package org.nhindirect.common.crypto.tools.commands;

import java.io.File;
import java.security.Key;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Map;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.io.FileUtils;
import org.nhindirect.common.crypto.MutableKeyStoreProtectionManager;
import org.nhindirect.common.crypto.WrappableKeyProtectionManager;
import org.nhindirect.common.crypto.tools.commands.printers.KeyPrinter;
import org.nhindirect.common.tooling.Command;
import org.nhindirect.common.tooling.StringArrayUtil;

/* loaded from: input_file:WEB-INF/lib/direct-common-2.0.jar:org/nhindirect/common/crypto/tools/commands/PKCS11Commands.class */
public class PKCS11Commands {
    private static final String LIST_SECRET_KEYS = "Lists secret keys in the HSM";
    private static final String ADD_RANDOM_SECRET_KEY = "Creates a new named random AES128 secret key\r\n\r\n  keyName\r\n\t keyName: The unique name of the new secret key.  Place the key name in quotes (\"\") if there are spaces in the name.";
    private static final String ADD_USER_SECRET_KEY = "Creates a new named AES128 secret key via user entered text\r\n\r\n  keyName keyText\r\n\t keyName: The unique name of the new secret key.  Place the key name in quotes (\"\") if there are spaces in the name.\r\n\t keyText: The user entered key text.  Place the text in quotes (\"\") if there are spaces in the text.";
    private static final String REMOVE_SECRET_KEY = "Removes a new named secret key\r\n \r\n  keyName\r\n\t keyName: The unique name of the secret key.  Place the key name in quotes (\"\") if there are spaces in the name.";
    private static final String IMPORT_P12_FILE_FOR_TEMP_KEY = "Imports a p12 file and creates a temporary private key entry.\r\n \r\n  p12FileName keyStorePass privKeyPass \r\n\t  p12FileName Full path of the p12 file \r\n\t  keyStorePass Optional keystore password.  Using empty quotes if empty \r\n\t  privKeyPass Optional private key password.  Using empty quotes if empty ";
    protected final KeyPrinter keyPrinter = new KeyPrinter();
    protected final MutableKeyStoreProtectionManager mgr;

    public PKCS11Commands(MutableKeyStoreProtectionManager mutableKeyStoreProtectionManager) {
        this.mgr = mutableKeyStoreProtectionManager;
    }

    @Command(name = "ListSecretKeys", usage = LIST_SECRET_KEYS)
    public void listCerts(String[] strArr) {
        try {
            Map<String, Key> allKeys = this.mgr.getAllKeys();
            if (allKeys.isEmpty()) {
                System.out.println("No keys found");
            } else {
                ArrayList arrayList = new ArrayList();
                for (Map.Entry<String, Key> entry : allKeys.entrySet()) {
                    arrayList.add(new KeyModel(entry.getKey(), entry.getValue(), entry.getValue().getEncoded() != null ? "*****".toCharArray() : "Not Extractable".toCharArray()));
                }
                this.keyPrinter.printRecords(arrayList);
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    @Command(name = "CreateRandomSecretKey", usage = ADD_RANDOM_SECRET_KEY)
    public void addRandomSecretKey(String[] strArr) {
        String requiredValue = StringArrayUtil.getRequiredValue(strArr, 0);
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", this.mgr.getKS().getProvider().getName());
            keyGenerator.init(128);
            SecretKey generateKey = keyGenerator.generateKey();
            this.mgr.clearKey(requiredValue);
            this.mgr.setKey(requiredValue, generateKey);
        } catch (Exception e) {
            System.err.println("Failed to add new random secret key: " + e.getMessage());
            e.printStackTrace();
        }
    }

    @Command(name = "CreateUserSecretKey", usage = ADD_USER_SECRET_KEY)
    public void addUserSecretKey(String[] strArr) {
        String requiredValue = StringArrayUtil.getRequiredValue(strArr, 0);
        try {
            byte[] copyOf = Arrays.copyOf(MessageDigest.getInstance("SHA-1").digest(StringArrayUtil.getRequiredValue(strArr, 1).getBytes("UTF-8")), 16);
            this.mgr.clearKey(requiredValue);
            this.mgr.setKey(requiredValue, new SecretKeySpec(copyOf, "AES"));
        } catch (Exception e) {
            System.err.println("Failed to add new random secret key: " + e.getMessage());
            e.printStackTrace();
        }
    }

    @Command(name = "RemoveSecretKey", usage = REMOVE_SECRET_KEY)
    public void removeSecretKey(String[] strArr) {
        try {
            this.mgr.clearKey(StringArrayUtil.getRequiredValue(strArr, 0));
        } catch (Exception e) {
            System.err.println("Failed to add new random secret key: " + e.getMessage());
        }
    }

    @Command(name = "ImportP12FileForTempKey", usage = IMPORT_P12_FILE_FOR_TEMP_KEY)
    public void importPrivateKeyFile(String[] strArr) {
        if (!(this.mgr instanceof WrappableKeyProtectionManager)) {
            System.out.println("Key store manager does not support wrapping.");
            return;
        }
        WrappableKeyProtectionManager wrappableKeyProtectionManager = (WrappableKeyProtectionManager) this.mgr;
        String requiredValue = StringArrayUtil.getRequiredValue(strArr, 0);
        String optionalValue = StringArrayUtil.getOptionalValue(strArr, 1, "");
        String optionalValue2 = StringArrayUtil.getOptionalValue(strArr, 2, "");
        try {
            String name = this.mgr.getKS().getProvider().getName();
            System.out.println("Provider Name: " + name);
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", name);
            keyGenerator.init(128);
            SecretKey generateKey = keyGenerator.generateKey();
            KeyStore keyStore = KeyStore.getInstance("pkcs12");
            keyStore.load(FileUtils.openInputStream(new File(requiredValue)), optionalValue.toCharArray());
            System.out.println("Successfully created an unwrapped private key");
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}
