package com.pkware.android.util;

import android.util.Log;
import com.pkware.android.exception.TrustStoreNotFoundException;
import com.pkware.android.exception.TrustStoreOpenFailedException;
import com.pkware.archive.zip.ZipCertificate;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.Enumeration;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* loaded from: classes.dex */
public class CertificateUtils {
    private static final String TAG = "CertificateUtils";
    private static final String TRUST_STORE_BKS_DEFAULT_PATH = "/etc/security/cacerts.bks";
    private static final String TRUST_STORE_DIR_DEFAULT_PATH = "/etc/security/cacerts";
    private static KeyStore trustStore;
    private static final Pattern cnPattern = Pattern.compile("CN=([^,]*)");
    private static final Pattern ePattern = Pattern.compile("E=([^,]*)");
    private static final char[][] TRUST_STORE_PWDS = {"changeit".toCharArray(), null};

    public static String getCN(Certificate certificate) {
        if (certificate instanceof X509Certificate) {
            return getCN((X509Certificate) certificate);
        }
        return null;
    }

    public static String getCN(X509Certificate x509Certificate) {
        return getCNFromDNString(x509Certificate.getSubjectDN().getName());
    }

    public static String getCNFromDNString(String str) {
        Matcher matcher = cnPattern.matcher(str);
        if (matcher.find()) {
            return matcher.group(1);
        }
        return null;
    }

    public static X509Certificate[] getChain(String str, KeyStore keyStore) throws KeyStoreException {
        Certificate[] certificateChain;
        X509Certificate[] x509CertificateArr = null;
        if (str != null && (certificateChain = keyStore.getCertificateChain(str)) != null) {
            x509CertificateArr = new X509Certificate[certificateChain.length];
            for (int i = 0; i < certificateChain.length; i++) {
                x509CertificateArr[i] = (X509Certificate) certificateChain[i];
            }
        }
        return x509CertificateArr;
    }

    public static X509Certificate[] getChain(X509Certificate x509Certificate, KeyStore keyStore) throws KeyStoreException {
        X509Certificate[] chain = getChain(keyStore.getCertificateAlias(x509Certificate), keyStore);
        return chain != null ? chain : new X509Certificate[]{x509Certificate};
    }

    public static String getE(Certificate certificate) {
        if (certificate instanceof X509Certificate) {
            return getE((X509Certificate) certificate);
        }
        return null;
    }

    public static String getE(X509Certificate x509Certificate) {
        Matcher matcher = ePattern.matcher(x509Certificate.getSubjectDN().getName());
        if (matcher.find()) {
            return matcher.group(1);
        }
        return null;
    }

    public static ZipCertificate getPKZipCertificate(X509Certificate x509Certificate, Date date, KeyStore keyStore, KeyStore keyStore2) throws KeyStoreException {
        ArrayList arrayList = new ArrayList();
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            Certificate[] certificateChain = keyStore.getCertificateChain(aliases.nextElement());
            if (certificateChain != null) {
                for (int i = 0; i < certificateChain.length; i++) {
                    if (certificateChain[i] instanceof X509Certificate) {
                        arrayList.add((X509Certificate) certificateChain[i]);
                    }
                }
            }
        }
        return ZipCertificate.getInstance(x509Certificate, date, (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]), keyStore2);
    }

    public static KeyStore getTrustStore() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, TrustStoreNotFoundException, TrustStoreOpenFailedException {
        if (trustStore != null) {
            return trustStore;
        }
        File file = new File(TRUST_STORE_BKS_DEFAULT_PATH);
        if (file.isFile()) {
            KeyStore keyStore = KeyStore.getInstance("BKS");
            boolean z = true;
            for (int i = 0; z && i < TRUST_STORE_PWDS.length; i++) {
                try {
                    keyStore.load(new FileInputStream(file), TRUST_STORE_PWDS[i]);
                    z = false;
                } catch (IOException e) {
                    Log.w(TAG, e);
                }
            }
            if (keyStore.size() <= 0) {
                throw new TrustStoreOpenFailedException("Could not open /etc/security/cacerts.");
            }
            return keyStore;
        }
        try {
            KeyStore keyStore2 = KeyStore.getInstance("AndroidCAStore");
            keyStore2.load(null, null);
            if (keyStore2.size() > 0) {
                return keyStore2;
            }
        } catch (Exception e2) {
        }
        File file2 = new File(TRUST_STORE_DIR_DEFAULT_PATH);
        if (!file2.isDirectory()) {
            throw new TrustStoreNotFoundException();
        }
        KeyStore keyStore3 = KeyStore.getInstance("BKS");
        keyStore3.load(null, TRUST_STORE_PWDS[0]);
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        File[] listFiles = file2.listFiles();
        for (int i2 = 0; i2 < listFiles.length; i2++) {
            keyStore3.setCertificateEntry(Integer.toString(i2), certificateFactory.generateCertificate(new FileInputStream(listFiles[i2])));
        }
        return keyStore3;
    }
}
