package br.com.oaks.ICPBravo.appletMini;

import br.com.oaks.ICPBravo.appletMini.Util;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.Field;
import java.math.BigInteger;
import java.security.AccessController;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreSpi;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.Enumeration;
import java.util.GregorianCalendar;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* loaded from: input_file:br/com/oaks/ICPBravo/appletMini/ICPBravoBasic.class */
public class ICPBravoBasic {
    static List<Throwable> errors = new ArrayList();
    private String cpf;
    private boolean filterICPBrasil;
    private boolean acceptExpiredCerts;
    private Util.DigestAlgorithm digestAlgorithm;
    private List<CertInfoBase> certs = new ArrayList();
    private CertInfoBase a1Cert;
    private static final String kpPrivate = "MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAKBDtXIV3gQlYiJwBXpbkH36lzvCtPI1neZyqtaKtq9ZidGcmfpVucIIq6WjyppSeYab1v9wGz+pzkCqLSrViuSDi9+57+Njr+cc4yZfm29pmb7v/3O47BQTEZTOFukl6X8Gl9huzDRmoZUm0eQ++ZfQVM7RyEZUD383XjXW60HpAgMBAAECgYEAmvP8SlsUN0QB1zQiR8SiNvwEHzbJhuoKSlcSEK87pNzYoP9d7SnXmeCSPWvZJ06Yy2p//Kfi4LIIhoNDeofPakdHEOmS//iNcuq9Oq/b02aMHUpL28b3aohNtBVczvBrFP7g5sL1qiFpoypKmwcQPISe0D6dBpko3ng/3jaG0yUCQQDulzbXmhiQtWiQ3lw/yqjRthXoJBFT4bkLEQYlK7Kx8diJKv7xJNhFzPr3KBYcm+uc3MtbsU9RwA5+3WoJYJM/AkEAq/Vj45V4S4qAUuY+qgp6r8ra1McO8oss/M9odvB4v/gpacEiohLKF0nqe7DH+XV/rQR4v02T8PwK1l21y4Jo1wJAbGlzdwZDEUYM7H7NZgMdMKVPUPtKkFXpshibNTqk6Oxemv1ZeJNoXlck1jd1zKwgpFdDZDeuNhRRwd2z9+zVGwJAOsFxLR0waldbu3eyp7VG8HQWy6dsgxFtAMD5x9Io4CcyN1FnvQtAhC6ccUEZQzKTupGRlIQ0bZ4hMdf5Ox1HJwJBAKe/bRcObNLHlr5Si7+rKKu45q5TwqxvE0LKm7zCa/DO+eNhs3H4GHncpOJE3Hv/ifH8QfuSwfdy7ADCfnKRAn4=";
    private static final String kpPublic = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCgQ7VyFd4EJWIicAV6W5B9+pc7wrTyNZ3mcqrWiravWYnRnJn6VbnCCKulo8qaUnmGm9b/cBs/qc5Aqi0q1Yrkg4vfue/jY6/nHOMmX5tvaZm+7/9zuOwUExGUzhbpJel/BpfYbsw0ZqGVJtHkPvmX0FTO0chGVA9/N1411utB6QIDAQAB";
    private static final String SHA1WithRSA = "SHA1withRSA";
    private static final String SHA256WithRSA = "SHA256WithRSA";
    DownloadFile df;
    Thread downloadThread;

    public static void logError(Throwable th) {
        errors.add(th);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getOid(byte[] bArr) throws Exception {
        int i;
        String str = "";
        int[] iArr = new int[bArr.length + 1];
        int i2 = 0;
        int i3 = 0;
        if (0 < bArr.length) {
            int i4 = bArr[0] & 255;
            int i5 = 0 + 1;
            iArr[0] = i4 / 40;
            i2 = i5 + 1;
            iArr[i5] = i4 % 40;
            i3 = 0 + 1;
        }
        while (i3 < bArr.length) {
            do {
                int i6 = i3;
                i3++;
                i = bArr[i6] & 255;
                int i7 = i2;
                iArr[i7] = iArr[i7] << 7;
                int i8 = i2;
                iArr[i8] = iArr[i8] | (i & 127);
                if (i3 >= bArr.length && (i & 128) != 0) {
                    throw new Exception("malformed OID");
                }
            } while ((i & 128) != 0);
            i2++;
        }
        for (int i9 : iArr) {
            str = str + i9 + ".";
        }
        return str.substring(0, str.length() - 1);
    }

    public List<CertInfoBase> getCerts() {
        return this.certs;
    }

    public void setCerts(List<CertInfoBase> list) {
        this.certs = list;
    }

    public void setFilterCPF(String str) {
        this.cpf = str;
    }

    public void setFilterICPBrasil(boolean z) {
        this.filterICPBrasil = z;
    }

    public void setAcceptExpiredCerts(boolean z) {
        this.acceptExpiredCerts = z;
    }

    public void setDigestAlgorithm(String str) throws Exception {
        this.digestAlgorithm = Util.DigestAlgorithm.findAlgorithm(str);
        System.out.println("Signature Algorithm: " + this.digestAlgorithm);
    }

    public byte[] getCertEncoded(int i) throws CertificateEncodingException {
        return getCert(i).getEncoded();
    }

    public X509Certificate getCert(int i) throws CertificateEncodingException {
        return this.certs.get(i).getCert();
    }

    public Certificate[] getChain(int i) throws CertificateEncodingException {
        return this.certs.get(i).getChain();
    }

    public byte[] sign(int i, byte[] bArr) throws Exception {
        CertInfoBase certInfoBase = this.certs.get(i);
        System.out.println("sign => " + certInfoBase.getName());
        return certInfoBase.sign(bArr, this.digestAlgorithm);
    }

    public void loadCertificates() throws Exception {
        OSInfo findOS = OSInfo.findOS(Util.getOsName());
        List<KeyStore> arrayList = new ArrayList();
        switch (findOS) {
            case WINDOWS:
                arrayList.add(KeyStore.getInstance("WINDOWS-MY"));
                break;
            case LINUX:
                arrayList = Pkcs11Basic.getKeyStores();
                break;
            case MAC:
                arrayList = Pkcs11Basic.getKeyStores();
                arrayList.add(KeyStore.getInstance("KeychainStore", "Apple"));
                break;
        }
        loadCertificateList(arrayList);
    }

    private void loadCertificateList(List<KeyStore> list) throws Exception {
        this.certs.clear();
        char[] cArr = new char[0];
        for (KeyStore keyStore : list) {
            keyStore.load(null, cArr);
            fixAliases(keyStore);
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                System.out.println("Alias: " + nextElement);
                CertInfoJava certInfoJava = new CertInfoJava(keyStore, nextElement, (X509Certificate) keyStore.getCertificate(nextElement), keyStore.getCertificateChain(nextElement), new char[]{'-'});
                if (certInfoJava.isValid(this.filterICPBrasil, this.acceptExpiredCerts, this.cpf) && keyStore.isKeyEntry(nextElement)) {
                    this.certs.add(certInfoJava);
                }
            }
        }
        if (this.a1Cert != null) {
            this.certs.add(this.a1Cert);
        }
    }

    public void loadA1CertificateFromDataUrl(String str, String str2) throws Exception {
        Matcher matcher = Pattern.compile(";base64,(.+)").matcher(str);
        if (!matcher.find()) {
            throw new Exception("dataUrl mal formada");
        }
        loadA1Certificate(Base64Coder.decode(matcher.group(1)), str2.toCharArray());
    }

    public void loadA1Certificate(byte[] bArr, char[] cArr) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        keyStore.load(new ByteArrayInputStream(bArr), cArr);
        fixAliases(keyStore);
        String nextElement = keyStore.aliases().nextElement();
        CertInfoJava certInfoJava = new CertInfoJava(keyStore, nextElement, (X509Certificate) keyStore.getCertificate(nextElement), keyStore.getCertificateChain(nextElement), cArr);
        if (!certInfoJava.isValid(this.filterICPBrasil, this.acceptExpiredCerts, this.cpf)) {
            throw new Exception("O certificado não é válido");
        }
        this.a1Cert = certInfoJava;
        this.certs.add(certInfoJava);
    }

    public CertInfoBase getA1Certificate() {
        return this.a1Cert;
    }

    static void fixAliases(KeyStore keyStore) throws Exception {
        try {
            Field declaredField = keyStore.getClass().getDeclaredField("keyStoreSpi");
            declaredField.setAccessible(true);
            KeyStoreSpi keyStoreSpi = (KeyStoreSpi) declaredField.get(keyStore);
            if ("sun.security.mscapi.KeyStore$MY".equals(keyStoreSpi.getClass().getName())) {
                Field declaredField2 = keyStoreSpi.getClass().getEnclosingClass().getDeclaredField("entries");
                declaredField2.setAccessible(true);
                for (Object obj : (Collection) declaredField2.get(keyStoreSpi)) {
                    Field declaredField3 = obj.getClass().getDeclaredField("certChain");
                    declaredField3.setAccessible(true);
                    String num = Integer.toString(((X509Certificate[]) declaredField3.get(obj))[0].hashCode());
                    Field declaredField4 = obj.getClass().getDeclaredField("alias");
                    declaredField4.setAccessible(true);
                    String str = (String) declaredField4.get(obj);
                    if (!str.equals(num)) {
                        declaredField4.set(obj, str.concat(" - ").concat(num));
                    }
                }
            }
        } catch (Exception e) {
            throw e;
        }
    }

    private boolean isWindows() {
        String lowerCase = System.getProperty("os.name").toLowerCase();
        System.out.println(lowerCase);
        return lowerCase.indexOf("win") >= 0;
    }

    public double windowsVersion() {
        String lowerCase = System.getProperty("os.name").toLowerCase();
        if (lowerCase.indexOf("windows xp") >= 0) {
            return 5.0d;
        }
        return Double.parseDouble(lowerCase.substring(lowerCase.indexOf(" ") + 1));
    }

    public String[] getCertNames() {
        if (this.certs.size() == 0) {
            return new String[0];
        }
        String[] strArr = new String[this.certs.size()];
        for (int i = 0; i < this.certs.size(); i++) {
            CertInfoBase certInfoBase = this.certs.get(i);
            System.out.println("lendo ~~> " + certInfoBase.getName());
            strArr[i] = certInfoBase.getName();
        }
        return strArr;
    }

    public static double getDHPublic(double d, double d2, double d3) {
        return Math.pow(d, d3) % d2;
    }

    public static double getDHSecret(double d, double d2, double d3) {
        return Math.pow(d, d3) % d2;
    }

    public boolean test(int i, int i2, int i3) {
        return (i == 2 || i == 5 || i2 == 2 || i2 == 5) ? false : true;
    }

    public static int getRSAN(int i, int i2) {
        return i * i2;
    }

    public static int getRSATotiente(int i, int i2) {
        return (i - 1) * (i2 - 1);
    }

    public static int getRSAPrivateKey(int i, int i2, int i3) {
        return ((i * i2) + 1) / i3;
    }

    public static int RSAencryptDecrypt(int i, int i2, int i3) {
        return BigInteger.valueOf(i).pow(i3).mod(BigInteger.valueOf(i2)).intValue();
    }

    public static void RSAencryptDecrypt(int[] iArr, int i, int i2) {
        for (int i3 = 0; i3 < iArr.length; i3++) {
            iArr[i3] = RSAencryptDecrypt(iArr[i3], i, i2);
        }
    }

    public static int SymEncryptDecrypt(int i, int i2) {
        return i ^ i2;
    }

    public static void SymEncryptDecrypt(int[] iArr, int[] iArr2) {
        for (int i = 0; i < iArr.length; i++) {
            iArr[i] = SymEncryptDecrypt(iArr[i], iArr2[i % iArr2.length]);
        }
    }

    public static String createSignature(Class<?>[] clsArr) throws InvalidKeyException, NoSuchAlgorithmException, SignatureException, IOException, InvalidKeySpecException {
        KeyPair rsaKeyPair = getRsaKeyPair(kpPrivate, kpPublic);
        byte[] classesHash = getClassesHash(clsArr);
        byte[] signSha1WithRsa = signSha1WithRsa(rsaKeyPair.getPrivate(), classesHash);
        if (!verifySha1WithRsa(rsaKeyPair.getPublic(), classesHash, signSha1WithRsa)) {
            System.out.println("Par de chaves inválidos !!!");
        }
        return toBase64(signSha1WithRsa).replaceAll("\r\n", "");
    }

    public static void verifyClassSignature(boolean z, String str, Class<?>[] clsArr) throws Exception {
        try {
            KeyPair rsaKeyPair = getRsaKeyPair(kpPrivate, kpPublic);
            byte[] classesHash = getClassesHash(clsArr);
            System.out.println("return \"" + toBase64(classesHash).replaceAll("\r\n", "") + "\";");
            if (!z) {
                if (!verifySha1WithRsa(rsaKeyPair.getPublic(), classesHash, fromBase64(str))) {
                    throw new Exception();
                }
            } else {
                if (new Date().after(new GregorianCalendar(2013, 0, 1, 0, 0, 0).getTime())) {
                    throw new Exception("A versão de debug expirou o prazo de validade");
                }
                System.out.println("Atenção !!! Uso restrito para modo de debug.");
            }
        } catch (Exception e) {
            System.out.println("### ERRO ### ... A integridade da API não pode ser comprovada ... Esta pode ser uma API falsa.\n### Abortando a API ###");
            System.exit(-1);
            throw e;
        }
    }

    private static byte[] getClassesHash(Class<?>[] clsArr) throws NoSuchAlgorithmException, IOException {
        byte[] bytes = "".getBytes();
        for (Class<?> cls : clsArr) {
            bytes = calcSha1(mergeBytes(bytes, calcSha1(getClassBytes(cls))));
        }
        return bytes;
    }

    private static byte[] mergeBytes(byte[] bArr, byte[] bArr2) {
        if (bArr == null) {
            return bArr2;
        }
        byte[] bArr3 = new byte[bArr.length + bArr2.length];
        int i = 0;
        for (byte b : bArr) {
            int i2 = i;
            i++;
            bArr3[i2] = b;
        }
        for (byte b2 : bArr2) {
            int i3 = i;
            i++;
            bArr3[i3] = b2;
        }
        return bArr3;
    }

    private static byte[] getClassBytes(Class<?> cls) throws IOException {
        InputStream resourceAsStream = cls.getClassLoader().getResourceAsStream(cls.getName().replaceAll("\\.", "/") + ".class");
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = new byte[4096];
        while (true) {
            int read = resourceAsStream.read(bArr);
            if (read == -1) {
                return byteArrayOutputStream.toByteArray();
            }
            byteArrayOutputStream.write(bArr, 0, read);
        }
    }

    public static byte[] calcSha1(byte[] bArr) throws NoSuchAlgorithmException {
        MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
        messageDigest.update(bArr);
        return messageDigest.digest();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] signSha1WithRsa(PrivateKey privateKey, byte[] bArr) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        Signature signature = Signature.getInstance(SHA1WithRSA);
        signature.initSign(privateKey);
        signature.update(bArr);
        return signature.sign();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean verifySha1WithRsa(PublicKey publicKey, byte[] bArr, byte[] bArr2) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        Signature signature = Signature.getInstance(SHA1WithRSA);
        signature.initVerify(publicKey);
        signature.update(bArr);
        return signature.verify(bArr2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] signSha256WithRsa(PrivateKey privateKey, byte[] bArr) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, NoSuchProviderException {
        Signature signature = (Pkcs11Basic.prov == null || !Pkcs11Basic.prov.getName().equals("SunPKCS11-Safesign")) ? Signature.getInstance(SHA256WithRSA) : Signature.getInstance(SHA256WithRSA, Pkcs11Basic.prov);
        signature.initSign(privateKey);
        signature.update(bArr);
        return signature.sign();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean verifySha256WithRsa(PublicKey publicKey, byte[] bArr, byte[] bArr2) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        Signature signature = Signature.getInstance(SHA256WithRSA);
        signature.initVerify(publicKey);
        signature.update(bArr);
        return signature.verify(bArr2);
    }

    private static KeyPair getRsaKeyPair(String str, String str2) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException {
        KeyPair keyPair;
        if (str == null) {
            keyPair = generateRsaKeyPair();
            System.out.println("private static String kpPrivate=\"" + toBase64(keyPair.getPrivate().getEncoded()).replaceAll("\r\n", "") + "\";");
            System.out.println("private static String kpPublic=\"" + toBase64(keyPair.getPublic().getEncoded()).replaceAll("\r\n", "") + "\";");
        } else {
            KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            keyPair = new KeyPair(keyFactory.generatePublic(new X509EncodedKeySpec(fromBase64(str2))), keyFactory.generatePrivate(new PKCS8EncodedKeySpec(fromBase64(str))));
        }
        return keyPair;
    }

    private static KeyPair generateRsaKeyPair() throws NoSuchAlgorithmException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(1024);
        return keyPairGenerator.generateKeyPair();
    }

    public static String toBase64(byte[] bArr) {
        throw new Error();
    }

    public static byte[] fromBase64(String str) throws IOException {
        throw new Error();
    }

    public static String readFromUrlAndBase64(String str) {
        String replaceAll = str.replaceAll("#", "\\%");
        if (replaceAll.indexOf("%") >= 0) {
            replaceAll = replaceAll.replaceAll("\\+", "#").replaceAll("%0D%0A", "").replaceAll("%0d%0a", "").replaceAll("%0D", "").replaceAll("%0d", "").replaceAll("%0A", "").replaceAll("%0a", "").replaceAll("%2B", "+").replaceAll("%2b", "+").replaceAll("%2F", "/").replaceAll("%2f", "/").replaceAll("%2C", ",").replaceAll("%2c", ",").replaceAll("%3D", "=").replaceAll("%3d", "=").replaceAll("%20", " ").replaceAll("#", "\\+");
        }
        return replaceAll;
    }

    public void downloadCancel() {
        if (this.downloadThread == null || !this.downloadThread.isAlive()) {
            return;
        }
        this.downloadThread.interrupt();
    }

    public int getDownloadedBytes() {
        return this.df.getBytesDownload();
    }

    public String getDownloadedError() {
        return this.df != null ? this.df.error : "";
    }

    public void downloadUrl(String str, String str2) {
        this.df = new DownloadFile();
        this.df.fileName = str2;
        this.df.url = str;
        System.out.println("downloadUrl2:" + str + "-->" + str2);
        this.downloadThread = new Thread(this.df, "Download Thread");
        this.downloadThread.start();
    }

    public boolean isCompleted() {
        if (this.df == null) {
            return true;
        }
        return this.df.completed;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void trace(String str) {
        if (AppletICPBravoSignBytes._trace) {
            System.out.println(str);
        }
    }

    public Boolean diretoryTestAndCreate(final String str) throws Exception {
        try {
            return (Boolean) AccessController.doPrivileged(new PrivilegedExceptionAction<Boolean>() { // from class: br.com.oaks.ICPBravo.appletMini.ICPBravoBasic.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public Boolean run() throws Exception {
                    File file = new File(str);
                    ICPBravoBasic.this.trace("Check if exists directory: " + str);
                    if (!file.exists()) {
                        ICPBravoBasic.this.trace("Creating directory: " + str);
                        if (!file.mkdir()) {
                            ICPBravoBasic.this.trace("Directory not created");
                            return false;
                        }
                        ICPBravoBasic.this.trace("Directory created");
                    }
                    return true;
                }
            });
        } catch (PrivilegedActionException e) {
            logError(e);
            trace("DownloadFile.run.PrivilegedActionException:" + e.getMessage());
            return false;
        }
    }

    public boolean showA1ImportDialog() throws Exception {
        A1CertGUI a1CertGUI = new A1CertGUI();
        if (!a1CertGUI.createGui()) {
            return false;
        }
        try {
            loadA1Certificate(a1CertGUI.getCertFile(), a1CertGUI.getPin());
            return true;
        } catch (Exception e) {
            throw new Exception("Não foi possivel carregar o certificado, verifique o arquivo .pfx e o seu PIN!");
        }
    }
}
