package com.axelor.apps.account.ebics.certificate;

import com.axelor.apps.account.db.EbicsUser;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.Date;
import org.apache.xml.security.Init;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: input_file:com/axelor/apps/account/ebics/certificate/CertificateManager.class */
public class CertificateManager {
    private X509Generator generator = new X509Generator();
    private EbicsUser user;
    private X509Certificate a005Certificate;
    private X509Certificate e002Certificate;
    private X509Certificate x002Certificate;
    private PrivateKey a005PrivateKey;
    private PrivateKey x002PrivateKey;
    private PrivateKey e002PrivateKey;

    public CertificateManager(EbicsUser ebicsUser) {
        this.user = ebicsUser;
    }

    public void create() throws GeneralSecurityException, IOException {
        Calendar calendar = Calendar.getInstance();
        calendar.add(6, X509Constants.DEFAULT_DURATION);
        Init.init();
        Security.addProvider(new BouncyCastleProvider());
        createA005Certificate(new Date(calendar.getTimeInMillis()));
        createX002Certificate(new Date(calendar.getTimeInMillis()));
        createE002Certificate(new Date(calendar.getTimeInMillis()));
        setUserCertificates();
    }

    private void setUserCertificates() {
        this.user.setA005Certificate(this.a005Certificate.toString());
        this.user.setX002Certificate(this.x002Certificate.toString());
        this.user.setE002Certificate(this.e002Certificate.toString());
        this.user.setA005PrivateKey(this.a005PrivateKey.toString());
        this.user.setX002PrivateKey(this.x002PrivateKey.toString());
        this.user.setE002PrivateKey(this.e002PrivateKey.toString());
    }

    public void createA005Certificate(Date date) throws GeneralSecurityException, IOException {
        KeyPair makeKeyPair = KeyUtil.makeKeyPair(X509Constants.EBICS_KEY_SIZE);
        this.a005Certificate = this.generator.generateA005Certificate(makeKeyPair, this.user.getDn(), new Date(), date);
        this.a005PrivateKey = makeKeyPair.getPrivate();
    }

    public void createX002Certificate(Date date) throws GeneralSecurityException, IOException {
        KeyPair makeKeyPair = KeyUtil.makeKeyPair(X509Constants.EBICS_KEY_SIZE);
        this.x002Certificate = this.generator.generateX002Certificate(makeKeyPair, this.user.getDn(), new Date(), date);
        this.x002PrivateKey = makeKeyPair.getPrivate();
    }

    public void createE002Certificate(Date date) throws GeneralSecurityException, IOException {
        KeyPair makeKeyPair = KeyUtil.makeKeyPair(X509Constants.EBICS_KEY_SIZE);
        this.e002Certificate = this.generator.generateE002Certificate(makeKeyPair, this.user.getDn(), new Date(), date);
        this.e002PrivateKey = makeKeyPair.getPrivate();
    }

    public void save(String str) throws GeneralSecurityException, IOException {
        writePKCS12Certificate(str + "/" + this.user.getUserId(), this.user.getPassword().toCharArray());
    }

    public void load(String str) throws GeneralSecurityException, IOException {
        KeyStoreManager keyStoreManager = new KeyStoreManager();
        keyStoreManager.load(str, this.user.getPassword().toCharArray());
        this.a005Certificate = keyStoreManager.getCertificate(this.user.getUserId() + "-A005");
        this.x002Certificate = keyStoreManager.getCertificate(this.user.getUserId() + "-X002");
        this.e002Certificate = keyStoreManager.getCertificate(this.user.getUserId() + "-E002");
        this.a005PrivateKey = keyStoreManager.getPrivateKey(this.user.getUserId() + "-A005");
        this.x002PrivateKey = keyStoreManager.getPrivateKey(this.user.getUserId() + "-X002");
        this.e002PrivateKey = keyStoreManager.getPrivateKey(this.user.getUserId() + "-E002");
        setUserCertificates();
    }

    public void writePKCS12Certificate(String str, char[] cArr) throws GeneralSecurityException, IOException {
        if (str == null || "".equals(str)) {
            throw new IOException("The file name cannot be empty");
        }
        if (!str.toLowerCase().endsWith(".p12")) {
            str = str + ".p12";
        }
        FileOutputStream fileOutputStream = new FileOutputStream(str);
        writePKCS12Certificate(cArr, fileOutputStream);
        fileOutputStream.close();
    }

    public void writePKCS12Certificate(char[] cArr, OutputStream outputStream) throws GeneralSecurityException, IOException {
        KeyStore keyStore = KeyStore.getInstance("PKCS12", (Provider) new BouncyCastleProvider());
        keyStore.load(null, null);
        keyStore.setKeyEntry(this.user.getUserId() + "-A005", this.a005PrivateKey, cArr, new X509Certificate[]{this.a005Certificate});
        keyStore.setKeyEntry(this.user.getUserId() + "-X002", this.x002PrivateKey, cArr, new X509Certificate[]{this.x002Certificate});
        keyStore.setKeyEntry(this.user.getUserId() + "-E002", this.e002PrivateKey, cArr, new X509Certificate[]{this.e002Certificate});
        keyStore.store(outputStream, cArr);
    }
}
