package libcore.java.security;

import java.io.PrintStream;
import java.math.BigInteger;
import java.net.InetAddress;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Date;
import java.util.Hashtable;
import java.util.Iterator;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import junit.framework.Assert;
import org.bouncycastle.asn1.x509.BasicConstraints;
import org.bouncycastle.asn1.x509.X509Extensions;
import org.bouncycastle.jce.X509Principal;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.x509.X509V3CertificateGenerator;

/* loaded from: input_file:libcore/java/security/TestKeyStore.class */
public final class TestKeyStore extends Assert {
    public final KeyStore keyStore;
    public final char[] storePassword;
    public final char[] keyPassword;
    public final KeyManager[] keyManagers;
    public final TrustManager[] trustManagers;
    private static final TestKeyStore ROOT_CA;
    private static final TestKeyStore INTERMEDIATE_CA;
    private static final TestKeyStore SERVER;
    private static final TestKeyStore CLIENT;
    private static final TestKeyStore CLIENT_CERTIFICATE;
    private static final TestKeyStore ROOT_CA_2;
    private static final TestKeyStore CLIENT_2;

    private TestKeyStore(KeyStore keyStore, char[] cArr, char[] cArr2) {
        this.keyStore = keyStore;
        this.storePassword = cArr;
        this.keyPassword = cArr2;
        this.keyManagers = createKeyManagers(keyStore, cArr);
        this.trustManagers = createTrustManagers(keyStore);
    }

    public static KeyManager[] createKeyManagers(KeyStore keyStore, char[] cArr) {
        try {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, cArr);
            return keyManagerFactory.getKeyManagers();
        } catch (Exception e) {
            throw new RuntimeException();
        }
    }

    public static TrustManager[] createTrustManagers(KeyStore keyStore) {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            return trustManagerFactory.getTrustManagers();
        } catch (Exception e) {
            throw new RuntimeException();
        }
    }

    public static TestKeyStore getServer() {
        return SERVER;
    }

    public static TestKeyStore getClient() {
        return CLIENT;
    }

    public static TestKeyStore getClientCertificate() {
        return CLIENT_CERTIFICATE;
    }

    public static TestKeyStore getClientCA2() {
        return CLIENT_2;
    }

    public static TestKeyStore create(String[] strArr, char[] cArr, char[] cArr2, String str, X509Principal x509Principal, boolean z, TestKeyStore testKeyStore) {
        try {
            KeyStore createKeyStore = createKeyStore();
            for (String str2 : strArr) {
                createKeys(createKeyStore, cArr2, str2, str + "-public-" + str2, str + "-private-" + str2, x509Principal, z, testKeyStore);
            }
            if (testKeyStore != null) {
                copySelfSignedCertificates(createKeyStore, testKeyStore.keyStore);
            }
            return new TestKeyStore(createKeyStore, cArr, cArr2);
        } catch (RuntimeException e) {
            throw e;
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }

    public static KeyStore createKeyStore() throws Exception {
        KeyStore keyStore = KeyStore.getInstance("BKS");
        keyStore.load(null, null);
        return keyStore;
    }

    public static KeyStore createKeys(KeyStore keyStore, char[] cArr, String str, String str2, String str3, X509Principal x509Principal, boolean z, TestKeyStore testKeyStore) throws Exception {
        PrivateKey privateKey;
        X509Certificate x509Certificate;
        X509Certificate[] x509CertificateArr;
        PrivateKey privateKey2;
        X509Certificate generateX509Certificate;
        X509Certificate[] x509CertificateArr2;
        if (testKeyStore == null) {
            privateKey = null;
            x509Certificate = null;
            x509CertificateArr = null;
        } else {
            KeyStore.PrivateKeyEntry privateKey3 = privateKey(testKeyStore.keyStore, testKeyStore.keyPassword, str);
            privateKey = privateKey3.getPrivateKey();
            x509Certificate = (X509Certificate) privateKey3.getCertificate();
            x509CertificateArr = (X509Certificate[]) privateKey3.getCertificateChain();
        }
        if (str2 == null && str3 == null) {
            privateKey2 = null;
            generateX509Certificate = null;
        } else {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str);
            keyPairGenerator.initialize(1024, new SecureRandom());
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            privateKey2 = generateKeyPair.getPrivate();
            PublicKey publicKey = generateKeyPair.getPublic();
            X509Principal x509Principal2 = x509Certificate == null ? x509Principal : (X509Principal) x509Certificate.getSubjectDN();
            long currentTimeMillis = System.currentTimeMillis();
            Date date = new Date(currentTimeMillis - 86400000);
            Date date2 = new Date(currentTimeMillis + 86400000);
            BigInteger valueOf = BigInteger.valueOf(1L);
            X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
            x509V3CertificateGenerator.setSubjectDN(x509Principal);
            x509V3CertificateGenerator.setIssuerDN(x509Principal2);
            x509V3CertificateGenerator.setNotBefore(date);
            x509V3CertificateGenerator.setNotAfter(date2);
            x509V3CertificateGenerator.setPublicKey(publicKey);
            x509V3CertificateGenerator.setSignatureAlgorithm("sha1With" + str);
            x509V3CertificateGenerator.setSerialNumber(valueOf);
            if (z) {
                x509V3CertificateGenerator.addExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(true));
            }
            generateX509Certificate = x509V3CertificateGenerator.generateX509Certificate(privateKey == null ? privateKey2 : privateKey);
        }
        if (str3 == null) {
            x509CertificateArr2 = null;
        } else if (x509CertificateArr == null) {
            x509CertificateArr2 = new X509Certificate[]{generateX509Certificate};
        } else {
            x509CertificateArr2 = new X509Certificate[x509CertificateArr.length + 1];
            x509CertificateArr2[0] = generateX509Certificate;
            System.arraycopy(x509CertificateArr, 0, x509CertificateArr2, 1, x509CertificateArr.length);
        }
        if (str3 != null) {
            keyStore.setKeyEntry(str3, privateKey2, cArr, x509CertificateArr2);
        }
        if (str2 != null) {
            keyStore.setCertificateEntry(str2, generateX509Certificate);
        }
        return keyStore;
    }

    public static X509Principal localhost() {
        try {
            return x509Principal(InetAddress.getLocalHost().getCanonicalHostName());
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static X509Principal x509Principal(String str) {
        Hashtable hashtable = new Hashtable();
        hashtable.put(X509Principal.CN, str);
        return new X509Principal(hashtable);
    }

    public static KeyStore.PrivateKeyEntry privateKey(KeyStore keyStore, char[] cArr, String str) {
        try {
            KeyStore.PrivateKeyEntry privateKeyEntry = null;
            KeyStore.PasswordProtection passwordProtection = new KeyStore.PasswordProtection(cArr);
            Iterator it = Collections.list(keyStore.aliases()).iterator();
            while (it.hasNext()) {
                String str2 = (String) it.next();
                if (keyStore.entryInstanceOf(str2, KeyStore.PrivateKeyEntry.class)) {
                    KeyStore.PrivateKeyEntry privateKeyEntry2 = (KeyStore.PrivateKeyEntry) keyStore.getEntry(str2, passwordProtection);
                    if (privateKeyEntry2.getPrivateKey().getAlgorithm().equals(str)) {
                        if (privateKeyEntry != null) {
                            throw new IllegalStateException("keyStore has more than one private key");
                        }
                        privateKeyEntry = privateKeyEntry2;
                    }
                }
            }
            if (privateKeyEntry == null) {
                throw new IllegalStateException("keyStore contained no private key");
            }
            return privateKeyEntry;
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static KeyStore createClient(KeyStore keyStore) {
        try {
            KeyStore keyStore2 = KeyStore.getInstance("BKS");
            keyStore2.load(null, null);
            copySelfSignedCertificates(keyStore2, keyStore);
            return keyStore2;
        } catch (RuntimeException e) {
            throw e;
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }

    public static void copySelfSignedCertificates(KeyStore keyStore, KeyStore keyStore2) throws Exception {
        Iterator it = Collections.list(keyStore2.aliases()).iterator();
        while (it.hasNext()) {
            String str = (String) it.next();
            if (keyStore2.isCertificateEntry(str)) {
                X509Certificate x509Certificate = (X509Certificate) keyStore2.getCertificate(str);
                if (x509Certificate.getSubjectDN().equals(x509Certificate.getIssuerDN())) {
                    keyStore.setCertificateEntry(str, x509Certificate);
                }
            }
        }
    }

    public static void dump(String str, KeyStore keyStore, char[] cArr) {
        String str2;
        try {
            PrintStream printStream = System.out;
            printStream.println("context=" + str);
            printStream.println("\tkeyStore=" + keyStore);
            printStream.println("\tkeyStore.type=" + keyStore.getType());
            printStream.println("\tkeyStore.provider=" + keyStore.getProvider());
            printStream.println("\tkeyPassword=" + (cArr == null ? null : new String(cArr)));
            printStream.println("\tsize=" + keyStore.size());
            Iterator it = Collections.list(keyStore.aliases()).iterator();
            while (it.hasNext()) {
                String str3 = (String) it.next();
                printStream.println("alias=" + str3);
                printStream.println("\tcreationDate=" + keyStore.getCreationDate(str3));
                if (keyStore.isCertificateEntry(str3)) {
                    printStream.println("\tcertificate:");
                    printStream.println("==========================================");
                    printStream.println(keyStore.getCertificate(str3));
                    printStream.println("==========================================");
                } else if (keyStore.isKeyEntry(str3)) {
                    printStream.println("\tkey:");
                    printStream.println("==========================================");
                    try {
                        str2 = "Key retreived using password\n" + keyStore.getKey(str3, cArr).toString();
                    } catch (UnrecoverableKeyException e) {
                        try {
                            str2 = "Key retreived without password\n" + keyStore.getKey(str3, null).toString();
                        } catch (UnrecoverableKeyException e2) {
                            str2 = "Key could not be retreived";
                        }
                    }
                    printStream.println(str2);
                    printStream.println("==========================================");
                } else {
                    printStream.println("\tunknown entry type");
                }
            }
        } catch (RuntimeException e3) {
            throw e3;
        } catch (Exception e4) {
            throw new RuntimeException(e4);
        }
    }

    public static void assertChainLength(Object[] objArr) {
        assertEquals(3, objArr.length);
    }

    static {
        if (StandardNames.IS_RI) {
            Security.addProvider(new BouncyCastleProvider());
        }
        ROOT_CA = create(new String[]{"RSA"}, null, null, "RootCA", x509Principal("Test Root Certificate Authority"), true, null);
        INTERMEDIATE_CA = create(new String[]{"RSA"}, null, null, "IntermediateCA", x509Principal("Test Intermediate Certificate Authority"), true, ROOT_CA);
        SERVER = create(new String[]{"RSA"}, null, null, "server", localhost(), false, INTERMEDIATE_CA);
        CLIENT = new TestKeyStore(createClient(INTERMEDIATE_CA.keyStore), null, null);
        CLIENT_CERTIFICATE = create(new String[]{"RSA"}, null, null, "client", x509Principal("test@user"), false, INTERMEDIATE_CA);
        ROOT_CA_2 = create(new String[]{"RSA"}, null, null, "RootCA2", x509Principal("Test Root Certificate Authority 2"), true, null);
        CLIENT_2 = new TestKeyStore(createClient(ROOT_CA_2.keyStore), null, null);
    }
}
