package org.opends.server.util;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.PrintStream;
import java.lang.reflect.Constructor;
import java.lang.reflect.Method;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import org.opends.messages.UtilityMessages;

/* loaded from: input_file:WEB-INF/lib/OpenDS.jar:org/opends/server/util/Platform.class */
public final class Platform {
    private static String pkgPrefix;
    private static boolean certReqAllowed;
    private static final String IBM_SEC = "com.ibm.security";
    private static final String SUN_SEC = "sun.security";
    private static final PlatformIMPL IMPL;

    /* loaded from: input_file:WEB-INF/lib/OpenDS.jar:org/opends/server/util/Platform$DefaultPlatformIMPL.class */
    private static class DefaultPlatformIMPL extends PlatformIMPL {
        private static final Method NORMALIZE;
        private static final Object FORM_NFKC;

        private DefaultPlatformIMPL() {
        }

        @Override // org.opends.server.util.Platform.PlatformIMPL
        public void normalize(StringBuilder sb) {
            try {
                sb.replace(0, sb.length(), (String) NORMALIZE.invoke(null, sb, FORM_NFKC));
            } catch (Exception e) {
            }
        }

        static {
            Method method = null;
            Object obj = null;
            try {
                Class<?> cls = Class.forName("java.text.Normalizer");
                Class<?> cls2 = Class.forName("java.text.Normalizer$Form");
                method = cls.getMethod("normalize", CharSequence.class, cls2);
                obj = cls2.getField("NFKD").get(null);
            } catch (Exception e) {
            }
            NORMALIZE = method;
            FORM_NFKC = obj;
        }
    }

    /* loaded from: input_file:WEB-INF/lib/OpenDS.jar:org/opends/server/util/Platform$IBM5PlatformIMPL.class */
    private static class IBM5PlatformIMPL extends PlatformIMPL {
        private IBM5PlatformIMPL() {
        }

        @Override // org.opends.server.util.Platform.PlatformIMPL
        public void normalize(StringBuilder sb) {
        }
    }

    /* loaded from: input_file:WEB-INF/lib/OpenDS.jar:org/opends/server/util/Platform$PlatformIMPL.class */
    private static abstract class PlatformIMPL {
        private static final int KEY_SIZE = 1024;
        private static final String KEY_ALGORITHM = "rsa";
        private static final String SIG_ALGORITHM = "SHA1WithRSA";
        private static final int SEC_IN_DAY = 86400;
        private static final int DEFAULT_VALIDITY = 7776000;
        private static final String TMPFILE_PREFIX = "CertificateManager-";
        private static final String TMPFILE_EXT = ".csr";
        private static final String ENCODE_SIGN_METHOD = "encodeAndSign";
        private static final String GENERATE_METHOD = "generate";
        private static final String GET_PRIVATE_KEY_METHOD = "getPrivateKey";
        private static final String GET_SELFSIGNED_CERT_METHOD = "getSelfCertificate";
        private static final String PRINT_METHOD = "print";
        private static Class<?> certKeyGenClass;
        private static Class<?> X500NameClass;
        private static Class<?> X500SignerClass;
        private static Class<?> PKCS10Class;
        private static Constructor<?> certKeyGenCons;
        private static Constructor<?> X500NameCons;
        private static Constructor<?> X500SignerCons;
        private static Constructor<?> pkcs10Cons;

        protected PlatformIMPL() {
        }

        public final File generateCertificateRequest(KeyStore keyStore, String str, String str2, String str3, char[] cArr, String str4) throws KeyStoreException {
            if (!Platform.certReqAllowed) {
                throw new KeyStoreException(UtilityMessages.ERR_CERTMGR_CERT_SIGN_REQ_NOT_SUPPORTED.get(System.getProperty("java.vendor")).toString());
            }
            KeyStore generateSelfSignedCertificate = generateSelfSignedCertificate(keyStore, str, str2, str3, cArr, str4, DEFAULT_VALIDITY);
            try {
                File createTempFile = File.createTempFile(TMPFILE_PREFIX, TMPFILE_EXT);
                createTempFile.deleteOnExit();
                PrintStream printStream = new PrintStream(new FileOutputStream(createTempFile.getAbsolutePath()));
                if (generateSelfSignedCertificate == null) {
                    throw new KeyStoreException(UtilityMessages.ERR_CERTMGR_KEYSTORE_NONEXISTANT.get().toString());
                }
                PrivateKey privateKey = getPrivateKey(generateSelfSignedCertificate, str3, cArr);
                if (privateKey == null) {
                    throw new KeyStoreException(UtilityMessages.ERR_CERTMGR_PRIVATE_KEY.get(str3).toString());
                }
                Certificate certificate = generateSelfSignedCertificate.getCertificate(str3);
                if (certificate == null) {
                    throw new KeyStoreException(UtilityMessages.ERR_CERTMGR_ALIAS_NO_CERTIFICATE.get(str3).toString());
                }
                Signature signature = Signature.getInstance(SIG_ALGORITHM);
                signature.initSign(privateKey);
                Object newInstance = pkcs10Cons.newInstance(certificate.getPublicKey());
                Object newInstance2 = X500SignerCons.newInstance(signature, X500NameCons.newInstance(str4));
                Method method = PKCS10Class.getMethod(ENCODE_SIGN_METHOD, X500SignerClass);
                Method method2 = PKCS10Class.getMethod(PRINT_METHOD, PrintStream.class);
                method.invoke(newInstance, newInstance2);
                method2.invoke(newInstance, printStream);
                printStream.close();
                return createTempFile;
            } catch (Exception e) {
                throw new KeyStoreException(UtilityMessages.ERR_CERTMGR_CERT_REQUEST.get(str3, e.getMessage()).toString());
            }
        }

        public final void deleteAlias(KeyStore keyStore, String str, String str2, char[] cArr) throws KeyStoreException {
            try {
                if (keyStore == null) {
                    throw new KeyStoreException(UtilityMessages.ERR_CERTMGR_KEYSTORE_NONEXISTANT.get().toString());
                }
                keyStore.deleteEntry(str2);
                FileOutputStream fileOutputStream = new FileOutputStream(str);
                keyStore.store(fileOutputStream, cArr);
                fileOutputStream.close();
            } catch (Exception e) {
                throw new KeyStoreException(UtilityMessages.ERR_CERTMGR_DELETE_ALIAS.get(str2, e.getMessage()).toString());
            }
        }

        public final void addCertificate(KeyStore keyStore, String str, String str2, String str3, char[] cArr, String str4) throws KeyStoreException {
            try {
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
                FileInputStream fileInputStream = new FileInputStream(str4);
                if (keyStore == null) {
                    keyStore = KeyStore.getInstance(str);
                    keyStore.load(null, cArr);
                }
                if (keyStore.entryInstanceOf(str3, KeyStore.PrivateKeyEntry.class)) {
                    throw new KeyStoreException(UtilityMessages.ERR_CERTMGR_CERT_REPLIES_INVALID.get(str3).toString());
                }
                if (keyStore.containsAlias(str3) && !keyStore.entryInstanceOf(str3, KeyStore.TrustedCertificateEntry.class)) {
                    throw new KeyStoreException(UtilityMessages.ERR_CERTMGR_ALIAS_INVALID.get(str3).toString());
                }
                trustedCert(str3, certificateFactory, keyStore, fileInputStream);
                FileOutputStream fileOutputStream = new FileOutputStream(str2);
                keyStore.store(fileOutputStream, cArr);
                fileOutputStream.close();
                fileInputStream.close();
            } catch (Exception e) {
                throw new KeyStoreException(UtilityMessages.ERR_CERTMGR_ADD_CERT.get(str3, e.getMessage()).toString());
            }
        }

        public final KeyStore generateSelfSignedCertificate(KeyStore keyStore, String str, String str2, String str3, char[] cArr, String str4, int i) throws KeyStoreException {
            try {
                if (keyStore == null) {
                    keyStore = KeyStore.getInstance(str);
                    keyStore.load(null, cArr);
                } else if (keyStore.containsAlias(str3)) {
                    throw new KeyStoreException(UtilityMessages.ERR_CERTMGR_ALIAS_ALREADY_EXISTS.get(str3).toString());
                }
                Object newInstance = certKeyGenCons.newInstance(KEY_ALGORITHM, SIG_ALGORITHM);
                Object newInstance2 = X500NameCons.newInstance(str4);
                certKeyGenClass.getMethod(GENERATE_METHOD, Integer.TYPE).invoke(newInstance, 1024);
                keyStore.setKeyEntry(str3, (PrivateKey) certKeyGenClass.getMethod(GET_PRIVATE_KEY_METHOD, new Class[0]).invoke(newInstance, new Object[0]), cArr, new Certificate[]{(Certificate) certKeyGenClass.getMethod(GET_SELFSIGNED_CERT_METHOD, X500NameClass, Long.TYPE).invoke(newInstance, newInstance2, Integer.valueOf(i * SEC_IN_DAY))});
                FileOutputStream fileOutputStream = new FileOutputStream(str2);
                keyStore.store(fileOutputStream, cArr);
                fileOutputStream.close();
                return keyStore;
            } catch (Exception e) {
                throw new KeyStoreException(UtilityMessages.ERR_CERTMGR_GEN_SELF_SIGNED_CERT.get(str3, e.getMessage()).toString());
            }
        }

        private void trustedCert(String str, CertificateFactory certificateFactory, KeyStore keyStore, InputStream inputStream) throws KeyStoreException {
            try {
                if (keyStore.containsAlias(str)) {
                    throw new KeyStoreException(UtilityMessages.ERR_CERTMGR_ALIAS_ALREADY_EXISTS.get(str).toString());
                }
                X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(inputStream);
                if (isSelfSigned(x509Certificate)) {
                    x509Certificate.verify(x509Certificate.getPublicKey());
                }
                keyStore.setCertificateEntry(str, x509Certificate);
            } catch (Exception e) {
                throw new KeyStoreException(UtilityMessages.ERR_CERTMGR_TRUSTED_CERT.get(str, e.getMessage()).toString());
            }
        }

        private boolean isSelfSigned(X509Certificate x509Certificate) {
            return x509Certificate.getSubjectDN().equals(x509Certificate.getIssuerDN());
        }

        private PrivateKey getPrivateKey(KeyStore keyStore, String str, char[] cArr) throws KeyStoreException {
            try {
                if (!keyStore.containsAlias(str)) {
                    throw new KeyStoreException(UtilityMessages.ERR_CERTMGR_ALIAS_DOES_NOT_EXIST.get(str).toString());
                }
                if (keyStore.entryInstanceOf(str, KeyStore.PrivateKeyEntry.class) || keyStore.entryInstanceOf(str, KeyStore.SecretKeyEntry.class)) {
                    return (PrivateKey) keyStore.getKey(str, cArr);
                }
                throw new KeyStoreException(UtilityMessages.ERR_CERTMGR_ALIAS_INVALID_ENTRY_TYPE.get(str).toString());
            } catch (Exception e) {
                throw new KeyStoreException(UtilityMessages.ERR_CERTMGR_GET_KEY.get(str, e.getMessage()).toString());
            }
        }

        public abstract void normalize(StringBuilder sb);

        static {
            String str = Platform.pkgPrefix + ".x509";
            String str2 = Platform.pkgPrefix + ".pkcs";
            String str3 = str + ".CertAndKeyGen";
            String str4 = str + ".X500Name";
            String str5 = str + ".X500Signer";
            try {
                certKeyGenClass = Class.forName(str3);
                X500NameClass = Class.forName(str4);
                X500SignerClass = Class.forName(str5);
                if (Platform.certReqAllowed) {
                    PKCS10Class = Class.forName(str2 + ".PKCS10");
                    pkcs10Cons = PKCS10Class.getConstructor(PublicKey.class);
                }
                certKeyGenCons = certKeyGenClass.getConstructor(String.class, String.class);
                X500NameCons = X500NameClass.getConstructor(String.class);
                X500SignerCons = X500SignerClass.getConstructor(Signature.class, X500NameClass);
            } catch (ClassNotFoundException e) {
                throw new ExceptionInInitializerError(UtilityMessages.ERR_CERTMGR_CLASS_NOT_FOUND.get(e.getMessage()).toString());
            } catch (NoSuchMethodException e2) {
                throw new ExceptionInInitializerError(UtilityMessages.ERR_CERTMGR_NO_METHOD.get(e2.getMessage()).toString());
            } catch (SecurityException e3) {
                throw new ExceptionInInitializerError(UtilityMessages.ERR_CERTMGR_SECURITY.get(e3.getMessage()).toString());
            }
        }
    }

    /* loaded from: input_file:WEB-INF/lib/OpenDS.jar:org/opends/server/util/Platform$Sun5PlatformIMPL.class */
    private static class Sun5PlatformIMPL extends PlatformIMPL {
        private static final Method NORMALIZE;
        private static final Object FORM_NFKC;

        private Sun5PlatformIMPL() {
        }

        @Override // org.opends.server.util.Platform.PlatformIMPL
        public void normalize(StringBuilder sb) {
            try {
                sb.replace(0, sb.length(), (String) NORMALIZE.invoke(null, sb.toString(), FORM_NFKC, 0));
            } catch (Exception e) {
            }
        }

        static {
            Method method = null;
            Object obj = null;
            try {
                Class<?> cls = Class.forName("sun.text.Normalizer");
                obj = cls.getField("DECOMP_COMPAT").get(null);
                method = cls.getMethod("normalize", String.class, Class.forName("sun.text.Normalizer$Mode"), Integer.TYPE);
            } catch (Exception e) {
            }
            NORMALIZE = method;
            FORM_NFKC = obj;
        }
    }

    private Platform() {
    }

    public static void addCertificate(KeyStore keyStore, String str, String str2, String str3, char[] cArr, String str4) throws KeyStoreException {
        IMPL.addCertificate(keyStore, str, str2, str3, cArr, str4);
    }

    public static void deleteAlias(KeyStore keyStore, String str, String str2, char[] cArr) throws KeyStoreException {
        IMPL.deleteAlias(keyStore, str, str2, cArr);
    }

    public static File generateCertificateRequest(KeyStore keyStore, String str, String str2, String str3, char[] cArr, String str4) throws KeyStoreException {
        return IMPL.generateCertificateRequest(keyStore, str, str2, str3, cArr, str4);
    }

    public static void generateSelfSignedCertificate(KeyStore keyStore, String str, String str2, String str3, char[] cArr, String str4, int i) throws KeyStoreException {
        IMPL.generateSelfSignedCertificate(keyStore, str, str2, str3, cArr, str4, i);
    }

    public static void normalize(StringBuilder sb) {
        IMPL.normalize(sb);
    }

    public static boolean isVendor(String str) {
        return System.getProperty("java.vendor").startsWith(str);
    }

    static {
        String property = System.getProperty("java.vendor");
        String property2 = System.getProperty("java.version");
        if (property.startsWith("IBM")) {
            pkgPrefix = IBM_SEC;
            certReqAllowed = false;
            if (property2.startsWith("1.5")) {
                IMPL = new IBM5PlatformIMPL();
                return;
            } else {
                IMPL = new DefaultPlatformIMPL();
                return;
            }
        }
        pkgPrefix = SUN_SEC;
        certReqAllowed = true;
        if (property2.startsWith("1.5")) {
            IMPL = new Sun5PlatformIMPL();
        } else {
            IMPL = new DefaultPlatformIMPL();
        }
    }
}
