package be.fgov.ehealth.technicalconnector.bootstrap.utils;

import be.ehealth.technicalconnector.exception.TechnicalConnectorException;
import be.ehealth.technicalconnector.exception.TechnicalConnectorExceptionValues;
import be.ehealth.technicalconnector.utils.ConnectorIOUtils;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.List;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:be/fgov/ehealth/technicalconnector/bootstrap/utils/BootStrapUtils.class */
public final class BootStrapUtils {
    private static final String PROP_STORETYPE_JKS = "JKS";
    public static final String EXT_SHA2 = ".sha2";
    public static final String EXT_XML = ".xml";
    private static final String CERTIFICATE_BEGIN = "-----BEGIN CERTIFICATE-----";
    private static final String CERTIFICATE_END = "-----END CERTIFICATE-----";
    private static final String CERTIFICATE_TYPE = "X.509";
    private static final Logger LOG = LoggerFactory.getLogger(BootStrapUtils.class);
    private static final String LF = System.getProperty("line.separator");

    private BootStrapUtils() {
        throw new UnsupportedOperationException();
    }

    public static X509Certificate generateX509Cert(String str) throws TechnicalConnectorException {
        StringBuilder sb = new StringBuilder();
        if (!str.contains(CERTIFICATE_BEGIN)) {
            sb.append(CERTIFICATE_BEGIN).append(LF);
        }
        sb.append(str);
        if (!str.contains(CERTIFICATE_END)) {
            sb.append(LF).append(CERTIFICATE_END);
        }
        byte[] bytes = sb.toString().trim().getBytes();
        ByteArrayInputStream byteArrayInputStream = null;
        try {
            try {
                CertificateFactory certificateFactory = CertificateFactory.getInstance(CERTIFICATE_TYPE);
                byteArrayInputStream = new ByteArrayInputStream(bytes);
                X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(byteArrayInputStream);
                ConnectorIOUtils.closeQuietly(byteArrayInputStream);
                return x509Certificate;
            } catch (CertificateException e) {
                throw new TechnicalConnectorException(TechnicalConnectorExceptionValues.ERROR_IOEXCEPTION, e, new Object[0]);
            }
        } catch (Throwable th) {
            ConnectorIOUtils.closeQuietly(byteArrayInputStream);
            throw th;
        }
    }

    public static void writeKeyStore(List<X509Certificate> list, String str, char[] cArr) throws TechnicalConnectorException {
        try {
            try {
                File file = new File(str);
                if (!file.exists()) {
                    LOG.debug("Create new file [" + str + "]");
                    if (!file.createNewFile()) {
                        throw new IOException("Unable to create file");
                    }
                }
                if (!file.canWrite()) {
                    LOG.info("Unable to write on file [" + str + "], skipping write keystore.");
                    ConnectorIOUtils.closeQuietly((Object) null);
                    return;
                }
                KeyStore keyStore = KeyStore.getInstance(PROP_STORETYPE_JKS);
                keyStore.load(null, cArr);
                for (int i = 0; i < list.size(); i++) {
                    X509Certificate x509Certificate = list.get(i);
                    keyStore.setCertificateEntry(getAlias(i, x509Certificate), x509Certificate);
                }
                FileOutputStream fileOutputStream = new FileOutputStream(file);
                keyStore.store(fileOutputStream, cArr);
                System.out.println(file.getPath());
                ConnectorIOUtils.closeQuietly(fileOutputStream);
            } catch (Exception e) {
                throw new TechnicalConnectorException(TechnicalConnectorExceptionValues.ERROR_IOEXCEPTION, e, new Object[]{str});
            }
        } catch (Throwable th) {
            ConnectorIOUtils.closeQuietly((Object) null);
            throw th;
        }
    }

    private static String getAlias(int i, X509Certificate x509Certificate) {
        return StringUtils.leftPad(Integer.toString(i), 3, "0") + " " + x509Certificate.getSubjectX500Principal().getName("RFC2253");
    }

    public static void merge(String str, char[] cArr, String str2, char[] cArr2) throws TechnicalConnectorException {
        try {
            try {
                File file = new File(str2);
                if (!file.exists()) {
                    LOG.debug("Create new file [" + str2 + "]");
                    if (!file.createNewFile()) {
                        LOG.info("Unable to create file [" + str2 + "], skipping write keystore.");
                        ConnectorIOUtils.closeQuietly((Object) null);
                        return;
                    }
                }
                if (!file.canWrite()) {
                    LOG.info("Unable to write on file [" + str2 + "], skipping write keystore.");
                    ConnectorIOUtils.closeQuietly((Object) null);
                    return;
                }
                KeyStore keyStore = KeyStore.getInstance(PROP_STORETYPE_JKS);
                keyStore.load(ConnectorIOUtils.getResourceAsStream(str), cArr);
                KeyStore keyStore2 = KeyStore.getInstance(PROP_STORETYPE_JKS);
                keyStore2.load(ConnectorIOUtils.getResourceAsStream(str2), cArr2);
                Enumeration<String> aliases = keyStore.aliases();
                while (aliases.hasMoreElements()) {
                    X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(aliases.nextElement());
                    if (isSelfSigned(x509Certificate)) {
                        LOG.debug("Adding cert to store: " + x509Certificate.getSubjectX500Principal().getName("RFC1779"));
                        keyStore2.setCertificateEntry(getAlias(keyStore2.size() + 1, x509Certificate), x509Certificate);
                    }
                }
                FileOutputStream fileOutputStream = new FileOutputStream(file);
                keyStore2.store(fileOutputStream, cArr2);
                ConnectorIOUtils.closeQuietly(fileOutputStream);
            } catch (Exception e) {
                throw new TechnicalConnectorException(TechnicalConnectorExceptionValues.UNKNOWN_ERROR, e, new Object[]{"while merging keystore [" + str + "] into [" + str2 + "]"});
            }
        } catch (Throwable th) {
            ConnectorIOUtils.closeQuietly((Object) null);
            throw th;
        }
    }

    private static boolean isSelfSigned(X509Certificate x509Certificate) {
        try {
            x509Certificate.verify(x509Certificate.getPublicKey());
            return true;
        } catch (Exception e) {
            LOG.debug("Certificate is not selfsigned.", e);
            return false;
        }
    }
}
