package org.objectweb.proactive.extensions.ssl;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.LinkedList;
import org.apache.commons.cli.CommandLine;
import org.apache.commons.cli.GnuParser;
import org.apache.commons.cli.HelpFormatter;
import org.apache.commons.cli.Option;
import org.apache.commons.cli.OptionGroup;
import org.apache.commons.cli.Options;
import org.apache.commons.cli.ParseException;
import org.objectweb.proactive.utils.PasswordField;

/* loaded from: input_file:org/objectweb/proactive/extensions/ssl/KeyStoreCreator.class */
public class KeyStoreCreator {
    private final String[] OPT_HELP = {"h", "help", "Show help"};
    private final String[] OPT_KEYSTORE = {"k", "keystore", "The keystore file"};
    private final String[] OPT_CREATE = {"c", "create", "Create a keystore with a self signed certificate"};
    private final String[] OPT_UPDATE = {"u", "update", "Update the certificate inside the keystore"};
    private final String[] OPT_VERIFY = {"v", "verify", "Verify the certificate with right subject dn can be found"};

    public static void main(String[] strArr) throws Exception {
        SslHelpers.insertBouncyCastle();
        new KeyStoreCreator().parseOptions(strArr);
    }

    private void printHelp(Options options) {
        new HelpFormatter().printHelp("KeyStoreCreator", options);
        System.exit(0);
    }

    public void parseOptions(String[] strArr) throws Exception {
        Options options = new Options();
        options.addOption(this.OPT_HELP[0], this.OPT_HELP[1], false, this.OPT_HELP[2]);
        options.addOption(this.OPT_KEYSTORE[0], this.OPT_KEYSTORE[1], true, this.OPT_KEYSTORE[2]);
        OptionGroup optionGroup = new OptionGroup();
        optionGroup.addOption(new Option(this.OPT_CREATE[0], this.OPT_CREATE[1], false, this.OPT_CREATE[2]));
        optionGroup.addOption(new Option(this.OPT_UPDATE[0], this.OPT_UPDATE[1], false, this.OPT_UPDATE[2]));
        optionGroup.addOption(new Option(this.OPT_VERIFY[0], this.OPT_VERIFY[1], false, this.OPT_VERIFY[2]));
        options.addOptionGroup(optionGroup);
        try {
            CommandLine parse = new GnuParser().parse(options, strArr);
            if (parse.hasOption(this.OPT_HELP[0])) {
                printHelp(options);
            }
            if (!parse.hasOption(this.OPT_KEYSTORE[0])) {
                System.err.println("The " + this.OPT_KEYSTORE[1] + " option is mandatory");
                return;
            }
            String optionValue = parse.getOptionValue(this.OPT_KEYSTORE[0]);
            boolean z = false;
            if (parse.hasOption(this.OPT_CREATE[0])) {
                z = true;
                if (!create(optionValue)) {
                    System.exit(1);
                }
            }
            if (parse.hasOption(this.OPT_UPDATE[0])) {
                z = true;
                if (!update(optionValue)) {
                    System.exit(1);
                }
            }
            if (parse.hasOption(this.OPT_VERIFY[0])) {
                z = true;
                if (!verify(optionValue)) {
                    System.exit(1);
                }
            }
            if (z) {
                return;
            }
            System.err.println("One of " + this.OPT_CREATE[1] + ", " + this.OPT_UPDATE[1] + ", " + this.OPT_VERIFY[1] + " has is needed\n");
            printHelp(options);
        } catch (ParseException e) {
            System.err.println(e);
        }
    }

    private boolean verify(String str) {
        try {
            FileInputStream fileInputStream = new FileInputStream(str);
            try {
                KeyStore keyStore = KeyStore.getInstance("PKCS12", SslHelpers.BC_NAME);
                keyStore.load(fileInputStream, SslHelpers.DEFAULT_KS_PASSWD.toCharArray());
                try {
                    Enumeration<String> aliases = keyStore.aliases();
                    LinkedList linkedList = new LinkedList();
                    LinkedList linkedList2 = new LinkedList();
                    while (aliases.hasMoreElements()) {
                        String nextElement = aliases.nextElement();
                        if (nextElement.matches(SslHelpers.DEFAULT_ALIAS_PATTERN)) {
                            linkedList.add(keyStore.getCertificate(nextElement));
                        } else {
                            linkedList2.add(keyStore.getCertificate(nextElement));
                        }
                        if (linkedList.size() <= 0) {
                            System.err.println("No matching certificate foud. " + linkedList2.size() + " non matching certificate found.");
                            return false;
                        }
                        System.out.println(String.valueOf(linkedList.size()) + " matching certificate found");
                        Iterator it = linkedList.iterator();
                        while (it.hasNext()) {
                            System.out.println((Certificate) it.next());
                        }
                    }
                    return true;
                } catch (KeyStoreException e) {
                    e.printStackTrace();
                    return false;
                }
            } catch (Exception e2) {
                System.err.println("Failed to open the key store: " + e2);
                return false;
            }
        } catch (FileNotFoundException e3) {
            System.err.println("Failed to open the key store: " + e3);
            return false;
        }
    }

    private boolean update(String str) {
        try {
            FileInputStream fileInputStream = new FileInputStream(str);
            try {
                KeyStore keyStore = KeyStore.getInstance("PKCS12", SslHelpers.BC_NAME);
                keyStore.load(fileInputStream, SslHelpers.DEFAULT_KS_PASSWD.toCharArray());
                try {
                    CertificateGenerator certificateGenerator = new CertificateGenerator();
                    X509Certificate generateCertificate = certificateGenerator.generateCertificate(SslHelpers.DEFAULT_SUBJET_DN, certificateGenerator.generateRSAKeyPair());
                    try {
                        keyStore.deleteEntry(SslHelpers.DEFAULT_SUBJET_DN);
                    } catch (KeyStoreException e) {
                    }
                    keyStore.setCertificateEntry(SslHelpers.DEFAULT_SUBJET_DN, generateCertificate);
                    FileOutputStream fileOutputStream = new FileOutputStream(new File(str));
                    keyStore.store(fileOutputStream, SslHelpers.DEFAULT_KS_PASSWD.toCharArray());
                    fileOutputStream.close();
                    return true;
                } catch (Exception e2) {
                    System.err.println("Failed to update the keystore " + str + ": " + e2);
                    return false;
                }
            } catch (Exception e3) {
                System.err.println("Failed to open the key store: " + e3);
                return false;
            }
        } catch (FileNotFoundException e4) {
            System.err.println("Failed to open the key store: " + e4);
            return false;
        }
    }

    private void clearPassword(char[] cArr) {
        if (cArr != null) {
            Arrays.fill(cArr, ' ');
        }
    }

    private char[] askPassword(String str) throws IOException {
        while (true) {
            char[] password = PasswordField.getPassword(System.in, String.valueOf(str) + ":");
            char[] password2 = PasswordField.getPassword(System.in, String.valueOf(str) + "(confirm):");
            if (Arrays.equals(password, password2)) {
                clearPassword(password2);
                return password;
            }
            clearPassword(password);
            clearPassword(password2);
            System.out.println("The two password does not match. Please try again");
        }
    }

    private boolean create(String str) {
        try {
            CertificateGenerator certificateGenerator = new CertificateGenerator();
            KeyPair generateRSAKeyPair = certificateGenerator.generateRSAKeyPair();
            X509Certificate generateCertificate = certificateGenerator.generateCertificate(SslHelpers.DEFAULT_SUBJET_DN, generateRSAKeyPair);
            KeyStore keyStore = KeyStore.getInstance("PKCS12", SslHelpers.BC_NAME);
            keyStore.load(null, null);
            keyStore.setKeyEntry(SslHelpers.DEFAULT_SUBJET_DN, generateRSAKeyPair.getPrivate(), SslHelpers.DEFAULT_KS_PASSWD.toCharArray(), new X509Certificate[]{generateCertificate});
            FileOutputStream fileOutputStream = new FileOutputStream(new File(str));
            keyStore.store(fileOutputStream, SslHelpers.DEFAULT_KS_PASSWD.toCharArray());
            fileOutputStream.close();
            return true;
        } catch (Exception e) {
            System.err.println("Failed to create the keystore " + str + ": " + e);
            return false;
        }
    }
}
