package oldSamples;

import java.io.FileInputStream;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;
import userSamples.Constants;

/* loaded from: classes3.dex */
public class ImportCert {
    public static boolean buildChain(X509Certificate x509Certificate, Vector vector, Hashtable hashtable) {
        Principal subjectDN = x509Certificate.getSubjectDN();
        Principal issuerDN = x509Certificate.getIssuerDN();
        if (subjectDN.equals(issuerDN)) {
            vector.addElement(x509Certificate);
            return true;
        }
        Vector vector2 = (Vector) hashtable.get(issuerDN);
        if (vector2 == null) {
            return false;
        }
        Enumeration elements = vector2.elements();
        while (elements.hasMoreElements()) {
            X509Certificate x509Certificate2 = (X509Certificate) elements.nextElement();
            try {
                x509Certificate.verify(x509Certificate2.getPublicKey());
            } catch (Exception unused) {
            }
            if (buildChain(x509Certificate2, vector, hashtable)) {
                vector.addElement(x509Certificate);
                return true;
            }
        }
        return false;
    }

    public static Certificate[] establishCertChain(Certificate certificate, Certificate certificate2, KeyStore keyStore) throws Exception {
        if (certificate != null) {
            if (!certificate.getPublicKey().equals(certificate2.getPublicKey())) {
                throw new Exception("Public keys in reply and keystore don't match");
            }
            if (certificate2.equals(certificate)) {
                throw new Exception("Certificate reply and certificate in keystore are identical");
            }
        }
        Hashtable hashtable = null;
        if (keyStore.size() > 0) {
            hashtable = new Hashtable(11);
            keystorecerts2Hashtable(keyStore, hashtable);
        }
        Vector vector = new Vector(2);
        if (!buildChain((X509Certificate) certificate2, vector, hashtable)) {
            throw new Exception("Failed to establish chain from reply");
        }
        Certificate[] certificateArr = new Certificate[vector.size()];
        int i = 0;
        for (int size = vector.size() - 1; size >= 0; size--) {
            certificateArr[i] = (Certificate) vector.elementAt(size);
            i++;
        }
        return certificateArr;
    }

    public static void keystorecerts2Hashtable(KeyStore keyStore, Hashtable hashtable) throws Exception {
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            Certificate certificate = keyStore.getCertificate(aliases.nextElement());
            if (certificate != null) {
                Principal subjectDN = ((X509Certificate) certificate).getSubjectDN();
                Vector vector = (Vector) hashtable.get(subjectDN);
                if (vector == null) {
                    vector = new Vector();
                    vector.addElement(certificate);
                } else if (!vector.contains(certificate)) {
                    vector.addElement(certificate);
                }
                hashtable.put(subjectDN, vector);
            }
        }
    }

    public static void main(String[] strArr) {
        long printTestName = General.printTestName("ImportCert");
        try {
            KeyStore LoadKeyStore = General.LoadKeyStore("password");
            CertificateFactory certificateFactory = CertificateFactory.getInstance(Constants.CF_ALG);
            InputStream inputStream = System.in;
            FileInputStream fileInputStream = new FileInputStream("certnew.p7b");
            PrivateKey GetPrivateFromStore = General.GetPrivateFromStore(LoadKeyStore, "mykey", "password");
            Certificate certificate = LoadKeyStore.getCertificate("mykey");
            if (certificate == null) {
                throw new Exception("alias has no public key (certificate)");
            }
            Collection<? extends Certificate> generateCertificates = certificateFactory.generateCertificates(fileInputStream);
            if (generateCertificates.isEmpty()) {
                throw new Exception("Reply has no certificates");
            }
            Certificate[] certificateArr = (Certificate[]) generateCertificates.toArray(new Certificate[generateCertificates.size()]);
            Certificate[] establishCertChain = certificateArr.length == 1 ? establishCertChain(certificate, certificateArr[0], LoadKeyStore) : validateReply(certificate, certificateArr);
            if (establishCertChain == null) {
                throw new Exception("Certificate reply was not installed in keystore");
            }
            LoadKeyStore.setKeyEntry("mykey", GetPrivateFromStore, "password".toCharArray(), establishCertChain);
            General.SaveKeyStore(LoadKeyStore, "password");
            System.out.println("Certificate reply was installed in keystore");
            General.printOK(printTestName);
        } catch (Exception e) {
            General.printEx(e, printTestName);
        }
    }

    public static Certificate[] validateReply(Certificate certificate, Certificate[] certificateArr) throws Exception {
        PublicKey publicKey = certificate.getPublicKey();
        int i = 0;
        int i2 = 0;
        while (i2 < certificateArr.length && !publicKey.equals(certificateArr[i2].getPublicKey())) {
            i2++;
        }
        if (i2 == certificateArr.length) {
            throw new Exception("Certificate reply does not contain public key for <alias>");
        }
        Certificate certificate2 = certificateArr[0];
        certificateArr[0] = certificateArr[i2];
        certificateArr[i2] = certificate2;
        Principal issuerDN = ((X509Certificate) certificateArr[0]).getIssuerDN();
        for (int i3 = 1; i3 < certificateArr.length - 1; i3++) {
            int i4 = i3;
            while (true) {
                if (i4 >= certificateArr.length) {
                    break;
                }
                if (((X509Certificate) certificateArr[i4]).getSubjectDN().equals(issuerDN)) {
                    Certificate certificate3 = certificateArr[i3];
                    certificateArr[i3] = certificateArr[i4];
                    certificateArr[i4] = certificate3;
                    issuerDN = ((X509Certificate) certificateArr[i3]).getIssuerDN();
                    break;
                }
                i4++;
            }
            if (i4 == certificateArr.length) {
                throw new Exception("Incomplete certificate chain in reply");
            }
        }
        while (i < certificateArr.length - 1) {
            int i5 = i + 1;
            try {
                certificateArr[i].verify(certificateArr[i5].getPublicKey());
                i = i5;
            } catch (Exception e) {
                throw new Exception("Certificate chain in reply does not verify: " + e.getMessage());
            }
        }
        return certificateArr;
    }
}
