package util;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.net.UnknownHostException;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import mentorcore.service.impl.buildbusinessintelligence.builder.BIBaseBuilder;

/* loaded from: input_file:util/CertificateImport.class */
public class CertificateImport {
    public static final String TRUST_STORE_FILE_NAME = "touchcompkeystore.jks";
    private static final char[] HEXDIGITS = "0123456789abcdef".toCharArray();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:util/CertificateImport$SavingTrustManager.class */
    public static class SavingTrustManager implements X509TrustManager {
        private final X509TrustManager tm;
        private X509Certificate[] chain;

        SavingTrustManager(X509TrustManager x509TrustManager) {
            this.tm = x509TrustManager;
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            this.chain = x509CertificateArr;
            this.tm.checkServerTrusted(x509CertificateArr, str);
        }
    }

    public static void main(String[] strArr) {
        try {
            importCerticateFromServer("hcte.fazenda.mg.gov.br", 443);
        } catch (Exception e) {
            Logger.getLogger(CertificateImport.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e);
        }
    }

    public static void importCerticateFromServer(String str, int i) throws UnknownHostException, Exception {
        char[] charArray = "touchcompKeyStore".toCharArray();
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        File file = new File(TRUST_STORE_FILE_NAME);
        if (!file.exists() || file.length() == 0) {
            keyStore.load(null, charArray);
        } else {
            keyStore.load(new FileInputStream(file), charArray);
        }
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        SavingTrustManager savingTrustManager = new SavingTrustManager((X509TrustManager) trustManagerFactory.getTrustManagers()[0]);
        sSLContext.init(null, new TrustManager[]{savingTrustManager}, null);
        SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
        System.out.println("Opening connection to " + str + BIBaseBuilder.PREFIX_PARAM + i + "...");
        SSLSocket sSLSocket = (SSLSocket) socketFactory.createSocket(str, i);
        sSLSocket.setSoTimeout(10000);
        try {
            System.out.println("Starting SSL handshake...");
            sSLSocket.startHandshake();
            sSLSocket.close();
            System.out.println();
            System.out.println("No errors, certificate is already trusted");
        } catch (SSLException e) {
            System.out.println("Erro ao verificar identidade do certificado");
        }
        X509Certificate[] x509CertificateArr = savingTrustManager.chain;
        if (x509CertificateArr == null) {
            System.out.println("Could not obtain server certificate chain");
            return;
        }
        System.out.println();
        System.out.println("Server sent " + x509CertificateArr.length + " certificate(s):");
        System.out.println();
        MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
        MessageDigest messageDigest2 = MessageDigest.getInstance("MD5");
        for (int i2 = 0; i2 < x509CertificateArr.length; i2++) {
            X509Certificate x509Certificate = x509CertificateArr[i2];
            System.out.println(" " + (i2 + 1) + " Subject " + x509Certificate.getSubjectDN());
            System.out.println("   Issuer  " + x509Certificate.getIssuerDN());
            messageDigest.update(x509Certificate.getEncoded());
            System.out.println("   sha1    " + toHexString(messageDigest.digest()));
            messageDigest2.update(x509Certificate.getEncoded());
            System.out.println("   md5     " + toHexString(messageDigest2.digest()));
            String str2 = str + "-" + (i2 + 1);
            keyStore.setCertificateEntry(str2, x509Certificate);
            FileOutputStream fileOutputStream = new FileOutputStream(TRUST_STORE_FILE_NAME);
            keyStore.store(fileOutputStream, charArray);
            fileOutputStream.close();
            System.out.println("Added certificate to keystore using alias '" + str2 + "'");
        }
    }

    private static String toHexString(byte[] bArr) {
        StringBuilder sb = new StringBuilder(bArr.length * 3);
        for (byte b : bArr) {
            int i = b & 255;
            sb.append(HEXDIGITS[i >> 4]);
            sb.append(HEXDIGITS[i & 15]);
            sb.append(' ');
        }
        return sb.toString();
    }
}
