package org.jacorb.security.util;

import iaik.asn1.structures.GeneralName;
import iaik.x509.V3Extension;
import iaik.x509.extensions.SubjectAltName;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.Vector;

/* loaded from: input_file:org/jacorb/security/util/KeyStoreUtil.class */
public class KeyStoreUtil {
    public static KeyStore getKeyStore(String str, char[] cArr) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        KeyStore keyStore;
        File file = new File(str);
        if (!file.exists()) {
            file = new File(new StringBuffer().append(System.getProperty("user.home")).append(System.getProperty("file.separator")).append(str).toString());
        }
        FileInputStream fileInputStream = new FileInputStream(file);
        try {
            keyStore = KeyStore.getInstance("IAIKKeyStore", "IAIK");
        } catch (NoSuchProviderException e) {
            System.err.println(e.toString());
            keyStore = KeyStore.getInstance("jks");
        }
        keyStore.load(fileInputStream, cArr);
        fileInputStream.close();
        return keyStore;
    }

    public static KeyPair getKeyPair(String str, String str2, char[] cArr, char[] cArr2) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, CertificateException {
        KeyStore keyStore = getKeyStore(str, cArr);
        if (!keyStore.isKeyEntry(str2)) {
            return null;
        }
        return new KeyPair(((X509Certificate) keyStore.getCertificate(str2)).getPublicKey(), (PrivateKey) keyStore.getKey(str2, cArr2));
    }

    public static KeyPair getKeyPair(KeyStore keyStore, String str, char[] cArr) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, CertificateException {
        if (!keyStore.isKeyEntry(str)) {
            return null;
        }
        return new KeyPair(((X509Certificate) keyStore.getCertificate(str)).getPublicKey(), (PrivateKey) keyStore.getKey(str, cArr));
    }

    public static KeyPair getKeyPair(KeyStore keyStore) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, CertificateException {
        String[] strArr = {"Entry Alias"};
        char[][] cArr = new char[1];
        if (!new UserSponsor("", "Please authenticate to retrieve key pair", strArr, new String[]{"Entry Password"}).getInput(strArr, cArr)) {
            System.err.println("Input cancelled");
            System.exit(1);
        }
        String str = strArr[0];
        char[] cArr2 = cArr[0];
        if (str == null || cArr2 == null) {
            return null;
        }
        return getKeyPair(keyStore, str, cArr2);
    }

    public static KeyPair getKeyPair() throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, CertificateException {
        String[] strArr = {"Keystore file", "Entry Alias"};
        char[][] cArr = new char[2];
        if (!new UserSponsor("", "Please authenticate to retrieve key pair", strArr, new String[]{"Keystore Password", "Entry Password"}).getInput(strArr, cArr)) {
            System.err.println("Input cancelled");
            System.exit(1);
        }
        String str = strArr[0];
        String str2 = strArr[1];
        char[] cArr2 = cArr[0];
        char[] cArr3 = cArr[1];
        if (str == null || str2 == null || cArr2 == null || cArr3 == null) {
            System.err.println("no input");
            System.exit(1);
        }
        return getKeyPair(str, str2, cArr2, cArr3);
    }

    public static X509Certificate[] getCerts(String str, String str2, char[] cArr) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, CertificateException {
        if (str2 == null || str2.length() == 0 || cArr == null) {
            return getCerts(str);
        }
        KeyStore keyStore = getKeyStore(str, cArr);
        if (keyStore.isKeyEntry(str2)) {
            return (X509Certificate[]) keyStore.getCertificateChain(str2);
        }
        return null;
    }

    public static X509Certificate[] getCerts(String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, CertificateException {
        String[] strArr = {"User name"};
        char[][] cArr = new char[1];
        if (!new UserSponsor("Authentication", "Please authenticate to retrieve certificates", strArr, new String[]{"Password"}).getInput(strArr, cArr)) {
            System.err.println("Input cancelled");
            System.exit(1);
        }
        String str2 = strArr[0];
        char[] cArr2 = cArr[0];
        if (str2 == null || cArr2 == null) {
            System.err.println("no input");
            System.exit(1);
        }
        KeyStore keyStore = getKeyStore(str, cArr2);
        if (keyStore.isKeyEntry(str2)) {
            return (X509Certificate[]) keyStore.getCertificateChain(str2);
        }
        return null;
    }

    public static X509Certificate[] getRoleCerts(KeyStore keyStore, String str, PublicKey[] publicKeyArr) throws KeyStoreException, CertificateEncodingException {
        if (!keyStore.isKeyEntry(str)) {
            return null;
        }
        Vector vector = new Vector();
        for (iaik.x509.X509Certificate x509Certificate : keyStore.getCertificateChain(str)) {
            try {
                if (x509Certificate.hasExtensions()) {
                    Enumeration listExtensions = x509Certificate.listExtensions();
                    while (listExtensions.hasMoreElements()) {
                        SubjectAltName subjectAltName = (V3Extension) listExtensions.nextElement();
                        if (subjectAltName instanceof SubjectAltName) {
                            Enumeration names = subjectAltName.getGeneralNames().getNames();
                            while (names.hasMoreElements()) {
                                GeneralName generalName = (GeneralName) names.nextElement();
                                if (generalName.getType() == GeneralName.rfc822Name && ((String) generalName.getName()).startsWith("role:")) {
                                    x509Certificate.checkValidity();
                                    Signature signature = Signature.getInstance(x509Certificate.getSigAlgName());
                                    for (PublicKey publicKey : publicKeyArr) {
                                        try {
                                            signature.initVerify(publicKey);
                                            signature.verify(x509Certificate.getSignature());
                                            vector.addElement(x509Certificate);
                                        } catch (InvalidKeyException e) {
                                        } catch (SignatureException e2) {
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
            } catch (Exception e3) {
                e3.printStackTrace();
            }
        }
        X509Certificate[] x509CertificateArr = new X509Certificate[vector.size()];
        for (int i = 0; i < x509CertificateArr.length; i++) {
            x509CertificateArr[i] = (X509Certificate) vector.elementAt(i);
        }
        return x509CertificateArr;
    }
}
