package si.birokrat.POS_local.orders_full.fiscalization.cfurs.certificate;

import android.content.Context;
import android.net.Uri;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Date;
import java.util.Iterator;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import org.apache.xml.security.keys.content.x509.XMLX509Certificate;

/* loaded from: classes5.dex */
public class AndroidStoragePCKS12Certificate {
    String alias;
    X509Certificate certificate;
    private String clientCertificateFilepath;
    private Uri clientCertificateUri;
    KeyStore clientKeystore;
    Context context;
    boolean isProduction;
    public String password;
    SSLSocketFactory socketFactory;

    public AndroidStoragePCKS12Certificate(boolean z, Context context, Uri uri, String str) throws Exception {
        this.clientCertificateFilepath = null;
        this.socketFactory = null;
        this.clientKeystore = null;
        this.certificate = null;
        this.alias = null;
        this.isProduction = z;
        this.context = context;
        this.clientCertificateUri = uri;
        this.password = str;
        load();
    }

    public AndroidStoragePCKS12Certificate(boolean z, Context context, String str, String str2) throws Exception {
        this.socketFactory = null;
        this.clientKeystore = null;
        this.certificate = null;
        this.alias = null;
        this.isProduction = z;
        this.context = context;
        this.clientCertificateFilepath = str;
        this.password = str2;
        load();
    }

    private TrustManagerFactory getFursProductionTrustManagerFactory() throws Exception {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        CertificateFactory certificateFactory = CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID);
        String[] strArr = {new FursCACertificateProvider().getSiteCertificate(), new FursCACertificateProvider().getIntermediateCertificate(), new FursCACertificateProvider().getRootCertificate()};
        for (int i = 0; i < 3; i++) {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(strArr[i].getBytes(StandardCharsets.UTF_8));
            X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(byteArrayInputStream);
            byteArrayInputStream.close();
            keyStore.setCertificateEntry("ca" + i, x509Certificate);
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        return trustManagerFactory;
    }

    private TrustManagerFactory getFursTestTrustManagerFactory() throws Exception {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(new FursCACertificateProvider().getTestCertificate().getBytes(StandardCharsets.UTF_8));
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID).generateCertificate(byteArrayInputStream);
        byteArrayInputStream.close();
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        keyStore.setCertificateEntry("ca", x509Certificate);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        return trustManagerFactory;
    }

    private KeyManagerFactory getKeyManagerFactory() throws Exception {
        String str = this.clientCertificateFilepath;
        InputStream openInputStream = str == null ? this.context.getContentResolver().openInputStream(this.clientCertificateUri) : this.context.openFileInput(str);
        char[] charArray = this.password.toCharArray();
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        this.clientKeystore = keyStore;
        keyStore.load(openInputStream, charArray);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(this.clientKeystore, this.password.toCharArray());
        return keyManagerFactory;
    }

    private void load() throws Exception {
        loadSocketFactory();
        loadX509Certificate();
    }

    private void loadSocketFactory() throws Exception {
        KeyManagerFactory keyManagerFactory = getKeyManagerFactory();
        TrustManagerFactory fursProductionTrustManagerFactory = this.isProduction ? getFursProductionTrustManagerFactory() : getFursTestTrustManagerFactory();
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(keyManagerFactory.getKeyManagers(), fursProductionTrustManagerFactory.getTrustManagers(), null);
        this.socketFactory = sSLContext.getSocketFactory();
    }

    private void loadX509Certificate() throws Exception {
        Iterator it = Collections.list(this.clientKeystore.aliases()).iterator();
        while (it.hasNext()) {
            String str = (String) it.next();
            Certificate certificate = this.clientKeystore.getCertificate(str);
            if (certificate instanceof X509Certificate) {
                this.certificate = (X509Certificate) certificate;
                this.alias = str;
                return;
            }
        }
        throw new Exception("Certificate not found!");
    }

    public X509Certificate getCertificate() throws Exception {
        return this.certificate;
    }

    public Date getCertificateExpirationDate() {
        X509Certificate x509Certificate = this.certificate;
        if (x509Certificate == null) {
            return null;
        }
        return x509Certificate.getNotAfter();
    }

    public SSLSocketFactory getSSLFactoryWithClientCertificate() throws Exception {
        return this.socketFactory;
    }
}
