package org.eclipse.andmore.android.certmanager.core;

import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Calendar;
import java.util.Map;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.cmp.PKIFailureInfo;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x500.X500NameBuilder;
import org.bouncycastle.asn1.x500.style.BCStrictStyle;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.cert.X509v3CertificateBuilder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.crypto.params.RSAKeyParameters;
import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder;
import org.eclipse.andmore.android.certmanager.exception.InvalidPasswordException;
import org.eclipse.andmore.android.certmanager.exception.KeyStoreManagerException;
import org.eclipse.andmore.android.certmanager.i18n.CertificateManagerNLS;
import org.eclipse.andmore.android.certmanager.packaging.sign.ISignConstants;
import org.eclipse.andmore.android.certmanager.ui.model.CertificateDetailsInfo;
import org.eclipse.andmore.android.common.log.AndmoreLogger;
import org.eclipse.andmore.android.common.utilities.FileUtil;
import org.eclipse.osgi.util.NLS;

/* loaded from: input_file:org/eclipse/andmore/android/certmanager/core/KeyStoreUtils.class */
public class KeyStoreUtils {
    private static final String ERROR_DELETING_ALIAS = CertificateManagerNLS.KeyStoreUtils_ErrorDeletingAlias;

    public static KeyStore createKeystore(File file, char[] cArr) throws KeyStoreManagerException, InvalidPasswordException {
        return createKeystore(file, KeyStore.getDefaultType(), cArr);
    }

    public static KeyStore createKeystore(File file, String str, char[] cArr) throws KeyStoreManagerException, InvalidPasswordException {
        if (file == null || file.exists()) {
            throw new KeyStoreManagerException(NLS.bind(CertificateManagerNLS.KeyStoreUtils_Error_FileAlreadyExists, file));
        }
        KeyStore loadKeystore = loadKeystore(file, cArr, str);
        try {
            writeKeyStore(loadKeystore, cArr, file);
            return loadKeystore;
        } catch (Exception e) {
            throw new KeyStoreManagerException(NLS.bind(CertificateManagerNLS.KeyStoreUtils_Error_WriteKeyStore, file), e);
        }
    }

    public static void writeKeyStore(KeyStore keyStore, char[] cArr, File file) throws FileNotFoundException, KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, KeyStoreManagerException, InvalidPasswordException {
        writeKeyStore(keyStore, null, cArr, file);
    }

    private static void writeKeyStore(KeyStore keyStore, char[] cArr, char[] cArr2, File file) throws FileNotFoundException, KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, KeyStoreManagerException, InvalidPasswordException {
        FileOutputStream fileOutputStream = null;
        try {
            if (cArr == null) {
                fileOutputStream = new FileOutputStream(file);
                keyStore.store(fileOutputStream, cArr2);
            } else if (loadKeystore(file, cArr, keyStore.getType()) != null) {
                fileOutputStream = new FileOutputStream(file);
                keyStore.store(fileOutputStream, cArr2);
            }
            if (fileOutputStream != null) {
                try {
                    fileOutputStream.close();
                } catch (IOException e) {
                    AndmoreLogger.error("Could not close steam while writing keystore file. " + e.getMessage());
                }
            }
        } finally {
            if (fileOutputStream != null) {
                try {
                    fileOutputStream.close();
                } catch (IOException e2) {
                    AndmoreLogger.error("Could not close steam while writing keystore file. " + e2.getMessage());
                }
            }
        }
    }

    public static KeyStore loadKeystore(File file, char[] cArr) throws KeyStoreManagerException, InvalidPasswordException {
        return loadKeystore(file, cArr, KeyStore.getDefaultType());
    }

    public static KeyStore loadKeystore(File file, char[] cArr, String str) throws KeyStoreManagerException, InvalidPasswordException {
        FileInputStream fileInputStream = null;
        try {
            try {
                KeyStore keyStore = KeyStore.getInstance(str);
                if (file != null && file.exists() && file.length() > 0) {
                    fileInputStream = new FileInputStream(file);
                }
                keyStore.load(fileInputStream, cArr);
                return keyStore;
            } finally {
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e) {
                        AndmoreLogger.error("Could not close steam while loading keystore. " + e.getMessage());
                    }
                }
            }
        } catch (IOException e2) {
            if (e2.getMessage().contains("password was incorrect") || (e2.getCause() instanceof UnrecoverableKeyException)) {
                throw new InvalidPasswordException(e2.getMessage());
            }
            throw new KeyStoreManagerException(NLS.bind(CertificateManagerNLS.KeyStoreUtils_Error_LoadKeyStore, file), e2);
        } catch (Exception e3) {
            throw new KeyStoreManagerException(NLS.bind(CertificateManagerNLS.KeyStoreUtils_Error_LoadKeyStore, file), e3);
        }
    }

    public static void deleteKeystore(File file) throws KeyStoreManagerException {
        try {
            FileUtil.deleteFile(file);
        } catch (IOException e) {
            throw new KeyStoreManagerException(NLS.bind(CertificateManagerNLS.KeyStoreUtils_Error_DeleteKeyStore, file), e);
        }
    }

    public static void changeKeystorePasswd(KeyStore keyStore, File file, char[] cArr, char[] cArr2) throws KeyStoreManagerException {
        try {
            writeKeyStore(loadKeystore(file, cArr, keyStore.getType()), cArr, cArr2, file);
        } catch (Exception e) {
            throw new KeyStoreManagerException(NLS.bind(CertificateManagerNLS.KeyStoreUtils_Error_WriteKeyStore, file), e);
        }
    }

    public static void addEntry(KeyStore keyStore, char[] cArr, File file, String str, KeyStore.Entry entry, char[] cArr2) throws KeyStoreManagerException {
        try {
            KeyStore.PasswordProtection passwordProtection = new KeyStore.PasswordProtection(cArr2);
            KeyStore loadKeystore = loadKeystore(file, cArr, keyStore.getType());
            if (loadKeystore.containsAlias(str)) {
                throw new KeyStoreManagerException(NLS.bind("Alias \"{0}\" already exists.", str));
            }
            loadKeystore.setEntry(str, entry, passwordProtection);
            writeKeyStore(loadKeystore, cArr, file);
        } catch (Exception e) {
            throw new KeyStoreManagerException(NLS.bind(CertificateManagerNLS.KeyStoreUtils_Error_AddEntryToKeyStore, str), e);
        } catch (KeyStoreManagerException e2) {
            throw e2;
        }
    }

    public static void changeEntryPassword(KeyStore keyStore, char[] cArr, File file, String str, KeyStore.Entry entry, char[] cArr2) throws KeyStoreManagerException {
        try {
            keyStore.setEntry(str, entry, new KeyStore.PasswordProtection(cArr2));
            writeKeyStore(keyStore, cArr, file);
        } catch (Exception e) {
            throw new KeyStoreManagerException(NLS.bind("Error attempting to change password for {0}", str), e);
        }
    }

    public static X509Certificate createX509Certificate(KeyPair keyPair, CertificateDetailsInfo certificateDetailsInfo) throws IOException, OperatorCreationException, CertificateException {
        PublicKey publicKey = keyPair.getPublic();
        PrivateKey privateKey = keyPair.getPrivate();
        if (!(publicKey instanceof RSAPublicKey) || !(privateKey instanceof RSAPrivateKey)) {
            throw new IllegalArgumentException(CertificateManagerNLS.KeyStoreUtils_RSA_Keys_Expected);
        }
        RSAPublicKey rSAPublicKey = (RSAPublicKey) publicKey;
        RSAPrivateKey rSAPrivateKey = (RSAPrivateKey) privateKey;
        ASN1InputStream aSN1InputStream = null;
        try {
            aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(rSAPublicKey.getEncoded()));
            SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo((ASN1Sequence) aSN1InputStream.readObject());
            X500NameBuilder x500NameBuilder = new X500NameBuilder(new BCStrictStyle());
            addField(BCStyle.C, certificateDetailsInfo.getCountry(), x500NameBuilder);
            addField(BCStyle.ST, certificateDetailsInfo.getState(), x500NameBuilder);
            addField(BCStyle.L, certificateDetailsInfo.getLocality(), x500NameBuilder);
            addField(BCStyle.O, certificateDetailsInfo.getOrganization(), x500NameBuilder);
            addField(BCStyle.OU, certificateDetailsInfo.getOrganizationUnit(), x500NameBuilder);
            addField(BCStyle.CN, certificateDetailsInfo.getCommonName(), x500NameBuilder);
            X500Name build = x500NameBuilder.build();
            X509v3CertificateBuilder x509v3CertificateBuilder = new X509v3CertificateBuilder(build, BigInteger.valueOf(new SecureRandom().nextInt()), Calendar.getInstance().getTime(), certificateDetailsInfo.getExpirationDate(), build, subjectPublicKeyInfo);
            AlgorithmIdentifier find = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA1withRSA");
            X509Certificate certificate = new JcaX509CertificateConverter().getCertificate(x509v3CertificateBuilder.build(new BcRSAContentSignerBuilder(find, new DefaultDigestAlgorithmIdentifierFinder().find(find)).build(new RSAKeyParameters(true, rSAPrivateKey.getPrivateExponent(), rSAPrivateKey.getModulus()))));
            if (aSN1InputStream != null) {
                try {
                    aSN1InputStream.close();
                } catch (IOException e) {
                    AndmoreLogger.error("Could not close stream while creating X509 certificate. " + e.getMessage());
                }
            }
            return certificate;
        } catch (Throwable th) {
            if (aSN1InputStream != null) {
                try {
                    aSN1InputStream.close();
                } catch (IOException e2) {
                    AndmoreLogger.error("Could not close stream while creating X509 certificate. " + e2.getMessage());
                }
            }
            throw th;
        }
    }

    private static void addField(ASN1ObjectIdentifier aSN1ObjectIdentifier, String str, X500NameBuilder x500NameBuilder) {
        if (str.length() > 0) {
            x500NameBuilder.addRDN(aSN1ObjectIdentifier, str);
        }
    }

    public static KeyPair genKeyPair() throws NoSuchAlgorithmException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(ISignConstants.RSA);
        keyPairGenerator.initialize(PKIFailureInfo.wrongIntegrity);
        return keyPairGenerator.genKeyPair();
    }

    public static KeyStore.PrivateKeyEntry createPrivateKeyEntry(KeyPair keyPair, X509Certificate x509Certificate) {
        return new KeyStore.PrivateKeyEntry(keyPair.getPrivate(), new Certificate[]{x509Certificate});
    }

    public static void deleteEntry(KeyStore keyStore, char[] cArr, File file, String str) throws KeyStoreManagerException {
        try {
            KeyStore loadKeystore = loadKeystore(file, cArr, keyStore.getType());
            loadKeystore.deleteEntry(str);
            writeKeyStore(loadKeystore, cArr, file);
        } catch (Exception e) {
            AndmoreLogger.error(KeyStoreUtils.class, String.valueOf(ERROR_DELETING_ALIAS) + str, e);
            throw new KeyStoreManagerException(String.valueOf(ERROR_DELETING_ALIAS) + str, e);
        }
    }

    public static void changeKeyStoreType(File file, char[] cArr, String str, String str2, Map<String, String> map) throws KeyStoreManagerException, InvalidPasswordException {
        boolean z = false;
        File file2 = new File(String.valueOf(file.getAbsolutePath()) + "_" + Long.toString(Calendar.getInstance().getTimeInMillis()));
        file2.delete();
        if (!file.renameTo(file2)) {
            throw new KeyStoreManagerException(NLS.bind("Could not convert the KeyStore {0} to type {1}, could not backup the current keyStore file, maybe it's in use by another program.", file, str2));
        }
        try {
            KeyStore keyStore = KeyStore.Builder.newInstance(str, null, file2, new KeyStore.PasswordProtection(cArr)).getKeyStore();
            KeyStore createKeystore = createKeystore(file, str2, cArr);
            for (String str3 : map.keySet()) {
                KeyStore.PasswordProtection passwordProtection = new KeyStore.PasswordProtection(map.get(str3).toCharArray());
                createKeystore.setEntry(str3, keyStore.getEntry(str3, passwordProtection), passwordProtection);
            }
            writeKeyStore(createKeystore, cArr, file);
        } catch (Exception e) {
            if (e.getMessage().contains("password was incorrect") || e.getCause().getMessage().contains("password was incorrect")) {
                file.delete();
                file2.renameTo(file);
                throw new InvalidPasswordException(e.getMessage());
            }
            AndmoreLogger.error(KeyStoreUtils.class, "Exception occurred while attempting to change a keyStore type.", e);
            z = true;
        } catch (InvalidPasswordException e2) {
            z = true;
            AndmoreLogger.error(KeyStoreUtils.class, "Invalid password while trying to create a new keystore, changing a keyStore type.", e2);
        }
        if (z) {
            file.delete();
            file2.renameTo(file);
            throw new KeyStoreManagerException(NLS.bind("Could not convert the KeyStore {0} to type {1}", file, str2));
        }
        file2.delete();
    }

    public static void importKeys(KeyStore keyStore, File file, String str, char[] cArr, KeyStore keyStore2, File file2, char[] cArr2, Map<String, String> map) throws InvalidPasswordException, KeyStoreManagerException {
        if (!isValidKeyStorePasswd(file, str, cArr)) {
            throw new InvalidPasswordException(CertificateManagerNLS.PasswordChanged_InvalidKeystorePassword);
        }
        try {
            for (String str2 : map.keySet()) {
                if (keyStore2.containsAlias(str2)) {
                    KeyStore.PasswordProtection passwordProtection = new KeyStore.PasswordProtection(map.get(str2).toCharArray());
                    KeyStore.Entry entry = keyStore2.getEntry(str2, passwordProtection);
                    if (keyStore.containsAlias(str2)) {
                        str2 = String.valueOf(str2) + "_" + file2.getName();
                    }
                    int i = 1;
                    while (keyStore.containsAlias(str2)) {
                        str2 = String.valueOf(str2) + "_" + i;
                        i++;
                    }
                    keyStore.setEntry(str2, entry, passwordProtection);
                } else {
                    AndmoreLogger.error(KeyStoreUtils.class, NLS.bind("Alias {0} could not be imported because it doesn't exists on originKeyStore", str2));
                }
            }
            writeKeyStore(keyStore, cArr, file);
        } catch (Exception e) {
            throw new KeyStoreManagerException("Could not import the selected aliases into " + file.getName(), e);
        }
    }

    public static boolean isValidKeyStorePasswd(File file, String str, char[] cArr) throws KeyStoreManagerException {
        KeyStore keyStore = null;
        try {
            keyStore = loadKeystore(file, cArr, str);
        } catch (InvalidPasswordException unused) {
        }
        return keyStore != null;
    }
}
