package net.jxta.impl.membership.pse;

import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.Reader;
import java.io.StringReader;
import java.io.StringWriter;
import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.Security;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.util.Calendar;
import java.util.Date;
import java.util.Hashtable;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.Cipher;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import javax.security.auth.x500.X500Principal;
import net.jxta.impl.endpoint.cbjx.CbJxDefs;
import net.jxta.impl.util.BASE64InputStream;
import net.jxta.impl.util.BASE64OutputStream;
import net.jxta.impl.util.JxtaHash;
import net.jxta.logging.Logging;
import org.bouncycastle.asn1.x509.X509NameTokenizer;
import org.bouncycastle.jce.X509Principal;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.x509.X509V3CertificateGenerator;

/* loaded from: input_file:META-INF/lib/shoal-jxta-1.1_09292008.jar:net/jxta/impl/membership/pse/PSEUtils.class */
public final class PSEUtils {
    private static final transient Logger LOG = Logger.getLogger(PSEUtils.class.getName());
    private static final PSEUtils UTILS = new PSEUtils();
    final transient SecureRandom srng = new SecureRandom();
    static final String PKCS5_PBSE1_ALGO = "PBEWITHMD5ANDDES";

    /* loaded from: input_file:META-INF/lib/shoal-jxta-1.1_09292008.jar:net/jxta/impl/membership/pse/PSEUtils$IssuerInfo.class */
    public static class IssuerInfo {
        public X509Certificate cert;
        public PrivateKey subjectPkey;
        public X509Certificate issuer;
        public PrivateKey issuerPkey;
    }

    private PSEUtils() {
        try {
            Security.addProvider((Provider) ClassLoader.getSystemClassLoader().loadClass(BouncyCastleProvider.class.getName()).newInstance());
            if (Logging.SHOW_INFO && LOG.isLoggable(Level.INFO)) {
                LOG.info("Loaded Security Providers into system class loader");
            }
        } catch (Exception e) {
            if (Logging.SHOW_WARNING && LOG.isLoggable(Level.WARNING)) {
                LOG.log(Level.WARNING, "Failed loading Security Providers into System Class Loader. Will try local class loader (which may not work)", (Throwable) e);
            }
            Security.addProvider(new BouncyCastleProvider());
            if (Logging.SHOW_INFO && LOG.isLoggable(Level.INFO)) {
                LOG.info("Loaded Security Providers into local class loader");
            }
        }
    }

    public static IssuerInfo genCert(String str, IssuerInfo issuerInfo) throws SecurityException {
        String str2;
        try {
            if (null == issuerInfo) {
                if (Logging.SHOW_FINE && LOG.isLoggable(Level.FINE)) {
                    LOG.fine("Generating Self Signed Cert ...");
                }
                str2 = !str.endsWith("-CA") ? str + "-CA" : str;
            } else {
                if (Logging.SHOW_FINE && LOG.isLoggable(Level.FINE)) {
                    LOG.fine("Generating Client Cert ...");
                }
                str2 = str;
            }
            Hashtable hashtable = new Hashtable();
            hashtable.put(X509Principal.CN, str2);
            hashtable.put(X509Principal.O, "www.jxta.org");
            byte[] bArr = new byte[10];
            UTILS.srng.nextBytes(bArr);
            hashtable.put(X509Principal.OU, toHexDigits(bArr));
            X500Principal x500Principal = new X500Principal(new X509Principal(hashtable).getEncoded());
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(JxtaHash.RSA);
            keyPairGenerator.initialize(1024, UTILS.srng);
            return genCert(x500Principal, keyPairGenerator.generateKeyPair(), issuerInfo);
        } catch (NoSuchAlgorithmException e) {
            if (Logging.SHOW_SEVERE && LOG.isLoggable(Level.SEVERE)) {
                LOG.log(Level.SEVERE, "Could not generate certificate", (Throwable) e);
            }
            SecurityException securityException = new SecurityException("Could not generate certificate");
            securityException.initCause(e);
            throw securityException;
        }
    }

    public static IssuerInfo genCert(X500Principal x500Principal, KeyPair keyPair, IssuerInfo issuerInfo) throws SecurityException {
        PrivateKey privateKey;
        X509Principal x509Principal;
        try {
            if (null == issuerInfo) {
                privateKey = keyPair.getPrivate();
                x509Principal = new X509Principal(x500Principal.getEncoded());
            } else {
                privateKey = issuerInfo.subjectPkey;
                x509Principal = new X509Principal(issuerInfo.cert.getSubjectX500Principal().getEncoded());
            }
            Date date = new Date();
            Calendar calendar = Calendar.getInstance();
            calendar.setTime(date);
            calendar.add(1, 10);
            Date time = calendar.getTime();
            X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
            x509V3CertificateGenerator.setIssuerDN(x509Principal);
            x509V3CertificateGenerator.setSubjectDN(new X509Principal(x500Principal.getEncoded()));
            x509V3CertificateGenerator.setNotBefore(date);
            x509V3CertificateGenerator.setNotAfter(time);
            x509V3CertificateGenerator.setPublicKey(keyPair.getPublic());
            x509V3CertificateGenerator.setSignatureAlgorithm(CbJxDefs.signAlgoName);
            x509V3CertificateGenerator.setSerialNumber(BigInteger.valueOf(1L));
            IssuerInfo issuerInfo2 = new IssuerInfo();
            issuerInfo2.cert = x509V3CertificateGenerator.generateX509Certificate(privateKey, UTILS.srng);
            issuerInfo2.subjectPkey = keyPair.getPrivate();
            issuerInfo2.issuer = null == issuerInfo ? issuerInfo2.cert : issuerInfo.cert;
            issuerInfo2.issuerPkey = privateKey;
            if (Logging.SHOW_FINE && LOG.isLoggable(Level.FINE)) {
                if (null == x509Principal) {
                    LOG.fine("Root Cert : \n" + issuerInfo2.cert.toString());
                } else {
                    LOG.fine("Client Cert : \n" + issuerInfo2.cert.toString());
                }
            }
            return issuerInfo2;
        } catch (IOException e) {
            if (Logging.SHOW_SEVERE && LOG.isLoggable(Level.SEVERE)) {
                LOG.log(Level.FINE, "Could not generate certificate", (Throwable) e);
            }
            SecurityException securityException = new SecurityException("Could not generate certificate");
            securityException.initCause(e);
            throw securityException;
        } catch (InvalidKeyException e2) {
            if (Logging.SHOW_SEVERE && LOG.isLoggable(Level.SEVERE)) {
                LOG.log(Level.FINE, "Could not generate certificate", (Throwable) e2);
            }
            SecurityException securityException2 = new SecurityException("Could not generate certificate");
            securityException2.initCause(e2);
            throw securityException2;
        } catch (SignatureException e3) {
            if (Logging.SHOW_SEVERE && LOG.isLoggable(Level.SEVERE)) {
                LOG.log(Level.FINE, "Could not generate certificate", (Throwable) e3);
            }
            SecurityException securityException3 = new SecurityException("Could not generate certificate");
            securityException3.initCause(e3);
            throw securityException3;
        }
    }

    public static String getCertSubjectCName(X509Certificate x509Certificate) {
        X509NameTokenizer x509NameTokenizer = new X509NameTokenizer(x509Certificate.getSubjectX500Principal().getName());
        while (x509NameTokenizer.hasMoreTokens()) {
            String nextToken = x509NameTokenizer.nextToken();
            if (nextToken.length() >= 3 && "CN=".equalsIgnoreCase(nextToken.substring(0, 3))) {
                return nextToken.substring(3);
            }
        }
        return null;
    }

    public static String getCertIssuerCName(X509Certificate x509Certificate) {
        X509NameTokenizer x509NameTokenizer = new X509NameTokenizer(x509Certificate.getIssuerX500Principal().getName());
        while (x509NameTokenizer.hasMoreTokens()) {
            String nextToken = x509NameTokenizer.nextToken();
            if (nextToken.length() >= 3 && "CN=".equalsIgnoreCase(nextToken.substring(0, 3))) {
                return nextToken.substring(3);
            }
        }
        return null;
    }

    public static byte[] computeSignature(String str, PrivateKey privateKey, InputStream inputStream) throws InvalidKeyException, SignatureException, IOException {
        try {
            Signature signature = Signature.getInstance(str);
            signature.initSign(privateKey, UTILS.srng);
            byte[] bArr = new byte[1024];
            while (true) {
                int read = inputStream.read(bArr);
                if (read < 0) {
                    return signature.sign();
                }
                signature.update(bArr, 0, read);
            }
        } catch (NoSuchAlgorithmException e) {
            throw new IOException("Could not initialize signer with algorithm " + str);
        }
    }

    public static boolean verifySignature(String str, Certificate certificate, byte[] bArr, InputStream inputStream) throws InvalidKeyException, SignatureException, IOException {
        try {
            Signature signature = Signature.getInstance(str);
            signature.initVerify(certificate);
            byte[] bArr2 = new byte[1024];
            while (true) {
                int read = inputStream.read(bArr2);
                if (read < 0) {
                    return signature.verify(bArr);
                }
                signature.update(bArr2, 0, read);
            }
        } catch (NoSuchAlgorithmException e) {
            throw new IOException("Could not initialize signer with algorithm " + str);
        }
    }

    public static byte[] hash(String str, byte[] bArr) {
        try {
            return MessageDigest.getInstance(str).digest(bArr);
        } catch (NoSuchAlgorithmException e) {
            return null;
        }
    }

    public static EncryptedPrivateKeyInfo pkcs5_Encrypt_pbePrivateKey(char[] cArr, PrivateKey privateKey, int i) {
        if (Logging.SHOW_FINE && LOG.isLoggable(Level.FINE)) {
            LOG.fine("Encrypting " + privateKey + " with '" + new String(cArr) + "'");
        }
        PBEKeySpec pBEKeySpec = new PBEKeySpec(cArr);
        byte[] bArr = new byte[8];
        UTILS.srng.nextBytes(bArr);
        try {
            PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(bArr, i);
            SecretKey generateSecret = SecretKeyFactory.getInstance(PKCS5_PBSE1_ALGO).generateSecret(pBEKeySpec);
            Cipher cipher = Cipher.getInstance(PKCS5_PBSE1_ALGO);
            cipher.init(1, generateSecret, pBEParameterSpec);
            byte[] doFinal = cipher.doFinal(privateKey.getEncoded());
            AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance(PKCS5_PBSE1_ALGO);
            algorithmParameters.init(pBEParameterSpec);
            return new EncryptedPrivateKeyInfo(algorithmParameters, doFinal);
        } catch (Exception e) {
            if (!Logging.SHOW_WARNING || !LOG.isLoggable(Level.WARNING)) {
                return null;
            }
            LOG.log(Level.WARNING, "Encrypt failed", (Throwable) e);
            return null;
        }
    }

    public static PrivateKey pkcs5_Decrypt_pbePrivateKey(char[] cArr, String str, EncryptedPrivateKeyInfo encryptedPrivateKeyInfo) {
        if (Logging.SHOW_FINE && LOG.isLoggable(Level.FINE)) {
            LOG.fine("Decrypting " + encryptedPrivateKeyInfo + "/" + str + " with '" + new String(cArr) + "'");
        }
        PBEKeySpec pBEKeySpec = new PBEKeySpec(cArr);
        try {
            AlgorithmParameters algParameters = encryptedPrivateKeyInfo.getAlgParameters();
            if (null == algParameters) {
                if (Logging.SHOW_WARNING && LOG.isLoggable(Level.WARNING)) {
                    LOG.warning("Could not get algo parameters from " + encryptedPrivateKeyInfo);
                }
                throw new IllegalStateException("Could not get algo parameters from " + encryptedPrivateKeyInfo);
            }
            PBEParameterSpec pBEParameterSpec = (PBEParameterSpec) algParameters.getParameterSpec(PBEParameterSpec.class);
            try {
                SecretKey generateSecret = SecretKeyFactory.getInstance(PKCS5_PBSE1_ALGO).generateSecret(pBEKeySpec);
                Cipher cipher = Cipher.getInstance(PKCS5_PBSE1_ALGO);
                cipher.init(2, generateSecret, pBEParameterSpec);
                return KeyFactory.getInstance(str).generatePrivate(encryptedPrivateKeyInfo.getKeySpec(cipher));
            } catch (InvalidKeySpecException e) {
                if (!Logging.SHOW_WARNING || !LOG.isLoggable(Level.WARNING)) {
                    return null;
                }
                LOG.warning("Incorrect key for " + encryptedPrivateKeyInfo + " : " + e);
                return null;
            }
        } catch (Exception e2) {
            if (!Logging.SHOW_WARNING || !LOG.isLoggable(Level.WARNING)) {
                return null;
            }
            LOG.log(Level.WARNING, "Decrypt failed", (Throwable) e2);
            return null;
        }
    }

    public static String loadBase64Object(BufferedReader bufferedReader, String str) throws IOException {
        if (null != findObject(bufferedReader, str)) {
            return readBase64Object(bufferedReader, str);
        }
        return null;
    }

    public static byte[] loadObject(BufferedReader bufferedReader, String str) throws IOException {
        if (null != findObject(bufferedReader, str)) {
            return readObject(bufferedReader, str);
        }
        return null;
    }

    public static String findObject(BufferedReader bufferedReader, String str) throws IOException {
        String str2 = str == null ? "-----" : str + "-----";
        while (true) {
            bufferedReader.mark(1024);
            String readLine = bufferedReader.readLine();
            if (null == readLine) {
                return null;
            }
            if (readLine.startsWith("-----BEGIN ") && readLine.endsWith(str2)) {
                bufferedReader.reset();
                return readLine.substring("-----BEGIN ".length(), readLine.length() - 5);
            }
        }
    }

    public static String readBase64Object(BufferedReader bufferedReader, String str) throws IOException {
        String readLine = bufferedReader.readLine();
        String str2 = str == null ? "-----" : str + "-----";
        if (!readLine.startsWith("-----BEGIN ") || !readLine.endsWith(str2)) {
            throw new IOException("Not at begining of object");
        }
        StringBuilder sb = new StringBuilder();
        while (true) {
            String readLine2 = bufferedReader.readLine();
            if (null != readLine2 && !readLine2.startsWith("-----END ")) {
                sb.append(readLine2);
                sb.append('\n');
            }
        }
        return sb.toString();
    }

    public static byte[] readObject(BufferedReader bufferedReader, String str) throws IOException {
        return base64Decode(new StringReader(readBase64Object(bufferedReader, str)));
    }

    public static void writeBase64Object(BufferedWriter bufferedWriter, String str, String str2) throws IOException {
        bufferedWriter.write("-----BEGIN ");
        bufferedWriter.write(str);
        bufferedWriter.write("-----");
        bufferedWriter.newLine();
        bufferedWriter.write(str2);
        char charAt = str2.charAt(str2.length() - 1);
        if ('\n' != charAt && '\r' != charAt) {
            bufferedWriter.newLine();
        }
        bufferedWriter.write("-----END ");
        bufferedWriter.write(str);
        bufferedWriter.write("-----");
        bufferedWriter.newLine();
        bufferedWriter.flush();
    }

    public static void writeObject(BufferedWriter bufferedWriter, String str, byte[] bArr) throws IOException {
        writeBase64Object(bufferedWriter, str, base64Encode(bArr));
    }

    public static String base64Encode(byte[] bArr) throws IOException {
        return base64Encode(bArr, true);
    }

    public static String base64Encode(byte[] bArr, boolean z) throws IOException {
        StringWriter stringWriter = new StringWriter();
        BASE64OutputStream bASE64OutputStream = z ? new BASE64OutputStream(stringWriter, 72) : new BASE64OutputStream(stringWriter);
        bASE64OutputStream.write(bArr);
        bASE64OutputStream.close();
        String stringWriter2 = stringWriter.toString();
        if (Logging.SHOW_FINER && LOG.isLoggable(Level.FINER)) {
            LOG.finer("Encoded " + bArr.length + " bytes -> " + stringWriter2.length() + " characters.");
        }
        return stringWriter2;
    }

    public static byte[] base64Decode(Reader reader) throws IOException {
        BASE64InputStream bASE64InputStream = new BASE64InputStream(reader);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        while (true) {
            int read = bASE64InputStream.read();
            if (read < 0) {
                break;
            }
            byteArrayOutputStream.write(read);
        }
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        if (Logging.SHOW_FINER && LOG.isLoggable(Level.FINER)) {
            LOG.finer("Decoded " + byteArray.length + " bytes.");
        }
        return byteArray;
    }

    private static String toHexDigits(byte b) {
        char[] cArr = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};
        StringBuilder sb = new StringBuilder(2);
        sb.append(cArr[(b >>> 4) & 15]);
        sb.append(cArr[b & 15]);
        return sb.toString();
    }

    private static String toHexDigits(byte[] bArr) {
        StringBuilder sb = new StringBuilder(bArr.length * 2);
        for (byte b : bArr) {
            sb.append(toHexDigits(b).toUpperCase());
        }
        return sb.toString();
    }
}
