package cz.elisoft.ekonomreceipt.eet.certificate;

import android.content.Context;
import android.content.res.AssetManager;
import android.util.Base64;
import android.util.Log;
import cz.elisoft.ekonomreceipt.database.entities.Certificate;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;

/* loaded from: classes2.dex */
public class CertificateLoader {
    private static final String PLAYGROUND_CA_ASSETS = "certificates/ca/playground";
    private static final String PRODUCTION_CA_ASSETS = "certificates/ca/production";
    private static AssetManager assetManager;
    private static List<X509Certificate> playgroundCa;
    private static List<X509Certificate> productionCa;
    private Certificate certificate;
    private X509Certificate x509Certificate;

    private void initCaCerts() {
        if (assetManager == null) {
            throw new RuntimeException("internal error - missing asset manager");
        }
        try {
            productionCa = new ArrayList();
            playgroundCa = new ArrayList();
            loadCertsFromAssets(productionCa, PRODUCTION_CA_ASSETS);
            loadCertsFromAssets(playgroundCa, PLAYGROUND_CA_ASSETS);
        } catch (Exception unused) {
            throw new RuntimeException("Fatal failure - init ca certs");
        }
    }

    private boolean isIssuedBy(List<X509Certificate> list) {
        Iterator<X509Certificate> it = list.iterator();
        while (it.hasNext()) {
            if (this.x509Certificate.getIssuerX500Principal().getName().equals(it.next().getIssuerX500Principal().getName())) {
                return true;
            }
        }
        return false;
    }

    private void loadCertsFromAssets(List<X509Certificate> list, String str) throws IOException, CertificateException {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
        for (String str2 : assetManager.list(str)) {
            try {
                list.add((X509Certificate) certificateFactory.generateCertificate(assetManager.open(str + "/" + str2, 1)));
            } catch (Exception e) {
                Log.e("CI", "Certificate Info error", e);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean canBeLoaded(Context context, File file, String str) {
        if (str == null) {
            return false;
        }
        if (context != null) {
            assetManager = context.getAssets();
        }
        initCaCerts();
        if (file == null) {
            return false;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load(new FileInputStream(file), str.toCharArray());
            Enumeration<String> aliases = keyStore.aliases();
            while (true) {
                if (!aliases.hasMoreElements()) {
                    break;
                }
                String nextElement = aliases.nextElement();
                if (keyStore.isKeyEntry(nextElement)) {
                    this.x509Certificate = (X509Certificate) keyStore.getCertificate(nextElement);
                    break;
                }
            }
            if (!isPlaygroundCert()) {
                if (!isProductionCert()) {
                    return false;
                }
            }
            return true;
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    boolean isPlaygroundCert() {
        return isIssuedBy(playgroundCa);
    }

    boolean isProductionCert() {
        return isIssuedBy(productionCa);
    }

    public Certificate loadCertificate(Context context, File file, String str) {
        if (str == null) {
            throw new IllegalStateException("password must be set before loading certificate info");
        }
        if (context != null) {
            assetManager = context.getAssets();
        }
        initCaCerts();
        if (file == null) {
            throw new NullPointerException("x509Certificate file cant be null");
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load(new FileInputStream(file), str.toCharArray());
            Enumeration<String> aliases = keyStore.aliases();
            while (true) {
                if (!aliases.hasMoreElements()) {
                    break;
                }
                String nextElement = aliases.nextElement();
                if (keyStore.isKeyEntry(nextElement)) {
                    this.x509Certificate = (X509Certificate) keyStore.getCertificate(nextElement);
                    PrivateKey privateKey = (PrivateKey) keyStore.getKey(nextElement, str.toCharArray());
                    this.certificate = new Certificate();
                    this.certificate.setPassword(Base64.encodeToString(privateKey.getEncoded(), 0));
                    this.certificate.setContent(Base64.encodeToString(this.x509Certificate.getEncoded(), 0));
                    this.certificate.setProduction(isProductionCert());
                    break;
                }
            }
            return this.certificate;
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }
}
