package org.ofbiz.base.util;

import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.PrintStream;
import java.io.Reader;
import java.io.StringReader;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Collection;
import java.util.Map;
import javolution.util.FastMap;
import org.ofbiz.base.component.ComponentConfig;
import org.ofbiz.base.config.GenericConfigException;

/* loaded from: input_file:org/ofbiz/base/util/KeyStoreUtil.class */
public class KeyStoreUtil {
    public static final String module = KeyStoreUtil.class.getName();

    public static void storeComponentKeyStore(String str, String str2, KeyStore keyStore) throws IOException, GenericConfigException, NoSuchAlgorithmException, CertificateException, KeyStoreException {
        ComponentConfig.KeystoreInfo keystoreInfo = ComponentConfig.getKeystoreInfo(str, str2);
        FileOutputStream fileOutputStream = new FileOutputStream(FileUtil.getFile(keystoreInfo.createResourceHandler().getFullLocation()));
        try {
            keyStore.store(fileOutputStream, keystoreInfo.getPassword().toCharArray());
            fileOutputStream.close();
        } catch (Throwable th) {
            fileOutputStream.close();
            throw th;
        }
    }

    public static KeyStore getComponentKeyStore(String str, String str2) throws IOException, GeneralSecurityException, GenericConfigException {
        ComponentConfig.KeystoreInfo keystoreInfo = ComponentConfig.getKeystoreInfo(str, str2);
        return getStore(keystoreInfo.createResourceHandler().getURL(), keystoreInfo.getPassword(), keystoreInfo.getType());
    }

    public static KeyStore getStore(URL url, String str) throws IOException, GeneralSecurityException {
        return getStore(url, str, "jks");
    }

    public static KeyStore getStore(URL url, String str, String str2) throws IOException, GeneralSecurityException {
        if (str2 == null) {
            throw new IOException("Invalid keystore type; null");
        }
        KeyStore keyStore = KeyStore.getInstance(str2);
        InputStream openStream = url.openStream();
        try {
            keyStore.load(openStream, str.toCharArray());
            openStream.close();
            return keyStore;
        } catch (Throwable th) {
            openStream.close();
            throw th;
        }
    }

    public static KeyStore getSystemTrustStore() throws IOException, GeneralSecurityException {
        File file;
        String property = System.getProperty("java.home");
        String property2 = System.getProperty("javax.net.ssl.trustStore");
        String property3 = System.getProperty("javax.net.ssl.trustStorePassword");
        if (property3 == null) {
            property3 = "changeit";
        }
        KeyStore keyStore = KeyStore.getInstance("jks");
        if (property2 != null) {
            file = FileUtil.getFile(property2);
        } else {
            file = FileUtil.getFile(property + "/lib/security/jssecacerts");
            if (!file.exists() || !file.canRead()) {
                file = FileUtil.getFile(property + "/lib/security/cacerts");
            }
        }
        if (file.exists() && file.canRead()) {
            FileInputStream fileInputStream = new FileInputStream(file);
            try {
                keyStore.load(fileInputStream, property3.toCharArray());
                fileInputStream.close();
            } catch (Throwable th) {
                fileInputStream.close();
                throw th;
            }
        } else {
            keyStore.load(null, "changeit".toCharArray());
        }
        return keyStore;
    }

    public static X509Certificate readCertificate(byte[] bArr) throws CertificateException {
        return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
    }

    public static Map<String, String> getCertX500Map(X509Certificate x509Certificate) {
        return getX500Map(x509Certificate.getSubjectX500Principal());
    }

    public static Map<String, String> getCertX500Map(javax.security.cert.X509Certificate x509Certificate) {
        return getX500Map(x509Certificate.getSubjectDN());
    }

    public static Map<String, String> getX500Map(Principal principal) {
        FastMap newInstance = FastMap.newInstance();
        for (String str : principal.getName().replaceAll("\\\\,", "&com;").split("\\,")) {
            if (str.indexOf("=") > -1) {
                String[] split = str.split("\\=", 2);
                newInstance.put(split[0].replaceAll("&com;", ","), split[1].replaceAll("&com;", ","));
            }
        }
        return newInstance;
    }

    public static void importPKCS8CertChain(KeyStore keyStore, String str, byte[] bArr, String str2, byte[] bArr2) throws InvalidKeySpecException, NoSuchAlgorithmException, CertificateException, KeyStoreException {
        PrivateKey generatePrivate = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(bArr));
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        Collection<? extends Certificate> generateCertificates = certificateFactory.generateCertificates(new ByteArrayInputStream(bArr2));
        Certificate[] certificateArr = new Certificate[generateCertificates.toArray().length];
        if (generateCertificates.size() == 1) {
            Debug.log("Single certificate; no chain", module);
            certificateArr[0] = certificateFactory.generateCertificate(new ByteArrayInputStream(bArr2));
        } else {
            Debug.log("Certificate chain length : " + generateCertificates.size(), module);
            certificateArr = (Certificate[]) generateCertificates.toArray();
        }
        keyStore.setKeyEntry(str, generatePrivate, str2.toCharArray(), certificateArr);
    }

    public static String certToString(Certificate certificate) throws CertificateEncodingException {
        return "-----BEGIN CERTIFICATE-----\n" + new String(org.apache.commons.codec.binary.Base64.encodeBase64Chunked(certificate.getEncoded())) + "\n-----END CERTIFICATE-----\n";
    }

    public static Certificate pemToCert(String str) throws IOException, CertificateException {
        return pemToCert(new StringReader(str));
    }

    public static Certificate pemToCert(File file) throws IOException, CertificateException {
        return pemToCert(new FileInputStream(file));
    }

    public static Certificate pemToCert(InputStream inputStream) throws IOException, CertificateException {
        return pemToCert(new InputStreamReader(inputStream));
    }

    public static Certificate pemToCert(Reader reader) throws IOException, CertificateException {
        String readLine;
        String readLine2;
        BufferedReader bufferedReader = new BufferedReader(reader);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        PrintStream printStream = new PrintStream(byteArrayOutputStream);
        do {
            readLine = bufferedReader.readLine();
            if (readLine == null) {
                break;
            }
        } while (!readLine.equals("-----BEGIN CERTIFICATE-----"));
        if (readLine == null) {
            throw new IOException("Error reading certificate, missing BEGIN boundary");
        }
        while (true) {
            readLine2 = bufferedReader.readLine();
            if (readLine2 == null || readLine2.equals("-----END CERTIFICATE-----")) {
                break;
            }
            printStream.print(readLine2.replaceAll("\\s", ""));
        }
        if (readLine2 == null) {
            throw new IOException("Error reading certificate, missing END boundary");
        }
        printStream.close();
        return CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(org.apache.commons.codec.binary.Base64.decodeBase64(byteArrayOutputStream.toByteArray())));
    }

    public static String pemToPkHex(String str) throws IOException, CertificateException {
        return StringUtil.toHexString(pemToCert(str).getPublicKey().getEncoded());
    }
}
