package ch.rgw.crypt;

import ch.rgw.io.FileTool;
import ch.rgw.tools.ExHandler;
import ch.rgw.tools.StringTool;
import ch.rgw.tools.TimeTool;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.x509.X509V1CertificateGenerator;

/* loaded from: input_file:ch/rgw/crypt/JCEKeyManager.class */
public class JCEKeyManager {
    private static final String CERTIFICATE_SIGNATURE_ALGO = "SHA256withRSA";
    protected KeyStore ks;
    protected char[] storePwd;
    protected String ksType;
    private String ksFile;
    protected static Logger log = Logger.getLogger("KeyManager");
    private static SecureRandom _srnd = new SecureRandom();

    public static String Version() {
        return "0.1.6";
    }

    private JCEKeyManager() {
        this.storePwd = null;
    }

    public JCEKeyManager(String str, String str2, char[] cArr) {
        this(str2, cArr);
        if (StringTool.isNothing(str)) {
            this.ksFile = String.valueOf(System.getProperty("user.home")) + "/.keystore";
        } else {
            this.ksFile = FileTool.resolveFile(str).getAbsolutePath();
        }
        log.log(Level.FINE, "ksPathName: " + this.ksFile);
        File file = new File(this.ksFile);
        if (file.exists()) {
            return;
        }
        File parentFile = file.getParentFile();
        if (parentFile.exists()) {
            return;
        }
        parentFile.mkdirs();
    }

    public JCEKeyManager(String str, char[] cArr) {
        this.storePwd = null;
        try {
            _srnd = SecureRandom.getInstance("SHA1PRNG");
        } catch (NoSuchAlgorithmException e) {
            ExHandler.handle(e);
            _srnd = new SecureRandom();
        }
        if (StringTool.isNothing(str)) {
            this.ksType = "jks";
        } else {
            this.ksType = str;
        }
        this.storePwd = cArr;
    }

    public boolean load(boolean z) {
        try {
            if (!new File(this.ksFile).exists()) {
                return create(false);
            }
            this.ks = KeyStore.getInstance(this.ksType);
            this.ks.load(new FileInputStream(this.ksFile), this.storePwd);
            return true;
        } catch (Exception e) {
            ExHandler.handle(e);
            log.log(Level.SEVERE, "No Keystore found or could not open Keystore: " + e.getMessage());
            return false;
        }
    }

    public boolean create(boolean z) {
        File file = new File(this.ksFile);
        if (file.exists() && (!z || !file.delete())) {
            return false;
        }
        if (this.ks == null) {
            try {
                this.ks = KeyStore.getInstance(this.ksType);
                this.ks.load(null, null);
            } catch (Exception e) {
                e.printStackTrace();
                return false;
            }
        }
        return save();
    }

    public boolean save() {
        try {
            this.ks.store(new FileOutputStream(this.ksFile), this.storePwd);
            return true;
        } catch (Exception e) {
            ExHandler.handle(e);
            return false;
        }
    }

    public boolean isKeystoreLoaded() {
        return this.ks != null;
    }

    public PublicKey getPublicKey(String str) {
        if (str == null) {
            return null;
        }
        if (this.ks == null) {
            log.log(Level.WARNING, "Keystore nicht geladen");
            if (!load(true)) {
                return null;
            }
        }
        try {
            Certificate certificate = this.ks.getCertificate(str);
            if (certificate != null) {
                return certificate.getPublicKey();
            }
            log.log(Level.WARNING, "No certificate \"" + str + "\"found");
            return null;
        } catch (Exception e) {
            ExHandler.handle(e);
            return null;
        }
    }

    public X509Certificate getCertificate(String str) {
        if (this.ks == null) {
            log.log(Level.WARNING, "Keystore nicht geladen");
            if (!load(true)) {
                return null;
            }
        }
        try {
            Certificate certificate = this.ks.getCertificate(str);
            if (certificate != null) {
                return (X509Certificate) certificate;
            }
            log.log(Level.WARNING, "No certificate \"" + str + "\"found");
            return null;
        } catch (Exception e) {
            ExHandler.handle(e);
            return null;
        }
    }

    public PublicKey getPublicKey(InputStream inputStream) {
        try {
            return CertificateFactory.getInstance("X.509").generateCertificate(inputStream).getPublicKey();
        } catch (Exception e) {
            ExHandler.handle(e);
            return null;
        }
    }

    public PrivateKey getPrivateKey(String str, char[] cArr) {
        try {
            if (!StringTool.isNothing(str) && this.ks.isKeyEntry(str)) {
                return (PrivateKey) this.ks.getKey(str, cArr);
            }
            log.log(Level.WARNING, "Alias falsch oder fehlend");
            return null;
        } catch (Exception e) {
            ExHandler.handle(e);
            log.log(Level.SEVERE, "Kann Key nicht laden");
            return null;
        }
    }

    public boolean addCertificate(X509Certificate x509Certificate) {
        try {
            for (String str : x509Certificate.getSubjectX500Principal().getName().split(",")) {
                if (str.startsWith("CN")) {
                    String[] split = str.split("\\s*=\\s*");
                    if (split.length > 1) {
                        this.ks.setCertificateEntry(split[1].trim(), x509Certificate);
                        return true;
                    }
                }
            }
            return false;
        } catch (KeyStoreException e) {
            ExHandler.handle(e);
            return false;
        }
    }

    public X509Certificate generateCertificate(PublicKey publicKey, PrivateKey privateKey, String str, String str2, TimeTool timeTool, TimeTool timeTool2) throws InvalidKeyException, NoSuchProviderException, SignatureException, CertificateEncodingException, IllegalStateException, NoSuchAlgorithmException, KeyStoreException {
        X509V1CertificateGenerator x509V1CertificateGenerator = new X509V1CertificateGenerator();
        x509V1CertificateGenerator.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis()));
        x509V1CertificateGenerator.setIssuerDN(new X500Principal("CN=" + str));
        if (timeTool == null) {
            timeTool = new TimeTool();
        }
        if (timeTool2 == null) {
            timeTool2 = new TimeTool(timeTool);
            timeTool2.add(1, 2);
        }
        x509V1CertificateGenerator.setNotBefore(timeTool.getTime());
        x509V1CertificateGenerator.setNotAfter(timeTool2.getTime());
        x509V1CertificateGenerator.setSubjectDN(new X500Principal("CN=" + str2));
        x509V1CertificateGenerator.setPublicKey(publicKey);
        x509V1CertificateGenerator.setSignatureAlgorithm(CERTIFICATE_SIGNATURE_ALGO);
        X509Certificate generate = x509V1CertificateGenerator.generate(privateKey);
        this.ks.setCertificateEntry(str2, generate);
        return generate;
    }

    public boolean addKeyPair(PrivateKey privateKey, X509Certificate x509Certificate, char[] cArr) throws Exception {
        this.ks.setKeyEntry(getName(x509Certificate), privateKey, cArr, new Certificate[]{x509Certificate});
        return true;
    }

    String getName(X509Certificate x509Certificate) {
        String name = x509Certificate.getSubjectDN().getName();
        int indexOf = name.indexOf(61);
        return indexOf != -1 ? name.substring(indexOf + 1) : name;
    }

    public boolean existsPrivate(String str) {
        try {
            return this.ks.isKeyEntry(str);
        } catch (KeyStoreException e) {
            e.printStackTrace();
            return false;
        }
    }

    public boolean existsCertificate(String str) {
        try {
            return this.ks.isCertificateEntry(str);
        } catch (Exception e) {
            ExHandler.handle(e);
            return false;
        }
    }

    public KeyPair generateKeys() {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(1024, _srnd);
            return keyPairGenerator.generateKeyPair();
        } catch (Exception e) {
            ExHandler.handle(e);
            return null;
        }
    }

    public SecureRandom getRandom() {
        return _srnd;
    }

    public boolean removeKey(String str) {
        try {
            this.ks.deleteEntry(str);
            return save();
        } catch (KeyStoreException e) {
            ExHandler.handle(e);
            return false;
        }
    }
}
