package com.ibm.bcg.util;

import com.ibm.security.pkcs12.PKCS12PFX;
import com.ibm.security.pkcs8.EncryptedPrivateKeyInfo;
import com.ibm.security.pkcs8.PrivateKeyInfo;
import com.ibm.security.pkcsutil.PKCSException;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.Enumeration;
import org.apache.log4j.Category;

/* loaded from: input_file:com/ibm/bcg/util/WBICCertificateUtilities.class */
public class WBICCertificateUtilities {
    private static final int BLOCKSIZE = 128;
    public static final String COPYRIGHT = "Licensed Material - Property of IBM , 5724-E75,5724-E87,5724-L68,5724-L69.  (C) Copyright IBM Corp. 2001,2004 - All Rights Reserved. The source code for this program is not published or otherwisedivested of its trade secrets, irrespective of what has beendeposited with the U.S. Copyright Office. ";
    private static String m_fingerPrintAlgorithm = "MD5";
    private static Category m_logger;
    static Class class$com$ibm$bcg$util$WBICCertificateUtilities;

    private WBICCertificateUtilities() {
    }

    private static void closeInputStream(InputStream inputStream) {
        if (inputStream != null) {
            try {
                inputStream.close();
            } catch (IOException e) {
                e.printStackTrace();
            }
        }
    }

    private static void closeOutputStream(OutputStream outputStream) {
        if (outputStream != null) {
            try {
                outputStream.close();
            } catch (IOException e) {
                e.printStackTrace();
            }
        }
    }

    private static void error(String str, Throwable th) {
        m_logger.error(str);
        if (th != null) {
            th.printStackTrace();
        }
    }

    private static void error(String str) {
        error(str, null);
    }

    private static void debug(String str) {
        if (m_logger.isDebugEnabled()) {
            m_logger.debug(str);
        }
    }

    public static boolean writePKCS8PrivateKey(String str, PrivateKey privateKey, char[] cArr) throws BcgException {
        if (str != null && str.trim().length() != 0 && privateKey != null && cArr != null) {
            try {
                if (cArr.length != 0) {
                    try {
                        FileOutputStream fileOutputStream = new FileOutputStream(new File(str));
                        byte[] encoded = privateKey.getEncoded();
                        if (encoded == null || encoded.length == 0) {
                            throw new BcgException("wrong Private key object ", null, null, null);
                        }
                        new EncryptedPrivateKeyInfo(cArr, new PrivateKeyInfo(encoded), "MD5", "DES").encode(fileOutputStream);
                        closeOutputStream(fileOutputStream);
                        return true;
                    } catch (PKCSException e) {
                        error("Error during encrytping the private key", e);
                        throw new BcgException(" Error during encrytping the private key ", null, null, null, e);
                    } catch (IOException e2) {
                        error(new StringBuffer().append("Error reading the file ").append(str).toString(), e2);
                        throw new BcgException(" Error reading the file ", null, null, null, e2);
                    }
                }
            } catch (Throwable th) {
                closeOutputStream(null);
                throw th;
            }
        }
        throw new BcgException("The Parameter Passed is wrong", null, null, null);
    }

    public static byte[] createPKCS8PrivateKey(PrivateKey privateKey, char[] cArr) throws BcgException {
        if (cArr == null || cArr.length == 0 || privateKey == null) {
            throw new BcgException("The Parameter Passed is wrong", null, null, null);
        }
        try {
            return new EncryptedPrivateKeyInfo(cArr, new PrivateKeyInfo(privateKey.getEncoded()), "MD5", "DES").encode();
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public static PrivateKey loadPKCS8PrivateKey(String str, char[] cArr) throws BcgException {
        if (str == null || str.trim().length() == 0 || cArr == null || cArr.length == 0) {
            throw new BcgException("The parameter passed is wrong", null, null, null);
        }
        try {
            try {
                byte[] decrypt = new EncryptedPrivateKeyInfo(Util.readFile(str)).decrypt(cArr);
                PrivateKeyInfo privateKeyInfo = new PrivateKeyInfo(decrypt);
                debug(new StringBuffer().append("Decrypted the key and key algo name is ....").append(privateKeyInfo.getAlgorithm()).toString());
                String algorithm = privateKeyInfo.getAlgorithm();
                try {
                    KeyFactory keyFactory = KeyFactory.getInstance(algorithm);
                    debug("Generating a key spec from the decrypted key bytes");
                    PKCS8EncodedKeySpec pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(decrypt);
                    debug("Creating a private key from the factory and key spec");
                    try {
                        return keyFactory.generatePrivate(pKCS8EncodedKeySpec);
                    } catch (InvalidKeySpecException e) {
                        error(new StringBuffer().append("Invalid key specification for ").append(algorithm).append(" private key").toString());
                        throw new BcgException(new StringBuffer().append(" Invalid key specification for ").append(algorithm).append(" private key").toString(), null, null, null, e);
                    }
                } catch (NoSuchAlgorithmException e2) {
                    error(new StringBuffer().append("No factory for ").append(algorithm).append(" keys").toString());
                    throw new BcgException(new StringBuffer().append(" No factory for ").append(algorithm).append(" keys").toString(), null, null, null, e2);
                }
            } catch (Exception e3) {
                error("Error decoding encrypted private key");
                throw new BcgException(" Error decoding encrypted private key ", null, null, null, e3);
            }
        } catch (Exception e4) {
            e4.printStackTrace();
            throw new BcgException(" unable to load PKCS8PrivateKey", null, null, null, e4);
        }
    }

    public static boolean writeX509Certificate(String str, X509Certificate x509Certificate) throws BcgException {
        if (str == null || str.trim().length() == 0 || x509Certificate == null) {
            throw new BcgException("The parameter passed is wrong", null, null, null);
        }
        FileOutputStream fileOutputStream = null;
        try {
            try {
                fileOutputStream = new FileOutputStream(str);
                byte[] bArr = new byte[x509Certificate.getEncoded().length];
                byte[] encoded = x509Certificate.getEncoded();
                fileOutputStream.write(encoded, 0, encoded.length);
                closeOutputStream(fileOutputStream);
                return true;
            } catch (Exception e) {
                throw new BcgException(" Error while write X509Certificate", null, null, null, e);
            }
        } catch (Throwable th) {
            closeOutputStream(fileOutputStream);
            throw th;
        }
    }

    public static X509Certificate loadX509Certificate(String str) throws BcgException {
        if (str == null || str.trim().length() == 0) {
            throw new BcgException("The parameter passed is wrong", null, null, null);
        }
        FileInputStream fileInputStream = null;
        try {
            try {
                fileInputStream = new FileInputStream(str);
                byte[] bArr = new byte[fileInputStream.available()];
                X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(fileInputStream);
                fileInputStream.read(bArr);
                closeInputStream(fileInputStream);
                return x509Certificate;
            } catch (Exception e) {
                e.printStackTrace();
                throw new BcgException(" Error while  load X509Certificate", null, null, null, e);
            }
        } catch (Throwable th) {
            closeInputStream(fileInputStream);
            throw th;
        }
    }

    public static X509CRL loadX509CRL(String str) throws BcgException {
        FileInputStream fileInputStream = null;
        if (str == null || str.trim().length() == 0) {
            throw new BcgException("The parameter passed is wrong", null, null, null);
        }
        try {
            try {
                fileInputStream = new FileInputStream(new File(str));
                try {
                    X509CRL x509crl = (X509CRL) CertificateFactory.getInstance("X.509").generateCRL(fileInputStream);
                    closeInputStream(fileInputStream);
                    return x509crl;
                } catch (Exception e) {
                    error("Failed to generate CRL", e);
                    throw new BcgException(" Failed to generate CRL", null, null, null, e);
                }
            } catch (FileNotFoundException e2) {
                error("CRL File does not exist", e2);
                throw new BcgException(" CRL File does not exist", null, null, null, e2);
            }
        } catch (Throwable th) {
            closeInputStream(fileInputStream);
            throw th;
        }
    }

    public static PrivateKey[] loadPrivateKeysFromPKCS12(InputStream inputStream, char[] cArr) throws Exception {
        ArrayList arrayList = new ArrayList();
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        try {
            keyStore.load(inputStream, cArr);
            try {
                Enumeration<String> aliases = keyStore.aliases();
                while (aliases.hasMoreElements()) {
                    try {
                        String nextElement = aliases.nextElement();
                        if (keyStore.isKeyEntry(nextElement)) {
                            PrivateKey privateKey = (PrivateKey) keyStore.getKey(nextElement, cArr);
                            if (privateKey instanceof PrivateKey) {
                                arrayList.add(privateKey);
                                debug("Added a private key");
                            }
                        }
                    } catch (NoSuchAlgorithmException e) {
                        error("The algorithm to recover the key could not be found");
                        return null;
                    } catch (UnrecoverableKeyException e2) {
                        error("The key could not be recovered because the password was wrong");
                        throw e2;
                    }
                }
                PrivateKey[] privateKeyArr = new PrivateKey[arrayList.size()];
                arrayList.toArray(privateKeyArr);
                debug(new StringBuffer().append("Loaded the Private keys..length is ").append(privateKeyArr.length).toString());
                return privateKeyArr;
            } catch (KeyStoreException e3) {
                error("Could not get aliases because KeyStore was not Initialised");
                e3.printStackTrace();
                return null;
            }
        } catch (IOException e4) {
            error("Could not load Keystore. There was a problem with keystore data format OR the password supplied was incorrect");
            throw e4;
        } catch (Exception e5) {
            error("Error while loading the Keystore from the given Inputstream");
            e5.printStackTrace();
            return null;
        }
    }

    public static Certificate[] loadCertificatesFromPKCS12(InputStream inputStream, char[] cArr) throws BcgException {
        if (inputStream == null || cArr == null || cArr.length == 0) {
            throw new BcgException("The Parameter Passed is wrong", null, null, null);
        }
        try {
            try {
                byte[] bArr = new byte[inputStream.available()];
                inputStream.read(bArr);
                PKCS12PFX pkcs12pfx = new PKCS12PFX(bArr);
                debug("Verifying the PFX MAC");
                if (pkcs12pfx.verifyMac(cArr)) {
                    debug("The PFX data is verified");
                } else {
                    debug("The PFX data is not verified");
                }
                debug("Extracting all certificates");
                Certificate[] certificates = pkcs12pfx.getCertificates(cArr, (PrivateKey) null, (Certificate) null);
                if (certificates == null || certificates.length == 0) {
                    debug("Got no certificates");
                } else {
                    debug(new StringBuffer().append("Got ").append(certificates.length).append(" certificates").toString());
                }
                return certificates;
            } catch (Exception e) {
                e.printStackTrace();
                throw new BcgException(" Failed to load CertificatesFromPKCS12 ", null, null, null, e);
            }
        } finally {
            closeInputStream(inputStream);
        }
    }

    public static PrivateKey loadPKCS8PrivateKey(byte[] bArr, char[] cArr) throws BcgException, PKCSException {
        if (bArr == null || bArr.length == 0 || cArr == null || cArr.length == 0) {
            throw new BcgException("The parameter passed is wrong", null, null, null);
        }
        EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = null;
        try {
            try {
                encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(bArr);
            } catch (IOException e) {
                error("Error decoding encrypted private key", e);
            }
            PrivateKeyInfo privateKeyInfo = new PrivateKeyInfo(encryptedPrivateKeyInfo.decrypt(cArr));
            debug(new StringBuffer().append("Decrypted the key and key algo name is ....").append(privateKeyInfo.getAlgorithm()).toString());
            return privateKeyInfo;
        } catch (Exception e2) {
            e2.printStackTrace();
            throw new BcgException(" Error loadPKCS8PrivateKey ", null, null, null, e2);
        } catch (PKCSException e3) {
            error("Error descrypting the private key with the given password. Password could be wrong");
            throw e3;
        }
    }

    public static void validateSignatureOfSelfSignedCertificate(X509Certificate x509Certificate) throws BcgException {
        if (!x509Certificate.getSubjectDN().equals(x509Certificate.getIssuerDN())) {
            debug("This is not an Self Signed Certificate");
            return;
        }
        debug("Its a self signed Certificate");
        try {
            x509Certificate.verify(x509Certificate.getPublicKey());
            debug("Its a perfect self Signed Certificate");
        } catch (Exception e) {
            String stringBuffer = new StringBuffer().append("Serial Number-").append(x509Certificate.getSerialNumber().toString(16).toUpperCase()).append(" ,Issuer Name -").append(x509Certificate.getIssuerDN().getName()).toString();
            if (e.getMessage() != null && e.getMessage().length() != 0) {
                throw new BcgException(new StringBuffer().append(e.getMessage()).append(" Cert:").append(stringBuffer).toString(), null, null, null, e);
            }
            throw new BcgException(new StringBuffer().append("Exception while validating signature of self-signed certificate. Cert:").append(stringBuffer).toString(), null, null, null, e);
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$com$ibm$bcg$util$WBICCertificateUtilities == null) {
            cls = class$("com.ibm.bcg.util.WBICCertificateUtilities");
            class$com$ibm$bcg$util$WBICCertificateUtilities = cls;
        } else {
            cls = class$com$ibm$bcg$util$WBICCertificateUtilities;
        }
        m_logger = Category.getInstance(cls.getName());
    }
}
