package org.jetbrains.nativecerts.win32;

import com.sun.jna.Native;
import com.sun.jna.Pointer;
import com.sun.jna.platform.win32.Crypt32;
import com.sun.jna.platform.win32.Kernel32Util;
import com.sun.jna.platform.win32.WTypes;
import com.sun.jna.platform.win32.Win32Exception;
import com.sun.jna.platform.win32.WinCrypt;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.jetbrains.nativecerts.NativeTrustedRootsInternalUtils;

/* loaded from: input_file:org/jetbrains/nativecerts/win32/Crypt32ExtUtil.class */
public class Crypt32ExtUtil {
    private static final Logger LOGGER = Logger.getLogger(Crypt32ExtUtil.class.getName());
    private static final Map<String, Integer> customTrustedCertificatesLocations = Map.of("CERT_SYSTEM_STORE_LOCAL_MACHINE", Integer.valueOf(Crypt32Ext.CERT_SYSTEM_STORE_LOCAL_MACHINE), "CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY", Integer.valueOf(Crypt32Ext.CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY), "CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE", Integer.valueOf(Crypt32Ext.CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE), "CERT_SYSTEM_STORE_CURRENT_USER", Integer.valueOf(Crypt32Ext.CERT_SYSTEM_STORE_CURRENT_USER), "CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY", Integer.valueOf(Crypt32Ext.CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY));

    public static Collection<X509Certificate> getCustomTrustedRootCertificates() {
        HashSet hashSet = new HashSet();
        for (Map.Entry<String, Integer> entry : customTrustedCertificatesLocations.entrySet()) {
            List<X509Certificate> gatherEnterpriseCertsForLocation = gatherEnterpriseCertsForLocation(entry.getValue().intValue(), "ROOT");
            if (LOGGER.isLoggable(Level.FINE)) {
                StringBuilder sb = new StringBuilder();
                sb.append("Received ").append(gatherEnterpriseCertsForLocation.size()).append(" certificates from store ROOT / ").append(entry.getKey());
                Iterator<X509Certificate> it = gatherEnterpriseCertsForLocation.iterator();
                while (it.hasNext()) {
                    sb.append("\n  ROOT/").append(entry.getKey()).append(": ").append(it.next().getSubjectDN());
                }
                LOGGER.fine(sb.toString());
            }
            hashSet.addAll(gatherEnterpriseCertsForLocation);
        }
        return hashSet;
    }

    public static void CertCloseStore(WinCrypt.HCERTSTORE hcertstore) {
        if (!Crypt32.INSTANCE.CertCloseStore(hcertstore, 0)) {
            throw new IllegalStateException("CertCloseStore: " + Kernel32Util.formatMessage(Native.getLastError()));
        }
    }

    public static List<X509Certificate> gatherEnterpriseCertsForLocation(int i, String str) {
        ArrayList arrayList;
        WinCrypt.CERT_CONTEXT.ByReference byReference;
        WinCrypt.HCERTSTORE CertOpenStore = Crypt32Ext.INSTANCE.CertOpenStore(new WTypes.LPSTR(new Pointer(13L)), 0, new WinCrypt.HCRYPTPROV_LEGACY(0L), i | Crypt32Ext.CERT_STORE_OPEN_EXISTING_FLAG | Crypt32Ext.CERT_STORE_READONLY_FLAG, new WTypes.LPWSTR(str));
        if (CertOpenStore == null) {
            int lastError = Native.getLastError();
            if (lastError == 18 || lastError == 2) {
                return Collections.emptyList();
            }
            throw new Win32Exception(lastError);
        }
        try {
            arrayList = new ArrayList();
            byReference = null;
        } finally {
            CertCloseStore(CertOpenStore);
        }
        while (true) {
            WinCrypt.CERT_CONTEXT.ByReference CertEnumCertificatesInStore = Crypt32.INSTANCE.CertEnumCertificatesInStore(CertOpenStore, byReference == null ? null : byReference.getPointer());
            if (CertEnumCertificatesInStore == null) {
                break;
            }
            try {
                arrayList.add(NativeTrustedRootsInternalUtils.parseCertificate(CertEnumCertificatesInStore.pbCertEncoded.getByteArray(0L, CertEnumCertificatesInStore.cbCertEncoded)));
            } catch (Throwable th) {
                LOGGER.warning(NativeTrustedRootsInternalUtils.renderExceptionMessage("Unable to parse one of the certificatesfrom store '" + str + "'", th));
            }
            byReference = CertEnumCertificatesInStore;
            CertCloseStore(CertOpenStore);
        }
        int lastError2 = Native.getLastError();
        if (lastError2 == -2146885628 || lastError2 == 18) {
            return arrayList;
        }
        throw new Win32Exception(lastError2);
    }
}
