package com.sun.xml.wss.util;

import com.sun.xml.wss.XWSSConstants;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.core.reference.X509SubjectKeyIdentifier;
import com.sun.xml.wss.impl.MessageConstants;
import com.sun.xml.wss.impl.XWSSecurityRuntimeException;
import com.sun.xml.wss.impl.misc.SecurityUtil;
import java.io.IOException;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
import java.math.BigInteger;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertSelector;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.SecretKey;
import javax.security.auth.x500.X500Principal;

/* loaded from: input_file:com/sun/xml/wss/util/XWSSUtil.class */
public abstract class XWSSUtil {
    protected static final Logger log = Logger.getLogger("javax.enterprise.resource.xml.webservices.security", "com.sun.xml.wss.logging.LogStrings");

    public static X509Certificate getCertificateFromTrustStore(byte[] bArr, KeyStore keyStore) throws IOException {
        X509Certificate x509Certificate;
        byte[] subjectKeyIdentifier;
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                Certificate certificate = keyStore.getCertificate(aliases.nextElement());
                if (certificate != null && "X.509".equals(certificate.getType()) && (subjectKeyIdentifier = X509SubjectKeyIdentifier.getSubjectKeyIdentifier((x509Certificate = (X509Certificate) certificate))) != null && Arrays.equals(bArr, subjectKeyIdentifier)) {
                    return x509Certificate;
                }
            }
            return null;
        } catch (Exception e) {
            throw new IOException(e.getMessage());
        }
    }

    public static X509Certificate getCertificateFromTrustStore(String str, BigInteger bigInteger, KeyStore keyStore) throws IOException {
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                Certificate certificate = keyStore.getCertificate(aliases.nextElement());
                if (certificate != null && "X.509".equals(certificate.getType())) {
                    X509Certificate x509Certificate = (X509Certificate) certificate;
                    X500Principal issuerX500Principal = x509Certificate.getIssuerX500Principal();
                    X500Principal x500Principal = new X500Principal(str);
                    BigInteger serialNumber = x509Certificate.getSerialNumber();
                    if (issuerX500Principal.equals(x500Principal) && serialNumber.equals(bigInteger)) {
                        return x509Certificate;
                    }
                }
            }
            return null;
        } catch (Exception e) {
            throw new IOException(e.getMessage());
        }
    }

    public static PrivateKey getPrivateKey(byte[] bArr, KeyStore keyStore, String str) throws IOException {
        Certificate certificate;
        byte[] subjectKeyIdentifier;
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (keyStore.isKeyEntry(nextElement) && (certificate = keyStore.getCertificate(nextElement)) != null && "X.509".equals(certificate.getType()) && (subjectKeyIdentifier = X509SubjectKeyIdentifier.getSubjectKeyIdentifier((X509Certificate) certificate)) != null && Arrays.equals(bArr, subjectKeyIdentifier)) {
                    return (PrivateKey) keyStore.getKey(nextElement, str.toCharArray());
                }
            }
            return null;
        } catch (Exception e) {
            throw new IOException(e.getMessage());
        }
    }

    public static PrivateKey getPrivateKey(String str, BigInteger bigInteger, KeyStore keyStore, String str2) throws IOException {
        Certificate certificate;
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (keyStore.isKeyEntry(nextElement) && (certificate = keyStore.getCertificate(nextElement)) != null && "X.509".equals(certificate.getType())) {
                    X509Certificate x509Certificate = (X509Certificate) certificate;
                    X500Principal issuerX500Principal = x509Certificate.getIssuerX500Principal();
                    X500Principal x500Principal = new X500Principal(str);
                    BigInteger serialNumber = x509Certificate.getSerialNumber();
                    if (issuerX500Principal.equals(x500Principal) && serialNumber.equals(bigInteger)) {
                        return (PrivateKey) keyStore.getKey(nextElement, str2.toCharArray());
                    }
                }
            }
            return null;
        } catch (Exception e) {
            throw new IOException(e.getMessage());
        }
    }

    public static PrivateKey getPrivateKey(X509Certificate x509Certificate, KeyStore keyStore, String str) throws IOException {
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (keyStore.isKeyEntry(nextElement)) {
                    Certificate certificate = keyStore.getCertificate(nextElement);
                    if (certificate != null && certificate.equals(x509Certificate)) {
                        return (PrivateKey) keyStore.getKey(nextElement, str.toCharArray());
                    }
                }
            }
            return null;
        } catch (Exception e) {
            throw new IOException(e.getMessage());
        }
    }

    public static SecretKey generateSymmetricKey(String str) throws XWSSecurityException {
        return SecurityUtil.generateSymmetricKey(str);
    }

    public static X509Certificate matchesProgrammaticInfo(Object obj, byte[] bArr, String str) {
        if (obj == null || !(obj instanceof X509Certificate)) {
            return null;
        }
        try {
            X509Certificate x509Certificate = (X509Certificate) obj;
            byte[] bArr2 = null;
            if ("Identifier".equals(str)) {
                bArr2 = X509SubjectKeyIdentifier.getSubjectKeyIdentifier(x509Certificate);
            } else if (MessageConstants.THUMB_PRINT_TYPE.equals(str)) {
                bArr2 = getThumbprintIdentifier(x509Certificate);
            }
            if (bArr2 == null) {
                return null;
            }
            if (Arrays.equals(bArr, bArr2)) {
                return x509Certificate;
            }
            return null;
        } catch (XWSSecurityException e) {
            log.log(Level.SEVERE, (String) null, e);
            throw new XWSSecurityRuntimeException(e);
        }
    }

    public static X509Certificate matchesProgrammaticInfo(Object obj, PublicKey publicKey) {
        if (obj == null || !(obj instanceof X509Certificate)) {
            return null;
        }
        X509Certificate x509Certificate = (X509Certificate) obj;
        if (x509Certificate.getPublicKey().equals(publicKey)) {
            return x509Certificate;
        }
        return null;
    }

    public static X509Certificate matchesProgrammaticInfo(Object obj, BigInteger bigInteger, String str) {
        if (obj == null || !(obj instanceof X509Certificate)) {
            return null;
        }
        X509Certificate x509Certificate = (X509Certificate) obj;
        if (x509Certificate.getSerialNumber().equals(bigInteger) && x509Certificate.getIssuerX500Principal().equals(new X500Principal(str))) {
            return x509Certificate;
        }
        return null;
    }

    public static PrivateKey getProgrammaticPrivateKey(Map map) {
        if (map == null) {
            return null;
        }
        Object obj = map.get(XWSSConstants.PRIVATEKEY_PROPERTY);
        if (obj instanceof PrivateKey) {
            return (PrivateKey) obj;
        }
        if (obj == null) {
            return null;
        }
        log.log(Level.SEVERE, "value of PRIVATEKEY_PROPERTY is not a PrivateKey");
        throw new XWSSecurityRuntimeException("value of PRIVATEKEY_PROPERTY is not a PrivateKey");
    }

    public static byte[] getThumbprintIdentifier(X509Certificate x509Certificate) throws XWSSecurityException {
        try {
            return MessageDigest.getInstance(MessageConstants.SHA_1).digest(x509Certificate.getEncoded());
        } catch (NoSuchAlgorithmException e) {
            log.log(Level.SEVERE, "WSS0708.no.digest.algorithm");
            throw new XWSSecurityException("Digest algorithm SHA-1 not found");
        } catch (CertificateEncodingException e2) {
            log.log(Level.SEVERE, "WSS0709.error.getting.rawContent");
            throw new XWSSecurityException("Error while getting certificate's raw content");
        }
    }

    public static CertSelector getCertSelector(Class<?> cls, Map map) {
        if (cls == null) {
            return null;
        }
        Constructor<?> constructor = null;
        try {
            constructor = cls.getConstructor(Map.class);
        } catch (NoSuchMethodException e) {
        } catch (SecurityException e2) {
        }
        if (constructor == null) {
            try {
                return (CertSelector) cls.newInstance();
            } catch (IllegalAccessException e3) {
                log.log(Level.SEVERE, "WSS0812.exception.instantiating.certselector", (Throwable) e3);
                throw new RuntimeException(e3);
            } catch (InstantiationException e4) {
                log.log(Level.SEVERE, "WSS0812.exception.instantiating.certselector", (Throwable) e4);
                throw new RuntimeException(e4);
            }
        }
        try {
            return (CertSelector) constructor.newInstance(map);
        } catch (IllegalAccessException e5) {
            log.log(Level.SEVERE, "WSS0812.exception.instantiating.certselector", (Throwable) e5);
            throw new RuntimeException(e5);
        } catch (IllegalArgumentException e6) {
            log.log(Level.SEVERE, "WSS0812.exception.instantiating.certselector", (Throwable) e6);
            throw new RuntimeException(e6);
        } catch (InstantiationException e7) {
            log.log(Level.SEVERE, "WSS0812.exception.instantiating.certselector", (Throwable) e7);
            throw new RuntimeException(e7);
        } catch (InvocationTargetException e8) {
            log.log(Level.SEVERE, "WSS0812.exception.instantiating.certselector", (Throwable) e8);
            throw new RuntimeException(e8);
        }
    }
}
