package de.brendamour.jpasskit.signing;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: input_file:de/brendamour/jpasskit/signing/PKSigningInformationUtil.class */
public class PKSigningInformationUtil {
    public PKSigningInformationUtil() {
        addBCProvider();
    }

    public PKSigningInformation loadSigningInformation(String str, String str2, String str3) throws PKSigningException {
        try {
            return loadSigningInformationFromPKCS12AndIntermediateCertificate(str, str2, str3);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) {
            throw new PKSigningException("Failed to load signing information", e);
        }
    }

    public PKSigningInformation loadSigningInformationFromPKCS12AndIntermediateCertificate(String str, String str2, String str3) throws IOException, NoSuchAlgorithmException, CertificateException, KeyStoreException, UnrecoverableKeyException {
        return loadSigningInformationFromPKCS12AndIntermediateCertificate(loadPKCS12File(str, str2), str2.toCharArray(), loadDERCertificate(str3));
    }

    public PKSigningInformation loadSigningInformationFromPKCS12AndIntermediateCertificate(InputStream inputStream, String str, InputStream inputStream2) throws IOException, NoSuchAlgorithmException, CertificateException, KeyStoreException, UnrecoverableKeyException {
        return loadSigningInformationFromPKCS12AndIntermediateCertificate(loadPKCS12File(inputStream, str), str.toCharArray(), loadDERCertificate(inputStream2));
    }

    private PKSigningInformation loadSigningInformationFromPKCS12AndIntermediateCertificate(KeyStore keyStore, char[] cArr, X509Certificate x509Certificate) throws IOException, NoSuchAlgorithmException, CertificateException, KeyStoreException, UnrecoverableKeyException {
        Enumeration<String> aliases = keyStore.aliases();
        PrivateKey privateKey = null;
        X509Certificate x509Certificate2 = null;
        while (true) {
            if (!aliases.hasMoreElements()) {
                break;
            }
            String nextElement = aliases.nextElement();
            Key key = keyStore.getKey(nextElement, cArr);
            if (key instanceof PrivateKey) {
                privateKey = (PrivateKey) key;
                Certificate certificate = keyStore.getCertificate(nextElement);
                if (certificate instanceof X509Certificate) {
                    x509Certificate2 = (X509Certificate) certificate;
                    break;
                }
            }
        }
        return checkCertsAndReturnSigningInformationObject(privateKey, x509Certificate2, x509Certificate);
    }

    public KeyStore loadPKCS12File(String str, String str2) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        File file = new File(str);
        if (!file.exists()) {
            URL resource = PKFileBasedSigningUtil.class.getClassLoader().getResource(str);
            if (resource == null) {
                throw new FileNotFoundException("File at " + str + " not found");
            }
            file = new File(resource.getFile());
        }
        FileInputStream fileInputStream = new FileInputStream(file);
        Throwable th = null;
        try {
            KeyStore loadPKCS12File = loadPKCS12File(fileInputStream, str2);
            if (fileInputStream != null) {
                if (0 != 0) {
                    try {
                        fileInputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    fileInputStream.close();
                }
            }
            return loadPKCS12File;
        } catch (Throwable th3) {
            if (fileInputStream != null) {
                if (0 != 0) {
                    try {
                        fileInputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    fileInputStream.close();
                }
            }
            throw th3;
        }
    }

    public KeyStore loadPKCS12File(InputStream inputStream, String str) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        if (inputStream == null) {
            throw new IllegalArgumentException("InputStream of key store must not be null");
        }
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        keyStore.load(inputStream, str.toCharArray());
        return keyStore;
    }

    public X509Certificate loadDERCertificate(String str) throws IOException, CertificateException {
        File file = new File(str);
        if (!file.exists()) {
            URL resource = PKFileBasedSigningUtil.class.getClassLoader().getResource(str);
            if (resource == null) {
                throw new FileNotFoundException("File at " + str + " not found");
            }
            file = new File(resource.getFile());
        }
        FileInputStream fileInputStream = new FileInputStream(file);
        Throwable th = null;
        try {
            try {
                X509Certificate loadDERCertificate = loadDERCertificate(fileInputStream);
                if (fileInputStream != null) {
                    if (0 != 0) {
                        try {
                            fileInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        fileInputStream.close();
                    }
                }
                return loadDERCertificate;
            } finally {
            }
        } catch (Throwable th3) {
            if (fileInputStream != null) {
                if (th != null) {
                    try {
                        fileInputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    fileInputStream.close();
                }
            }
            throw th3;
        }
    }

    public X509Certificate loadDERCertificate(InputStream inputStream) throws IOException, CertificateException {
        try {
            Certificate generateCertificate = CertificateFactory.getInstance("X.509", "BC").generateCertificate(inputStream);
            if (!(generateCertificate instanceof X509Certificate)) {
                throw new IOException("The key from the input stream could not be decrypted");
            }
            ((X509Certificate) generateCertificate).checkValidity();
            return (X509Certificate) generateCertificate;
        } catch (IOException e) {
            throw new IOException("The key from the input stream could not be decrypted", e);
        } catch (NoSuchProviderException e2) {
            throw new IOException("The key from the input stream could not be decrypted", e2);
        }
    }

    private PKSigningInformation checkCertsAndReturnSigningInformationObject(PrivateKey privateKey, X509Certificate x509Certificate, X509Certificate x509Certificate2) throws IOException, CertificateExpiredException, CertificateNotYetValidException {
        if (x509Certificate == null || privateKey == null || x509Certificate2 == null) {
            throw new IOException("Couldn't load all the neccessary certificates/keys.");
        }
        x509Certificate2.checkValidity();
        x509Certificate.checkValidity();
        return new PKSigningInformation(x509Certificate, privateKey, x509Certificate2);
    }

    private void addBCProvider() {
        if (Security.getProvider("BC") == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }
}
