package com.github.ibole.infrastructure.security.key;

import com.github.ibole.infrastructure.common.utils.FileUtil;
import com.github.ibole.infrastructure.common.utils.NLS;
import com.github.ibole.infrastructure.security.CertificateCoder;
import com.github.ibole.infrastructure.security.certificate.CertificateDetailsInfo;
import com.github.ibole.infrastructure.security.certificate.SslCertificateUtils;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Calendar;
import java.util.GregorianCalendar;
import java.util.Map;
import org.apache.commons.io.IOUtils;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x500.X500NameBuilder;
import org.bouncycastle.asn1.x500.style.BCStrictStyle;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/github/ibole/infrastructure/security/key/KeyStoreUtils.class */
public final class KeyStoreUtils {
    private static Logger logger = LoggerFactory.getLogger(KeyStoreUtils.class.getName());
    private static final String BC = "BC";

    private KeyStoreUtils() {
    }

    public static void main(String[] strArr) throws Exception {
        CertificateDetailsInfo certificateDetailsInfo = new CertificateDetailsInfo("Alias test", "CA", "toprank", "byd", "SZ", "China", "gd", "10", null, null);
        File file = new File("D:/work/tfs/Toprank BasePlatform Solution/toprank-infrastructure/infrastructure-security/src/main/java/cc/toprank/infrastructure/security/key/ks.cert");
        createX509CertificateWithECDSA(certificateDetailsInfo, file, "JKS", "mypassword".toCharArray(), "ECDSA-ALIAs");
        SslCertificateUtils.saveX509Certificate((X509Certificate) SslCertificateUtils.getCertificate(file.getAbsolutePath(), "ECDSA-ALIAs", "mypassword"), "D:/work/tfs/Toprank BasePlatform Solution/toprank-infrastructure/infrastructure-security/src/main/java/cc/toprank/infrastructure/security/key/client.cert");
        byte[] decryptByPrivateKey = CertificateCoder.decryptByPrivateKey("test data".getBytes(), file.getAbsolutePath(), "ECDSA-ALIAs", "mypassword");
        CertificateCoder.sign("sign data".getBytes(), file.getAbsolutePath(), "ECDSA-ALIAs", "mypassword");
        Boolean valueOf = Boolean.valueOf(CertificateCoder.verify(decryptByPrivateKey, "sign data", "D:/work/tfs/Toprank BasePlatform Solution/toprank-infrastructure/infrastructure-security/src/main/java/cc/toprank/infrastructure/security/key/client.cert"));
        System.out.println(CertificateCoder.decryptByPublicKey(decryptByPrivateKey, "D:/work/tfs/Toprank BasePlatform Solution/toprank-infrastructure/infrastructure-security/src/main/java/cc/toprank/infrastructure/security/key/client.cert"));
        System.out.println(valueOf);
    }

    public static KeyStore createKeystore(File file, char[] cArr) throws KeyStoreManagerException {
        return createKeystore(file, KeyStore.getDefaultType(), cArr);
    }

    public static KeyStore createKeystore(File file, String str, char[] cArr) throws KeyStoreManagerException {
        if (file == null || file.exists()) {
            throw new KeyStoreManagerException(file == null ? "Param cannot be empty" : "File Already Exists" + file);
        }
        KeyStore loadKeystore = loadKeystore(file, cArr, str);
        try {
            writeKeyStore(loadKeystore, cArr, file);
            return loadKeystore;
        } catch (Exception e) {
            throw new KeyStoreManagerException(e);
        }
    }

    public static void writeKeyStore(KeyStore keyStore, char[] cArr, File file) throws FileNotFoundException, KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, KeyStoreManagerException {
        writeKeyStore(keyStore, null, cArr, file);
    }

    private static void writeKeyStore(KeyStore keyStore, char[] cArr, char[] cArr2, File file) throws FileNotFoundException, KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, KeyStoreManagerException {
        FileOutputStream fileOutputStream = null;
        try {
            if (cArr == null) {
                fileOutputStream = new FileOutputStream(file);
                keyStore.store(fileOutputStream, cArr2);
            } else if (loadKeystore(file, cArr, keyStore.getType()) != null) {
                fileOutputStream = new FileOutputStream(file);
                keyStore.store(fileOutputStream, cArr2);
            }
            if (fileOutputStream != null) {
                try {
                    fileOutputStream.close();
                } catch (IOException e) {
                    logger.error("Could not close steam while writing keystore file. " + e.getMessage());
                }
            }
        } finally {
            if (fileOutputStream != null) {
                try {
                    fileOutputStream.close();
                } catch (IOException e2) {
                    logger.error("Could not close steam while writing keystore file. " + e2.getMessage());
                }
            }
        }
    }

    public static KeyStore loadKeystore(File file, char[] cArr) throws KeyStoreManagerException {
        return loadKeystore(file, cArr, KeyStore.getDefaultType());
    }

    public static KeyStore getKeyStore(String str, char[] cArr, String str2) throws KeyStoreManagerException {
        KeyStore createKeystore;
        FileInputStream fileInputStream = null;
        try {
            try {
                File file = new File(str);
                if (file == null || !file.exists() || file.length() <= 0) {
                    createKeystore = createKeystore(file, str2, cArr);
                } else {
                    fileInputStream = new FileInputStream(file);
                    createKeystore = KeyStore.getInstance(str2);
                    createKeystore.load(fileInputStream, cArr);
                }
                if (fileInputStream != null) {
                    IOUtils.closeQuietly(fileInputStream);
                }
                return createKeystore;
            } catch (Exception e) {
                throw new KeyStoreManagerException(e);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                IOUtils.closeQuietly((InputStream) null);
            }
            throw th;
        }
    }

    public static KeyStore loadKeystore(File file, char[] cArr, String str) throws KeyStoreManagerException {
        FileInputStream fileInputStream = null;
        try {
            try {
                KeyStore keyStore = KeyStore.getInstance(str);
                if (file != null && file.exists() && file.length() > 0) {
                    fileInputStream = new FileInputStream(file);
                }
                keyStore.load(fileInputStream, cArr);
                if (fileInputStream != null) {
                    IOUtils.closeQuietly(fileInputStream);
                }
                return keyStore;
            } catch (Exception e) {
                throw new KeyStoreManagerException(e);
            }
        } catch (Throwable th) {
            if (fileInputStream != null) {
                IOUtils.closeQuietly(fileInputStream);
            }
            throw th;
        }
    }

    public static void deleteKeystore(File file) throws KeyStoreManagerException {
        try {
            FileUtil.deleteFile(file);
        } catch (IOException e) {
            throw new KeyStoreManagerException(e);
        }
    }

    public static void changeKeystorePasswd(KeyStore keyStore, File file, char[] cArr, char[] cArr2) throws KeyStoreManagerException {
        try {
            writeKeyStore(loadKeystore(file, cArr, keyStore.getType()), cArr, cArr2, file);
        } catch (Exception e) {
            throw new KeyStoreManagerException(e);
        }
    }

    public static void addEntry(KeyStore keyStore, char[] cArr, File file, String str, KeyStore.Entry entry, char[] cArr2) throws KeyStoreManagerException {
        try {
            KeyStore.PasswordProtection passwordProtection = new KeyStore.PasswordProtection(cArr2);
            KeyStore loadKeystore = loadKeystore(file, cArr, keyStore.getType());
            if (loadKeystore.containsAlias(str)) {
                throw new KeyStoreManagerException("Alias \"{" + str + "}\" already exists.");
            }
            loadKeystore.setEntry(str, entry, passwordProtection);
            writeKeyStore(loadKeystore, cArr, file);
        } catch (KeyStoreManagerException e) {
            throw e;
        } catch (Exception e2) {
            throw new KeyStoreManagerException(e2);
        }
    }

    public static void changeEntryPassword(KeyStore keyStore, char[] cArr, File file, String str, KeyStore.Entry entry, char[] cArr2) throws KeyStoreManagerException {
        try {
            keyStore.setEntry(str, entry, new KeyStore.PasswordProtection(cArr2));
            writeKeyStore(keyStore, cArr, file);
        } catch (Exception e) {
            throw new KeyStoreManagerException("Error attempting to change password for " + str, e);
        }
    }

    public static void createX509CertificateWithECDSA(CertificateDetailsInfo certificateDetailsInfo, File file, String str, char[] cArr, String str2) throws KeyStoreManagerException {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("ECDSA", BC);
            keyPairGenerator.initialize(256);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            ECPublicKey eCPublicKey = (ECPublicKey) generateKeyPair.getPublic();
            PKCS8EncodedKeySpec pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(((ECPrivateKey) generateKeyPair.getPrivate()).getEncoded());
            X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(eCPublicKey.getEncoded());
            KeyFactory keyFactory = KeyFactory.getInstance("ECDSA", BC);
            PrivateKey generatePrivate = keyFactory.generatePrivate(pKCS8EncodedKeySpec);
            PublicKey generatePublic = keyFactory.generatePublic(x509EncodedKeySpec);
            X500NameBuilder x500NameBuilder = new X500NameBuilder(new BCStrictStyle());
            addField(BCStyle.C, certificateDetailsInfo.getCountry(), x500NameBuilder);
            addField(BCStyle.ST, certificateDetailsInfo.getState(), x500NameBuilder);
            addField(BCStyle.L, certificateDetailsInfo.getLocality(), x500NameBuilder);
            addField(BCStyle.O, certificateDetailsInfo.getOrganization(), x500NameBuilder);
            addField(BCStyle.OU, certificateDetailsInfo.getOrganizationUnit(), x500NameBuilder);
            addField(BCStyle.CN, certificateDetailsInfo.getCommonName(), x500NameBuilder);
            X500Name build = x500NameBuilder.build();
            X509Certificate certificate = new JcaX509CertificateConverter().setProvider(BC).getCertificate(new JcaX509v3CertificateBuilder(build, BigInteger.valueOf(new SecureRandom().nextInt()), GregorianCalendar.getInstance().getTime(), certificateDetailsInfo.getExpirationDate(), build, generatePublic).build(new JcaContentSignerBuilder("SHA256withECDSA").setProvider(BC).build(generatePrivate)));
            KeyStore keyStore = KeyStore.getInstance(str);
            keyStore.load(null, null);
            keyStore.setKeyEntry(str2, generatePrivate, cArr, new Certificate[]{certificate});
            writeKeyStore(keyStore, cArr, file);
        } catch (OperatorCreationException | IOException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | CertificateException | InvalidKeySpecException e) {
            throw new KeyStoreManagerException("Error attempting to create X509Certificate with ECDSA", e);
        }
    }

    private static void addField(ASN1ObjectIdentifier aSN1ObjectIdentifier, String str, X500NameBuilder x500NameBuilder) {
        if (str.length() > 0) {
            x500NameBuilder.addRDN(aSN1ObjectIdentifier, str);
        }
    }

    public static void deleteEntry(KeyStore keyStore, char[] cArr, File file, String str) throws KeyStoreManagerException {
        try {
            KeyStore loadKeystore = loadKeystore(file, cArr, keyStore.getType());
            loadKeystore.deleteEntry(str);
            writeKeyStore(loadKeystore, cArr, file);
        } catch (Exception e) {
            logger.error("Delete '{0}' error happened", str, e);
            throw new KeyStoreManagerException("Delete" + str + "error happened", e);
        }
    }

    public static void changeKeyStoreType(File file, char[] cArr, String str, String str2, Map<String, String> map) throws KeyStoreManagerException {
        boolean z = false;
        File file2 = new File(file.getAbsolutePath() + "_" + Long.toString(Calendar.getInstance().getTimeInMillis()));
        file2.delete();
        if (!file.renameTo(file2)) {
            throw new KeyStoreManagerException(NLS.bind("Could not convert the KeyStore {0} to type {1}, could not backup the current keyStore file, maybe it's in use by another program.", file, str2));
        }
        try {
            KeyStore keyStore = KeyStore.Builder.newInstance(str, null, file2, new KeyStore.PasswordProtection(cArr)).getKeyStore();
            KeyStore createKeystore = createKeystore(file, str2, cArr);
            for (String str3 : map.keySet()) {
                KeyStore.PasswordProtection passwordProtection = new KeyStore.PasswordProtection(map.get(str3).toCharArray());
                createKeystore.setEntry(str3, keyStore.getEntry(str3, passwordProtection), passwordProtection);
            }
            writeKeyStore(createKeystore, cArr, file);
        } catch (KeyStoreManagerException e) {
            z = true;
            logger.error("Invalid password while trying to create a new keystore, changing a keyStore type.", e);
        } catch (Exception e2) {
            if (e2.getMessage().contains("password was incorrect") || e2.getCause().getMessage().contains("password was incorrect")) {
                file.delete();
                file2.renameTo(file);
                throw new KeyStoreManagerException(e2.getMessage());
            }
            logger.error("Exception occurred while attempting to change a keyStore type.", e2);
            z = true;
        }
        if (z) {
            file.delete();
            file2.renameTo(file);
            throw new KeyStoreManagerException(NLS.bind("Could not convert the KeyStore {0} to type {1}", file, str2));
        }
        file2.delete();
    }

    public static void importKeys(KeyStore keyStore, File file, String str, char[] cArr, KeyStore keyStore2, File file2, char[] cArr2, Map<String, String> map) throws KeyStoreManagerException {
        if (!isValidKeyStorePasswd(file, str, cArr)) {
            throw new KeyStoreManagerException("Invalid Keystore Password.");
        }
        try {
            for (String str2 : map.keySet()) {
                if (keyStore2.containsAlias(str2)) {
                    KeyStore.PasswordProtection passwordProtection = new KeyStore.PasswordProtection(map.get(str2).toCharArray());
                    KeyStore.Entry entry = keyStore2.getEntry(str2, passwordProtection);
                    if (keyStore.containsAlias(str2)) {
                        str2 = str2 + "_" + file2.getName();
                    }
                    int i = 1;
                    while (keyStore.containsAlias(str2)) {
                        str2 = str2 + "_" + i;
                        i++;
                    }
                    keyStore.setEntry(str2, entry, passwordProtection);
                } else {
                    logger.error(NLS.bind("Alias {0} could not be imported because it doesn't exists on originKeyStore", str2));
                }
            }
            writeKeyStore(keyStore, cArr, file);
        } catch (Exception e) {
            throw new KeyStoreManagerException("Could not import the selected aliases into " + file.getName(), e);
        }
    }

    public static boolean isValidKeyStorePasswd(File file, String str, char[] cArr) {
        KeyStore keyStore = null;
        try {
            keyStore = loadKeystore(file, cArr, str);
        } catch (KeyStoreManagerException e) {
        }
        return keyStore != null;
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
    }
}
