package com.xk72.proxy.ssl;

import com.xk72.charles.CharlesContext;
import com.xk72.util.H;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.asn1.x509.X509Extensions;
import org.bouncycastle.x509.X509V1CertificateGenerator;
import org.bouncycastle.x509.X509V3CertificateGenerator;
import org.bouncycastle.x509.extension.AuthorityKeyIdentifierStructure;
import org.bouncycastle.x509.extension.SubjectKeyIdentifierStructure;

/* loaded from: input_file:com/xk72/proxy/ssl/SSLContextFactory.class */
public class SSLContextFactory {
    private static String b = "RSA";
    private static String c = "SHA1WITHRSA";
    private static final int d = 3;
    private static final int e = 2;
    private static char[] f;
    private static X509Certificate i;
    private static PrivateKey j;
    private static b k;
    private static final Logger a = Logger.getLogger("com.xk72.proxy.ssl.SSLContextFactory");
    private static Map<d, KeyStore> g = new HashMap();
    private static long h = System.currentTimeMillis();

    public static void a(b bVar) {
        k = bVar;
    }

    public static SSLContext a(String str) {
        return a(new X500Principal("CN=" + str + ", C=NZ, O=XK72 Limited, OU=Charles"), new Date(System.currentTimeMillis() - 2592000000L), new Date(System.currentTimeMillis() + 31536000000L), null);
    }

    private static SSLContext b(String str) {
        return a(new X500Principal(str), new Date(System.currentTimeMillis() - 2592000000L), new Date(System.currentTimeMillis() + 31536000000L), null);
    }

    public static void a(X509Certificate x509Certificate, PrivateKey privateKey) {
        j = privateKey;
        i = x509Certificate;
        f = H.c("2" + x509Certificate.getSubjectDN() + x509Certificate.getIssuerDN() + x509Certificate.getSerialNumber(), "SHA-1").toCharArray();
    }

    public static String a() {
        return new String(f);
    }

    public static SSLContext a(X509Certificate x509Certificate) {
        return a(x509Certificate.getSubjectX500Principal(), x509Certificate.getNotBefore(), x509Certificate.getNotAfter(), x509Certificate);
    }

    private static SSLContext a(X500Principal x500Principal, Date date, Date date2, X509Certificate x509Certificate) {
        long j2 = h;
        h = j2 + 1;
        return a(x500Principal, BigInteger.valueOf(j2), date, date2, x509Certificate);
    }

    /* JADX WARN: Not initialized variable reg: 0, insn: 0x0255: THROW (r0 I:java.lang.Throwable), block:B:66:0x0255 */
    private static SSLContext a(X500Principal x500Principal, BigInteger bigInteger, Date date, Date date2, X509Certificate x509Certificate) {
        Throwable th;
        KeyStore keyStore;
        X509Certificate generate;
        try {
            synchronized (g) {
                keyStore = g.get(new d(x500Principal, x509Certificate));
            }
            if (keyStore == null) {
                keyStore = a(x500Principal, x509Certificate);
            }
            if (keyStore == null) {
                if (i == null || j == null) {
                    throw new IOException("SSLContextFactory does not have a CA certificate set");
                }
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
                keyPairGenerator.initialize(1024);
                KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
                Signature signature = Signature.getInstance("SHA1WITHRSA");
                if ((x509Certificate != null ? x509Certificate.getVersion() : 3) == 3) {
                    X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
                    x509V3CertificateGenerator.setSerialNumber(bigInteger);
                    x509V3CertificateGenerator.setIssuerDN(i.getSubjectX500Principal());
                    x509V3CertificateGenerator.setSubjectDN(x500Principal);
                    x509V3CertificateGenerator.setNotBefore(date);
                    x509V3CertificateGenerator.setNotAfter(date2);
                    x509V3CertificateGenerator.setPublicKey(generateKeyPair.getPublic());
                    x509V3CertificateGenerator.setSignatureAlgorithm("SHA1WITHRSA");
                    if (x509Certificate != null) {
                        a(x509Certificate, x509V3CertificateGenerator);
                    }
                    x509V3CertificateGenerator.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(i));
                    x509V3CertificateGenerator.addExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(generateKeyPair.getPublic()));
                    generate = x509V3CertificateGenerator.generate(j, signature.getProvider().getName());
                } else {
                    X509V1CertificateGenerator x509V1CertificateGenerator = new X509V1CertificateGenerator();
                    x509V1CertificateGenerator.setSerialNumber(bigInteger);
                    x509V1CertificateGenerator.setIssuerDN(i.getSubjectX500Principal());
                    x509V1CertificateGenerator.setSubjectDN(x500Principal);
                    x509V1CertificateGenerator.setNotBefore(date);
                    x509V1CertificateGenerator.setNotAfter(date2);
                    x509V1CertificateGenerator.setPublicKey(generateKeyPair.getPublic());
                    x509V1CertificateGenerator.setSignatureAlgorithm("SHA1WITHRSA");
                    generate = x509V1CertificateGenerator.generate(j, signature.getProvider().getName());
                }
                Certificate[] certificateArr = {generate, i};
                KeyStore keyStore2 = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore = keyStore2;
                keyStore2.load(null, f);
                keyStore.setKeyEntry("mycert", generateKeyPair.getPrivate(), f, certificateArr);
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                keyStore.store(byteArrayOutputStream, f);
                keyStore.load(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()), f);
                synchronized (g) {
                    g.put(new d(x500Principal, x509Certificate), keyStore);
                }
                if (x509Certificate != null) {
                    try {
                        File b2 = b(x500Principal, x509Certificate);
                        b2.getParentFile().mkdirs();
                        FileOutputStream fileOutputStream = new FileOutputStream(b2);
                        try {
                            keyStore.store(fileOutputStream, f);
                            fileOutputStream.close();
                        } catch (Throwable th2) {
                            fileOutputStream.close();
                            throw th2;
                        }
                    } catch (IOException e2) {
                        a.log(Level.WARNING, "Failed to store generated SSL certificated: " + e2.getMessage(), (Throwable) e2);
                    }
                }
            }
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, f);
            TrustManager[] c2 = c();
            SSLContext b3 = b();
            b3.init(keyManagerFactory.getKeyManagers(), c2, null);
            return b3;
        } catch (IOException e3) {
            throw th;
        } catch (GeneralSecurityException e4) {
            throw new IOException(e4.toString());
        }
    }

    private static void a(X500Principal x500Principal, X509Certificate x509Certificate, KeyStore keyStore) {
        if (x509Certificate != null) {
            try {
                File b2 = b(x500Principal, x509Certificate);
                b2.getParentFile().mkdirs();
                FileOutputStream fileOutputStream = new FileOutputStream(b2);
                try {
                    keyStore.store(fileOutputStream, f);
                    fileOutputStream.close();
                } catch (Throwable th) {
                    fileOutputStream.close();
                    throw th;
                }
            } catch (IOException e2) {
                a.log(Level.WARNING, "Failed to store generated SSL certificated: " + e2.getMessage(), (Throwable) e2);
            }
        }
    }

    private static KeyStore a(X500Principal x500Principal, X509Certificate x509Certificate) {
        if (x509Certificate == null) {
            return null;
        }
        File b2 = b(x500Principal, x509Certificate);
        if (!b2.exists()) {
            return null;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            FileInputStream fileInputStream = new FileInputStream(b2);
            keyStore.load(fileInputStream, f);
            fileInputStream.close();
            synchronized (g) {
                g.put(new d(x500Principal, x509Certificate), keyStore);
            }
            return keyStore;
        } catch (IOException unused) {
            return null;
        } catch (GeneralSecurityException unused2) {
            return null;
        }
    }

    private static File b(X500Principal x500Principal, X509Certificate x509Certificate) {
        if (x509Certificate == null) {
            return null;
        }
        return new File(CharlesContext.getInstance().getApplicationDataPath() + File.separator + "certs", H.c(x500Principal.getName(), "SHA-1") + "-" + x509Certificate.getSerialNumber().toString() + "-" + H.c(x509Certificate.getIssuerX500Principal().toString(), "SHA-1") + ".keystore");
    }

    private static void a(X509Certificate x509Certificate, X509V3CertificateGenerator x509V3CertificateGenerator) {
        Set<String> criticalExtensionOIDs = x509Certificate.getCriticalExtensionOIDs();
        if (criticalExtensionOIDs != null) {
            for (String str : criticalExtensionOIDs) {
                if (c(str)) {
                    x509V3CertificateGenerator.copyAndAddExtension(str, true, x509Certificate);
                }
            }
        }
        Set<String> nonCriticalExtensionOIDs = x509Certificate.getNonCriticalExtensionOIDs();
        if (nonCriticalExtensionOIDs != null) {
            for (String str2 : nonCriticalExtensionOIDs) {
                if (c(str2)) {
                    x509V3CertificateGenerator.copyAndAddExtension(str2, false, x509Certificate);
                }
            }
        }
    }

    private static boolean c(String str) {
        return (str.equals(X509Extensions.AuthorityInfoAccess.toString()) || str.equals(X509Extensions.CertificatePolicies.toString()) || str.equals(X509Extensions.AuthorityKeyIdentifier.toString()) || str.equals(X509Extensions.SubjectKeyIdentifier.toString()) || str.equals(X509Extensions.CRLDistributionPoints.toString())) ? false : true;
    }

    public static void main(String[] strArr) {
        FileInputStream fileInputStream = new FileInputStream("/Applications/Charles.app/Contents/Resources/Java/user.P12");
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        keyStore.load(fileInputStream, "karl".toCharArray());
        KeyStore keyStore2 = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore2.load(null);
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            Certificate certificate = keyStore.getCertificate(nextElement);
            Certificate[] certificateChain = keyStore.getCertificateChain(nextElement);
            Key key = keyStore.getKey(nextElement, "karl".toCharArray());
            System.out.println(key);
            keyStore2.setCertificateEntry(nextElement, certificate);
            keyStore2.setKeyEntry(nextElement, key, "".toCharArray(), certificateChain);
        }
    }

    public static SSLContext a(String str, int i2) {
        try {
            TrustManager[] c2 = c();
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, f);
            if (k != null) {
                k.b(str, i2, keyStore, f);
            }
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, f);
            SSLContext b2 = b();
            b2.init(keyManagerFactory.getKeyManagers(), c2, new SecureRandom());
            return b2;
        } catch (GeneralSecurityException e2) {
            throw new IOException(e2.toString());
        }
    }

    private static SSLContext b() {
        try {
            return SSLContext.getInstance("SSL_TLS");
        } catch (NoSuchAlgorithmException unused) {
            return SSLContext.getInstance("SSL");
        }
    }

    private static TrustManager[] c() {
        TrustManager[] trustManagerArr = new TrustManager[1];
        try {
            trustManagerArr[0] = (TrustManager) Class.forName("com.xk72.proxy.ssl.NullX509ExtendedTrustManager").newInstance();
        } catch (Throwable unused) {
            trustManagerArr[0] = new a();
        }
        return trustManagerArr;
    }
}
