package com.ibm.spi;

import com.ibm.asn1.ASN1Exception;
import com.ibm.asn1.BERDecoder;
import com.ibm.asn1.DEREncoder;
import com.ibm.cfwk.key.RSAKey;
import com.ibm.cfwk.pkcs.PKCS8;
import com.ibm.cfwk.pki.AlgId;
import com.ibm.cfwk.pki.X509Cert;
import com.ibm.cfwk.pki.X509Exception;
import com.ibm.cfwk.pki.X509Extension;
import com.ibm.cfwk.pki.X509Extensions;
import com.ibm.cfwk.tools.KeyCertGen;
import com.ibm.gsk.ikeyman.basic.BERObject;
import com.ibm.gsk.ikeyman.basic.CertificateItem;
import com.ibm.gsk.ikeyman.basic.DNItem;
import com.ibm.gsk.ikeyman.basic.KeyStoreManager;
import com.ibm.gsk_sslight.KeyStore;
import com.ibm.security.pkcs10.CertificationRequest;
import com.ibm.security.x509.X509CertImpl;
import com.ibm.sslight.SSLightKeyRing;
import com.ibm.util.x500name.X500Name;
import java.io.BufferedInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Date;
import java.util.Enumeration;
import java.util.Vector;

/* loaded from: input_file:efixes/PK60674_Linux_i386/components/prereq.jdk/update.jar:/java/jre/lib/ext/gskikm.jar:com/ibm/spi/SSLightKeyStoreSpi.class */
public class SSLightKeyStoreSpi extends KeyStoreSpi implements IBMKeyStoreSpi {
    protected KeyStore keystore = new KeyStore();
    boolean initialized;
    private String keyDBPassword;
    private String classname;

    /* loaded from: input_file:efixes/PK60674_Linux_i386/components/prereq.jdk/update.jar:/java/jre/lib/ext/gskikm.jar:com/ibm/spi/SSLightKeyStoreSpi$KeyRingClassLoader.class */
    private class KeyRingClassLoader extends ClassLoader {
        private final SSLightKeyStoreSpi this$0;

        public KeyRingClassLoader(SSLightKeyStoreSpi sSLightKeyStoreSpi) {
            this.this$0 = sSLightKeyStoreSpi;
        }

        public String getKeyRingData(InputStream inputStream) throws IOException {
            int read;
            byte[] bArr = new byte[4096];
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            BufferedInputStream bufferedInputStream = new BufferedInputStream(inputStream);
            do {
                read = bufferedInputStream.read(bArr, 0, bArr.length);
                if (read > 0) {
                    byteArrayOutputStream.write(bArr, 0, read);
                }
            } while (read >= 0);
            bufferedInputStream.close();
            byteArrayOutputStream.flush();
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            try {
                Class defineClass = defineClass(null, byteArray, 0, byteArray.length);
                SSLightKeyRing sSLightKeyRing = (SSLightKeyRing) defineClass.newInstance();
                if (!(sSLightKeyRing instanceof SSLightKeyRing)) {
                    throw new IOException("Invalid format, not a subclass of SSLightKeyRing");
                }
                this.this$0.classname = defineClass.getName();
                return sSLightKeyRing.getKeyRingData();
            } catch (ClassFormatError e) {
                throw new IOException("Invalid format, unable to load keyring class");
            } catch (IllegalAccessException e2) {
                throw new IOException("Invalid format, unable to access keyring class");
            } catch (InstantiationException e3) {
                throw new IOException("Invalid format, unable to instantiate keyring class");
            }
        }
    }

    public CertificateItem parseCertificate(X509Cert x509Cert, byte[] bArr) throws KeyStoreException {
        if (x509Cert == null) {
            return null;
        }
        try {
            String valueToString = x509Cert.issuer().attribute(X500Name.COMMON_NAME) != null ? x509Cert.issuer().attribute(X500Name.COMMON_NAME).valueToString() : "";
            String valueToString2 = x509Cert.issuer().attribute(X500Name.ORGANIZATIONAL_UNIT) != null ? x509Cert.issuer().attribute(X500Name.ORGANIZATIONAL_UNIT).valueToString() : "";
            String valueToString3 = x509Cert.issuer().attribute(X500Name.ORGANIZATION) != null ? x509Cert.issuer().attribute(X500Name.ORGANIZATION).valueToString() : "";
            String valueToString4 = x509Cert.issuer().attribute(X500Name.COUNTRY) != null ? x509Cert.issuer().attribute(X500Name.COUNTRY).valueToString() : "";
            String valueToString5 = x509Cert.subject().attribute(X500Name.COMMON_NAME) != null ? x509Cert.subject().attribute(X500Name.COMMON_NAME).valueToString() : "";
            String valueToString6 = x509Cert.subject().attribute(X500Name.ORGANIZATIONAL_UNIT) != null ? x509Cert.subject().attribute(X500Name.ORGANIZATIONAL_UNIT).valueToString() : "";
            String valueToString7 = x509Cert.subject().attribute(X500Name.ORGANIZATION) != null ? x509Cert.subject().attribute(X500Name.ORGANIZATION).valueToString() : "";
            String valueToString8 = x509Cert.subject().attribute(X500Name.COUNTRY) != null ? x509Cert.subject().attribute(X500Name.COUNTRY).valueToString() : "";
            DNItem dNItem = new DNItem(valueToString, valueToString2, valueToString3, valueToString4);
            DNItem dNItem2 = new DNItem(valueToString5, valueToString6, valueToString7, valueToString8);
            Date date = new Date(x509Cert.notBefore());
            Date date2 = new Date(x509Cert.notAfter());
            DEREncoder dEREncoder = new DEREncoder();
            x509Cert.extensions().encode(dEREncoder);
            byte[] byteArray = dEREncoder.toByteArray();
            AlgId signatureKeyAlgId = x509Cert.signatureKeyAlgId();
            DEREncoder dEREncoder2 = new DEREncoder();
            signatureKeyAlgId.encode(dEREncoder2);
            return new CertificateItem((short) x509Cert.version(), (short) x509Cert.subjectKeySize(), x509Cert.serialNo().toString(), dNItem, dNItem2, date, date2, new BERObject(x509Cert.subjectPublicKeyInfo()), new BERObject(byteArray), x509Cert.signature(), new BERObject(dEREncoder2.toByteArray()), signatureKeyAlgId.toString(), signatureKeyAlgId.asn1oid().name(), bArr);
        } catch (ASN1Exception e) {
            throw new KeyStoreException(new StringBuffer().append("An ASN1Exception occurred: ").append(e.getMessage()).toString());
        }
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration engineAliases() {
        Enumeration engineAliases = this.keystore.engineAliases();
        Vector vector = new Vector(engineSize());
        while (engineAliases.hasMoreElements()) {
            try {
                String str = (String) engineAliases.nextElement();
                if (engineIsKeyEntry(str)) {
                    vector.add(str);
                }
            } catch (CertificateEncodingException e) {
                System.out.println(new StringBuffer().append("A CertificateEncodingException occurred: ").append(e.getMessage()).toString());
            } catch (Exception e2) {
                System.out.println(new StringBuffer().append("An Exception occurred: ").append(e2.getMessage()).toString());
            } catch (ASN1Exception e3) {
                System.out.println(new StringBuffer().append("An ASN1Exception occurred: ").append(e3.getMessage()).toString());
            }
        }
        Enumeration engineAliases2 = this.keystore.engineAliases();
        while (engineAliases2.hasMoreElements()) {
            String str2 = (String) engineAliases2.nextElement();
            if (engineIsCertificateEntry(str2)) {
                X509Cert x509Cert = new X509Cert(engineGetCertificate(str2).getEncoded());
                CertificateItem parseCertificate = parseCertificate(x509Cert, x509Cert.getEncoded());
                if (parseCertificate.getSubject().toString().equals(parseCertificate.getIssuer().toString())) {
                    vector.add(str2);
                }
            }
        }
        Enumeration engineAliases3 = this.keystore.engineAliases();
        while (engineAliases3.hasMoreElements()) {
            String str3 = (String) engineAliases3.nextElement();
            if (engineIsCertificateEntry(str3)) {
                X509Cert x509Cert2 = new X509Cert(engineGetCertificate(str3).getEncoded());
                CertificateItem parseCertificate2 = parseCertificate(x509Cert2, x509Cert2.getEncoded());
                if (!parseCertificate2.getSubject().toString().equals(parseCertificate2.getIssuer().toString())) {
                    vector.add(str3);
                }
            }
        }
        Enumeration engineAliases4 = this.keystore.engineAliases();
        while (engineAliases4.hasMoreElements()) {
            String str4 = (String) engineAliases4.nextElement();
            if (engineIsSiteCertificateEntry(str4)) {
                vector.add(str4);
            }
        }
        return vector.elements();
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        return this.keystore.engineContainsAlias(str);
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) throws KeyStoreException {
        try {
            this.keystore.engineDeleteEntry(str);
        } catch (com.ibm.gsk_sslight.KeyStoreException e) {
            throw new KeyStoreException(e.getMessage());
        }
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        return this.keystore.engineSize();
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        return this.keystore.engineIsKeyEntry(str);
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        return this.keystore.engineIsCertificateEntry(str);
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) throws IOException, CertificateException {
        if (inputStream == null) {
            this.initialized = true;
            return;
        }
        try {
            this.keystore.engineLoad(inputStream, cArr);
            this.initialized = true;
            this.keyDBPassword = new String(cArr);
        } catch (IOException e) {
            System.out.println("Might try to use method \"loadFromClass\"");
            throw e;
        } catch (X509Exception e2) {
            throw new CertificateException(e2.getMessage());
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) throws IOException, CertificateException {
        try {
            this.keystore.engineStore(outputStream, cArr);
        } catch (X509Exception e) {
            throw new CertificateException(e.getMessage());
        }
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        if (engineIsCertReqEntry(str)) {
            return null;
        }
        X509Cert engineGetCertificate = this.keystore.engineGetCertificate(str);
        if (engineGetCertificate == null) {
            return null;
        }
        try {
            return new X509CertImpl(engineGetCertificate.getEncoded());
        } catch (Exception e) {
            System.out.println(new StringBuffer().append("Exception: ").append(e.getMessage()).toString());
            e.printStackTrace();
            return null;
        }
    }

    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        X509Cert[] engineGetCertificateChain = this.keystore.engineGetCertificateChain(str);
        if (engineGetCertificateChain == null) {
            return null;
        }
        try {
            X509CertImpl[] x509CertImplArr = new X509CertImpl[engineGetCertificateChain.length];
            for (int i = 0; i < engineGetCertificateChain.length; i++) {
                x509CertImplArr[i] = new X509CertImpl(engineGetCertificateChain[i].getEncoded());
            }
            return x509CertImplArr;
        } catch (Exception e) {
            return null;
        }
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        try {
            return this.keystore.engineGetCertificateAlias(new X509Cert(certificate.getEncoded()));
        } catch (Exception e) {
            return null;
        }
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
        PKCS8 pkcs8 = new PKCS8(this.keystore.engineGetKey(str, cArr));
        try {
            DEREncoder dEREncoder = new DEREncoder();
            pkcs8.encode(dEREncoder);
            return KeyFactory.getInstance("RSA", KeyStoreManager.JCEProvider).generatePrivate(new PKCS8EncodedKeySpec(dEREncoder.toByteArray()));
        } catch (Exception e) {
            throw new UnrecoverableKeyException(e.getMessage());
        }
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        return new Date();
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
        X509Cert[] x509CertArr = null;
        if (certificateArr != null) {
            x509CertArr = new X509Cert[certificateArr.length];
            for (int i = 0; i < certificateArr.length; i++) {
                if (certificateArr[i] == null) {
                    x509CertArr[i] = null;
                } else {
                    if (!(certificateArr[i] instanceof X509Certificate)) {
                        throw new KeyStoreException(new StringBuffer().append("Cannot store a certificate of type ").append(certificateArr[i].getClass().getName()).toString());
                    }
                    try {
                        x509CertArr[i] = new X509Cert(((X509Certificate) certificateArr[i]).getEncoded());
                    } catch (CertificateEncodingException e) {
                    } catch (ASN1Exception e2) {
                        throw new KeyStoreException(new StringBuffer().append("An ASN1Exception occurred: ").append(e2.getMessage()).toString());
                    }
                }
            }
        }
        if (!key.getFormat().equals("PKCS#8")) {
            throw new KeyStoreException("Key does not support PKCS#8 encoding");
        }
        try {
            this.keystore.engineSetKeyEntry(str, PKCS8.make(new BERDecoder(key.getEncoded())).privateKey, cArr, x509CertArr);
        } catch (Exception e3) {
            throw new KeyStoreException(e3.getMessage());
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
        throw new KeyStoreException("Unsupported KeyStore operation");
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
        if (!(certificate instanceof X509Certificate)) {
            throw new KeyStoreException(new StringBuffer().append("Cannot store a certificate of type ").append(certificate.getClass().getName()).toString());
        }
        try {
            try {
                this.keystore.engineSetCertificateEntry(str, new X509Cert(((X509Certificate) certificate).getEncoded()));
            } catch (com.ibm.gsk_sslight.KeyStoreException e) {
                throw new KeyStoreException(e.getMessage());
            }
        } catch (ASN1Exception e2) {
            throw new KeyStoreException(new StringBuffer().append("An ASN1Exception occurred: ").append(e2.getMessage()).toString());
        } catch (CertificateEncodingException e3) {
            throw new KeyStoreException(new StringBuffer().append("A certificate encoding occurred: ").append(e3.getMessage()).toString());
        }
    }

    @Override // com.ibm.spi.IBMKeyStoreSpi
    public boolean engineIsDefaultKeyEntry(String str) {
        try {
            String engineGetDefaultKeyEntry = this.keystore.engineGetDefaultKeyEntry();
            if (engineGetDefaultKeyEntry != null) {
                return engineGetDefaultKeyEntry.equals(str);
            }
            return false;
        } catch (Exception e) {
            return false;
        }
    }

    @Override // com.ibm.spi.IBMKeyStoreSpi
    public String engineGetDefaultKeyEntry() throws KeyStoreException {
        try {
            return this.keystore.engineGetDefaultKeyEntry();
        } catch (Exception e) {
            throw new KeyStoreException("An error occured while extracting the default KeyItem");
        }
    }

    @Override // com.ibm.spi.IBMKeyStoreSpi
    public void engineSetDefaultKeyEntry(String str) throws KeyStoreException {
        try {
            this.keystore.engineSetDefaultKeyEntry(str);
        } catch (Exception e) {
            throw new KeyStoreException("An error occured while setting the default KeyItem");
        }
    }

    @Override // com.ibm.spi.IBMKeyStoreSpi
    public boolean engineIsSiteCertificateEntry(String str) throws KeyStoreException {
        try {
            return this.keystore.engineIsSiteCertificateEntry(str);
        } catch (Exception e) {
            throw new KeyStoreException("An error occured while check Site entry");
        }
    }

    @Override // com.ibm.spi.IBMKeyStoreSpi
    public void engineSetSiteCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
        if (!(certificate instanceof X509Certificate)) {
            throw new KeyStoreException(new StringBuffer().append("Cannot store a certificate of type ").append(certificate.getClass().getName()).toString());
        }
        try {
            try {
                this.keystore.engineSetSiteCertificateEntry(str, new X509Cert(((X509Certificate) certificate).getEncoded()));
            } catch (com.ibm.gsk_sslight.KeyStoreException e) {
                throw new KeyStoreException(e.getMessage());
            }
        } catch (ASN1Exception e2) {
            throw new KeyStoreException(new StringBuffer().append("An ASN1Exception occurred: ").append(e2.getMessage()).toString());
        } catch (CertificateEncodingException e3) {
            throw new KeyStoreException(new StringBuffer().append("A certificate encoding occurred: ").append(e3.getMessage()).toString());
        }
    }

    @Override // com.ibm.spi.IBMKeyStoreSpi
    public void engineLoadFromClass(InputStream inputStream, char[] cArr) throws IOException, CertificateException {
        try {
            this.keystore.engineLoad(new KeyRingClassLoader(this).getKeyRingData(inputStream), cArr);
            this.initialized = true;
        } catch (X509Exception e) {
            throw new CertificateException(e.getMessage());
        }
    }

    @Override // com.ibm.spi.IBMKeyStoreSpi
    public void engineStoreAsClass(OutputStream outputStream, char[] cArr, String str) throws IOException, CertificateException {
        if (str == null) {
            throw new IOException("Classname must be specified");
        }
        try {
            this.keystore.engineStore(outputStream, cArr, str);
        } catch (X509Exception e) {
            throw new CertificateException(e.getMessage());
        }
    }

    @Override // com.ibm.spi.IBMKeyStoreSpi
    public boolean isInitialized() {
        return this.initialized;
    }

    @Override // com.ibm.spi.IBMKeyStoreSpi
    public void engineLoadCMS(InputStream inputStream, InputStream inputStream2, InputStream inputStream3, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        throw new NoSuchAlgorithmException("SSLight does not support");
    }

    @Override // com.ibm.spi.IBMKeyStoreSpi
    public void engineLoad(String str, String str2) throws IOException {
        throw new IOException("SSLight doesn't not support");
    }

    @Override // com.ibm.spi.IBMKeyStoreSpi
    public void engineStoreCMS(OutputStream outputStream, OutputStream outputStream2, OutputStream outputStream3, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        throw new NoSuchAlgorithmException("SSLight does not support");
    }

    @Override // com.ibm.spi.IBMKeyStoreSpi
    public void engineSetExpireTime(long j) throws NoSuchAlgorithmException {
        throw new NoSuchAlgorithmException("SSLight does not support");
    }

    @Override // com.ibm.spi.IBMKeyStoreSpi
    public boolean engineIsCertReqEntry(String str) {
        boolean z = false;
        try {
            X509Extensions extensions = this.keystore.engineGetCertificate(str).extensions();
            if (extensions != null) {
                if (extensions.findExtension(KeyCertGen.GSKCertificationRequestOID) != null) {
                    z = true;
                }
            }
        } catch (Exception e) {
        }
        return z;
    }

    @Override // com.ibm.spi.IBMKeyStoreSpi
    public void engineSetCertReqEntry(String str, CertificationRequest certificationRequest, Key key) throws KeyStoreException {
        try {
            X500Name x500Name = new X500Name(certificationRequest.getCertRequestInfo().getSubjectName().getEncoded());
            X509Extension[] x509ExtensionArr = {new X509Extension(KeyCertGen.GSKCertificationRequestOID, false)};
            X509Cert[] x509CertArr = new X509Cert[1];
            certificationRequest.getSignatureAlgorithm().getName();
            if (!key.getFormat().equals("PKCS#8")) {
                throw new KeyStoreException("Key does not support PKCS#8 encoding");
            }
            try {
                RSAKey rSAKey = PKCS8.make(new BERDecoder(key.getEncoded())).privateKey;
                x509CertArr[0] = KeyCertGen.generateCertificate(rSAKey, x500Name, 2, 365, "MD5 with RSA", x509ExtensionArr);
                this.keystore.engineSetKeyEntry(str, rSAKey, (char[]) null, x509CertArr);
            } catch (Exception e) {
                throw new KeyStoreException(e.toString());
            }
        } catch (Exception e2) {
            throw new KeyStoreException(e2.toString());
        }
    }

    @Override // com.ibm.spi.IBMKeyStoreSpi
    public CertificationRequest engineGetCertReqEntry(String str) throws KeyStoreException {
        try {
            X509Cert engineGetCertificate = this.keystore.engineGetCertificate(str);
            X509Extensions extensions = engineGetCertificate.extensions();
            if (extensions == null) {
                return null;
            }
            return new CertificationRequest(KeyCertGen.generateCertificationRequest(this.keystore.engineGetKey(str, (char[]) null), engineGetCertificate.subject(), "MD5 with RSA", extensions.extensions()).getEncoded());
        } catch (Exception e) {
            throw new KeyStoreException(e.toString());
        }
    }

    @Override // com.ibm.spi.IBMKeyStoreSpi
    public boolean engineIsTrusted(String str) {
        return engineIsCertificateEntry(str);
    }

    @Override // com.ibm.spi.IBMKeyStoreSpi
    public void engineSetTrusted(String str, boolean z) {
    }

    @Override // com.ibm.spi.IBMKeyStoreSpi
    public void engineStashKeydbPwd(OutputStream outputStream) throws IOException, NoSuchAlgorithmException {
        throw new NoSuchAlgorithmException("SSLight does not support");
    }

    @Override // com.ibm.spi.IBMKeyStoreSpi
    public void engineCreateNewSelfSignedCertificate(int i, String str, int i2, DNItem dNItem, int i3, int i4, Vector vector) throws KeyStoreException {
    }
}
