package com.ghc.wsSecurity;

import com.ghc.utils.StreamUtils;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Properties;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.components.crypto.BouncyCastle;
import org.apache.ws.security.components.crypto.CredentialException;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.message.WSSecEncrypt;

/* loaded from: input_file:com/ghc/wsSecurity/KeyStoreUtil.class */
public final class KeyStoreUtil {
    static boolean bootstrapped = false;

    private static KeyStore getKeyStoreImpl(KeyStoreType keyStoreType) throws KeyStoreException {
        KeyStore keyStore = null;
        if (keyStoreType == KeyStoreType.PKCS12) {
            bootstrapBouncyCastle();
            try {
                keyStore = KeyStore.getInstance(keyStoreType.toString(), "BC");
            } catch (NoSuchProviderException unused) {
            }
        }
        if (keyStore == null) {
            keyStore = KeyStore.getInstance(keyStoreType.toString());
        }
        return keyStore;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public static void bootstrapBouncyCastle() {
        if (bootstrapped) {
            return;
        }
        Crypto crypto = KeyStoreUtil.class;
        synchronized (crypto) {
            if (!bootstrapped) {
                bootstrapped = true;
                crypto = new WSSecEncrypt();
                try {
                    try {
                        StreamUtils.streamOut(KeyStoreUtil.class.getClassLoader().getResourceAsStream("com/ghc/wsSecurity/jks.keystore"), new FileOutputStream("jks.keystore"), 8192, true);
                        crypto = getBouncyCastle(new SecurityInfo("test", new File("jks.keystore"), KeyStoreType.JKS, "security"));
                    } finally {
                        new File("jks.keystore").delete();
                    }
                } catch (Throwable unused) {
                    crypto = new File("jks.keystore").delete();
                }
            }
        }
    }

    public static KeyStore loadKeyStore(File file, char[] cArr, KeyStoreType keyStoreType) throws WSSecurityException, FileNotFoundException {
        FileInputStream fileInputStream = new FileInputStream(file);
        try {
            return loadKeyStore(fileInputStream, cArr, keyStoreType);
        } finally {
            try {
                fileInputStream.close();
            } catch (IOException unused) {
            }
        }
    }

    public static KeyStore loadKeyStore(InputStream inputStream, char[] cArr, KeyStoreType keyStoreType) throws WSSecurityException {
        return keyStoreType == KeyStoreType.PEM ? getDERKeyStore(inputStream, cArr) : getKeyStoreFromBouncyCastle(inputStream, cArr, keyStoreType);
    }

    private static KeyStore getDERKeyStore(InputStream inputStream, char[] cArr) throws WSSecurityException {
        try {
            Collection<? extends Certificate> generateCertificates = CertificateFactory.getInstance("X.509").generateCertificates(inputStream);
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            if (cArr == null) {
                cArr = "changeit".toCharArray();
            }
            keyStore.load(null, cArr);
            int i = 0;
            Iterator<? extends Certificate> it = generateCertificates.iterator();
            while (it.hasNext()) {
                int i2 = i;
                i++;
                keyStore.setCertificateEntry("cert" + i2, it.next());
            }
            return keyStore;
        } catch (IOException e) {
            throw new WSSecurityException("Failed to open/read the keystore", e);
        } catch (KeyStoreException e2) {
            throw new WSSecurityException("Could not create keystore.", e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new WSSecurityException("Could not locate algorithm used to validate integrity of the keystore", e3);
        } catch (CertificateException e4) {
            throw new WSSecurityException("Unable to load one or more of the certificates in the provided keystore", e4);
        }
    }

    private static KeyStore getKeyStoreFromBouncyCastle(InputStream inputStream, char[] cArr, KeyStoreType keyStoreType) throws WSSecurityException {
        try {
            KeyStore keyStoreImpl = getKeyStoreImpl(keyStoreType);
            try {
                keyStoreImpl.load(inputStream, cArr);
                return keyStoreImpl;
            } catch (IOException e) {
                throw checkForKeyLengthProblem(e);
            } catch (NoSuchAlgorithmException e2) {
                throw new WSSecurityException("Could not locate algorithm used to validate integrity of the keystore", e2);
            } catch (CertificateException e3) {
                throw new WSSecurityException("Unable to load one or more of the certificates in the provided keystore", e3);
            }
        } catch (KeyStoreException e4) {
            throw new WSSecurityException("Could not create keystore.", e4);
        }
    }

    public static ArrayList<String> getPublicKeyAliases(KeyStore keyStore) throws KeyStoreException {
        ArrayList<String> arrayList = new ArrayList<>(keyStore.size());
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isCertificateEntry(nextElement)) {
                arrayList.add(nextElement);
            }
        }
        return arrayList;
    }

    public static ArrayList<String> getPrivateKeyAliases(KeyStore keyStore) throws KeyStoreException {
        ArrayList<String> arrayList = new ArrayList<>(keyStore.size());
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement)) {
                arrayList.add(nextElement);
            }
        }
        return arrayList;
    }

    public static Crypto getBouncyCastle(SecurityInfo securityInfo) throws WSSecurityException {
        try {
            bootstrapBouncyCastle();
            return KeyStoreType.PEM == securityInfo.getKeyStoreType() ? getBouncyCastleForPEMKeystores(securityInfo) : new BouncyCastle(createBouncyCastleProperties(securityInfo));
        } catch (CryptoException e) {
            throw new WSSecurityException("Unable to open keystore", e);
        } catch (IOException e2) {
            throw new WSSecurityException("Unable to open keystore", e2);
        } catch (KeyStoreException e3) {
            throw new WSSecurityException("Unable to open keystore", e3);
        } catch (NoSuchAlgorithmException e4) {
            throw new WSSecurityException("Algorithm not supported", e4);
        } catch (CredentialException e5) {
            throw checkForKeyLengthProblem(e5);
        } catch (CertificateException e6) {
            throw new WSSecurityException("Unable to open keystore", e6);
        }
    }

    private static WSSecurityException checkForKeyLengthProblem(Exception exc) {
        return exc.getMessage().contains("Illegal key size") ? new InvalidKeySizeException() : new WSSecurityException("Failed to open/read the keystore", exc);
    }

    private static Crypto getBouncyCastleForPEMKeystores(SecurityInfo securityInfo) throws FileNotFoundException, CryptoException, IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException, CredentialException {
        KeyStore keyStore = securityInfo.getKeyStore();
        File createTempFile = File.createTempFile("key", "store");
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(createTempFile);
            try {
                keyStore.store(fileOutputStream, securityInfo.getKeyStorePassword().toCharArray());
                fileOutputStream.close();
                return new BouncyCastle(createBouncyCastleProperties(new SecurityInfo(securityInfo.getKeyStoreName(), createTempFile, KeyStoreType.JKS, securityInfo.getKeyStorePassword())));
            } catch (Throwable th) {
                fileOutputStream.close();
                throw th;
            }
        } finally {
            createTempFile.delete();
        }
    }

    private static Properties createBouncyCastleProperties(SecurityInfo securityInfo) {
        Properties properties = new Properties();
        properties.setProperty("org.apache.ws.security.crypto.provider", "org.apache.ws.security.components.crypto.BouncyCastle");
        properties.setProperty("org.apache.ws.security.crypto.merlin.keystore.type", securityInfo.getKeyStoreType().toString());
        properties.setProperty("org.apache.ws.security.crypto.merlin.keystore.password", securityInfo.getKeyStorePassword());
        properties.setProperty("org.apache.ws.security.crypto.merlin.file", securityInfo.getKeyStoreFile().getAbsolutePath());
        return properties;
    }
}
