package org.nhindirect.config.store.util;

import java.security.cert.X509Certificate;
import java.sql.Timestamp;
import org.nhindirect.common.crypto.KeyStoreProtectionManager;
import org.nhindirect.config.model.exceptions.CertificateConversionException;
import org.nhindirect.config.model.utils.CertUtils;
import org.nhindirect.config.store.Certificate;
import org.nhindirect.config.store.EntityStatus;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/nhindirect/config/store/util/CertificateUtils.class */
public class CertificateUtils {
    private static final Logger log = LoggerFactory.getLogger(CertificateUtils.class);

    public static Certificate stripP12Protection(Certificate certificate, KeyStoreProtectionManager keyStoreProtectionManager) {
        log.debug("Attempting to strip p12 protection for certificate with id {}", certificate.getId());
        if (certificate.isPrivateKey() && keyStoreProtectionManager != null) {
            log.debug("isPrivateKey = true ");
            char[] charArray = "".toCharArray();
            try {
                log.debug("Attempting to convert to a container that is wrapped");
                if (CertUtils.toCertContainer(certificate.getData()) != null) {
                    return certificate;
                }
            } catch (CertificateConversionException e) {
                log.trace("CertificateConversionException error when converting wrapped data.", e);
            } catch (Throwable th) {
                log.debug("Throwable error when converting wrapped data.", th);
            }
            log.debug("Appears to not be wrapped.  Attempting to convert by changing p12 protection.");
            try {
                certificate.setData(CertUtils.changePkcs12Protection(certificate.getData(), new String(keyStoreProtectionManager.getKeyStoreProtectionKey().getEncoded()).toCharArray(), new String(keyStoreProtectionManager.getKeyStoreProtectionKey().getEncoded()).toCharArray(), charArray, charArray));
            } catch (Exception e2) {
                throw new RuntimeException("Error stripping P12 protection data", e2);
            }
        }
        return certificate;
    }

    public static Certificate applyCertRepositoryAttributes(Certificate certificate, KeyStoreProtectionManager keyStoreProtectionManager) {
        CertUtils.CertContainer certContainer = null;
        X509Certificate x509Certificate = null;
        try {
            certContainer = CertUtils.toCertContainer(certificate.getData());
            x509Certificate = certContainer.getCert();
        } catch (Exception e) {
        }
        if (certificate.getValidStartDate() == null && x509Certificate != null) {
            certificate.setValidStartDate(new Timestamp(x509Certificate.getNotBefore().getTime()).toLocalDateTime());
        }
        if (certificate.getValidEndDate() == null && x509Certificate != null) {
            certificate.setValidEndDate(new Timestamp(x509Certificate.getNotAfter().getTime()).toLocalDateTime());
        }
        if (certificate.getStatus() < 0) {
            certificate.setStatus(EntityStatus.NEW.ordinal());
        }
        certificate.setPrivateKey((certContainer == null || (certContainer.getKey() == null && certContainer.getWrappedKeyData() == null)) ? false : true);
        if (certificate.isPrivateKey() && keyStoreProtectionManager != null && certContainer.getKey() != null) {
            try {
                certificate.setRawData(CertUtils.changePkcs12Protection(certificate.getData(), "".toCharArray(), "".toCharArray(), new String(keyStoreProtectionManager.getKeyStoreProtectionKey().getEncoded()).toCharArray(), new String(keyStoreProtectionManager.getPrivateKeyProtectionKey().getEncoded()).toCharArray()));
            } catch (Exception e2) {
                throw new RuntimeException("Error converting P12 to encrypted/protected format", e2);
            }
        }
        return certificate;
    }
}
