package edu.internet2.middleware.shibboleth.utils;

import java.io.BufferedInputStream;
import java.io.BufferedReader;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.PrintStream;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAKey;
import java.security.spec.KeySpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Properties;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import javax.crypto.spec.DESedeKeySpec;
import org.apache.log4j.ConsoleAppender;
import org.apache.log4j.Level;
import org.apache.log4j.LogManager;
import org.apache.log4j.Logger;
import org.apache.log4j.PatternLayout;
import org.bouncycastle.util.encoders.Base64;

/* loaded from: input_file:edu/internet2/middleware/shibboleth/utils/ExtKeyTool.class */
public class ExtKeyTool {
    protected static Logger log;
    static Class class$0;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:edu/internet2/middleware/shibboleth/utils/ExtKeyTool$ByteContainer.class */
    public class ByteContainer {
        private byte[] buffer;
        private int cushion;
        private int currentSize = 0;
        final ExtKeyTool this$0;

        ByteContainer(ExtKeyTool extKeyTool, int i) {
            this.this$0 = extKeyTool;
            this.buffer = new byte[i];
            this.cushion = i;
        }

        private void grow() {
            ExtKeyTool.log.debug("Growing ByteContainer.");
            int i = this.currentSize + this.cushion;
            byte[] bArr = new byte[i];
            int min = Math.min(this.currentSize, i);
            for (int i2 = 0; i2 < min; i2++) {
                bArr[i2] = this.buffer[i2];
            }
            this.buffer = bArr;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public byte[] toByteArray() {
            byte[] bArr = new byte[this.currentSize];
            for (int i = 0; i < this.currentSize; i++) {
                bArr[i] = this.buffer[i];
            }
            return bArr;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void append(byte b) {
            if (this.currentSize == this.buffer.length) {
                grow();
            }
            this.buffer[this.currentSize] = b;
            this.currentSize++;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:edu/internet2/middleware/shibboleth/utils/ExtKeyTool$ExtKeyToolException.class */
    public class ExtKeyToolException extends Exception {
        final ExtKeyTool this$0;

        protected ExtKeyToolException(ExtKeyTool extKeyTool, String str) {
            super(str);
            this.this$0 = extKeyTool;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:edu/internet2/middleware/shibboleth/utils/ExtKeyTool$InvalidCertificateChainException.class */
    public class InvalidCertificateChainException extends ExtKeyToolException {
        final ExtKeyTool this$0;

        protected InvalidCertificateChainException(ExtKeyTool extKeyTool, String str) {
            super(extKeyTool, str);
            this.this$0 = extKeyTool;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v2, types: [java.lang.Throwable] */
    static {
        Class<?> cls = class$0;
        if (cls == null) {
            try {
                cls = Class.forName("edu.internet2.middleware.shibboleth.utils.ExtKeyTool");
                class$0 = cls;
            } catch (ClassNotFoundException unused) {
                throw new NoClassDefFoundError(cls.getMessage());
            }
        }
        log = Logger.getLogger(cls.getName());
    }

    protected KeyStore loadKeyStore(String str, InputStream inputStream, String str2, char[] cArr) throws ExtKeyToolException {
        if (str2 == null) {
            str2 = "JKS";
        }
        try {
            log.debug(new StringBuffer("Using keystore type: (").append(str2).append(")").toString());
            log.debug(new StringBuffer("Using provider: (").append(str).append(")").toString());
            KeyStore keyStore = str2.equals("JKS") ? KeyStore.getInstance(str2, "SUN") : str2.equals("JCEKS") ? KeyStore.getInstance(str2, "SunJCE") : KeyStore.getInstance(str2, str);
            if (inputStream == null) {
                log.error("Keystore must be specified.");
                throw new ExtKeyToolException(this, "Keystore must be specified.");
            }
            if (cArr == null) {
                log.warn("No password given for keystore, integrity will not be verified.");
            }
            keyStore.load(inputStream, cArr);
            return keyStore;
        } catch (IOException e) {
            log.error(new StringBuffer("Could not export key: ").append(e).toString());
            throw new ExtKeyToolException(this, new StringBuffer("Could not export key: ").append(e).toString());
        } catch (KeyStoreException e2) {
            log.error(new StringBuffer("Problem loading keystore: ").append(e2).toString());
            throw new ExtKeyToolException(this, new StringBuffer("Problem loading keystore: ").append(e2).toString());
        } catch (NoSuchAlgorithmException e3) {
            log.error(new StringBuffer("Could not open keystore with the installed JCE providers: ").append(e3).toString());
            throw new ExtKeyToolException(this, new StringBuffer("Could not open keystore with the installed JCE providers: ").append(e3).toString());
        } catch (NoSuchProviderException e4) {
            log.error("The specified provider is not available.");
            throw new ExtKeyToolException(this, "The specified provider is not available.");
        } catch (CertificateException e5) {
            log.error(new StringBuffer("Could not open keystore: ").append(e5).toString());
            throw new ExtKeyToolException(this, new StringBuffer("Could not open keystore: ").append(e5).toString());
        }
    }

    public void exportKey(String str, PrintStream printStream, InputStream inputStream, String str2, char[] cArr, String str3, char[] cArr2, boolean z) throws ExtKeyToolException {
        try {
            KeyStore loadKeyStore = loadKeyStore(str, inputStream, str2, cArr);
            if (str3 == null) {
                log.error("Key alias must be specified.");
                throw new ExtKeyToolException(this, "Key alias must be specified.");
            }
            log.info("Searching for key.");
            Key key = loadKeyStore.getKey(str3, cArr2);
            if (key == null) {
                log.error("Key not found in store.");
                throw new ExtKeyToolException(this, "Key not found in store.");
            }
            log.info("Found key.");
            if (!z) {
                log.debug("Dumping with default encoding.");
                printStream.write(key.getEncoded());
            } else {
                log.debug("Dumping with rfc encoding");
                printStream.println("-----BEGIN PRIVATE KEY-----");
                printStream.println(Base64.encode(key.getEncoded()));
                printStream.println("-----END PRIVATE KEY-----");
            }
        } catch (IOException e) {
            log.error(new StringBuffer("Could not export key: ").append(e).toString());
            throw new ExtKeyToolException(this, new StringBuffer("Could not export key: ").append(e).toString());
        } catch (KeyStoreException e2) {
            log.error(new StringBuffer("Problem accessing keystore: ").append(e2).toString());
            throw new ExtKeyToolException(this, new StringBuffer("Problem loading keystore: ").append(e2).toString());
        } catch (NoSuchAlgorithmException e3) {
            log.error(new StringBuffer("Could not recover key with the installed JCE providers: ").append(e3).toString());
            throw new ExtKeyToolException(this, new StringBuffer("Could not recover key with the installed JCE providers: ").append(e3).toString());
        } catch (UnrecoverableKeyException e4) {
            log.error(new StringBuffer("The key specified key cannot be recovered with the given password: ").append(e4).toString());
            throw new ExtKeyToolException(this, new StringBuffer("The key specified key cannot be recovered with the given password: ").append(e4).toString());
        }
    }

    protected SecretKey readSecretKey(String str, InputStream inputStream, String str2) throws ExtKeyToolException {
        int read;
        try {
            SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(str2, str);
            byte[] bArr = new byte[8];
            ByteContainer byteContainer = new ByteContainer(this, 400);
            do {
                read = inputStream.read(bArr);
                for (int i = 0; i < read; i++) {
                    byteContainer.append(bArr[i]);
                }
            } while (read > -1);
            KeySpec keySpec = null;
            if (str2.equals("DESede")) {
                keySpec = new DESedeKeySpec(byteContainer.toByteArray());
            } else if (str2.equals("DES")) {
                keySpec = new DESKeySpec(byteContainer.toByteArray());
            }
            return secretKeyFactory.generateSecret(keySpec);
        } catch (Exception e) {
            log.error(new StringBuffer("Problem reading secret key: ").append(e.getMessage()).toString());
            throw new ExtKeyToolException(this, "Problem reading secret key.  Keys should be DER encoded native format.");
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    protected boolean isMatchingKey(String str, PublicKey publicKey, PrivateKey privateKey) {
        try {
            log.debug("Checking for matching private key/public key pair");
        } catch (Exception e) {
            log.warn(e);
        }
        if ((privateKey instanceof RSAKey) && (publicKey instanceof RSAKey) && !((RSAKey) privateKey).getModulus().equals(((RSAKey) publicKey).getModulus())) {
            log.debug("RSA modulus mismatch");
            return false;
        }
        Cipher cipher = Cipher.getInstance(str);
        cipher.init(1, publicKey);
        byte[] doFinal = cipher.doFinal("asdf".getBytes("UTF-8"));
        cipher.init(2, privateKey);
        if ("asdf".equals(new String(cipher.doFinal(doFinal), "UTF-8"))) {
            log.debug("Found match.");
            return true;
        }
        log.debug("This pair does not match.");
        return false;
    }

    protected PrivateKey readPrivateKey(String str, InputStream inputStream, String str2) throws ExtKeyToolException {
        int read;
        try {
            KeyFactory keyFactory = KeyFactory.getInstance(str2, str);
            byte[] bArr = new byte[8];
            ByteContainer byteContainer = new ByteContainer(this, 400);
            do {
                read = inputStream.read(bArr);
                for (int i = 0; i < read; i++) {
                    byteContainer.append(bArr[i]);
                }
            } while (read > -1);
            return keyFactory.generatePrivate(new PKCS8EncodedKeySpec(byteContainer.toByteArray()));
        } catch (Exception e) {
            log.error(new StringBuffer("Problem reading private key: ").append(e.getMessage()).toString());
            throw new ExtKeyToolException(this, "Problem reading private key.  Keys should be DER encoded pkcs8 or DER encoded native format.");
        }
    }

    protected X509Certificate[] linkChain(String str, X509Certificate[] x509CertificateArr, PrivateKey privateKey) throws InvalidCertificateChainException {
        log.debug(new StringBuffer("Located ").append(x509CertificateArr.length).append(" cert(s) in input file").toString());
        log.info("Finding end cert in chain.");
        ArrayList arrayList = new ArrayList();
        for (int i = 0; x509CertificateArr.length > i; i++) {
            if (isMatchingKey(str, x509CertificateArr[i].getPublicKey(), privateKey)) {
                log.debug(new StringBuffer("Found matching end cert: ").append(x509CertificateArr[i].getSubjectDN()).toString());
                arrayList.add(x509CertificateArr[i]);
            }
        }
        if (arrayList.size() < 1) {
            log.error("No certificate in chain that matches specified private key");
            throw new InvalidCertificateChainException(this, "No certificate in chain that matches specified private key");
        }
        if (arrayList.size() > 1) {
            log.error("More than one certificate in chain that matches specified private key");
            throw new InvalidCertificateChainException(this, "More than one certificate in chain that matches specified private key");
        }
        log.info("Populating chain with remaining certs.");
        walkChain(x509CertificateArr, arrayList);
        log.info("Verifying that each link in the cert chain is signed appropriately");
        for (int i2 = 0; i2 < arrayList.size() - 1; i2++) {
            try {
                ((X509Certificate) arrayList.get(i2)).verify(((X509Certificate) arrayList.get(i2 + 1)).getPublicKey());
            } catch (Exception e) {
                log.error(new StringBuffer("Certificate chain cannot be verified: ").append(e.getMessage()).toString());
                throw new InvalidCertificateChainException(this, new StringBuffer("Certificate chain cannot be verified: ").append(e.getMessage()).toString());
            }
        }
        log.info("All signatures verified. Certificate chain successfully created.");
        return (X509Certificate[]) arrayList.toArray(new X509Certificate[0]);
    }

    protected void walkChain(X509Certificate[] x509CertificateArr, ArrayList arrayList) throws InvalidCertificateChainException {
        X509Certificate x509Certificate = (X509Certificate) arrayList.get(arrayList.size() - 1);
        if (x509Certificate.getSubjectDN().equals(x509Certificate.getIssuerDN())) {
            log.debug(new StringBuffer("Found self-signed root cert: ").append(x509Certificate.getSubjectDN()).toString());
            return;
        }
        for (int i = 0; x509CertificateArr.length > i; i++) {
            if (x509Certificate.getIssuerDN().equals(x509CertificateArr[i].getSubjectDN())) {
                arrayList.add(x509CertificateArr[i]);
                walkChain(x509CertificateArr, arrayList);
                return;
            }
        }
        log.error("Incomplete certificate chain.");
        throw new InvalidCertificateChainException(this, "Incomplete cerficate chain.");
    }

    public ByteArrayOutputStream importKey(String str, String str2, InputStream inputStream, InputStream inputStream2, InputStream inputStream3, String str3, String str4, char[] cArr, char[] cArr2, boolean z) throws ExtKeyToolException {
        log.info(new StringBuffer("Importing ").append(z ? "key pair" : "secret key.").toString());
        try {
            if (str == "SUN") {
                log.error("Sorry, this function not supported with the SUN provider.");
                throw new ExtKeyToolException(this, "Sorry, this function not supported with the SUN provider.");
            }
            KeyStore loadKeyStore = loadKeyStore(str, inputStream3, str3, cArr);
            if (str4 == null) {
                log.error("Key alias must be specified.");
                throw new ExtKeyToolException(this, "Key alias must be specified.");
            }
            if (loadKeyStore.containsAlias(str4) && loadKeyStore.isKeyEntry(str4)) {
                log.error(new StringBuffer("Could not import key: key alias (").append(str4).append(") already exists").toString());
                throw new ExtKeyToolException(this, new StringBuffer("Could not import key: key alias (").append(str4).append(") already exists").toString());
            }
            loadKeyStore.deleteEntry(str4);
            if (z) {
                log.info("Reading secret key.");
                if (str2 == null) {
                    str2 = "AES";
                }
                log.debug(new StringBuffer("Using key algorithm: (").append(str2).append(")").toString());
                loadKeyStore.setKeyEntry(str4, readSecretKey(str, inputStream, str2), cArr2, null);
            } else {
                log.info("Reading private key.");
                if (str2 == null) {
                    str2 = "RSA";
                }
                log.debug(new StringBuffer("Using key algorithm: (").append(str2).append(")").toString());
                PrivateKey readPrivateKey = readPrivateKey(str, inputStream, str2);
                log.info("Reading certificate chain.");
                Collection<? extends Certificate> generateCertificates = CertificateFactory.getInstance("X.509", str).generateCertificates(new BufferedInputStream(inputStream2));
                if (generateCertificates.isEmpty()) {
                    log.error("Input did not contain any valid certificates.");
                    throw new ExtKeyToolException(this, "Input did not contain any valid certificates.");
                }
                loadKeyStore.setKeyEntry(str4, readPrivateKey, cArr2, linkChain(str2, (X509Certificate[]) generateCertificates.toArray(new X509Certificate[0]), readPrivateKey));
            }
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            loadKeyStore.store(byteArrayOutputStream, cArr);
            log.info("Key Store saved to stream.");
            return byteArrayOutputStream;
        } catch (IOException e) {
            log.error(new StringBuffer("Could not export key: ").append(e).toString());
            throw new ExtKeyToolException(this, new StringBuffer("Could not export key: ").append(e).toString());
        } catch (KeyStoreException e2) {
            log.error(new StringBuffer("Encountered a problem accessing the keystore: ").append(e2.getMessage()).toString());
            throw new ExtKeyToolException(this, new StringBuffer("Encountered a problem accessing the keystore: ").append(e2.getMessage()).toString());
        } catch (NoSuchAlgorithmException e3) {
            log.error(new StringBuffer("Could not save with the installed JCE providers: ").append(e3).toString());
            throw new ExtKeyToolException(this, new StringBuffer("Could not save with the installed JCE providers: ").append(e3).toString());
        } catch (NoSuchProviderException e4) {
            log.error("The specified provider is not available.");
            throw new ExtKeyToolException(this, "The specified provider is not available.");
        } catch (CertificateException e5) {
            log.error(new StringBuffer("Could not load certificate(s): ").append(e5.getMessage()).toString());
            throw new ExtKeyToolException(this, new StringBuffer("Could not load certificate(s): ").append(e5.getMessage()).toString());
        }
    }

    private static Properties parseArguments(String[] strArr) throws IllegalArgumentException {
        if (strArr.length < 1) {
            throw new IllegalArgumentException("No arguments found.");
        }
        Properties properties = new Properties();
        int i = 0;
        while (i < strArr.length && strArr[i].startsWith("-")) {
            String str = strArr[i];
            if (str.equalsIgnoreCase("-exportkey")) {
                properties.setProperty("command", "exportKey");
            } else if (str.equalsIgnoreCase("-importkey")) {
                properties.setProperty("command", "importKey");
            } else if (str.equalsIgnoreCase("-secret")) {
                properties.setProperty("secret", "true");
            } else if (str.equalsIgnoreCase("-alias")) {
                i++;
                if (i == strArr.length) {
                    throw new IllegalArgumentException("The argument -alias requires a parameter");
                }
                properties.setProperty("alias", strArr[i]);
            } else if (str.equalsIgnoreCase("-keyfile")) {
                i++;
                if (i == strArr.length) {
                    throw new IllegalArgumentException("The argument -keyfile requires a parameter");
                }
                properties.setProperty("keyFile", strArr[i]);
            } else if (str.equalsIgnoreCase("-certfile")) {
                i++;
                if (i == strArr.length) {
                    throw new IllegalArgumentException("The argument -certfile requires a parameter");
                }
                properties.setProperty("certFile", strArr[i]);
            } else if (str.equalsIgnoreCase("-keystore")) {
                i++;
                if (i == strArr.length) {
                    throw new IllegalArgumentException("The argument -keystore requires a parameter");
                }
                properties.setProperty("keyStore", strArr[i]);
            } else if (str.equalsIgnoreCase("-storepass")) {
                i++;
                if (i == strArr.length) {
                    throw new IllegalArgumentException("The argument -storepass requires a parameter");
                }
                properties.setProperty("storePass", strArr[i]);
            } else if (str.equalsIgnoreCase("-storetype")) {
                i++;
                if (i == strArr.length) {
                    throw new IllegalArgumentException("The argument -storetype requires a parameter");
                }
                properties.setProperty("storeType", strArr[i]);
            } else if (str.equalsIgnoreCase("-keypass")) {
                i++;
                if (i == strArr.length) {
                    throw new IllegalArgumentException("The argument -keypass requires a parameter");
                }
                properties.setProperty("keyPass", strArr[i]);
            } else if (str.equalsIgnoreCase("-provider")) {
                i++;
                if (i == strArr.length) {
                    throw new IllegalArgumentException("The argument -provider requires a parameter");
                }
                properties.setProperty("provider", strArr[i]);
            } else if (str.equalsIgnoreCase("-file")) {
                i++;
                if (i == strArr.length) {
                    throw new IllegalArgumentException("The argument -file requires a parameter");
                }
                properties.setProperty("file", strArr[i]);
            } else if (str.equalsIgnoreCase("-algorithm")) {
                i++;
                if (i == strArr.length) {
                    throw new IllegalArgumentException("The argument -algorithm requires a parameter");
                }
                properties.setProperty("keyAlgorithm", strArr[i]);
            } else if (str.equalsIgnoreCase("-v")) {
                properties.setProperty("verbose", "true");
            } else {
                if (!str.equalsIgnoreCase("-rfc")) {
                    throw new IllegalArgumentException(new StringBuffer("Unrecognized argument: ").append(str).toString());
                }
                properties.setProperty("rfc", "true");
            }
            i++;
        }
        if (properties.getProperty("command", null) == null) {
            throw new IllegalArgumentException("No action specified");
        }
        return properties;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    protected String initProvider(Properties properties) {
        try {
            if (properties.getProperty("provider", null) == null) {
                return null;
            }
            Provider provider = (Provider) Class.forName(properties.getProperty("provider")).newInstance();
            log.info(new StringBuffer("Adding Provider to environment: (").append(provider.getName()).append(")").toString());
            Security.addProvider(provider);
            return provider.getName();
        } catch (Exception e) {
            log.error(new StringBuffer("Could not load specified jce provider: ").append(e).toString());
            return null;
        }
    }

    protected void startLogger(Properties properties) {
        Logger rootLogger = Logger.getRootLogger();
        if (properties.getProperty("verbose", null) == null || properties.getProperty("verbose", null).equals("false")) {
            rootLogger.addAppender(new ConsoleAppender(new PatternLayout("%m%n")));
            rootLogger.setLevel(Level.WARN);
        } else {
            rootLogger.addAppender(new ConsoleAppender(new PatternLayout("%r [%t] %p %c %x - %m%n")));
            rootLogger.setLevel(Level.DEBUG);
        }
    }

    public static void main(String[] strArr) {
        try {
            ExtKeyTool extKeyTool = new ExtKeyTool();
            Properties properties = null;
            try {
                properties = parseArguments(strArr);
            } catch (IllegalArgumentException e) {
                System.err.println(new StringBuffer("Illegal argument specified: ").append(e.getMessage()).append(System.getProperty("line.separator")).toString());
                printUsage(System.err);
                System.exit(1);
            }
            extKeyTool.startLogger(properties);
            String initProvider = extKeyTool.initProvider(properties);
            if (initProvider != null) {
                properties.setProperty("providerName", initProvider);
            }
            extKeyTool.run(properties);
        } catch (ExtKeyToolException e2) {
            log.fatal(new StringBuffer("Cannot Perform Operation: ").append(e2.getMessage()).append(System.getProperty("line.separator")).toString());
            LogManager.shutdown();
            printUsage(System.err);
        }
    }

    private void run(Properties properties) throws ExtKeyToolException {
        PrintStream printStream;
        char[] cArr = (char[]) null;
        if (properties.getProperty("storePass", null) != null) {
            cArr = properties.getProperty("storePass").toCharArray();
        }
        String property = properties.getProperty("providerName", null) != null ? properties.getProperty("providerName") : "SUN";
        if (properties.getProperty("command").equals("exportKey")) {
            boolean z = false;
            if ("true".equalsIgnoreCase(properties.getProperty("rfc", null))) {
                z = true;
            }
            if (properties.getProperty("file", null) != null) {
                try {
                    printStream = new PrintStream(new FileOutputStream(properties.getProperty("file")));
                } catch (FileNotFoundException e) {
                    throw new ExtKeyToolException(this, new StringBuffer("Could not open output file: ").append(e).toString());
                }
            } else {
                printStream = System.out;
            }
            try {
                exportKey(property, printStream, new FileInputStream(resolveKeyStore(properties.getProperty("keyStore", null))), properties.getProperty("storeType", null), cArr, properties.getProperty("alias", null), resolveKeyPass(properties.getProperty("keyPass", null), cArr), z);
                printStream.close();
                return;
            } catch (FileNotFoundException e2) {
                throw new ExtKeyToolException(this, "KeyStore not found.");
            }
        }
        if (!properties.getProperty("command").equals("importKey")) {
            throw new IllegalArgumentException(new StringBuffer("This keytool cannot perform the operation: (").append(properties.getProperty("command")).append(")").toString());
        }
        if (properties.getProperty("keyFile", null) == null) {
            throw new IllegalArgumentException("Key file must be specified.");
        }
        try {
            FileInputStream fileInputStream = new FileInputStream(properties.getProperty("keyFile"));
            FileInputStream fileInputStream2 = null;
            if (properties.getProperty("certFile", null) != null) {
                try {
                    fileInputStream2 = new FileInputStream(properties.getProperty("certFile"));
                } catch (FileNotFoundException e3) {
                    throw new ExtKeyToolException(this, new StringBuffer("Could not open cert file.").append(e3.getMessage()).toString());
                }
            } else if (!properties.getProperty("secret").equalsIgnoreCase("true")) {
                throw new IllegalArgumentException("Certificate file must be specified.");
            }
            try {
                ByteArrayOutputStream importKey = importKey(property, properties.getProperty("keyAlgorithm", null), fileInputStream, fileInputStream2, new FileInputStream(resolveKeyStore(properties.getProperty("keyStore", null))), properties.getProperty("storeType", null), properties.getProperty("alias", null), cArr, resolveKeyPass(properties.getProperty("keyPass", null), cArr), properties.getProperty("secret", "false").equalsIgnoreCase("true"));
                fileInputStream.close();
                if (importKey == null || importKey.size() < 1) {
                    throw new ExtKeyToolException(this, "Failed to create keystore: results are null");
                }
                importKey.writeTo(new FileOutputStream(resolveKeyStore(properties.getProperty("keyStore", null))));
                System.out.println("Key import successful.");
            } catch (FileNotFoundException e4) {
                throw new ExtKeyToolException(this, new StringBuffer("Could not open keystore file.").append(e4.getMessage()).toString());
            } catch (IOException e5) {
                throw new ExtKeyToolException(this, new StringBuffer("Error writing keystore.").append(e5.getMessage()).toString());
            }
        } catch (FileNotFoundException e6) {
            throw new ExtKeyToolException(this, new StringBuffer("Could not open key file.").append(e6.getMessage()).toString());
        }
    }

    protected File resolveKeyStore(String str) throws ExtKeyToolException, FileNotFoundException {
        if (str == null) {
            str = new StringBuffer(String.valueOf(System.getProperty("user.home"))).append(File.separator).append(".keystore").toString();
        }
        log.debug(new StringBuffer("Using keystore (").append(str).append(")").toString());
        File file = new File(str);
        if (!file.exists() || file.length() != 0) {
            return file;
        }
        log.error("Keystore file is empty.");
        throw new ExtKeyToolException(this, "Keystore file is empty.");
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    protected char[] resolveKeyPass(String str, char[] cArr) {
        if (str != null) {
            return str.toCharArray();
        }
        System.out.println("Enter key password");
        System.out.print("\t(RETURN if same as keystore password):  ");
        System.out.flush();
        try {
            String readLine = new BufferedReader(new InputStreamReader(System.in)).readLine();
            readLine.trim();
            if (readLine != null && !readLine.equals("")) {
                return readLine.toCharArray();
            }
        } catch (IOException e) {
            log.warn(e.getMessage());
        }
        log.warn("No password specified, defaulting to keystore password.");
        return cArr;
    }

    private static void printUsage(PrintStream printStream) {
        printStream.println("extkeytool usage:");
        printStream.print("-exportkey      [-v] [-rfc] [-alias <alias>] ");
        printStream.println("[-keystore <keystore>] ");
        printStream.print("\t     [-storepass <storepass>] ");
        printStream.println("[-storetype <storetype>]");
        printStream.print("\t     [-keypass <keypass>] ");
        printStream.println("[-provider <provider_class_name>] ");
        printStream.print("\t     [-file <output_file>] ");
        printStream.println();
        printStream.println();
        printStream.print("-importkey      [-v] [-secret] [-alias <alias>] ");
        printStream.println("[-keyfile <key_file>]");
        printStream.print("\t     [-keystore <keystore>] ");
        printStream.println("[-storepass <storepass>]");
        printStream.print("\t     [-storetype <storetype>] ");
        printStream.println("[-keypass <keypass>] ");
        printStream.print("\t     [-provider <provider_class_name>] ");
        printStream.println("[-certfile <cert_file>] ");
        printStream.print("\t     [-algorithm <key_algorithm>] ");
        printStream.println();
    }
}
