package userSamples;

import com.objsys.asn1j.runtime.Asn1Boolean;
import com.objsys.asn1j.runtime.Asn1ObjectIdentifier;
import com.objsys.asn1j.runtime.Asn1OctetString;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.cert.CertPathBuilder;
import java.security.cert.CertPathValidator;
import java.security.cert.CertStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.PKIXBuilderParameters;
import java.security.cert.PKIXCertPathBuilderResult;
import java.security.cert.TrustAnchor;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Set;
import ru.CryptoPro.JCP.ASN.PKIX1Explicit88.Extension;
import ru.CryptoPro.JCPRequest.GostCertificateRequest;
import ru.CryptoPro.JCPRequest.KeyUsage;

/* loaded from: classes5.dex */
public class Certificates {
    private static final String ALIAS_2001 = "newCert_2001";
    private static final String ALIAS_2012_256 = "newCert_2012_256";
    private static final String ALIAS_2012_512 = "newCert_2012_512";
    private static final String DNAME_2001 = "CN=newCert_2001, O=CryptoPro, C=RU";
    private static final String DNAME_2012_256 = "CN=newCert_2012_256, O=CryptoPro, C=RU";
    private static final String DNAME_2012_512 = "CN=newCert_2012_512, O=CryptoPro, C=RU";
    public static final String HTTP_ADDRESS = "http://testca.cryptopro.ru/certsrv/";
    private static final String KEY_ALG_2001 = "GOST3410EL";
    private static final String KEY_ALG_2012_256 = "GOST3410_2012_256";
    private static final String KEY_ALG_2012_512 = "GOST3410_2012_512";
    private static final String STORE_TYPE = "HDImageStore";
    private static final char[] STORE_PASS = "password".toCharArray();
    private static final String STORE_PATH_2001 = System.getProperty("user.home") + File.separator + "new_2001.keystore";
    private static final String STORE_PATH_2012_256 = System.getProperty("user.home") + File.separator + "new_2012_256.keystore";
    private static final String STORE_PATH_2012_512 = System.getProperty("user.home") + File.separator + "new_2012_512.keystore";
    private static final String CERT_PATH_2001 = System.getProperty("user.home") + File.separator + "newCertificate_2001.cer";
    private static final String CERT_PATH_2012_256 = System.getProperty("user.home") + File.separator + "newCertificate_2012_256.cer";
    private static final String CERT_PATH_2012_512 = System.getProperty("user.home") + File.separator + "newCertificate_2012_512.cer";

    public static void certificateChain() throws Exception {
        KeyStore keyStore = KeyStore.getInstance("HDImageStore");
        String str = STORE_PATH_2001;
        FileInputStream fileInputStream = new FileInputStream(str);
        char[] cArr = STORE_PASS;
        keyStore.load(fileInputStream, cArr);
        Certificate certificate = keyStore.getCertificate("rootCert");
        Certificate certificate2 = keyStore.getCertificate("intermediateCert");
        Certificate certificate3 = keyStore.getCertificate("endCert");
        keyStore.store(new FileOutputStream(str), cArr);
        ArrayList arrayList = new ArrayList(3);
        arrayList.add(certificate);
        arrayList.add(certificate2);
        arrayList.add(certificate3);
        TrustAnchor trustAnchor = new TrustAnchor((X509Certificate) certificate, null);
        CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(arrayList));
        CertPathBuilder certPathBuilder = CertPathBuilder.getInstance("PKIX");
        PKIXBuilderParameters pKIXBuilderParameters = new PKIXBuilderParameters((Set<TrustAnchor>) Collections.singleton(trustAnchor), new X509CertSelector());
        pKIXBuilderParameters.addCertStore(certStore);
        X509CertSelector x509CertSelector = new X509CertSelector();
        x509CertSelector.setCertificate((X509Certificate) certificate3);
        pKIXBuilderParameters.setTargetCertConstraints(x509CertSelector);
        System.out.println(CertPathValidator.getInstance("PKIX").validate(((PKIXCertPathBuilderResult) certPathBuilder.build(pKIXBuilderParameters)).getCertPath(), pKIXBuilderParameters).toString());
    }

    public static GostCertificateRequest createRequest(KeyPair keyPair, String str, String str2, String str3) throws Exception {
        GostCertificateRequest gostCertificateRequest = new GostCertificateRequest(str2);
        String algorithm = keyPair.getPrivate().getAlgorithm();
        if (algorithm.equalsIgnoreCase("GOST3410EL") || algorithm.equalsIgnoreCase("GOST3410_2012_256") || algorithm.equalsIgnoreCase("GOST3410_2012_512")) {
            gostCertificateRequest.setKeyUsage(3);
        } else {
            gostCertificateRequest.setKeyUsage(23);
        }
        gostCertificateRequest.addExtKeyUsage(GostCertificateRequest.INTS_PKIX_EMAIL_PROTECTION);
        gostCertificateRequest.addExtKeyUsage(KeyUsage.STR_OID_PKIX_CODE_SIGNING);
        Extension extension = new Extension();
        extension.extnID = new Asn1ObjectIdentifier(new int[]{2, 5, 29, 19});
        extension.critical = new Asn1Boolean(true);
        extension.extnValue = new Asn1OctetString(new byte[]{48, 6, 1, 1, -1, 2, 1, 5});
        gostCertificateRequest.addExtension(extension);
        gostCertificateRequest.setPublicKeyInfo(keyPair.getPublic());
        gostCertificateRequest.setSubjectInfo(str3);
        gostCertificateRequest.encodeAndSign(keyPair.getPrivate(), str);
        return gostCertificateRequest;
    }

    public static byte[] createRequestAndGetCert(KeyPair keyPair, String str, String str2, String str3, String str4) throws Exception {
        return createRequest(keyPair, str, str2, str3).getEncodedCert(str4);
    }

    public static void main(String[] strArr) throws Exception {
        String str = STORE_PATH_2012_256;
        writeCertSample("GOST3410_2012_256", "GOST3411_2012_256withGOST3410_2012_256", ALIAS_2012_256, str, DNAME_2012_256);
        readCertSample(str, ALIAS_2012_256, CERT_PATH_2012_256);
        String str2 = STORE_PATH_2012_512;
        writeCertSample("GOST3410_2012_512", "GOST3411_2012_512withGOST3410_2012_512", ALIAS_2012_512, str2, DNAME_2012_512);
        readCertSample(str2, ALIAS_2012_512, CERT_PATH_2012_512);
    }

    public static void readCertSample(String str, String str2, String str3) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("HDImageStore");
        File file = new File(str);
        FileInputStream fileInputStream = new FileInputStream(file);
        char[] cArr = STORE_PASS;
        keyStore.load(fileInputStream, cArr);
        Certificate certificate = keyStore.getCertificate(str2);
        keyStore.store(new FileOutputStream(file), cArr);
        File file2 = new File(str3);
        new FileOutputStream(file2).write(certificate.getEncoded());
    }

    public static void writeCertSample(String str, String str2, String str3, String str4, String str5) throws Exception {
        Certificate generateCertificate = CertificateFactory.getInstance(Constants.CF_ALG).generateCertificate(new ByteArrayInputStream(createRequestAndGetCert(KeyPairGen.genKey(str), str2, "JCP", str5, HTTP_ADDRESS)));
        KeyStore keyStore = KeyStore.getInstance("HDImageStore");
        keyStore.load(null, null);
        keyStore.setCertificateEntry(str3, generateCertificate);
        keyStore.store(new FileOutputStream(new File(str4)), STORE_PASS);
    }
}
