package org.wso2.securevault.keystore;

import java.io.BufferedInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import org.apache.axiom.util.base64.Base64Utils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.securevault.IKeyStoreLoader;
import org.wso2.securevault.SecureVaultException;
import org.wso2.securevault.definition.CipherInformation;

/* JADX WARN: Classes with same name are omitted:
  input_file:lib/org.wso2.securevault-1.0.0.jar:org/wso2/securevault/keystore/PKCS8KeyStoreLoader.class
 */
/* loaded from: input_file:lib/axis2-client-1.6.1.wso2v12.jar:org/wso2/securevault/keystore/PKCS8KeyStoreLoader.class */
public class PKCS8KeyStoreLoader implements IKeyStoreLoader {
    private static Log log = LogFactory.getLog(PKCS8KeyStoreLoader.class);
    private String pkPath;
    private String certPath;
    private String keyPassword;
    private String entryAlias;
    private static final String HEADER = "-----BEGIN PRIVATE KEY-----\n";
    private static final String FOOTER = "-----END PRIVATE KEY-----";

    public PKCS8KeyStoreLoader(String str, String str2, String str3, String str4) {
        this.pkPath = str;
        this.certPath = str2;
        this.keyPassword = str3;
        this.entryAlias = str4;
    }

    @Override // org.wso2.securevault.IKeyStoreLoader
    public KeyStore getKeyStore() {
        File file = new File(this.pkPath);
        if (!file.exists()) {
            if (!log.isDebugEnabled()) {
                return null;
            }
            log.debug("There is no private key in the given path : " + this.pkPath);
            return null;
        }
        File file2 = new File(this.certPath);
        if (!file2.exists()) {
            if (!log.isDebugEnabled()) {
                return null;
            }
            log.debug("There is no certificate in the given path : " + this.certPath);
            return null;
        }
        try {
            if (log.isDebugEnabled()) {
                log.debug("Reading a private key(unencrypted) from given path : " + this.pkPath);
            }
            FileInputStream fileInputStream = new FileInputStream(file);
            BufferedInputStream bufferedInputStream = new BufferedInputStream(fileInputStream);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] bArr = new byte[1024];
            while (true) {
                try {
                    try {
                        int read = bufferedInputStream.read(bArr);
                        if (read == -1) {
                            break;
                        }
                        byteArrayOutputStream.write(bArr, 0, read);
                    } catch (IOException e) {
                        handleException("IOError reading from file :  " + this.pkPath, e);
                        try {
                            bufferedInputStream.close();
                            fileInputStream.close();
                            byteArrayOutputStream.close();
                        } catch (IOException e2) {
                        }
                    }
                } finally {
                    try {
                        bufferedInputStream.close();
                        fileInputStream.close();
                        byteArrayOutputStream.close();
                    } catch (IOException e3) {
                    }
                }
            }
            if (log.isDebugEnabled()) {
                log.debug("Creating a private key in PKCS8Encoded using given (unencrypted) RSA private key ");
            }
            PrivateKey createPrivateKey = createPrivateKey(byteArrayOutputStream.toByteArray());
            if (log.isDebugEnabled()) {
                log.debug("Generating a X509 certificate form given certificate file");
            }
            FileInputStream fileInputStream2 = new FileInputStream(file2);
            BufferedInputStream bufferedInputStream2 = new BufferedInputStream(fileInputStream2);
            Certificate generateCertificate = CertificateFactory.getInstance("X509").generateCertificate(bufferedInputStream2);
            bufferedInputStream2.close();
            fileInputStream2.close();
            if (log.isDebugEnabled()) {
                log.debug("Creating a KeyStore instance of type JKS from a PKCS8 private key and X509 certificate");
            }
            KeyStore keyStore = KeyStore.getInstance("JKS");
            keyStore.load(null, null);
            keyStore.setCertificateEntry("server Cert", generateCertificate);
            keyStore.setKeyEntry(this.entryAlias, createPrivateKey, this.keyPassword.toCharArray(), new Certificate[]{generateCertificate});
            return keyStore;
        } catch (FileNotFoundException e4) {
            handleException("IOError", e4);
            return null;
        } catch (IOException e5) {
            handleException("IOError", e5);
            return null;
        } catch (KeyStoreException e6) {
            handleException("Error creating KeyStore", e6);
            return null;
        } catch (NoSuchAlgorithmException e7) {
            handleException("Error creating KeyStore", e7);
            return null;
        } catch (CertificateException e8) {
            handleException("Error creating KeyStore", e8);
            return null;
        }
    }

    private PrivateKey createPrivateKey(byte[] bArr) {
        int length = HEADER.length();
        int length2 = ((bArr.length - FOOTER.length()) - 1) - length;
        byte[] bArr2 = new byte[length2];
        System.arraycopy(bArr, length, bArr2, 0, length2);
        try {
            return KeyFactory.getInstance(CipherInformation.DEFAULT_ALGORITHM).generatePrivate(new PKCS8EncodedKeySpec(Base64Utils.decode(new String(bArr2))));
        } catch (NoSuchAlgorithmException e) {
            handleException("Error getting a KeyFactory instance", e);
            return null;
        } catch (InvalidKeySpecException e2) {
            handleException("Error generating a private key", e2);
            return null;
        }
    }

    private void handleException(String str, Exception exc) {
        log.error(str, exc);
        throw new SecureVaultException(str, exc);
    }
}
