package com.atexo.serveurSignature;

import com.atexo.serveurCryptographique.utilitaire.BouncyCaslteHandler;
import com.atexo.serveurCryptographique.utilitaire.I18nUtil;
import com.atexo.serveurCryptographique.utilitaire.TypeProvider;
import com.atexo.serveurCryptographique.utilitaire.Util;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Collection;
import java.util.Date;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
import javax.security.auth.x500.X500Principal;
import net.iharder.Base64;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import sun.security.x509.AlgorithmId;
import sun.security.x509.CertificateAlgorithmId;
import sun.security.x509.CertificateIssuerName;
import sun.security.x509.CertificateSerialNumber;
import sun.security.x509.CertificateSubjectName;
import sun.security.x509.CertificateValidity;
import sun.security.x509.CertificateVersion;
import sun.security.x509.CertificateX509Key;
import sun.security.x509.X500Name;
import sun.security.x509.X509CertImpl;
import sun.security.x509.X509CertInfo;

/* loaded from: input_file:com/atexo/serveurSignature/CertificatUtil.class */
public abstract class CertificatUtil {
    public static final String CHAINE_CERTIFICAT_BASE64 = "MIIFYjCCA0qgAwIBAgIBATANBgkqhkiG9w0BAQsFADBrMQswCQYDVQQGEwJGUjEOMAwGA1UEBxMFUEFSSVMxDjAMBgNVBAoTBUFURVhPMRYwFAYDVQQLEw1BVEVYTyBBQyBERU1PMSQwIgYDVQQDExtBVEVYTyBBQyBERU1PIC0gRW50cmVwcmlzZXMwHhcNMTMwNDE3MTkxNzU3WhcNMTYwNDE3MTkxNzU3WjCBlDELMAkGA1UEBhMCRlIxDjAMBgNVBAoTBUFURVhPMSYwJAYDVQQLEx1NQVJDSEVTIFBVQkxJQ1MgRUxFQ1RST05JUVVFUzEXMBUGA1UEAxMOQ2hhcmxlcyBDSVZFVEUxFzAVBgNVBCkTDkNoYXJsZXMgQ0lWRVRFMRswGQYJKoZIhvcNAQkBFgxjY0BhdGV4by5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDovtQHb+g22rU1S+BIdnfIdDF+XZgV7RdRMPzBjTFqQFxWVCa9lZx/OWLqBnUgB9J/9CzYPW5bpG55UUlkCbe66iFGIdLCMKIk4WOlWmxz4Zq0Pphr/Np4rS0UKLFh170r01ezmlRvlFesmYDI/XIVnjo8v+VGdoyiSzgqo2WgtonklTGkfePpUGllMMAp3v0rLJOe55bWFTnXSl85ndzZyIr4XL6VA1y6ev/LCxqYPzZKFMgbRZB13Nb6CDRF8hJWa0hEA2w3t6xvLYZ+4oKu8A5+WXEIo35baWaAPgxH9H5GbOmWnCxzs7+0luV5GdejEWgV+xpL2+rMbMzngjzjAgMBAAGjgeYwgeMwCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBsAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMB0GA1UdDgQWBBSD4uxZAuEc8eAIhQEWcwZNdujmQjAfBgNVHSMEGDAWgBSNms8QxETmT9eP+6SW/mqMyrFsZTBOBgNVHR8ERzBFMEOgQaA/hj1odHRwczovL3BraS5sb2NhbC10cnVzdC5jb20vY3JsL0FURVhPX0FDX0RFTU8tRW50cmVwcmlzZXMuY3JsMBcGA1UdEQQQMA6BDGNjQGF0ZXhvLmNvbTANBgkqhkiG9w0BAQsFAAOCAgEAj8KSlFQ37eDMNxfTmyjG+845i3ucT4dua6HvW3jJWHCwzqCB6dV/0zMzGN5CabE8qnBp1Sv8E3N+JH0VzCG1uPHtfQ1un3ydGYf7c/+hUmLGq0GRc/dDIqjS8VocHQ71GM60YrS0mp0brXJMbUr4TxU0elV760Uvr0l2a3Mu8yZ8x/NwSEoLTPZiTWCwwuA2l2Qk2e4XeGKpyRsYLZmXkYdSGveag/9Y0/gAfAoApLozYhbCaSIZuyPKLjHQa1LfuGL881xxsNlVx4d6JckM2k1Krzs2PaShAMNwONJgUA1aJdGIoDmjYuO9oAiAL1bvZEj3YHXUvHFiTlKP/87kCinS6EHulWq7mEZdMzqcSJUJGpR09Tr51NdwnQI97Pa+ASoPdGeFOjENyFzYLD9XbOqy523/Ok0tlVoBhjIjaokg2Ov60QYMShO8ynDukX0h3iqx3MYu6RpTGaIJBZw75oLHshrrP4Ojzt5bNjRpPw/GKrAbpxO6IpjgiJXVRdtc6hfqOZxAgWGJ5wL6LgAk+fGvC8X5PmsEDhtGuCYxj3FjxL+OG7pSS6/kz2678asbcC8U+qwfAqdJWtdj1s7eBHbgw6Qn9wpX4UPJS8t85DBVvU4z+p7dTToHbghqic/zm7z7ymWshFqlLeTb1jFtjTRXat2TRfhfGANBN78H8pI=";
    private static final String CHAINE_CLEF_PRIVEE_BASE64 = "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDovtQHb+g22rU1S+BIdnfIdDF+XZgV7RdRMPzBjTFqQFxWVCa9lZx/OWLqBnUgB9J/9CzYPW5bpG55UUlkCbe66iFGIdLCMKIk4WOlWmxz4Zq0Pphr/Np4rS0UKLFh170r01ezmlRvlFesmYDI/XIVnjo8v+VGdoyiSzgqo2WgtonklTGkfePpUGllMMAp3v0rLJOe55bWFTnXSl85ndzZyIr4XL6VA1y6ev/LCxqYPzZKFMgbRZB13Nb6CDRF8hJWa0hEA2w3t6xvLYZ+4oKu8A5+WXEIo35baWaAPgxH9H5GbOmWnCxzs7+0luV5GdejEWgV+xpL2+rMbMzngjzjAgMBAAECggEAcX91eDb7P5zB1z6sHcofuZHn/N55Zt/aig5gg6Zt3YmLPdIFnlgSG/yJHuSNQ1RtM1aIc97pLSlvchvQtUcD4NOB7GhcFbSPrXp4FE+XKZ9vyMvpmmeQxl506Cq77aG+L1v9naj52fu2EYY9xkXJ1370mWFe1lDDXfVea3SI/6h2Rcrhd63eoF7Wz7xYTPNdWmRGFXW2kt/FTWteETlXihVYHEVKyiOqcrklVVrv2n4gqXwkHLMXUlpCP5/Cwb7CRv3L0sFTUuG5Hk+kPgA/XHtPLRjY0VVsbyDmDOB/hiilYGq+epAbMZJqISAKunTDGNEScK2NEM7cEu6rHbk0eQKBgQD7HMzHcYTwQ2zuXHaOopPxbJ60xZs0u7/f9hXiL2MYnqa06hmW+WVj+cuY0oPdimIiyaGOJPpIvd877wHSeDZYcHCTZRYlYvDi/Y56Y6uVY3ovkENxaHo1cCCnyeC7uY7cudoe4eIThPfOrtpVxKAgmtyzhVONVECwxPmG/LZTPwKBgQDtRoMTb3qzFVb0gVAEY2bfAD/UqXJaAf7Wvf6bhbRZI2w3yLS7VGb149A8YFCps7Ez5ftU/3z70WL0ZgNwcT4gA+OZMODwtAGS/2/YrN6H4QXPWtVErj/X9kFsEoCOfo0kMi026gXFtWAzzLXLOaqKhbu9g7fON0fRFpuWoB1BXQKBgQDkSKNVsTq0nedaro5NTzmFokSJfJeDkid1+Cae0IubJyfQkn2fBa0J/V382Wxtq89ZZspLCgzKsmpN9xNF/mkRb264YI6IgHETOoUbeJ7VGXFL6i+V2vA2wm+9ecangqKAwSitKJa5Pgl2SPlOPYmA+qgnP87cTbrduMRL1lP+SwKBgFZmLqSNG2jKhHdT/wcaCwN428VcTj9oKpuXY3bOIPW0aFuHwgfUnAk9gz349GZXAFedjv9MaP5pKFdGLkprcevGfsHxgncjlM8qJFgJ2p4v2iW/NZlkueqxyPDJa/Z3Ln3Xp48veBqeCQHTsP7naKo4ODyyEeQNTSFd0hnvA7ghAoGBAIRyhMMXLLuqjvPcDnXsN0BsCb+2NJ/ILcY19kVhYe+R8U8zYr+PVI33reqTSGdlMHKhzhZZKK99hLwhpLpZssJ+FoJOkTktzS/GMQeaGI6Dj4hGtKs2qI37cWjjduMTlZgP2zgWNaT0FJIngUxiaL1ssrCTjlOG+tvIzkk3DmWC";
    private static final Logger logger = LoggerFactory.getLogger(CertificatUtil.class);
    public static String[] KEY_USAGE_FLAG_NAMES = {"digitalSignature", "nonRepudiation", "keyEncipherment", "dataEncipherment", "keyAgreement", "keyCertSign", "cRLSign", "encipherOnly", "decipherOnly"};
    private static final BouncyCastleProvider PROVIDER = new BouncyCastleProvider();

    /* loaded from: input_file:com/atexo/serveurSignature/CertificatUtil$TypeCertificat.class */
    public enum TypeCertificat {
        SignatureElectronique("SIGNATURE_NUMERIQUE"),
        Chiffrement("CHIFFREMENT"),
        Authentification("AUTHENTIFICATION");

        private String labelKey;

        TypeCertificat(String str) {
            this.labelKey = str;
        }

        public String getLabelKey() {
            return this.labelKey;
        }
    }

    public static X509Certificate generateCertificate(String str, KeyPair keyPair, int i, String str2) throws GeneralSecurityException, IOException {
        PrivateKey privateKey = keyPair.getPrivate();
        X509CertInfo x509CertInfo = new X509CertInfo();
        Date date = new Date();
        CertificateValidity certificateValidity = new CertificateValidity(date, new Date(date.getTime() + (i * 86400000)));
        BigInteger bigInteger = new BigInteger(64, new SecureRandom());
        X500Name x500Name = new X500Name(str);
        x509CertInfo.set("validity", certificateValidity);
        x509CertInfo.set("serialNumber", new CertificateSerialNumber(bigInteger));
        x509CertInfo.set("subject", new CertificateSubjectName(x500Name));
        x509CertInfo.set("issuer", new CertificateIssuerName(x500Name));
        x509CertInfo.set("key", new CertificateX509Key(keyPair.getPublic()));
        x509CertInfo.set("version", new CertificateVersion(2));
        x509CertInfo.set("algorithmID", new CertificateAlgorithmId(new AlgorithmId(AlgorithmId.md5WithRSAEncryption_oid)));
        X509CertImpl x509CertImpl = new X509CertImpl(x509CertInfo);
        x509CertImpl.sign(privateKey, str2);
        x509CertInfo.set("algorithmID.algorithm", (AlgorithmId) x509CertImpl.get("x509.algorithm"));
        X509CertImpl x509CertImpl2 = new X509CertImpl(x509CertInfo);
        x509CertImpl2.sign(privateKey, str2);
        return x509CertImpl2;
    }

    public static X509Certificate getFromP12(String str, String str2) {
        X509Certificate x509Certificate = null;
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12", (Provider) PROVIDER);
            keyStore.load(CertificatUtil.class.getClassLoader().getResourceAsStream(str), str2.toCharArray());
            Enumeration<String> aliases = keyStore.aliases();
            String str3 = null;
            if (aliases.hasMoreElements()) {
                str3 = aliases.nextElement();
            }
            x509Certificate = (X509Certificate) keyStore.getCertificate(str3);
        } catch (IOException e) {
            logger.error("", e.fillInStackTrace());
        } catch (KeyStoreException e2) {
            logger.error("", e2.fillInStackTrace());
        } catch (NoSuchAlgorithmException e3) {
            logger.error("", e3.fillInStackTrace());
        } catch (CertificateException e4) {
            logger.error("", e4.fillInStackTrace());
        }
        return x509Certificate;
    }

    public static PrivateKey getPrivateKeyFromP12(String str, String str2) {
        ClassLoader classLoader = CertificatUtil.class.getClassLoader();
        PrivateKey privateKey = null;
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12", (Provider) PROVIDER);
            keyStore.load(classLoader.getResourceAsStream(str), str2.toCharArray());
            Enumeration<String> aliases = keyStore.aliases();
            String str3 = null;
            if (aliases.hasMoreElements()) {
                str3 = aliases.nextElement();
            }
            privateKey = (PrivateKey) keyStore.getKey(str3, str2.toCharArray());
        } catch (IOException e) {
            logger.error("", e.fillInStackTrace());
        } catch (KeyStoreException e2) {
            logger.error("", e2.fillInStackTrace());
        } catch (NoSuchAlgorithmException e3) {
            logger.error("", e3.fillInStackTrace());
        } catch (UnrecoverableKeyException e4) {
            logger.error("", e4.fillInStackTrace());
        } catch (CertificateException e5) {
            logger.error("", e5.fillInStackTrace());
        }
        return privateKey;
    }

    public static String getCN(Principal principal) {
        if (principal == null) {
            return null;
        }
        for (String str : principal.toString().split(",")) {
            String trim = str.trim();
            if (trim.startsWith("CN=")) {
                return trim.substring(3);
            }
        }
        return null;
    }

    public static X509Certificate getX509Certificate(String str) throws IOException, CertificateException {
        if (str == null) {
            return null;
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.decode(str.replaceAll("-----BEGIN CERTIFICATE-----", "").replaceAll("-----END CERTIFICATE-----", "").replaceAll("\n", "").replaceAll("\r", "")));
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
        byteArrayInputStream.close();
        return x509Certificate;
    }

    public static String reconstuireChaineDeCertificat(X509Certificate x509Certificate) throws CertificateEncodingException {
        return getCN(x509Certificate.getIssuerX500Principal()).replaceAll(":", "_").replaceAll(" ", "_").replaceAll("-", "_") + "_" + Util.formaterDate(x509Certificate.getNotAfter(), "yyyy-MM-dd HH:mm:ss").replaceAll(":", "_").replaceAll(" ", "_").replaceAll("-", "_") + "_" + getCN(x509Certificate.getSubjectX500Principal()).replaceAll(":", "_").replaceAll(" ", "_").replaceAll("-", "_") + "|" + new String(Base64.encodeBytes(x509Certificate.getEncoded())) + "##";
    }

    public static boolean isValideDate(X509Certificate x509Certificate) {
        return x509Certificate.getNotAfter().after(new Date());
    }

    public static boolean isUtilisablePourAuthentification(X509Certificate x509Certificate) {
        return x509Certificate.getKeyUsage() != null && (x509Certificate.getKeyUsage()[0] || x509Certificate.getKeyUsage()[1]);
    }

    public static boolean isUtilisablePourSignatureElectronique(X509Certificate x509Certificate) {
        return x509Certificate.getKeyUsage() != null && (x509Certificate.getKeyUsage()[0] || x509Certificate.getKeyUsage()[1]);
    }

    public static boolean isUtilisablePourChiffrement(X509Certificate x509Certificate) {
        return x509Certificate.getKeyUsage() != null && (x509Certificate.getKeyUsage()[2] || x509Certificate.getKeyUsage()[3]);
    }

    public static boolean isConformite(X509Certificate x509Certificate) {
        return (x509Certificate.getKeyUsage() == null || !x509Certificate.getKeyUsage()[1] || x509Certificate.getKeyUsage()[2] || x509Certificate.getKeyUsage()[3] || x509Certificate.getKeyUsage()[4] || x509Certificate.getKeyUsage()[5] || x509Certificate.getKeyUsage()[6] || x509Certificate.getKeyUsage()[7] || x509Certificate.getKeyUsage()[8]) ? false : true;
    }

    public static String getUtilisablePour(X509Certificate x509Certificate, boolean z) {
        StringBuilder sb = new StringBuilder();
        if (x509Certificate.getKeyUsage() != null) {
            boolean[] keyUsage = x509Certificate.getKeyUsage();
            for (int i = 0; i < keyUsage.length; i++) {
                if (keyUsage[i]) {
                    if (sb.length() != 0) {
                        sb.append(", ");
                    }
                    if (z) {
                        sb.append(I18nUtil.get("keyUsage_" + KEY_USAGE_FLAG_NAMES[i]));
                    } else {
                        sb.append(KEY_USAGE_FLAG_NAMES[i]);
                    }
                }
            }
        }
        return sb.toString();
    }

    public static com.atexo.serveurCryptographique.utilitaire.KeyPair getKeyPairTestChiffrement() throws IOException, CertificateException, NoSuchProviderException, NoSuchAlgorithmException, InvalidKeySpecException {
        BouncyCaslteHandler.verifierPresenceEtRecupererProvider();
        return new com.atexo.serveurCryptographique.utilitaire.KeyPair(getX509Certificate(CHAINE_CERTIFICAT_BASE64), KeyFactory.getInstance("RSA", TypeProvider.BC.getType()).generatePrivate(new PKCS8EncodedKeySpec(Base64.decode(CHAINE_CLEF_PRIVEE_BASE64))), TypeProvider.BC);
    }

    public static InfosVerificationCertificat extraireInformations(X509Certificate x509Certificate, InfosVerificationCertificat infosVerificationCertificat) throws CertificateParsingException {
        X500Principal subjectX500Principal = x509Certificate.getSubjectX500Principal();
        infosVerificationCertificat.setSignatairePartiel(getCN(subjectX500Principal));
        infosVerificationCertificat.setSignataireComplet(subjectX500Principal.toString());
        X500Principal issuerX500Principal = x509Certificate.getIssuerX500Principal();
        infosVerificationCertificat.setEmetteur(issuerX500Principal.toString());
        infosVerificationCertificat.setSerialNumber(x509Certificate.getSerialNumber().toString());
        infosVerificationCertificat.setDateValiditeDu(Util.creerISO8601DateTime(x509Certificate.getNotBefore()));
        infosVerificationCertificat.setDateValiditeAu(Util.creerISO8601DateTime(x509Certificate.getNotAfter()));
        infosVerificationCertificat.setPeriodiciteValide(Boolean.valueOf(Util.isDateCompriseEntre(new Date(), x509Certificate.getNotBefore(), x509Certificate.getNotAfter())));
        infosVerificationCertificat.setSignataireDetails(getObjectNaming(subjectX500Principal.toString(), x509Certificate.getSubjectAlternativeNames()));
        infosVerificationCertificat.setEmetteurDetails(getObjectNaming(issuerX500Principal.toString(), x509Certificate.getSubjectAlternativeNames()));
        return infosVerificationCertificat;
    }

    public static ObjectNaming getObjectNaming(String str, Collection<List<?>> collection) {
        Iterator<List<?>> it;
        List<?> next;
        ObjectNaming objectNaming = new ObjectNaming();
        if (collection != null && (it = collection.iterator()) != null && (next = it.next()) != null && (next.get(1) instanceof String)) {
            objectNaming.setAlternativeName((String) next.get(1));
        }
        try {
            for (Rdn rdn : new LdapName(str).getRdns()) {
                String type = rdn.getType();
                String obj = rdn.getValue().toString();
                if (type.equalsIgnoreCase("CN")) {
                    if (objectNaming.getCn() != null) {
                        objectNaming.setCn(objectNaming.getCn() + ", " + obj);
                    } else {
                        objectNaming.setCn(obj);
                    }
                } else if (type.equalsIgnoreCase("T")) {
                    if (objectNaming.getT() != null) {
                        objectNaming.setT(objectNaming.getT() + ", " + obj);
                    } else {
                        objectNaming.setT(obj);
                    }
                } else if (type.equalsIgnoreCase("OU")) {
                    if (objectNaming.getOu() != null) {
                        objectNaming.setOu(objectNaming.getOu() + ", " + obj);
                    } else {
                        objectNaming.setOu(obj);
                    }
                } else if (type.equalsIgnoreCase("E")) {
                    if (objectNaming.getE() != null) {
                        objectNaming.setE(objectNaming.getE() + ", " + obj);
                    } else {
                        objectNaming.setE(obj);
                    }
                } else if (type.equalsIgnoreCase("O")) {
                    if (objectNaming.getO() != null) {
                        objectNaming.setO(objectNaming.getO() + ", " + obj);
                    } else {
                        objectNaming.setO(obj);
                    }
                } else if (type.equalsIgnoreCase("C")) {
                    if (objectNaming.getC() != null) {
                        objectNaming.setC(type.equals("C") + ", " + obj);
                    } else {
                        objectNaming.setC(obj);
                    }
                }
            }
        } catch (InvalidNameException e) {
            logger.error("Probleme a la lecture du certificat", e.fillInStackTrace());
        }
        return objectNaming;
    }
}
