package com.ibm.etools.host.connect.editors;

import com.ibm.eNetwork.beans.HOD.Session;
import com.ibm.etools.host.connect.HostConnectPlugin;
import com.ibm.security.pkcs12.PFX;
import com.ibm.security.pkcsutil.PKCSException;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import org.eclipse.core.runtime.Platform;
import org.eclipse.rse.internal.dstore.security.UniversalSecurityPlugin;

/* loaded from: input_file:connect.jar:com/ibm/etools/host/connect/editors/X509ProviderImpl.class */
public class X509ProviderImpl implements X509Provider {
    private static X509Provider provider;
    private KeyStore keystore;

    private X509ProviderImpl() {
    }

    public static X509Provider init() {
        if (provider == null) {
            provider = new X509ProviderImpl();
        }
        return provider;
    }

    @Override // com.ibm.etools.host.connect.editors.X509Provider
    public Certificate[] getCertificates() throws IOException, PKCSException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        return getCertificates(false);
    }

    @Override // com.ibm.etools.host.connect.editors.X509Provider
    public Certificate[] getCertificates(boolean z) throws IOException, PKCSException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        Certificate certificate;
        if (z || this.keystore == null) {
            loadKeystore();
        }
        ArrayList arrayList = new ArrayList();
        Enumeration<String> aliases = this.keystore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (this.keystore.isCertificateEntry(nextElement) && (certificate = this.keystore.getCertificate(nextElement)) != null && (certificate instanceof X509Certificate)) {
                arrayList.add((X509Certificate) certificate);
            }
        }
        return (Certificate[]) arrayList.toArray(new Certificate[arrayList.size()]);
    }

    @Override // com.ibm.etools.host.connect.editors.X509Provider
    public String getAlias(Certificate certificate) throws KeyStoreException {
        return this.keystore.getCertificateAlias(certificate);
    }

    @Override // com.ibm.etools.host.connect.editors.X509Provider
    public void importCertificate(String str, Certificate certificate) throws IOException, PKCSException, NoSuchAlgorithmException, KeyStoreException, CertificateException {
        if (this.keystore == null) {
            loadKeystore();
        }
        if (this.keystore.getCertificate(str) != null) {
            HostConnectPlugin.log(HostConnectPlugin.getResourceString("DUPLICATE_ALIAS"));
            return;
        }
        if (this.keystore.getCertificateAlias(certificate) != null) {
            HostConnectPlugin.log(HostConnectPlugin.getResourceString("DUPLICATE_CERT"));
            return;
        }
        this.keystore.setCertificateEntry(str, certificate);
        FileOutputStream fileOutputStream = new FileOutputStream(getKeyStoreLocation());
        this.keystore.store(fileOutputStream, getKeyStorePassword().toCharArray());
        fileOutputStream.close();
    }

    @Override // com.ibm.etools.host.connect.editors.X509Provider
    public String getKeyStoreLocation() {
        return UniversalSecurityPlugin.getKeyStoreLocation();
    }

    @Override // com.ibm.etools.host.connect.editors.X509Provider
    public String getKeyStorePassword() {
        return UniversalSecurityPlugin.getKeyStorePassword();
    }

    private void loadKeystore() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        File file = new File(UniversalSecurityPlugin.getKeyStoreLocation());
        FileInputStream fileInputStream = null;
        if (file.exists()) {
            fileInputStream = new FileInputStream(file);
        }
        this.keystore = KeyStore.getInstance("JKS");
        this.keystore.load(fileInputStream, UniversalSecurityPlugin.getKeyStorePassword().toCharArray());
        if (fileInputStream != null) {
            fileInputStream.close();
        }
        if (isFirstKeystoreLoad()) {
            try {
                Iterator<X509Certificate> it = getWellKnownCertificates().iterator();
                while (it.hasNext()) {
                    X509Certificate next = it.next();
                    importCertificate(getCertificateDisplayNameFromPrincipal(next.getSubjectDN()), next);
                }
            } catch (PKCSException e) {
                e.printStackTrace();
                HostConnectPlugin.log(e.getMessage(), 2, e);
            }
            createFlag();
        }
    }

    private ArrayList<X509Certificate> getWellKnownCertificates() throws IOException, PKCSException {
        ArrayList<X509Certificate> arrayList = new ArrayList<>();
        InputStream resourceAsStream = Session.class.getClassLoader().getResourceAsStream("WellKnownTrustedCAs.p12");
        Certificate[] certificates = new PFX(getBytesFromInputStream(resourceAsStream)).getCertificates(new char[]{'h', 'o', 'd'});
        for (int i = 0; i < certificates.length; i++) {
            if (certificates[i] instanceof X509Certificate) {
                arrayList.add((X509Certificate) certificates[i]);
            }
        }
        resourceAsStream.close();
        return arrayList;
    }

    private static byte[] getBytesFromInputStream(InputStream inputStream) throws IOException {
        byte[] bArr;
        int read;
        int available = inputStream.available();
        int i = 0;
        byte[] bArr2 = new byte[available];
        while (available > 0 && (read = inputStream.read((bArr = new byte[available]))) >= 0) {
            for (int i2 = 0; i2 < read; i2++) {
                bArr2[i + i2] = bArr[i2];
            }
            i += read;
            available -= read;
        }
        return bArr2;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v17 */
    /* JADX WARN: Type inference failed for: r0v28 */
    /* JADX WARN: Type inference failed for: r0v30 */
    /* JADX WARN: Type inference failed for: r0v31 */
    /* JADX WARN: Type inference failed for: r0v32 */
    @Override // com.ibm.etools.host.connect.editors.X509Provider
    public String getCertificateDisplayNameFromPrincipal(Principal principal) {
        String str;
        String name = principal.getName();
        String str2 = null;
        if (name.indexOf("CN=") >= 0) {
            str2 = "CN=";
        } else if (name.indexOf("O=") >= 0) {
            str2 = "O=";
        }
        if (str2 != null) {
            int indexOf = name.indexOf(str2) + str2.length();
            boolean z = false;
            str = "";
            while (z != 3) {
                if (!z) {
                    z = true;
                }
                char charAt = name.charAt(indexOf);
                if (charAt == ',' && z) {
                    z = 3;
                }
                if (charAt == '\"') {
                    z = z ? 2 : 1;
                }
                if (z || z == 2) {
                    str = str.concat(Character.toString(charAt));
                }
                indexOf++;
                if (indexOf >= name.length()) {
                    z = 3;
                }
            }
        } else {
            str = name;
        }
        return str;
    }

    private void createFlag() {
        try {
            getFlagFile().createNewFile();
        } catch (IOException e) {
            e.printStackTrace();
            HostConnectPlugin.log("HostConnect: Failed to create flag.", 4, e);
        }
    }

    private boolean isFirstKeystoreLoad() {
        return !getFlagFile().exists();
    }

    private File getFlagFile() {
        return new File(Platform.getStateLocation(HostConnectPlugin.getDefault().getBundle()).toOSString(), ".flag");
    }
}
