package org.qipki.ca.http.presentation.rest.resources.tools;

import java.io.BufferedReader;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchProviderException;
import java.security.cert.CRLException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.Collections;
import java.util.List;
import org.apache.commons.fileupload.FileItem;
import org.apache.commons.fileupload.FileUploadException;
import org.apache.commons.fileupload.disk.DiskFileItemFactory;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMReader;
import org.bouncycastle.openssl.PasswordFinder;
import org.codeartisans.java.toolbox.StringUtils;
import org.qipki.crypto.storage.KeyStoreType;
import org.restlet.data.Form;
import org.restlet.data.MediaType;
import org.restlet.data.Method;
import org.restlet.data.Parameter;
import org.restlet.data.Status;
import org.restlet.engine.util.FormUtils;
import org.restlet.ext.fileupload.RestletFileUpload;
import org.restlet.representation.EmptyRepresentation;
import org.restlet.representation.Representation;
import org.restlet.representation.Variant;
import org.restlet.resource.ResourceException;
import org.restlet.resource.ServerResource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/qipki/ca/http/presentation/rest/resources/tools/CryptoInspectorResource.class */
public class CryptoInspectorResource extends ServerResource {
    private static final Logger LOGGER = LoggerFactory.getLogger(CryptoInspectorResource.class);
    private final RestletFileUpload fileUpload;

    public CryptoInspectorResource() {
        setAllowedMethods(Collections.singleton(Method.POST));
        setNegotiated(true);
        File file = new File(System.getProperty("java.io.tmpdir"), "qipki-crypto-inspector-upload-repository");
        file.mkdirs();
        this.fileUpload = new RestletFileUpload(new DiskFileItemFactory(10000, file));
    }

    protected Representation post(Representation representation, Variant variant) throws ResourceException {
        if (!representation.isAvailable()) {
            throw new ResourceException(Status.CLIENT_ERROR_BAD_REQUEST, "Empty request");
        }
        if (!MediaType.APPLICATION_WWW_FORM.equals(representation.getMediaType())) {
            throw new ResourceException(Status.CLIENT_ERROR_BAD_REQUEST, "Not a WWW FORM request");
        }
        InputStream inputStream = null;
        try {
            try {
                getPassword(representation);
                List parseRepresentation = this.fileUpload.parseRepresentation(representation);
                if (parseRepresentation.size() != 1) {
                    throw new ResourceException(Status.CLIENT_ERROR_BAD_REQUEST, "Need one and only one file in request");
                }
                InputStream inputStream2 = ((FileItem) parseRepresentation.get(0)).getInputStream();
                EmptyRepresentation emptyRepresentation = new EmptyRepresentation();
                if (inputStream2 != null) {
                    try {
                        inputStream2.close();
                    } catch (IOException e) {
                    }
                }
                return emptyRepresentation;
            } catch (FileUploadException e2) {
                LOGGER.warn("500: {}", e2.getMessage(), e2);
                throw new ResourceException(Status.SERVER_ERROR_INTERNAL, "Unable to read posted value", e2);
            } catch (IOException e3) {
                LOGGER.warn("500: {}", e3.getMessage(), e3);
                throw new ResourceException(Status.SERVER_ERROR_INTERNAL, "Unable to read posted value", e3);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    inputStream.close();
                } catch (IOException e4) {
                }
            }
            throw th;
        }
    }

    private char[] getPassword(Representation representation) {
        char[] charArray = "".toCharArray();
        Form form = new Form();
        FormUtils.parse(form, representation);
        Parameter first = form.getFirst("password");
        if (first != null && !StringUtils.isEmpty(first.getValue())) {
            charArray = first.getValue().toCharArray();
        }
        return charArray;
    }

    private boolean isPEM(InputStream inputStream, final char[] cArr) {
        PEMReader pEMReader = null;
        try {
            pEMReader = new PEMReader(new BufferedReader(new InputStreamReader(inputStream)), new PasswordFinder() { // from class: org.qipki.ca.http.presentation.rest.resources.tools.CryptoInspectorResource.1
                public char[] getPassword() {
                    return cArr;
                }
            });
            boolean z = pEMReader.readObject() != null;
            if (pEMReader != null) {
                try {
                    pEMReader.close();
                } catch (IOException e) {
                }
            }
            return z;
        } catch (IOException e2) {
            if (pEMReader != null) {
                try {
                    pEMReader.close();
                } catch (IOException e3) {
                    return false;
                }
            }
            return false;
        } catch (Throwable th) {
            if (pEMReader != null) {
                try {
                    pEMReader.close();
                } catch (IOException e4) {
                    throw th;
                }
            }
            throw th;
        }
    }

    private boolean isDER(InputStream inputStream) {
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509", BouncyCastleProvider.PROVIDER_NAME);
            try {
                certificateFactory.generateCRLs(inputStream);
                return true;
            } catch (CRLException e) {
                try {
                    certificateFactory.generateCertificates(inputStream);
                    return true;
                } catch (CertificateException e2) {
                    return false;
                }
            }
        } catch (GeneralSecurityException e3) {
            return false;
        }
    }

    private boolean isKeyStore(KeyStoreType keyStoreType, InputStream inputStream, char[] cArr) {
        try {
            getKeyStoreInstance(keyStoreType).load(inputStream, cArr);
            return true;
        } catch (IOException e) {
            return false;
        } catch (GeneralSecurityException e2) {
            return false;
        }
    }

    private KeyStore getKeyStoreInstance(KeyStoreType keyStoreType) throws KeyStoreException, NoSuchProviderException {
        return KeyStoreType.PKCS12 == keyStoreType ? KeyStore.getInstance(keyStoreType.typeString(), BouncyCastleProvider.PROVIDER_NAME) : KeyStore.getInstance(keyStoreType.typeString());
    }
}
