package org.waarp.common.crypto.ssl;

import ch.qos.logback.core.net.ssl.SSL;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManagerFactory;
import org.waarp.common.digest.WaarpBC;
import org.waarp.common.exception.CryptoException;
import org.waarp.common.file.FileUtils;
import org.waarp.common.logging.WaarpLogger;
import org.waarp.common.logging.WaarpLoggerFactory;

/* loaded from: input_file:org/waarp/common/crypto/ssl/WaarpSecureKeyStore.class */
public class WaarpSecureKeyStore {
    private static final String CANNOT_SAVE_TO_FILE_KEY_STORE_INSTANCE = "Cannot save to file KeyStore Instance";
    private static final String CANNOT_CREATE_KEY_MANAGER_FACTORY_INSTANCE = "Cannot create KeyManagerFactory Instance";
    private static final String CANNOT_CREATE_KEY_STORE_INSTANCE = "Cannot create KeyStore Instance";
    private static final WaarpLogger logger = WaarpLoggerFactory.getLogger((Class<?>) WaarpSecureKeyStore.class);
    private static final String CANNOT_CREATE_TRUST_MANAGER_FACTORY_INSTANCE = "Cannot create TrustManagerFactory Instance";
    private static final String CANNOT_CREATE_KEY_TRUST_STORE_INSTANCE = "Cannot create keyTrustStore Instance";
    private static final String CANNOT_SAVE_TO_FILE_KEY_TRUST_STORE_INSTANCE = "Cannot save to file keyTrustStore Instance";
    private String keyStoreFilename;
    private KeyStore keyStore;
    private KeyManagerFactory keyManagerFactory;
    private String keyStorePasswd;
    private String keyPassword;
    private WaarpSecureTrustManagerFactory secureTrustManagerFactory;
    private String trustStoreFilename;
    private KeyStore keyTrustStore;
    private String trustStorePasswd;

    public WaarpSecureKeyStore(String str, String str2) throws CryptoException {
        this.keyStorePasswd = str;
        this.keyPassword = str2;
        try {
            this.keyStore = KeyStore.getInstance(SSL.DEFAULT_KEYSTORE_TYPE);
            try {
                this.keyStore.load(null, getKeyStorePassword());
                initKeyManagerFactory();
            } catch (FileNotFoundException e) {
                logger.error(CANNOT_CREATE_KEY_STORE_INSTANCE, (Throwable) e);
                throw new CryptoException(CANNOT_CREATE_KEY_STORE_INSTANCE, e);
            } catch (IOException e2) {
                logger.error(CANNOT_CREATE_KEY_STORE_INSTANCE, (Throwable) e2);
                throw new CryptoException(CANNOT_CREATE_KEY_STORE_INSTANCE, e2);
            } catch (NoSuchAlgorithmException e3) {
                logger.error(CANNOT_CREATE_KEY_STORE_INSTANCE, (Throwable) e3);
                throw new CryptoException(CANNOT_CREATE_KEY_STORE_INSTANCE, e3);
            } catch (CertificateException e4) {
                logger.error(CANNOT_CREATE_KEY_STORE_INSTANCE, (Throwable) e4);
                throw new CryptoException(CANNOT_CREATE_KEY_STORE_INSTANCE, e4);
            }
        } catch (KeyStoreException e5) {
            logger.error(CANNOT_CREATE_KEY_STORE_INSTANCE, (Throwable) e5);
            throw new CryptoException(CANNOT_CREATE_KEY_STORE_INSTANCE, e5);
        }
    }

    public WaarpSecureKeyStore(String str, String str2, String str3) throws CryptoException {
        initKeyStore(str, str2, str3);
    }

    public WaarpSecureKeyStore(String str, String str2, String str3, String str4, String str5, boolean z) throws CryptoException {
        initKeyStore(str, str2, str3);
        if (str4 != null) {
            initTrustStore(str4, str5, z);
        } else {
            initEmptyTrustStore();
        }
    }

    public void initKeyStore(String str, String str2, String str3) throws CryptoException {
        this.keyStoreFilename = str;
        this.keyStorePasswd = str2;
        this.keyPassword = str3;
        try {
            this.keyStore = KeyStore.getInstance(SSL.DEFAULT_KEYSTORE_TYPE);
            FileInputStream fileInputStream = null;
            try {
                try {
                    try {
                        try {
                            try {
                                fileInputStream = new FileInputStream(this.keyStoreFilename);
                                this.keyStore.load(fileInputStream, getKeyStorePassword());
                                FileUtils.close(fileInputStream);
                                initKeyManagerFactory();
                            } catch (FileNotFoundException e) {
                                logger.error(CANNOT_CREATE_KEY_STORE_INSTANCE, (Throwable) e);
                                throw new CryptoException(CANNOT_CREATE_KEY_STORE_INSTANCE, e);
                            }
                        } catch (IOException e2) {
                            logger.error(CANNOT_CREATE_KEY_STORE_INSTANCE, (Throwable) e2);
                            throw new CryptoException(CANNOT_CREATE_KEY_STORE_INSTANCE, e2);
                        }
                    } catch (NoSuchAlgorithmException e3) {
                        logger.error(CANNOT_CREATE_KEY_STORE_INSTANCE, (Throwable) e3);
                        throw new CryptoException(CANNOT_CREATE_KEY_STORE_INSTANCE, e3);
                    }
                } catch (CertificateException e4) {
                    logger.error(CANNOT_CREATE_KEY_STORE_INSTANCE, (Throwable) e4);
                    throw new CryptoException(CANNOT_CREATE_KEY_STORE_INSTANCE, e4);
                }
            } catch (Throwable th) {
                FileUtils.close(fileInputStream);
                throw th;
            }
        } catch (KeyStoreException e5) {
            logger.error(CANNOT_CREATE_KEY_STORE_INSTANCE, (Throwable) e5);
            throw new CryptoException(CANNOT_CREATE_KEY_STORE_INSTANCE, e5);
        }
    }

    void initKeyManagerFactory() throws CryptoException {
        try {
            this.keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            try {
                this.keyManagerFactory.init(this.keyStore, getCertificatePassword());
            } catch (KeyStoreException e) {
                logger.error(CANNOT_CREATE_KEY_MANAGER_FACTORY_INSTANCE, (Throwable) e);
                throw new CryptoException(CANNOT_CREATE_KEY_MANAGER_FACTORY_INSTANCE, e);
            } catch (NoSuchAlgorithmException e2) {
                logger.error(CANNOT_CREATE_KEY_MANAGER_FACTORY_INSTANCE, (Throwable) e2);
                throw new CryptoException(CANNOT_CREATE_KEY_MANAGER_FACTORY_INSTANCE, e2);
            } catch (UnrecoverableKeyException e3) {
                logger.error(CANNOT_CREATE_KEY_MANAGER_FACTORY_INSTANCE, (Throwable) e3);
                throw new CryptoException(CANNOT_CREATE_KEY_MANAGER_FACTORY_INSTANCE, e3);
            }
        } catch (NoSuchAlgorithmException e4) {
            logger.error(CANNOT_CREATE_KEY_MANAGER_FACTORY_INSTANCE, (Throwable) e4);
            throw new CryptoException(CANNOT_CREATE_KEY_MANAGER_FACTORY_INSTANCE, e4);
        }
    }

    public boolean deleteKeyFromKeyStore(String str) {
        try {
            this.keyStore.deleteEntry(str);
            return true;
        } catch (KeyStoreException e) {
            logger.error("Cannot delete Key from KeyStore Instance", (Throwable) e);
            return false;
        }
    }

    public boolean setKeytoKeyStore(String str, Key key, Certificate[] certificateArr) {
        try {
            this.keyStore.setKeyEntry(str, key, getCertificatePassword(), certificateArr);
            return true;
        } catch (KeyStoreException e) {
            logger.error("Cannot add Key and Certificates to KeyStore Instance", (Throwable) e);
            return false;
        }
    }

    public boolean saveKeyStore(String str) {
        try {
            try {
                FileOutputStream fileOutputStream = new FileOutputStream(str);
                try {
                    this.keyStore.store(fileOutputStream, getKeyStorePassword());
                    FileUtils.close(fileOutputStream);
                    return true;
                } catch (IOException e) {
                    logger.error(CANNOT_SAVE_TO_FILE_KEY_STORE_INSTANCE, (Throwable) e);
                    FileUtils.close(fileOutputStream);
                    return false;
                } catch (KeyStoreException e2) {
                    logger.error(CANNOT_SAVE_TO_FILE_KEY_STORE_INSTANCE, (Throwable) e2);
                    FileUtils.close(fileOutputStream);
                    return false;
                } catch (NoSuchAlgorithmException e3) {
                    logger.error(CANNOT_SAVE_TO_FILE_KEY_STORE_INSTANCE, (Throwable) e3);
                    FileUtils.close(fileOutputStream);
                    return false;
                } catch (CertificateException e4) {
                    logger.error(CANNOT_SAVE_TO_FILE_KEY_STORE_INSTANCE, (Throwable) e4);
                    FileUtils.close(fileOutputStream);
                    return false;
                }
            } catch (FileNotFoundException e5) {
                logger.error(CANNOT_SAVE_TO_FILE_KEY_STORE_INSTANCE, (Throwable) e5);
                FileUtils.close((OutputStream) null);
                return false;
            }
        } catch (Throwable th) {
            FileUtils.close((OutputStream) null);
            throw th;
        }
    }

    public void initTrustStore(String str, String str2, boolean z) throws CryptoException {
        this.trustStoreFilename = str;
        this.trustStorePasswd = str2;
        try {
            this.keyTrustStore = KeyStore.getInstance(SSL.DEFAULT_KEYSTORE_TYPE);
            FileInputStream fileInputStream = null;
            try {
                try {
                    try {
                        fileInputStream = new FileInputStream(this.trustStoreFilename);
                        this.keyTrustStore.load(fileInputStream, getKeyTrustStorePassword());
                        FileUtils.close(fileInputStream);
                        try {
                            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                            try {
                                trustManagerFactory.init(this.keyTrustStore);
                                try {
                                    this.secureTrustManagerFactory = new WaarpSecureTrustManagerFactory(trustManagerFactory, z);
                                } catch (CryptoException e) {
                                    logger.error(CANNOT_CREATE_TRUST_MANAGER_FACTORY_INSTANCE, (Throwable) e);
                                    throw new CryptoException(CANNOT_CREATE_TRUST_MANAGER_FACTORY_INSTANCE, e);
                                }
                            } catch (KeyStoreException e2) {
                                logger.error(CANNOT_CREATE_TRUST_MANAGER_FACTORY_INSTANCE, (Throwable) e2);
                                throw new CryptoException(CANNOT_CREATE_TRUST_MANAGER_FACTORY_INSTANCE, e2);
                            }
                        } catch (NoSuchAlgorithmException e3) {
                            logger.error(CANNOT_CREATE_TRUST_MANAGER_FACTORY_INSTANCE, (Throwable) e3);
                            throw new CryptoException(CANNOT_CREATE_TRUST_MANAGER_FACTORY_INSTANCE, e3);
                        }
                    } catch (IOException e4) {
                        logger.error(CANNOT_CREATE_TRUST_MANAGER_FACTORY_INSTANCE, (Throwable) e4);
                        throw new CryptoException(CANNOT_CREATE_TRUST_MANAGER_FACTORY_INSTANCE, e4);
                    } catch (NoSuchAlgorithmException e5) {
                        logger.error(CANNOT_CREATE_TRUST_MANAGER_FACTORY_INSTANCE, (Throwable) e5);
                        throw new CryptoException(CANNOT_CREATE_TRUST_MANAGER_FACTORY_INSTANCE, e5);
                    }
                } catch (FileNotFoundException e6) {
                    logger.error(CANNOT_CREATE_TRUST_MANAGER_FACTORY_INSTANCE, (Throwable) e6);
                    throw new CryptoException(CANNOT_CREATE_TRUST_MANAGER_FACTORY_INSTANCE, e6);
                } catch (CertificateException e7) {
                    logger.error(CANNOT_CREATE_TRUST_MANAGER_FACTORY_INSTANCE, (Throwable) e7);
                    throw new CryptoException(CANNOT_CREATE_TRUST_MANAGER_FACTORY_INSTANCE, e7);
                }
            } catch (Throwable th) {
                FileUtils.close(fileInputStream);
                throw th;
            }
        } catch (KeyStoreException e8) {
            logger.error(CANNOT_CREATE_TRUST_MANAGER_FACTORY_INSTANCE, (Throwable) e8);
            throw new CryptoException(CANNOT_CREATE_TRUST_MANAGER_FACTORY_INSTANCE, e8);
        }
    }

    public boolean initEmptyTrustStore() {
        this.trustStorePasswd = "secret";
        try {
            this.keyTrustStore = KeyStore.getInstance(SSL.DEFAULT_KEYSTORE_TYPE);
            try {
                this.keyTrustStore.load(null, getKeyTrustStorePassword());
                this.secureTrustManagerFactory = new WaarpSecureTrustManagerFactory();
                return true;
            } catch (FileNotFoundException e) {
                logger.error(CANNOT_CREATE_KEY_TRUST_STORE_INSTANCE, (Throwable) e);
                return false;
            } catch (IOException e2) {
                logger.error(CANNOT_CREATE_KEY_TRUST_STORE_INSTANCE, (Throwable) e2);
                return false;
            } catch (NoSuchAlgorithmException e3) {
                logger.error(CANNOT_CREATE_KEY_TRUST_STORE_INSTANCE, (Throwable) e3);
                return false;
            } catch (CertificateException e4) {
                logger.error(CANNOT_CREATE_KEY_TRUST_STORE_INSTANCE, (Throwable) e4);
                return false;
            }
        } catch (KeyStoreException e5) {
            logger.error(CANNOT_CREATE_KEY_TRUST_STORE_INSTANCE, (Throwable) e5);
            return false;
        }
    }

    public boolean deleteKeyFromTrustStore(String str) {
        try {
            this.keyStore.deleteEntry(str);
            return true;
        } catch (KeyStoreException e) {
            logger.error("Cannot delete Key from keyTrustStore Instance", (Throwable) e);
            return false;
        }
    }

    public boolean setKeytoTrustStore(String str, Certificate certificate) {
        try {
            this.keyStore.setCertificateEntry(str, certificate);
            return true;
        } catch (KeyStoreException e) {
            logger.error("Cannot add Certificate to keyTrustStore Instance", (Throwable) e);
            return false;
        }
    }

    public boolean saveTrustStore(String str) {
        try {
            try {
                FileOutputStream fileOutputStream = new FileOutputStream(str);
                try {
                    this.keyTrustStore.store(fileOutputStream, getKeyTrustStorePassword());
                    FileUtils.close(fileOutputStream);
                    return true;
                } catch (IOException e) {
                    logger.error(CANNOT_SAVE_TO_FILE_KEY_TRUST_STORE_INSTANCE, (Throwable) e);
                    FileUtils.close(fileOutputStream);
                    return false;
                } catch (KeyStoreException e2) {
                    logger.error(CANNOT_SAVE_TO_FILE_KEY_TRUST_STORE_INSTANCE, (Throwable) e2);
                    FileUtils.close(fileOutputStream);
                    return false;
                } catch (NoSuchAlgorithmException e3) {
                    logger.error(CANNOT_SAVE_TO_FILE_KEY_TRUST_STORE_INSTANCE, (Throwable) e3);
                    FileUtils.close(fileOutputStream);
                    return false;
                } catch (CertificateException e4) {
                    logger.error(CANNOT_SAVE_TO_FILE_KEY_TRUST_STORE_INSTANCE, (Throwable) e4);
                    FileUtils.close(fileOutputStream);
                    return false;
                }
            } catch (FileNotFoundException e5) {
                logger.error(CANNOT_SAVE_TO_FILE_KEY_TRUST_STORE_INSTANCE, (Throwable) e5);
                FileUtils.close((OutputStream) null);
                return false;
            }
        } catch (Throwable th) {
            FileUtils.close((OutputStream) null);
            throw th;
        }
    }

    public static Certificate loadX509Certificate(String str) throws CertificateException, FileNotFoundException {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        FileInputStream fileInputStream = new FileInputStream(str);
        try {
            Certificate generateCertificate = certificateFactory.generateCertificate(fileInputStream);
            FileUtils.close(fileInputStream);
            return generateCertificate;
        } catch (Throwable th) {
            FileUtils.close(fileInputStream);
            throw th;
        }
    }

    public char[] getCertificatePassword() {
        return this.keyPassword != null ? this.keyPassword.toCharArray() : "nopwd".toCharArray();
    }

    public char[] getKeyStorePassword() {
        return this.keyStorePasswd != null ? this.keyStorePasswd.toCharArray() : "nopwd".toCharArray();
    }

    public char[] getKeyTrustStorePassword() {
        return this.trustStorePasswd != null ? this.trustStorePasswd.toCharArray() : "nopwd".toCharArray();
    }

    public String getKeyStoreFilename() {
        return this.keyStoreFilename;
    }

    public WaarpSecureTrustManagerFactory getSecureTrustManagerFactory() {
        return this.secureTrustManagerFactory;
    }

    public KeyManagerFactory getKeyManagerFactory() {
        return this.keyManagerFactory;
    }

    static {
        WaarpBC.initializedTlsContext();
    }
}
