package com.ibm.ws.collective.utility.utils;

import com.ibm.crypto.provider.IBMJCE;
import com.ibm.security.certclient.base.PkException;
import com.ibm.security.certclient.base.PkRejectionException;
import com.ibm.security.certclient.util.PkCertUtils;
import com.ibm.security.certclient.util.PkNewCertFactory;
import com.ibm.security.certclient.util.PkNewCertificate;
import com.ibm.security.certclient.util.PkSsCertFactory;
import com.ibm.security.certclient.util.PkSsCertificate;
import com.ibm.ws.collective.utility.ICertificateUtility;
import com.ibm.ws.crypto.certificateutil.DefaultSSLCertificateCreator;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.PrintStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

/* loaded from: input_file:wlp/lib/com.ibm.ws.collective.utility_1.0.11.jar:com/ibm/ws/collective/utility/utils/CertificateUtility.class */
public class CertificateUtility implements ICertificateUtility {
    static final String SLASH = String.valueOf(File.separatorChar);
    private static final String JKS_STORE_TYPE = "jks";
    private final PrintStream stdout;
    private final PrintStream stderr;

    public CertificateUtility(PrintStream printStream, PrintStream printStream2) {
        this.stdout = printStream;
        this.stderr = printStream2;
        Security.addProvider(new IBMJCE());
    }

    private String getMessage(String str, Object... objArr) {
        return CommandUtils.getMessage(str, objArr);
    }

    @Override // com.ibm.ws.collective.utility.ICertificateUtility
    public KeyStore createKeystore(File file, char[] cArr) {
        KeyStore keyStore = null;
        try {
            keyStore = PkCertUtils.keyStore(JKS_STORE_TYPE, file.getCanonicalPath(), cArr);
        } catch (PkException e) {
            e.printStackTrace(this.stderr);
        } catch (IOException e2) {
            e2.printStackTrace(this.stderr);
        }
        return keyStore;
    }

    @Override // com.ibm.ws.collective.utility.ICertificateUtility
    public PkSsCertificate createSelfSignedCACert(String str, int i) {
        try {
            return PkSsCertFactory.newSsCert(2048, "RSA", DefaultSSLCertificateCreator.SIGALG, str, i, null, false, null, null, null, "IBMJCE", null, true);
        } catch (PkRejectionException e) {
            e.printStackTrace(this.stderr);
            return null;
        }
    }

    @Override // com.ibm.ws.collective.utility.ICertificateUtility
    public PkNewCertificate createSignedCert(String str, int i, PkSsCertificate pkSsCertificate) {
        try {
            return PkNewCertFactory.newCert(2048, str, i, null, false, "IBMJCE", new X509Certificate[]{pkSsCertificate.getCertificate()}, pkSsCertificate.getKey());
        } catch (PkRejectionException e) {
            e.printStackTrace(this.stderr);
            return null;
        }
    }

    @Override // com.ibm.ws.collective.utility.ICertificateUtility
    public boolean setToKeyStore(PkSsCertificate pkSsCertificate, KeyStore keyStore, String str, String str2) {
        try {
            pkSsCertificate.setToKeyStore(str2, str, keyStore);
            return true;
        } catch (PkException e) {
            e.printStackTrace(this.stderr);
            return false;
        }
    }

    @Override // com.ibm.ws.collective.utility.ICertificateUtility
    public boolean setToKeyStore(PkNewCertificate pkNewCertificate, KeyStore keyStore, String str, String str2) {
        try {
            pkNewCertificate.setToKeyStore(str2, str, keyStore);
            return true;
        } catch (PkException e) {
            e.printStackTrace(this.stderr);
            return false;
        }
    }

    @Override // com.ibm.ws.collective.utility.ICertificateUtility
    public boolean setCertToKeyStore(X509Certificate x509Certificate, KeyStore keyStore, String str) {
        try {
            keyStore.setCertificateEntry(str, x509Certificate);
            return true;
        } catch (KeyStoreException e) {
            e.printStackTrace(this.stderr);
            return false;
        }
    }

    @Override // com.ibm.ws.collective.utility.ICertificateUtility
    public boolean saveKeyStore(KeyStore keyStore, File file, String str) {
        FileOutputStream fileOutputStream = null;
        try {
            try {
                try {
                    try {
                        fileOutputStream = new FileOutputStream(file);
                        keyStore.store(fileOutputStream, str.toCharArray());
                        fileOutputStream.flush();
                        if (fileOutputStream != null) {
                            try {
                                fileOutputStream.close();
                            } catch (IOException e) {
                                e.printStackTrace(this.stderr);
                            }
                        }
                        return true;
                    } catch (Throwable th) {
                        if (fileOutputStream != null) {
                            try {
                                fileOutputStream.close();
                            } catch (IOException e2) {
                                e2.printStackTrace(this.stderr);
                            }
                        }
                        throw th;
                    }
                } catch (KeyStoreException e3) {
                    e3.printStackTrace(this.stderr);
                    if (fileOutputStream != null) {
                        try {
                            fileOutputStream.close();
                        } catch (IOException e4) {
                            e4.printStackTrace(this.stderr);
                        }
                    }
                    this.stdout.println(getMessage("create.failedKSSave", file.getAbsolutePath()));
                    return false;
                }
            } catch (IOException e5) {
                e5.printStackTrace(this.stderr);
                if (fileOutputStream != null) {
                    try {
                        fileOutputStream.close();
                    } catch (IOException e6) {
                        e6.printStackTrace(this.stderr);
                    }
                }
                this.stdout.println(getMessage("create.failedKSSave", file.getAbsolutePath()));
                return false;
            }
        } catch (NoSuchAlgorithmException e7) {
            e7.printStackTrace(this.stderr);
            if (fileOutputStream != null) {
                try {
                    fileOutputStream.close();
                } catch (IOException e8) {
                    e8.printStackTrace(this.stderr);
                }
            }
            this.stdout.println(getMessage("create.failedKSSave", file.getAbsolutePath()));
            return false;
        } catch (CertificateException e9) {
            e9.printStackTrace(this.stderr);
            if (fileOutputStream != null) {
                try {
                    fileOutputStream.close();
                } catch (IOException e10) {
                    e10.printStackTrace(this.stderr);
                }
            }
            this.stdout.println(getMessage("create.failedKSSave", file.getAbsolutePath()));
            return false;
        }
    }
}
