package com.xk72.charles.gui.settings;

import com.xk72.charles.CharlesContext;
import com.xk72.charles.gui.CharlesFrame;
import com.xk72.charles.gui.lib.AbstractRowsTableModel;
import com.xk72.charles.gui.lib.BetterTextArea;
import com.xk72.charles.gui.lib.FormUtils;
import com.xk72.charles.gui.lib.TableUtils;
import com.xk72.charles.gui.lib.UIUtils;
import com.xk72.charles.gui.settings.SettingsDialog;
import com.xk72.charles.ssl.SSLCertificateStore;
import com.xk72.proxy.http2.Http2ProxyHandler;
import java.awt.Component;
import java.awt.Dialog;
import java.awt.Dimension;
import java.awt.GridLayout;
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.concurrent.ThreadLocalRandom;
import javax.swing.AbstractAction;
import javax.swing.JButton;
import javax.swing.JComponent;
import javax.swing.JFileChooser;
import javax.swing.JLabel;
import javax.swing.JPanel;
import javax.swing.JScrollPane;
import javax.swing.JTable;
import javax.swing.JTextArea;
import javax.swing.SwingUtilities;
import net.miginfocom.swing.MigLayout;

/* loaded from: input_file:com/xk72/charles/gui/settings/ImportCertificateHelper.class */
public class ImportCertificateHelper {
    private static final String XdKP = "-----BEGIN PRIVATE KEY-----";
    private static final String eCYm = "-----END PRIVATE KEY-----";
    private static final String uQqp = "-----BEGIN RSA PRIVATE KEY-----";
    private static final String AhDU = "-----END RSA PRIVATE KEY-----";

    @FunctionalInterface
    /* loaded from: input_file:com/xk72/charles/gui/settings/ImportCertificateHelper$CertificateSelectedListener.class */
    public interface CertificateSelectedListener {
        void certificateSelected(com.xk72.SnOD.elVd elvd);
    }

    /* loaded from: input_file:com/xk72/charles/gui/settings/ImportCertificateHelper$CertificatesTableModel.class */
    public class CertificatesTableModel extends AbstractRowsTableModel<com.xk72.SnOD.elVd> {
        private final SSLCertificateStore certStore;

        private static List<com.xk72.SnOD.elVd> XdKP(SSLCertificateStore sSLCertificateStore) {
            try {
                return sSLCertificateStore.AhDU();
            } catch (IOException | GeneralSecurityException e) {
                CharlesContext.getInstance().error(e);
                return Collections.emptyList();
            }
        }

        public CertificatesTableModel(SSLCertificateStore sSLCertificateStore) {
            super(XdKP(sSLCertificateStore));
            this.certStore = sSLCertificateStore;
        }

        public void reload() {
            setRows(XdKP(this.certStore));
        }

        public int getColumnCount() {
            return 1;
        }

        public Object getValueAt(int i, int i2) {
            com.xk72.SnOD.elVd elvd = (com.xk72.SnOD.elVd) this.rows.get(i);
            X509Certificate x509Certificate = (X509Certificate) elvd.eCYm();
            switch (i2) {
                case -1:
                    return elvd;
                case 0:
                    return com.xk72.charles.gui.transaction.general.uAtD.XdKP(x509Certificate.getSubjectX500Principal());
                default:
                    return null;
            }
        }

        public Class<?> getColumnClass(int i) {
            switch (i) {
                case 0:
                    return String.class;
                default:
                    return null;
            }
        }

        public String getColumnName(int i) {
            switch (i) {
                case 0:
                    return "Certificate";
                default:
                    return null;
            }
        }

        @Override // com.xk72.charles.gui.lib.AbstractRowsTableModel
        public void removeRow(int i) {
            try {
                this.certStore.uQqp(getRowAt(i));
                super.removeRow(i);
            } catch (IOException | GeneralSecurityException e) {
                CharlesContext.getInstance().error(e);
            }
        }

        @Override // com.xk72.charles.gui.lib.AbstractRowsTableModel, com.xk72.charles.gui.lib.oVFE
        public com.xk72.SnOD.elVd newRow() {
            return null;
        }

        @Override // com.xk72.charles.gui.lib.AbstractRowsTableModel, com.xk72.charles.gui.lib.oVFE
        public int addRow(com.xk72.SnOD.elVd elvd) {
            if (elvd == null) {
                return -1;
            }
            try {
                return super.addRow((CertificatesTableModel) this.certStore.XdKP(elvd));
            } catch (IOException | GeneralSecurityException e) {
                CharlesContext.getInstance().error(e);
                return -1;
            }
        }
    }

    /* loaded from: input_file:com/xk72/charles/gui/settings/ImportCertificateHelper$ImportPemPanel.class */
    public class ImportPemPanel extends SettingsPanel {
        private final BetterTextArea privateKey;
        private final JLabel keyError;
        private final BetterTextArea certChain;
        private final JLabel certError;
        private Certificate[] certificates;
        private Key key;

        /* JADX INFO: Access modifiers changed from: package-private */
        /* loaded from: input_file:com/xk72/charles/gui/settings/ImportCertificateHelper$ImportPemPanel$ErrorType.class */
        public enum ErrorType {
            PRIVATE_KEY,
            CERT_CHAIN
        }

        public ImportPemPanel() {
            super("Certificate With Private Key");
            this.privateKey = new BetterTextArea();
            this.keyError = new JLabel();
            this.certChain = new BetterTextArea();
            this.certError = new JLabel();
            XdKP(this.privateKey, "PEM Encoded Private Key");
            this.privateKey.getDocument().addDocumentListener(new iZPg(this));
            add(this.keyError, "hidemode 0");
            XdKP(this.certChain, "PEM Encoded Certificates");
            this.certChain.getDocument().addDocumentListener(new Vorh(this));
            add(this.certError, "hidemode 0");
        }

        private void XdKP(BetterTextArea betterTextArea, String str) {
            betterTextArea.setEditable(true);
            betterTextArea.setLineWrap(false);
            betterTextArea.setFont(UIUtils.eCYm());
            JPanel jPanel = new JPanel(new GridLayout(1, 1));
            jPanel.add(new JScrollPane(betterTextArea));
            UIUtils.XdKP(jPanel, str);
            add(jPanel, "width 760lp, height 240lp, pushy, growy");
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void XdKP(ErrorType errorType) {
            XdKP(errorType, "");
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void XdKP(ErrorType errorType, String str) {
            switch (bpMN.eCYm[errorType.ordinal()]) {
                case 1:
                    this.certError.setText(str);
                    return;
                case 2:
                    this.keyError.setText(str);
                    return;
                default:
                    return;
            }
        }

        /* JADX INFO: Access modifiers changed from: protected */
        public void checkPrivateKey() {
            this.key = null;
            XdKP(ErrorType.PRIVATE_KEY);
            String text = this.privateKey.getText();
            if (text == null || text.isEmpty()) {
                return;
            }
            Certificate[] certificateArr = this.certificates;
            if (certificateArr == null || certificateArr.length <= 0) {
                XdKP(ErrorType.PRIVATE_KEY, "Cannot validate private key without certificate");
                return;
            }
            PublicKey publicKey = certificateArr[0].getPublicKey();
            try {
                PrivateKey XdKP = ImportCertificateHelper.XdKP(text, publicKey.getAlgorithm());
                try {
                    this.key = null;
                    if (ImportCertificateHelper.XdKP(publicKey, XdKP)) {
                        this.key = XdKP;
                    } else {
                        XdKP(ErrorType.PRIVATE_KEY, "Private key does not match public key from primary certificate");
                    }
                } catch (Exception e) {
                    XdKP(ErrorType.PRIVATE_KEY, "Unexpected error validating private key");
                }
            } catch (Exception e2) {
                XdKP(ErrorType.PRIVATE_KEY, "Unable to parse private key");
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void XdKP(Certificate[] certificateArr) {
            this.certificates = certificateArr;
            try {
                XdKP(ErrorType.CERT_CHAIN);
                if (certificateArr != null && !ImportCertificateHelper.XdKP(certificateArr)) {
                    XdKP(ErrorType.CERT_CHAIN, "Invalid certificate chain");
                }
            } catch (Exception e) {
                XdKP(ErrorType.CERT_CHAIN, "Unexpected error validating certificate chain");
            }
        }

        public com.xk72.SnOD.elVd getCertificate() {
            Certificate[] certificateArr = this.certificates;
            if (certificateArr == null || this.key == null) {
                return null;
            }
            return new com.xk72.SnOD.elVd(null, certificateArr[0], this.key, certificateArr);
        }

        @Override // com.xk72.charles.gui.settings.SettingsPanel
        public boolean preSave() {
            String text = this.keyError.getText();
            if (text != null && !text.isEmpty()) {
                throw new SettingsException("Error with private key\n\t- " + text);
            }
            String text2 = this.certError.getText();
            if (text2 != null && !text2.isEmpty()) {
                throw new SettingsException("Error with certificate chain\n\t- " + text2);
            }
            if (this.certificates == null || this.key != null) {
                return true;
            }
            throw new SettingsException("You must supply a private key");
        }

        @Override // com.xk72.charles.gui.settings.SettingsPanel
        public boolean save() {
            return true;
        }
    }

    public static JComponent XdKP(final SSLCertificateStore sSLCertificateStore, JComponent jComponent) {
        JPanel jPanel = new JPanel(new MigLayout("wrap, ins 0, fillx", "[fill, grow]"));
        JButton jButton = new JButton(new AbstractAction("Unlock Secure Store") { // from class: com.xk72.charles.gui.settings.ImportCertificateHelper.1
            public void actionPerformed(ActionEvent actionEvent) {
                sSLCertificateStore.XdKP();
            }
        });
        JButton jButton2 = new JButton(new AbstractAction("Reset Secure Store") { // from class: com.xk72.charles.gui.settings.ImportCertificateHelper.2
            public void actionPerformed(ActionEvent actionEvent) {
                if (CharlesContext.getInstance().options("Reset Charles Secure Store", "Are you sure you want to reset the Charles Secure Store? You will need to add your certificates to Charles again.", "Reset Charles Secure Store", 0, new String[]{"Reset", "Cancel"}, null) == 0) {
                    sSLCertificateStore.uQqp();
                }
            }
        });
        JButton jButton3 = new JButton(new AbstractAction("Create Secure Store") { // from class: com.xk72.charles.gui.settings.ImportCertificateHelper.3
            public void actionPerformed(ActionEvent actionEvent) {
                sSLCertificateStore.eCYm();
            }
        });
        JTextArea uQqp2 = FormUtils.uQqp("");
        jPanel.add(uQqp2);
        jPanel.add(jButton3, "split");
        jPanel.add(jButton);
        jPanel.add(jButton2);
        final MSMF msmf = new MSMF(uQqp2, jPanel, jComponent, jButton, jButton2, jButton3);
        JPanel jPanel2 = new JPanel(new MigLayout("hidemode 3, wrap, fillx, ins 0", "[fill]")) { // from class: com.xk72.charles.gui.settings.ImportCertificateHelper.5
            public void addNotify() {
                super.addNotify();
                msmf.XdKP(sSLCertificateStore.XdKP(msmf));
            }

            public void removeNotify() {
                sSLCertificateStore.eCYm(msmf);
                super.removeNotify();
            }
        };
        jPanel2.add(jPanel, "pushx");
        jPanel2.add(jComponent, "grow, push");
        return jPanel2;
    }

    public static void XdKP(SSLCertificateStore sSLCertificateStore, CertificateSelectedListener certificateSelectedListener) {
        JTable jTable = new JTable(new CertificatesTableModel(sSLCertificateStore)) { // from class: com.xk72.charles.gui.settings.ImportCertificateHelper.6
            public void doLayout() {
                TableUtils.uQqp(this, 0);
                super.doLayout();
            }
        };
        jTable.addMouseListener(new bKMs(jTable));
        TableUtils.XdKP(jTable);
        jTable.setSelectionMode(0);
        jTable.setMinimumSize(new Dimension(320, 160));
        com.xk72.charles.gui.lib.SsDg.XdKP("Select Certificate", (Component) jTable, (ActionListener) new ZGoY(jTable, certificateSelectedListener), (Component) CharlesFrame.XdKP());
    }

    public static void XdKP(JComponent jComponent, CertificateSelectedListener certificateSelectedListener) {
        File selectedFile;
        Collection<com.xk72.SnOD.elVd> XdKP2;
        com.xk72.charles.ssl.tfse sSLManager = CharlesContext.getInstance().getSSLManager();
        JFileChooser XdKP3 = com.xk72.charles.gui.lib.SPPI.XdKP();
        XdKP3.setFileSelectionMode(0);
        XdKP3.setDialogTitle("Choose a PKCS#12 certificate file");
        XdKP3.setFileFilter(new com.xk72.charles.lib.elVd(new String[]{"p12", "pkcs12"}, "PKCS#12 key file"));
        if (XdKP3.showOpenDialog(jComponent) != 0 || (XdKP2 = sSLManager.Idso().XdKP((selectedFile = XdKP3.getSelectedFile()), selectedFile.getName(), "import an SSL certificate", false, (Dialog) SwingUtilities.getAncestorOfClass(Dialog.class, jComponent))) == null || XdKP2.isEmpty()) {
            return;
        }
        com.xk72.SnOD.elVd next = XdKP2.iterator().next();
        try {
            if (!XdKP(next.AhDU())) {
                CharlesContext.getInstance().error("Import Failed", "Invalid certificate chain, a certificate in the chain failed verification by the next certificate");
            } else if (XdKP(next.AhDU()[0].getPublicKey(), (PrivateKey) next.uQqp())) {
                certificateSelectedListener.certificateSelected(next);
            } else {
                CharlesContext.getInstance().error("Import Failed", "Private key does not match public key from primary certificate");
            }
        } catch (GeneralSecurityException e) {
            CharlesContext.getInstance().error("Unexpected error validating certificate");
        }
    }

    public static void eCYm(JComponent jComponent, CertificateSelectedListener certificateSelectedListener) {
        ImportPemPanel importPemPanel = new ImportPemPanel();
        SettingsDialog.SubSettingsDialog subSettingsDialog = new SettingsDialog.SubSettingsDialog((Component) jComponent, importPemPanel.getTitle(), (SettingsPanel) importPemPanel);
        subSettingsDialog.setShowApply(false);
        if (subSettingsDialog.showAndWait() == 2) {
            certificateSelectedListener.certificateSelected(importPemPanel.getCertificate());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static X509Certificate[] XdKP(InputStream inputStream) {
        ArrayList arrayList = new ArrayList();
        while (true) {
            try {
                arrayList.add((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(inputStream));
            } catch (CertificateException e) {
                if (inputStream.read() >= 0) {
                    throw e;
                }
                return (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]);
            }
        }
    }

    private static boolean XdKP(Certificate[] certificateArr) {
        for (int i = 0; i < certificateArr.length; i++) {
            try {
                if (i < certificateArr.length - 1) {
                    certificateArr[i].verify(certificateArr[i + 1].getPublicKey());
                }
            } catch (SignatureException e) {
                return false;
            }
        }
        return true;
    }

    private static PrivateKey XdKP(String str, String str2) {
        return KeyFactory.getInstance(str2).generatePrivate(new PKCS8EncodedKeySpec(Base64.getMimeDecoder().decode(str.replace(XdKP, "").replace(eCYm, "").replace(uQqp, "").replace(AhDU, ""))));
    }

    private static boolean XdKP(PublicKey publicKey, PrivateKey privateKey) {
        byte[] bArr = new byte[Http2ProxyHandler.Http2EndPoint.uQqp];
        ThreadLocalRandom.current().nextBytes(bArr);
        Signature signature = Signature.getInstance("SHA256with" + publicKey.getAlgorithm());
        signature.initSign(privateKey);
        signature.update(bArr);
        byte[] sign = signature.sign();
        signature.initVerify(publicKey);
        signature.update(bArr);
        return signature.verify(sign);
    }
}
