package xsul.secconv.pki;

import java.io.FileInputStream;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertPath;
import java.security.cert.CertPathValidator;
import java.security.cert.CertPathValidatorException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXCertPathValidatorResult;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import java.util.Iterator;
import sun.misc.BASE64Encoder;
import xsul.MLogger;

/* loaded from: input_file:xsul/secconv/pki/KeyStoreClientNegotiator.class */
public class KeyStoreClientNegotiator extends RSAClientNegotiator {
    private static final MLogger logger = MLogger.getLogger();
    private static BASE64Encoder encoder = new BASE64Encoder();
    private String password;
    private String alias;
    private String kspassword;
    private KeyStore keystore = null;

    public KeyStoreClientNegotiator(String str, String str2, String str3) {
        this.password = MLogger.PROPERTY_PREFIX;
        this.alias = MLogger.PROPERTY_PREFIX;
        this.kspassword = MLogger.PROPERTY_PREFIX;
        this.alias = str;
        this.password = str2;
        this.kspassword = str3;
    }

    public void setKeystore(KeyStore keyStore) {
        this.keystore = keyStore;
    }

    public KeyStore getKeystore() {
        return this.keystore;
    }

    public void setKspassword(String str) {
        this.kspassword = str;
    }

    public String getKspassword() {
        return this.kspassword;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public String getPassword() {
        return this.password;
    }

    public void setAlias(String str) {
        this.alias = str;
    }

    public String getAlias() {
        return this.alias;
    }

    @Override // xsul.secconv.pki.RSAClientNegotiator
    protected void init() throws Exception {
        String property = System.getProperty("user.home");
        logger.finest("uhome: " + property);
        try {
            this.keystore = KeyStore.getInstance("JKS");
            this.keystore.load(new FileInputStream(property + "\\.keystore"), this.kspassword.toCharArray());
            logger.finest("key provider: " + this.keystore.getProvider());
            this.prikey = (PrivateKey) this.keystore.getKey(this.alias, this.password.toCharArray());
            this.pubkey = this.keystore.getCertificate(this.alias).getPublicKey();
        } catch (IOException e) {
            logger.severe("IO problem", e);
            throw e;
        } catch (KeyStoreException e2) {
            logger.severe("keystore problem", e2);
            throw e2;
        } catch (NoSuchAlgorithmException e3) {
            logger.severe("no such algorithm", e3);
            throw e3;
        } catch (UnrecoverableKeyException e4) {
            logger.severe("Unrecoverable key problem", e4);
            throw e4;
        } catch (CertificateException e5) {
            logger.severe("cert problem", e5);
            throw e5;
        }
    }

    @Override // xsul.secconv.pki.RSAClientNegotiator
    protected byte[] decrypt(byte[] bArr, byte[] bArr2) throws Exception {
        return decryptSecret(KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(bArr)), bArr2);
    }

    protected void pathValidation(byte[] bArr) throws Exception {
        try {
            PKIXParameters pKIXParameters = new PKIXParameters(this.keystore);
            X509Certificate[] x509CertificateArr = new X509Certificate[1];
            Iterator<TrustAnchor> it = pKIXParameters.getTrustAnchors().iterator();
            while (it.hasNext()) {
                x509CertificateArr[0] = it.next().getTrustedCert();
                System.out.println("subject name: " + x509CertificateArr[0].getSubjectDN().getName());
            }
            pKIXParameters.setRevocationEnabled(false);
            ((PKIXCertPathValidatorResult) CertPathValidator.getInstance(CertPathValidator.getDefaultType()).validate(createCertPath(x509CertificateArr), pKIXParameters)).getTrustAnchor().getTrustedCert();
        } catch (InvalidAlgorithmParameterException e) {
            logger.severe(e.getMessage());
            throw e;
        } catch (KeyStoreException e2) {
            logger.severe(e2.getMessage());
            throw e2;
        } catch (NoSuchAlgorithmException e3) {
            logger.severe(e3.getMessage());
            throw e3;
        } catch (CertPathValidatorException e4) {
            logger.severe(e4.getMessage());
            throw e4;
        } catch (Exception e5) {
            logger.severe(e5.getMessage());
            throw e5;
        }
    }

    public CertPath createCertPath(Certificate[] certificateArr) {
        try {
            return CertificateFactory.getInstance("X.509").generateCertPath(Arrays.asList(certificateArr));
        } catch (CertificateEncodingException e) {
            logger.severe(e.getMessage());
            return null;
        } catch (CertificateException e2) {
            logger.severe(e2.getMessage());
            return null;
        }
    }
}
