package fr.legicloud.connector.launcher;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;

/* loaded from: input_file:fr/legicloud/connector/launcher/SslUtil.class */
public class SslUtil {
    private static final String CACERTS_PATH = "/lib/security/cacerts";
    private static final String CACERTS_PASSWORD = "changeit";
    private static final String LEGICLOUD_KEYSTORE_FILE_PATH = UpdateControler.LEGICLOUD_CONFIG_FILE_FOLDER_PATH + File.separator + "legicloudks";
    private static boolean certValidated = false;

    public static void ensureStartSSLCert(String str, int i) {
        if (certValidated) {
            return;
        }
        Boolean isCertificateValid = isCertificateValid(str, i);
        if (isCertificateValid != null && isCertificateValid.booleanValue()) {
            System.out.println("Application confirmed certificate is OK");
            certValidated = true;
            return;
        }
        if (isCertificateValid == null || isCertificateValid.booleanValue()) {
            System.out.println("It was impossible to validate oif the certificate was ok");
            return;
        }
        try {
            System.out.println("Start ensureStartSSLCert");
            if (System.getProperty("javax.net.ssl.trustStore") == null) {
                ensureSslCertIsInKeystore("DST Root CA X3", SslUtil.class.getResourceAsStream("/CA.pem"));
            }
        } catch (Exception e) {
            System.out.println("Impossible to add StartSsl CA cert");
            e.printStackTrace();
        }
        System.out.println("End ensureStartSSLCert final property is " + System.getProperty("javax.net.ssl.trustStore"));
    }

    public static void ensureSslCertIsInKeystore(String str, InputStream inputStream) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        File file = new File(System.getProperty("java.home") + CACERTS_PATH);
        if (!file.exists()) {
            throw new FileNotFoundException(file.getAbsolutePath());
        }
        FileInputStream fileInputStream = new FileInputStream(file);
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(fileInputStream, CACERTS_PASSWORD.toCharArray());
        fileInputStream.close();
        Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(inputStream);
        inputStream.close();
        String certificateAlias = keyStore.getCertificateAlias(generateCertificate);
        if (certificateAlias != null) {
            System.out.println("Certificate found, with alias " + certificateAlias);
            return;
        }
        keyStore.setCertificateEntry(str, generateCertificate);
        File file2 = new File(LEGICLOUD_KEYSTORE_FILE_PATH);
        System.out.println(str + " not found, inserting it in " + file2.getPath());
        FileOutputStream fileOutputStream = new FileOutputStream(file2);
        keyStore.store(fileOutputStream, CACERTS_PASSWORD.toCharArray());
        fileOutputStream.close();
        System.setProperty("javax.net.ssl.trustStore", file2.getAbsolutePath());
    }

    public static Boolean isCertificateValid(String str, int i) {
        Boolean bool;
        try {
            SSLSocket sSLSocket = (SSLSocket) ((SSLSocketFactory) SSLSocketFactory.getDefault()).createSocket(str, i);
            InputStream inputStream = sSLSocket.getInputStream();
            sSLSocket.getOutputStream().write(1);
            while (inputStream.available() > 0) {
                inputStream.read();
            }
            System.out.println("Connextion test success");
            bool = true;
            sSLSocket.close();
        } catch (Exception e) {
            if (e.getMessage().contains("valid certification")) {
                System.out.println("Fail in connexion due to certificate ");
                bool = false;
            } else {
                bool = null;
            }
            System.out.println("Soccket testing connexion raised error");
            e.printStackTrace();
        }
        return bool;
    }
}
