package eu.europa.esig.dss.cookbook;

import eu.europa.esig.dss.enumerations.DigestAlgorithm;
import eu.europa.esig.dss.model.x509.CertificateToken;
import eu.europa.esig.dss.spi.DSSASN1Utils;
import eu.europa.esig.dss.spi.DSSUtils;
import eu.europa.esig.dss.spi.x509.KeyStoreCertificateSource;
import eu.europa.esig.dss.utils.Utils;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Paths;
import java.util.Date;
import java.util.Iterator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:eu/europa/esig/dss/cookbook/CreateKeyStoreApp.class */
public class CreateKeyStoreApp {
    private static final Logger LOG = LoggerFactory.getLogger(CreateKeyStoreApp.class);
    private static final boolean ALLOW_EXPIRED = false;
    private static final String KEYSTORE_TYPE = "PKCS12";
    private static final String KEYSTORE_FILEPATH = "target/keystore.p12";

    private CreateKeyStoreApp() {
    }

    public static void main(String[] strArr) throws IOException {
        KeyStoreCertificateSource keyStoreCertificateSource = new KeyStoreCertificateSource((InputStream) null, KEYSTORE_TYPE, getKeystorePassword());
        addCertificate(keyStoreCertificateSource, "src/main/resources/oj_2019/ec.europa.eu.1.cer");
        addCertificate(keyStoreCertificateSource, "src/main/resources/oj_2019/ec.europa.eu.2.cer");
        addCertificate(keyStoreCertificateSource, "src/main/resources/oj_2019/ec.europa.eu.3.cer");
        addCertificate(keyStoreCertificateSource, "src/main/resources/oj_2019/ec.europa.eu.4.cer");
        addCertificate(keyStoreCertificateSource, "src/main/resources/oj_2019/ec.europa.eu.5.cer");
        addCertificate(keyStoreCertificateSource, "src/main/resources/oj_2019/ec.europa.eu.6.cer");
        addCertificate(keyStoreCertificateSource, "src/main/resources/oj_2019/ec.europa.eu.7.cer");
        addCertificate(keyStoreCertificateSource, "src/main/resources/oj_2019/ec.europa.eu.8.cer");
        OutputStream newOutputStream = Files.newOutputStream(Paths.get(KEYSTORE_FILEPATH, new String[ALLOW_EXPIRED]), new OpenOption[ALLOW_EXPIRED]);
        try {
            keyStoreCertificateSource.store(newOutputStream);
            Utils.closeQuietly(newOutputStream);
            if (newOutputStream != null) {
                newOutputStream.close();
            }
            LOG.info("****************");
            Iterator it = new KeyStoreCertificateSource(new File(KEYSTORE_FILEPATH), KEYSTORE_TYPE, getKeystorePassword()).getCertificates().iterator();
            while (it.hasNext()) {
                LOG.info("{}", (CertificateToken) it.next());
            }
        } catch (Throwable th) {
            if (newOutputStream != null) {
                try {
                    newOutputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private static void addCertificate(KeyStoreCertificateSource keyStoreCertificateSource, String str) throws IOException {
        FileInputStream fileInputStream = new FileInputStream(str);
        try {
            CertificateToken loadCertificate = DSSUtils.loadCertificate(fileInputStream);
            if (!loadCertificate.isValidOn(new Date())) {
                LOG.error("Certificate is out of bounds : {}", loadCertificate);
                throw new IllegalArgumentException(String.format("Certificate %s cannot be added to the keyStore! Renew the certificate or change ALLOW_EXPIRED value to true.", DSSASN1Utils.getSubjectCommonName(loadCertificate)));
            }
            displayCertificateDigests(loadCertificate);
            LOG.info("Adding certificate {}", loadCertificate);
            keyStoreCertificateSource.addCertificateToKeyStore(loadCertificate);
            fileInputStream.close();
        } catch (Throwable th) {
            try {
                fileInputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private static void displayCertificateDigests(CertificateToken certificateToken) {
        byte[] digest = DSSUtils.digest(DigestAlgorithm.SHA256, certificateToken.getEncoded());
        byte[] digest2 = DSSUtils.digest(DigestAlgorithm.SHA1, certificateToken.getEncoded());
        LOG.info(DSSASN1Utils.getSubjectCommonName(certificateToken));
        LOG.info("SHA256 digest (Hex) : {}", getPrintableHex(digest));
        LOG.info("SHA1 digest (Hex) : {}", getPrintableHex(digest2));
        LOG.info("SHA256 digest (Base64) : {}", Utils.toBase64(digest));
        LOG.info("SHA1 digest (Base64) : {}", Utils.toBase64(digest2));
    }

    private static String getPrintableHex(byte[] bArr) {
        return Utils.toHex(bArr).replaceAll("..", "$0 ");
    }

    private static char[] getKeystorePassword() {
        return "dss-password".toCharArray();
    }
}
