package com.ibm.security.keystoreutil;

import com.ibm.misc.BASE64Encoder;
import com.ibm.misc.Debug;
import com.ibm.security.x509.X500Name;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Map;

/* loaded from: input_file:wlp/lib/com.ibm.crypto.ibmkeycert_1.0.15.jar:com/ibm/security/keystoreutil/KeyStoreUtil.class */
public final class KeyStoreUtil {
    private static Debug debug = Debug.getInstance("keycertmanage");
    private static final Object className = "com.ibm.security.keystoreutil.KeyStoreUtil";

    /* loaded from: input_file:wlp/lib/com.ibm.crypto.ibmkeycert_1.0.15.jar:com/ibm/security/keystoreutil/KeyStoreUtil$KeyStoreTranslatorImpl.class */
    private static final class KeyStoreTranslatorImpl implements KeyStoreTranslator {
        private KeyStore targetStore;

        KeyStoreTranslatorImpl(String str) throws KeyStoreException {
            this.targetStore = null;
            this.targetStore = KeyStore.getInstance(str);
        }

        KeyStoreTranslatorImpl(String str, Provider provider) throws KeyStoreException {
            this.targetStore = null;
            this.targetStore = KeyStore.getInstance(str, provider);
        }

        KeyStoreTranslatorImpl(String str, String str2) throws KeyStoreException, NoSuchProviderException {
            this.targetStore = null;
            this.targetStore = KeyStore.getInstance(str, str2);
        }

        @Override // com.ibm.security.keystoreutil.KeyStoreTranslator
        public KeyStore translateStore(KeyStoreTranslatorParameters keyStoreTranslatorParameters) {
            try {
                KeyStore sourceKeyStore = keyStoreTranslatorParameters.getSourceKeyStore();
                Enumeration<String> aliases = sourceKeyStore.aliases();
                this.targetStore.load(null, keyStoreTranslatorParameters.getKeyStoreAccessPassword());
                deleteAllEntries(this.targetStore);
                while (aliases.hasMoreElements()) {
                    String nextElement = aliases.nextElement();
                    if (sourceKeyStore.isKeyEntry(nextElement)) {
                        this.targetStore.setKeyEntry(nextElement, sourceKeyStore.getKey(nextElement, keyStoreTranslatorParameters.getKeyProtectionPassword(nextElement)), keyStoreTranslatorParameters.getKeyProtectionPassword(nextElement), sourceKeyStore.getCertificateChain(nextElement));
                    } else if (sourceKeyStore.isCertificateEntry(nextElement)) {
                        this.targetStore.setCertificateEntry(nextElement, sourceKeyStore.getCertificate(nextElement));
                    }
                }
                return this.targetStore;
            } catch (Exception e) {
                throw new RuntimeException(e.getMessage(), e);
            }
        }

        private void deleteAllEntries(KeyStore keyStore) throws KeyStoreException {
            Iterator it = Collections.list(keyStore.aliases()).iterator();
            while (it.hasNext()) {
                keyStore.deleteEntry((String) it.next());
            }
        }
    }

    /* loaded from: input_file:wlp/lib/com.ibm.crypto.ibmkeycert_1.0.15.jar:com/ibm/security/keystoreutil/KeyStoreUtil$TranslatorParametersImpl.class */
    private static final class TranslatorParametersImpl implements KeyStoreTranslatorParameters {
        private KeyStore source;
        private char[] accessPassword;
        private Map<String, char[]> keyPasswords;

        private static void wipeArray(char[] cArr) {
            for (int i = 0; i < cArr.length; i++) {
                cArr[i] = 0;
            }
        }

        TranslatorParametersImpl(KeyStore keyStore, char[] cArr, Map<String, char[]> map) {
            this.source = null;
            this.accessPassword = null;
            this.keyPasswords = null;
            if (keyStore == null) {
                throw new NullPointerException("The source KeyStore cannot be null.");
            }
            if (cArr == null) {
                throw new NullPointerException("The source KeyStore access password should be provided.");
            }
            this.source = keyStore;
            this.accessPassword = cArr;
            this.keyPasswords = map;
        }

        @Override // com.ibm.security.keystoreutil.KeyStoreTranslatorParameters
        public KeyStore getSourceKeyStore() {
            return this.source;
        }

        @Override // com.ibm.security.keystoreutil.KeyStoreTranslatorParameters
        public char[] getKeyStoreAccessPassword() {
            return this.accessPassword;
        }

        @Override // com.ibm.security.keystoreutil.KeyStoreTranslatorParameters
        public char[] getKeyProtectionPassword(String str) {
            return (this.keyPasswords == null || this.keyPasswords.isEmpty()) ? this.accessPassword : this.keyPasswords.containsKey(str) ? this.keyPasswords.get(str) : this.accessPassword;
        }

        @Override // com.ibm.security.keystoreutil.KeyStoreTranslatorParameters
        public void destroyParameters() {
            this.source = null;
            wipeArray(this.accessPassword);
            this.accessPassword = null;
            if (this.keyPasswords == null || this.keyPasswords.isEmpty()) {
                return;
            }
            Iterator<char[]> it = this.keyPasswords.values().iterator();
            while (it.hasNext()) {
                wipeArray(it.next());
            }
            this.keyPasswords.clear();
            this.keyPasswords = null;
        }
    }

    private KeyStoreUtil() {
        throw new UnsupportedOperationException();
    }

    public static KeyStoreTranslator newTranslator(String str) throws KeyStoreException {
        return new KeyStoreTranslatorImpl(str);
    }

    public static KeyStoreTranslator newTranslator(String str, Provider provider) throws KeyStoreException {
        return new KeyStoreTranslatorImpl(str, provider);
    }

    public static KeyStoreTranslator newTranslator(String str, String str2) throws KeyStoreException, NoSuchProviderException {
        return new KeyStoreTranslatorImpl(str, str2);
    }

    public static KeyStoreTranslatorParameters newTranslatorParameters(KeyStore keyStore, char[] cArr, Map<String, char[]> map) {
        return new TranslatorParametersImpl(keyStore, cArr, map);
    }

    public static void importCertificate(InputStream inputStream, KeyStore keyStore, String str) throws CertificateException, IOException, KeyStoreException {
        if (debug != null) {
            debug.text(1L, className, "importCertificate", "entering method");
        }
        if (inputStream == null) {
            if (debug != null) {
                debug.exception(4L, className, "importCertificate", new NullPointerException("input stream cannot be null."));
            }
            throw new NullPointerException("input stream cannot be null.");
        }
        if (keyStore == null) {
            if (debug != null) {
                debug.exception(4L, className, "importCertificate", new NullPointerException("KeyStore cannot be null."));
            }
            throw new NullPointerException("KeyStore cannot be null.");
        }
        try {
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509", "IBMJCE").generateCertificate(inputStream);
            String str2 = str;
            if (str2 == null) {
                str2 = ((X500Name) x509Certificate.getSubjectDN()).getCommonName();
            }
            keyStore.setCertificateEntry(str2, x509Certificate);
            if (debug != null) {
                debug.text(1L, className, "importCertificate", "exiting method");
            }
        } catch (NoSuchProviderException e) {
            throw new RuntimeException(e.getMessage());
        }
    }

    public static void importCertificates(InputStream inputStream, KeyStore keyStore) throws CertificateException, IOException, KeyStoreException {
        if (debug != null) {
            debug.text(1L, className, "importCertificates", "entering method");
        }
        if (inputStream == null) {
            if (debug != null) {
                debug.exception(4L, className, "importCertificates", new NullPointerException("input stream cannot be null."));
            }
            throw new NullPointerException("input stream cannot be null.");
        }
        if (keyStore == null) {
            if (debug != null) {
                debug.exception(4L, className, "importCertificates", new NullPointerException("KeyStore cannot be null."));
            }
            throw new NullPointerException("KeyStore cannot be null.");
        }
        try {
            Iterator<? extends Certificate> it = CertificateFactory.getInstance("X.509", "IBMJCE").generateCertificates(inputStream).iterator();
            while (it.hasNext()) {
                X509Certificate x509Certificate = (X509Certificate) it.next();
                keyStore.setCertificateEntry(((X500Name) x509Certificate.getSubjectDN()).getCommonName(), x509Certificate);
            }
            if (debug != null) {
                debug.text(1L, className, "importCertificates", "exiting method");
            }
        } catch (NoSuchProviderException e) {
            throw new RuntimeException(e.getMessage());
        }
    }

    public static void exportCertificate(OutputStream outputStream, KeyStore keyStore, String str, boolean z) throws KeyStoreException, CertificateEncodingException, IOException {
        if (debug != null) {
            debug.text(1L, className, "exportCertificate", "entering method");
        }
        if (outputStream == null) {
            if (debug != null) {
                debug.exception(4L, className, "exportCertificate", new NullPointerException("output stream cannot be null."));
            }
            throw new NullPointerException("output stream cannot be null.");
        }
        if (keyStore == null) {
            if (debug != null) {
                debug.exception(4L, className, "exportCertificate", new NullPointerException("KeyStore cannot be null."));
            }
            throw new NullPointerException("KeyStore cannot be null.");
        }
        if (str == null || str.length() == 0) {
            if (debug != null) {
                debug.exception(4L, className, "exportCertificate", new NullPointerException("alias cannot be null."));
            }
            throw new NullPointerException("alias cannot be null.");
        }
        Certificate certificate = keyStore.getCertificate(str);
        if (certificate == null) {
            if (debug != null) {
                debug.exception(4L, className, "exportCertificate", new KeyStoreException("Certificate cannot be found in KeyStore."));
            }
            throw new KeyStoreException("Certificate cannot be found in KeyStore.");
        }
        byte[] encoded = certificate.getEncoded();
        if (z) {
            outputStream.write("-----BEGIN CERTIFICATE-----\r\n".getBytes("8859_1"));
            new BASE64Encoder().encode(encoded, outputStream);
            outputStream.write("\r\n-----END CERTIFICATE-----".getBytes("8859_1"));
        } else {
            outputStream.write(encoded);
        }
        if (debug != null) {
            debug.text(1L, className, "exportCertificate", "exiting method");
        }
    }
}
