package com.ibm.host.connect.s3270.zide.security;

import com.ibm.host.connect.s3270.zide.Messages;
import com.ibm.host.connect.s3270.zide.RemoteConnectionEmulatorZIDEActivator;
import com.ibm.host.connect.s3270.zide.dialogs.ClientCertificateItem;
import com.ibm.host.connect.s3270.zide.dialogs.ClientCertificatesContainer;
import com.ibm.host.connect.s3270.zide.dialogs.ClientCertificatesSelectionDialog;
import java.io.FileInputStream;
import java.io.InputStream;
import java.io.Serializable;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
import org.eclipse.jface.dialogs.IDialogConstants;
import org.eclipse.jface.preference.IPreferenceStore;
import org.eclipse.swt.widgets.Display;
import org.eclipse.swt.widgets.Shell;

/* loaded from: input_file:com/ibm/host/connect/s3270/zide/security/SecurityProvider.class */
public class SecurityProvider implements Serializable {
    private static final long serialVersionUID = 1;
    private static String DIGITAL_SIGNATURE = "digitalSignature";
    private static String NON_REPUDIATION = "nonRepudiation";
    private static String KEY_ENCIPHERMENT = "keyEncipherment";
    private static String DATA_ENCIPHERMENT = "dataEncipherment";
    private static String KEY_AGREEMENT = "keyAgreement";
    private static String KEY_CERTSIGN = "keyCertSign";
    private static String CRL_SIGN = "cRLSign";
    private static String ENCIPHER_ONLY = "encipherOnly";
    private static String DECIPHER_ONLY = "decipherOnly";
    private static String KEYUSAGE_DELIMITER = ",";
    public static String ibm_MSCAPI_CryptoProviderClass = "com.ibm.security.capi.IBMCAC";
    public static String ibm_MSCAPI_TrustStoreprovider = "IBMCAC";
    public static String mscapi_TrustedRoorStoreType = "Windows-ROOT";
    public static String mscapi_PersonalTrustStoreType = "Windows-MY";
    public static String PKCS12 = "PKCS12";
    public static final String KEYUSAGEValue = "KEYUSAGEValue";
    public static final String KEYUSAGE_digitalSignatureValue = "KEYUSAGEdigitalSignatureValue";
    public static final String KEYUSAGE_nonRepudiationValue = "KEYUSAGEnonRepudiationValue";
    public static final String KEYUSAGE_keyEnciphermentValue = "KEYUSAGEkeyEnciphermentValue";
    public static final String KEYUSAGE_dataEnciphermentValue = "KEYUSAGEdataEnciphermentValue";
    public static final String KEYUSAGE_keyAgreementValue = "KEYUSAGEkeyAgreementValue";
    public static final String KEYUSAGE_keyCertSignValue = "KEYUSAGEkeyCertSignValue";
    public static final String KEYUSAGE_cRLSignValue = "KEYUSAGEcRLSignValue";
    public static final String KEYUSAGE_encipherOnlyValue = "KEYUSAGEencipherOnlyValue";
    public static final String KEYUSAGE_decipherOnlyValue = "KEYUSAGEdecipherOnlyValue";
    protected ClientCertificateItem selectedItem;
    protected IPreferenceStore store = RemoteConnectionEmulatorZIDEActivator.getDefault().getPreferenceStore();
    protected Provider cryptoProvider = null;

    /* loaded from: input_file:com/ibm/host/connect/s3270/zide/security/SecurityProvider$SecurityProviderInstanceHolder.class */
    private static class SecurityProviderInstanceHolder {
        private static final SecurityProvider INSTANCE = new SecurityProvider();

        private SecurityProviderInstanceHolder() {
        }
    }

    public static SecurityProvider getInstance() {
        return SecurityProviderInstanceHolder.INSTANCE;
    }

    public void registerCustomSecurityProvider(String str) {
        Class<?> loadClass;
        this.cryptoProvider = Security.getProvider(str);
        if (this.cryptoProvider == null) {
            try {
                try {
                    loadClass = ClassLoader.getSystemClassLoader().loadClass(str);
                } catch (Exception unused) {
                    loadClass = RemoteConnectionEmulatorZIDEActivator.getDefault().getClass().getClassLoader().loadClass(str);
                }
                this.cryptoProvider = (Provider) loadClass.newInstance();
                Security.addProvider(this.cryptoProvider);
            } catch (ClassNotFoundException e) {
                e.printStackTrace();
            } catch (IllegalAccessException e2) {
                e2.printStackTrace();
            } catch (InstantiationException e3) {
                e3.printStackTrace();
            }
        }
    }

    public String getPersonalCertificateAlias(String str, String str2, String str3) throws Exception {
        CertificatePrivateKeyPair requestUserCertificate;
        String str4 = null;
        if (this.cryptoProvider == null) {
            registerCustomSecurityProvider(str3);
        }
        if (this.cryptoProvider != null && (requestUserCertificate = requestUserCertificate(str, str2)) != null) {
            str4 = requestUserCertificate.getCertificateAlias();
        }
        return str4;
    }

    public String getPersonalCertificateAlias(String str, String str2) throws Exception {
        return getPersonalCertificateAlias(str, str2, ibm_MSCAPI_CryptoProviderClass);
    }

    public String getPersonalCertificateAlias(String str, String str2, char[] cArr) throws Exception {
        String str3 = null;
        CertificatePrivateKeyPair requestUserCertificate = requestUserCertificate(new FileInputStream(str), (String) null, str2, cArr);
        if (requestUserCertificate != null) {
            str3 = requestUserCertificate.getCertificateAlias();
        }
        return str3;
    }

    public String getPersonalCertificateAlias() throws Exception {
        return getPersonalCertificateAlias(ibm_MSCAPI_TrustStoreprovider, mscapi_PersonalTrustStoreType, ibm_MSCAPI_CryptoProviderClass);
    }

    public KeyStore loadDefaultKeyStore() throws Exception {
        return loadKeyStore(mscapi_PersonalTrustStoreType, ibm_MSCAPI_TrustStoreprovider);
    }

    public KeyStore loadKeyStore(String str) throws Exception {
        return loadKeyStore(str, null, null);
    }

    public KeyStore loadKeyStore(String str, String str2) throws Exception {
        return loadKeyStore(str, null, null, str2);
    }

    public KeyStore loadKeyStore(String str, InputStream inputStream, char[] cArr) throws Exception {
        KeyStore keyStore = KeyStore.getInstance(str);
        keyStore.load(inputStream, cArr);
        return keyStore;
    }

    public KeyStore loadKeyStore(String str, InputStream inputStream, char[] cArr, String str2) throws Exception {
        KeyStore keyStore = str2 != null ? KeyStore.getInstance(str, str2) : KeyStore.getInstance(str);
        keyStore.load(inputStream, cArr);
        return keyStore;
    }

    protected ClientCertificatesContainer getCertificatesList(KeyStore keyStore, char[] cArr) throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException {
        Enumeration<String> aliases;
        ArrayList arrayList = new ArrayList();
        if (keyStore != null && (aliases = keyStore.aliases()) != null) {
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                Certificate certificate = keyStore.getCertificate(nextElement);
                Certificate[] certificateChain = keyStore.getCertificateChain(nextElement);
                Key key = keyStore.getKey(nextElement, cArr);
                if (key != null) {
                    arrayList.add(new ClientCertificateItem(nextElement, key, certificate, certificateChain));
                }
            }
        }
        return new ClientCertificatesContainer(keyStore, arrayList);
    }

    protected ClientCertificatesContainer getCertificatesList(InputStream inputStream, String str, String str2, String str3) throws Exception {
        char[] cArr = null;
        if (str3 != null) {
            cArr = str3.toCharArray();
        }
        return getCertificatesList(loadKeyStore(str2, inputStream, cArr, str), cArr);
    }

    public ClientCertificatesContainer getCertificatesList(InputStream inputStream, String str, String str2, char[] cArr) throws Exception {
        return getCertificatesList(loadKeyStore(str2, inputStream, cArr, str), cArr);
    }

    public CertificatePrivateKeyPair requestUserCertificate() throws Exception {
        return requestUserCertificate(ibm_MSCAPI_TrustStoreprovider, mscapi_PersonalTrustStoreType);
    }

    public CertificatePrivateKeyPair requestUserCertificate(String str, String str2) throws Exception {
        return requestUserCertificate(str, str2, (String) null);
    }

    public CertificatePrivateKeyPair requestUserCertificate(String str, String str2, String str3) throws Exception {
        return requestUserCertificate((InputStream) null, str, str2, str3);
    }

    protected CertificatePrivateKeyPair requestUserCertificate(InputStream inputStream, String str, String str2, String str3) throws Exception {
        char[] cArr = null;
        if (str3 != null) {
            cArr = str3.toCharArray();
        }
        return requestUserCertificate(inputStream, str, str2, cArr);
    }

    protected CertificatePrivateKeyPair requestUserCertificate(InputStream inputStream, String str, String str2, char[] cArr) throws Exception {
        return requestUserCertificate(getCertificatesList(inputStream, str, str2, cArr), str, str2);
    }

    protected CertificatePrivateKeyPair requestUserCertificate(final ClientCertificatesContainer clientCertificatesContainer, String str, String str2) {
        CertificatePrivateKeyPair certificatePrivateKeyPair = null;
        List<ClientCertificateItem> certificateItemsList = clientCertificatesContainer.getCertificateItemsList();
        if (certificateItemsList != null && certificateItemsList.size() > 0) {
            KeyStore keyStore = clientCertificatesContainer.getKeyStore();
            Certificate certificate = null;
            String str3 = "";
            Object obj = null;
            this.selectedItem = null;
            if (certificateItemsList.size() > 1) {
                Display.getDefault().syncExec(new Runnable() { // from class: com.ibm.host.connect.s3270.zide.security.SecurityProvider.1
                    @Override // java.lang.Runnable
                    public void run() {
                        ClientCertificatesSelectionDialog clientCertificatesSelectionDialog = new ClientCertificatesSelectionDialog(new Shell(), Messages.certificateList, null, Messages.selectCertificate, 2, new String[]{IDialogConstants.OK_LABEL, IDialogConstants.CANCEL_LABEL}, 0, clientCertificatesContainer);
                        if (clientCertificatesSelectionDialog.open() == 0) {
                            SecurityProvider.this.selectedItem = clientCertificatesSelectionDialog.getSelectedItem();
                        }
                    }
                });
            } else {
                this.selectedItem = certificateItemsList.get(0);
            }
            if (this.selectedItem != null) {
                certificate = this.selectedItem.getCertificate();
                str3 = this.selectedItem.getAlias();
                obj = this.selectedItem.getKey();
            }
            if (obj instanceof PrivateKey) {
                certificatePrivateKeyPair = new CertificatePrivateKeyPair();
                certificatePrivateKeyPair.setCertificate(certificate);
                certificatePrivateKeyPair.setPrivateKey((PrivateKey) obj);
                certificatePrivateKeyPair.setProviderName(str);
                certificatePrivateKeyPair.setStoreType(str2);
                certificatePrivateKeyPair.setCertificateAlias(str3);
                certificatePrivateKeyPair.setKeyStore(keyStore);
            }
        }
        return certificatePrivateKeyPair;
    }

    protected boolean filterCertificateByKeyUsage(String str, Certificate certificate) {
        String[] split = str.split(KEYUSAGE_DELIMITER);
        int[] iArr = new int[split.length];
        for (int i = 0; i < split.length; i++) {
            String trim = split[i].trim();
            if (trim != null) {
                if (trim.equalsIgnoreCase(DIGITAL_SIGNATURE)) {
                    iArr[i] = 0;
                } else if (trim.equalsIgnoreCase(NON_REPUDIATION)) {
                    iArr[i] = 1;
                } else if (trim.equalsIgnoreCase(KEY_ENCIPHERMENT)) {
                    iArr[i] = 2;
                } else if (trim.equalsIgnoreCase(DATA_ENCIPHERMENT)) {
                    iArr[i] = 3;
                } else if (trim.equalsIgnoreCase(KEY_AGREEMENT)) {
                    iArr[i] = 4;
                } else if (trim.equalsIgnoreCase(KEY_CERTSIGN)) {
                    iArr[i] = 5;
                } else if (trim.equalsIgnoreCase(CRL_SIGN)) {
                    iArr[i] = 6;
                } else if (trim.equalsIgnoreCase(ENCIPHER_ONLY)) {
                    iArr[i] = 7;
                } else if (trim.equalsIgnoreCase(DECIPHER_ONLY)) {
                    iArr[i] = 8;
                }
            }
        }
        boolean[] keyUsage = ((X509Certificate) certificate).getKeyUsage();
        if (keyUsage == null) {
            return true;
        }
        for (int i2 : iArr) {
            if (keyUsage[i2]) {
                return false;
            }
        }
        return true;
    }

    /* JADX WARN: String concatenation convert failed
    jadx.core.utils.exceptions.JadxRuntimeException: Can't remove SSA var: r5v0 java.lang.String, still in use, count: 3, list:
      (r5v0 java.lang.String) from 0x004b: PHI (r5v1 java.lang.String) = (r5v0 java.lang.String), (r5v35 java.lang.String) binds: [B:2:0x0017, B:6:0x0036] A[DONT_GENERATE, DONT_INLINE]
      (r5v0 java.lang.String) from 0x001b: INVOKE (r5v0 java.lang.String) VIRTUAL call: java.lang.String.length():int A[MD:():int (c), WRAPPED]
      (r5v0 java.lang.String) from 0x0026: INVOKE (r5v0 java.lang.String) STATIC call: java.lang.String.valueOf(java.lang.Object):java.lang.String A[MD:(java.lang.Object):java.lang.String (c), WRAPPED]
    	at jadx.core.utils.InsnRemover.removeSsaVar(InsnRemover.java:151)
    	at jadx.core.utils.InsnRemover.unbindResult(InsnRemover.java:116)
    	at jadx.core.utils.InsnRemover.unbindInsn(InsnRemover.java:80)
    	at jadx.core.utils.InsnRemover.unbindArgUsage(InsnRemover.java:163)
    	at jadx.core.utils.InsnRemover.unbindAllArgs(InsnRemover.java:95)
    	at jadx.core.utils.InsnRemover.unbindInsn(InsnRemover.java:79)
    	at jadx.core.utils.InsnRemover.unbindArgUsage(InsnRemover.java:163)
    	at jadx.core.utils.InsnRemover.unbindAllArgs(InsnRemover.java:95)
    	at jadx.core.utils.InsnRemover.unbindInsn(InsnRemover.java:79)
    	at jadx.core.utils.InsnRemover.unbindArgUsage(InsnRemover.java:163)
    	at jadx.core.utils.InsnRemover.unbindAllArgs(InsnRemover.java:95)
    	at jadx.core.utils.InsnRemover.unbindInsn(InsnRemover.java:79)
    	at jadx.core.utils.InsnRemover.unbindArgUsage(InsnRemover.java:163)
    	at jadx.core.utils.InsnRemover.unbindAllArgs(InsnRemover.java:95)
    	at jadx.core.utils.InsnRemover.unbindInsn(InsnRemover.java:79)
    	at jadx.core.utils.InsnRemover.unbindArgUsage(InsnRemover.java:163)
    	at jadx.core.utils.InsnRemover.unbindAllArgs(InsnRemover.java:95)
    	at jadx.core.dex.visitors.SimplifyVisitor.removeStringBuilderInsns(SimplifyVisitor.java:495)
    	at jadx.core.dex.visitors.SimplifyVisitor.convertStringBuilderChain(SimplifyVisitor.java:422)
    	at jadx.core.dex.visitors.SimplifyVisitor.convertInvoke(SimplifyVisitor.java:314)
    	at jadx.core.dex.visitors.SimplifyVisitor.simplifyInsn(SimplifyVisitor.java:145)
    	at jadx.core.dex.visitors.SimplifyVisitor.simplifyBlock(SimplifyVisitor.java:86)
    	at jadx.core.dex.visitors.SimplifyVisitor.visit(SimplifyVisitor.java:71)
     */
    public String getPreferencesPageKeyUsageValue() {
        String str;
        if (Boolean.valueOf(this.store.getBoolean(KEYUSAGE_digitalSignatureValue)).booleanValue()) {
            str = new StringBuilder(String.valueOf(str.length() > 0 ? String.valueOf(str) + KEYUSAGE_DELIMITER : "")).append(DIGITAL_SIGNATURE).toString();
        }
        if (Boolean.valueOf(this.store.getBoolean(KEYUSAGE_nonRepudiationValue)).booleanValue()) {
            if (str.length() > 0) {
                str = String.valueOf(str) + KEYUSAGE_DELIMITER;
            }
            str = String.valueOf(str) + NON_REPUDIATION;
        }
        if (Boolean.valueOf(this.store.getBoolean(KEYUSAGE_keyEnciphermentValue)).booleanValue()) {
            if (str.length() > 0) {
                str = String.valueOf(str) + KEYUSAGE_DELIMITER;
            }
            str = String.valueOf(str) + KEY_ENCIPHERMENT;
        }
        if (Boolean.valueOf(this.store.getBoolean(KEYUSAGE_dataEnciphermentValue)).booleanValue()) {
            if (str.length() > 0) {
                str = String.valueOf(str) + KEYUSAGE_DELIMITER;
            }
            str = String.valueOf(str) + DATA_ENCIPHERMENT;
        }
        if (Boolean.valueOf(this.store.getBoolean(KEYUSAGE_keyAgreementValue)).booleanValue()) {
            if (str.length() > 0) {
                str = String.valueOf(str) + KEYUSAGE_DELIMITER;
            }
            str = String.valueOf(str) + KEY_AGREEMENT;
        }
        if (Boolean.valueOf(this.store.getBoolean(KEYUSAGE_keyCertSignValue)).booleanValue()) {
            if (str.length() > 0) {
                str = String.valueOf(str) + KEYUSAGE_DELIMITER;
            }
            str = String.valueOf(str) + KEY_CERTSIGN;
        }
        if (Boolean.valueOf(this.store.getBoolean(KEYUSAGE_cRLSignValue)).booleanValue()) {
            if (str.length() > 0) {
                str = String.valueOf(str) + KEYUSAGE_DELIMITER;
            }
            str = String.valueOf(str) + CRL_SIGN;
        }
        if (Boolean.valueOf(this.store.getBoolean(KEYUSAGE_encipherOnlyValue)).booleanValue()) {
            if (str.length() > 0) {
                str = String.valueOf(str) + KEYUSAGE_DELIMITER;
            }
            str = String.valueOf(str) + ENCIPHER_ONLY;
        }
        if (Boolean.valueOf(this.store.getBoolean(KEYUSAGE_decipherOnlyValue)).booleanValue()) {
            if (str.length() > 0) {
                str = String.valueOf(str) + KEYUSAGE_DELIMITER;
            }
            str = String.valueOf(str) + DECIPHER_ONLY;
        }
        return str;
    }
}
