package nota.curitiba.classe;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:nota/curitiba/classe/NFeBuildCacerts.class */
public class NFeBuildCacerts {
    private static final String JSSECACERTS = "NFeCacerts";
    private static final int TIMEOUT_WS = 60;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:nota/curitiba/classe/NFeBuildCacerts$SavingTrustManager.class */
    public static class SavingTrustManager implements X509TrustManager {
        private final X509TrustManager tm;
        private X509Certificate[] chain;

        SavingTrustManager(X509TrustManager x509TrustManager) {
            this.tm = x509TrustManager;
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            this.chain = x509CertificateArr;
            this.tm.checkServerTrusted(x509CertificateArr, str);
        }
    }

    public static void main(String[] strArr) {
        try {
            File gerarCacerts = gerarCacerts("isscuritiba.curitiba.pr.gov.br", 443);
            if (gerarCacerts != null) {
                info("| Cacerts gerado em: " + gerarCacerts.getAbsolutePath());
            }
        } catch (Exception e) {
            error(e.toString());
        }
    }

    public static File gerarCacerts(String str, int i) throws Exception {
        char[] charArray = "changeit".toCharArray();
        File file = new File(JSSECACERTS);
        if (!file.isFile()) {
            char c = File.separatorChar;
            File file2 = new File(String.valueOf(System.getProperty("java.home")) + c + "lib" + c + "security");
            file = new File(file2, JSSECACERTS);
            if (!file.isFile()) {
                file = new File(file2, "cacerts");
            }
        }
        info("| Loading KeyStore " + file + "...");
        FileInputStream fileInputStream = new FileInputStream(file);
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(fileInputStream, charArray);
        fileInputStream.close();
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        SavingTrustManager savingTrustManager = new SavingTrustManager((X509TrustManager) trustManagerFactory.getTrustManagers()[0]);
        sSLContext.init(null, new TrustManager[]{savingTrustManager}, null);
        SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
        info("| Opening connection to " + str + ":" + i + "...");
        SSLSocket sSLSocket = (SSLSocket) socketFactory.createSocket(str, i);
        sSLSocket.setSoTimeout(60000);
        try {
            info("| Starting SSL handshake...");
            sSLSocket.startHandshake();
            sSLSocket.close();
            info("| No errors, certificate is already trusted");
        } catch (SSLHandshakeException e) {
        } catch (SSLException e2) {
            error("| " + e2.toString());
        }
        X509Certificate[] x509CertificateArr = savingTrustManager.chain;
        if (x509CertificateArr == null) {
            info("| Could not obtain server certificate chain");
            return null;
        }
        info("| Server sent " + x509CertificateArr.length + " certificate(s):");
        MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
        MessageDigest messageDigest2 = MessageDigest.getInstance("MD5");
        for (int i2 = 0; i2 < x509CertificateArr.length; i2++) {
            X509Certificate x509Certificate = x509CertificateArr[i2];
            messageDigest.update(x509Certificate.getEncoded());
            messageDigest2.update(x509Certificate.getEncoded());
            String str2 = String.valueOf(str) + "-" + i2;
            keyStore.setCertificateEntry(str2, x509Certificate);
            info("| Added certificate to keystore 'NFeCacerts' using alias '" + str2 + "'");
        }
        File file3 = new File(JSSECACERTS);
        FileOutputStream fileOutputStream = new FileOutputStream(file3);
        keyStore.store(fileOutputStream, charArray);
        fileOutputStream.close();
        return file3;
    }

    private static void info(String str) {
        System.out.println("INFO: " + str);
    }

    private static void error(String str) {
        System.out.println("ERROR: " + str);
    }
}
