError(int i) {
        setError(i, "");
    }

    private void setError(int i, String str) {
        this._lastError = i;
        switch (i) {
            case 0:
                this._lastErrorDescription = "";
                break;
            case 1:
                this._lastErrorDescription = Constants.CERT_NOT_LOADED;
                break;
            case 2:
                this._lastErrorDescription = Constants.CERT_NOT_TRUSTED;
                break;
            case 3:
                this._lastErrorDescription = Constants.CERT_NOT_FOUND;
                break;
            case 4:
                this._lastErrorDescription = Constants.CERT_NOT_INITIALIZED;
                break;
            case 5:
                this._lastErrorDescription = Constants.PRIVATEKEY_NOT_PRESENT;
                break;
            case 6:
                this._lastErrorDescription = Constants.CERT_ENCODING_EXCEPTION;
                break;
        }
        if (str.equals("")) {
            return;
        }
        if (this._lastErrorDescription.equals("")) {
            this._lastErrorDescription = str;
        } else {
            this._lastErrorDescription = String.format("%s - %s", this._lastErrorDescription, str);
        }
    }

    private static boolean verifyCertificate(X509Certificate x509Certificate, X509Certificate[] x509CertificateArr) throws GeneralSecurityException {
        x509Certificate.checkValidity();
        for (X509Certificate x509Certificate2 : x509CertificateArr) {
            try {
                x509Certificate.verify(x509Certificate2.getPublicKey());
                return true;
            } catch (GeneralSecurityException unused) {
            }
        }
        return false;
    }

    private boolean verifyCertificateFromCaCerts() {
        try {
            FileInputStream fileInputStream = new FileInputStream(System.getProperty("java.home") + "/lib/security/cacerts".replace(IOUtils.DIR_SEPARATOR_UNIX, File.separatorChar));
            try {
                KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore.load(fileInputStream, "changeit".toCharArray());
                Enumeration<String> aliases = keyStore.aliases();
                ArrayList arrayList = new ArrayList();
                while (aliases.hasMoreElements()) {
                    arrayList.add((X509Certificate) keyStore.getCertificate(aliases.nextElement()));
                }
                boolean verifyCertificate = verifyCertificate(this._cert, (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]));
                fileInputStream.close();
                return verifyCertificate;
            } finally {
            }
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    public boolean certLoaded() {
        return this._cert != null;
    }

    public void check() {
        try {
            this._cert.checkValidity();
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            ArrayList arrayList = new ArrayList();
            arrayList.add(this._cert);
            CertPath generateCertPath = certificateFactory.generateCertPath(arrayList);
            PKIXParameters pKIXParameters = new PKIXParameters(getTrustStore());
            pKIXParameters.setRevocationEnabled(false);
            CertPathValidator.getInstance(CertPathValidator.getDefaultType()).validate(generateCertPath, pKIXParameters);
        } catch (Exception unused) {
        }
    }

    public int fromBase64(String str) {
        try {
            this._cert = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.decode(str)));
        } catch (CertificateException e) {
            setError(1);
            Utils.logError(e);
        }
        return this._lastError;
    }

    public X509Certificate getCertificate() {
        return this._cert;
    }

    public int getErrCode() {
        return this._lastError;
    }

    public String getErrDescription() {
        return this._lastErrorDescription;
    }

    public String getIssuer() {
        return certLoaded() ? this._cert.getIssuerDN().getName() : "";
    }

    public Date getNotAfter() {
        return certLoaded() ? this._cert.getNotAfter() : CommonUtil.resetTime(CommonUtil.nullDate());
    }

    public Date getNotBefore() {
        return certLoaded() ? this._cert.getNotBefore() : CommonUtil.resetTime(CommonUtil.nullDate());
    }

    public PrivateKey getPrivateKey() {
        return this._privateKey;
    }

    public PublicKey getPublicKey() {
        return this._publicKey;
    }

    public String getSerialNumber() {
        return certLoaded() ? new BigInteger(this._cert.getSerialNumber().toString()).toString(16) : "";
    }

    public String getSubject() {
        return certLoaded() ? this._cert.getSubjectDN().getName() : "";
    }

    public String getThumbprint() {
        return "";
    }

    public KeyStore getTrustStore() {
        FileInputStream fileInputStream;
        CertificateException e;
        NoSuchAlgorithmException e2;
        KeyStoreException e3;
        IOException e4;
        FileNotFoundException e5;
        if (trustStore == null) {
            try {
            } catch (Throwable th) {
                th = th;
            }
            try {
                try {
                    fileInputStream = new FileInputStream(System.getProperty("java.home") + "/lib/security/cacerts".replace(IOUtils.DIR_SEPARATOR_UNIX, File.separatorChar));
                } catch (IOException e6) {
                    e6.printStackTrace();
                }
                try {
                    KeyStore keyStore = KeyStore.getInstance("JKS");
                    keyStore.load(fileInputStream, "changeit".toCharArray());
                    fileInputStream.close();
                    trustStore = keyStore;
                    fileInputStream.close();
                } catch (FileNotFoundException e7) {
                    e5 = e7;
                    e5.printStackTrace();
                    if (fileInputStream != null) {
                        fileInputStream.close();
                    }
                    return trustStore;
                } catch (IOException e8) {
                    e4 = e8;
                    e4.printStackTrace();
                    if (fileInputStream != null) {
                        fileInputStream.close();
                    }
                    return trustStore;
                } catch (KeyStoreException e9) {
                    e3 = e9;
                    e3.printStackTrace();
                    if (fileInputStream != null) {
                        fileInputStream.close();
                    }
                    return trustStore;
                } catch (NoSuchAlgorithmException e10) {
                    e2 = e10;
                    e2.printStackTrace();
                    if (fileInputStream != null) {
                        fileInputStream.close();
                    }
                    return trustStore;
                } catch (CertificateException e11) {
                    e = e11;
                    e.printStackTrace();
                    if (fileInputStream != null) {
                        fileInputStream.close();
                    }
                    return trustStore;
                }
            } catch (FileNotFoundException e12) {
                fileInputStream = null;
                e5 = e12;
            } catch (IOException e13) {
                fileInputStream = null;
                e4 = e13;
            } catch (KeyStoreException e14) {
                fileInputStream = null;
                e3 = e14;
            } catch (NoSuchAlgorithmException e15) {
                fileInputStream = null;
                e2 = e15;
            } catch (CertificateException e16) {
                fileInputStream = null;
                e = e16;
            } catch (Throwable th2) {
                fileInputStream = null;
                th = th2;
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e17) {
                        e17.printStackTrace();
                    }
                }
                throw th;
            }
        }
        return trustStore;
    }

    public int getVersion() {
        if (certLoaded()) {
            return this._cert.getVersion();
        }
        return 0;
    }

    public boolean hasPrivateKey() {
        return certLoaded() && this._privateKey != null;
    }

    public int load(String str, String str2) {
        return load(str, str2, str2);
    }

    /* JADX WARN: Can't wrap try/catch for region: R(12:1|(5:2|3|4|5|6)|(4:15|(1:17)(1:21)|18|19)|22|(7:27|(1:29)(1:36)|30|31|32|18|19)|37|30|31|32|18|19|(1:(0))) */
    /* JADX WARN: Code restructure failed: missing block: B:35:0x00ba, code lost:
    
        setError(5);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public int load(java.lang.String r9, java.lang.String r10, java.lang.String r11) {
        /*
            Method dump skipped, instructions count: 245
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.genexus.cryptography.GXCertificate.load(java.lang.String, java.lang.String, java.lang.String):int");
    }

    public String toBase64() {
        String str = "";
        if (!certLoaded()) {
            setError(1);
            return "";
        }
        try {
            str = Base64.encodeBytes(this._cert.getEncoded());
            setError(0);
            return str;
        } catch (CertificateEncodingException e) {
            setError(6);
            Utils.logError(e);
            return str;
        }
    }

    public boolean verify() {
        if (certLoaded()) {
            return verifyCertificateFromCaCerts();
        }
        return false;
    }
}
