package com.buildforge.services.common.ssl.config;

import com.buildforge.services.common.dbo.KeyStoreDBO;
import com.buildforge.services.common.dbo.MessageDBO;
import com.buildforge.services.common.security.PasswordDecryptException;
import com.buildforge.services.common.security.PasswordManager;
import com.buildforge.services.common.ssl.core.CMSKeyStoreUtility;
import com.buildforge.services.common.ssl.core.PKCS11KeyStore;
import com.buildforge.services.common.ssl.core.PKCS11KeyStoreCache;
import com.buildforge.services.common.ssl.provider.JSSEProviderFactory;
import com.buildforge.services.common.text.TextUtils;
import com.buildforge.services.common.util.FileUtils;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;

/* loaded from: input_file:lib/com.ibm.rational.buildforge.services.client.java_7.1.3.4110010.jar:com/buildforge/services/common/ssl/config/KeyStoreUtils.class */
public class KeyStoreUtils {
    private static final Logger log = Logger.getLogger(KeyStoreUtils.class.getName());
    private static final PKCS11KeyStoreCache pkcsStoreList = new PKCS11KeyStoreCache();

    private KeyStoreUtils() {
    }

    private static KeyStore loadNormal(KeyStoreDBO keyStoreDBO) throws KeyStoreException {
        try {
            KeyStore keyStoreInstance = JSSEProviderFactory.getInstance().getKeyStoreInstance(keyStoreDBO.getType(), null);
            InputStream openInputStream = FileUtils.openInputStream(keyStoreDBO.getLocation());
            if (openInputStream == null) {
                log.fine("Creating new empty KeyStore");
                keyStoreInstance.load(null, getPasswordChars(keyStoreDBO));
                return keyStoreInstance;
            }
            try {
                keyStoreInstance.load(openInputStream, getPasswordChars(keyStoreDBO));
                openInputStream.close();
                dumpAliasList(keyStoreInstance);
                return keyStoreInstance;
            } catch (Throwable th) {
                openInputStream.close();
                throw th;
            }
        } catch (KeyStoreException e) {
            throw e;
        } catch (Exception e2) {
            throw new KeyStoreException(e2);
        }
    }

    private static String getPassword(KeyStoreDBO keyStoreDBO) {
        String password = keyStoreDBO.getPassword();
        if (password == null) {
            return null;
        }
        try {
            return PasswordManager.getInstance().decrypt(password);
        } catch (PasswordDecryptException e) {
            return password;
        }
    }

    private static char[] getPasswordChars(KeyStoreDBO keyStoreDBO) {
        String password = getPassword(keyStoreDBO);
        if (password != null) {
            return password.toCharArray();
        }
        return null;
    }

    private static void dumpAliasList(KeyStore keyStore) throws KeyStoreException {
        if (log.isLoggable(Level.FINE)) {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                log.log(Level.FINE, "Alias [" + nextElement + "] -> " + keyStore.getCertificate(nextElement));
            }
        }
    }

    private static KeyStore loadCMS(KeyStoreDBO keyStoreDBO) throws KeyStoreException {
        File file = new File(keyStoreDBO.getLocation());
        if (!file.exists()) {
            return CMSKeyStoreUtility.loadCMSKeyStore(null, null, keyStoreDBO.getPassword(), JSSEProviderFactory.getInstance().getContextProvider());
        }
        if (!TextUtils.isEmpty(keyStoreDBO.getPassword())) {
            return CMSKeyStoreUtility.loadCMSKeyStore(file, null, getPassword(keyStoreDBO), JSSEProviderFactory.getInstance().getContextProvider());
        }
        String location = keyStoreDBO.getLocation();
        File file2 = new File(location.substring(0, location.lastIndexOf(".")) + ".sth");
        if (log.isLoggable(Level.FINE)) {
            log.log(Level.FINE, "File path for stash file: " + file2.getPath());
        }
        return CMSKeyStoreUtility.loadCMSKeyStore(file, file2, null, JSSEProviderFactory.getInstance().getContextProvider());
    }

    private static KeyStore loadPKCS11(KeyStoreDBO keyStoreDBO) throws KeyStoreException {
        PKCS11KeyStore insert = pkcsStoreList.insert(keyStoreDBO.getType(), keyStoreDBO.getLocation(), keyStoreDBO.getPassword(), true, JSSEProviderFactory.getInstance().getContextProvider(), false);
        if (insert != null) {
            return insert.getKeyStore();
        }
        return null;
    }

    public static List<KeyStore> load(List<KeyStoreDBO> list) {
        if (list == null) {
            return null;
        }
        ArrayList arrayList = new ArrayList(list.size());
        Iterator<KeyStoreDBO> it = list.iterator();
        while (it.hasNext()) {
            KeyStore load = load(it.next());
            if (load != null) {
                arrayList.add(load);
            }
        }
        return arrayList;
    }

    public static KeyStore load(KeyStoreDBO keyStoreDBO) {
        dumpCurrentPath();
        String type = keyStoreDBO.getType();
        try {
            if (type.equalsIgnoreCase("JKS") || type.equalsIgnoreCase("JCEKS") || type.equalsIgnoreCase("PKCS12")) {
                return loadNormal(keyStoreDBO);
            }
            if (type.equalsIgnoreCase("CMSKS")) {
                return loadCMS(keyStoreDBO);
            }
            if (type.equalsIgnoreCase("PKCS11")) {
                return loadPKCS11(keyStoreDBO);
            }
            if (type.equalsIgnoreCase("SAFKEYRING")) {
                return loadSafKeyRing(keyStoreDBO);
            }
            if (log.isLoggable(Level.WARNING)) {
                log.log(Level.WARNING, new MessageDBO(MessageDBO.Severity.WARNING, "SSLKeystoreTypeUnknown", type).translate());
            }
            return null;
        } catch (KeyStoreException e) {
            if (!log.isLoggable(Level.WARNING)) {
                return null;
            }
            log.log(Level.WARNING, new MessageDBO(MessageDBO.Severity.WARNING, "SSLKeystoreLoadError", keyStoreDBO.getLocation()).translate(), (Throwable) e);
            return null;
        }
    }

    private static void dumpCurrentPath() {
        if (log.isLoggable(Level.FINE)) {
            try {
                log.log(Level.FINE, "Current path: " + new File(".").getCanonicalPath());
            } catch (IOException e) {
                log.warning("Unable to determine current path: " + e);
            }
        }
    }

    private static KeyStore loadSafKeyRing(KeyStoreDBO keyStoreDBO) throws KeyStoreException {
        try {
            KeyStore keyStoreInstance = JSSEProviderFactory.getInstance().getKeyStoreInstance(keyStoreDBO.getType(), null);
            InputStream openInputStream = FileUtils.openInputStream(keyStoreDBO.getLocation());
            if (openInputStream == null) {
                log.fine("Creating new keyStore");
                keyStoreInstance.load(null, getPasswordChars(keyStoreDBO));
                return keyStoreInstance;
            }
            try {
                keyStoreInstance.load(openInputStream, getPasswordChars(keyStoreDBO));
                openInputStream.close();
                dumpAliasList(keyStoreInstance);
                return keyStoreInstance;
            } catch (Throwable th) {
                openInputStream.close();
                throw th;
            }
        } catch (KeyStoreException e) {
            throw e;
        } catch (Exception e2) {
            throw new KeyStoreException(e2);
        }
    }
}
