package cybervillains.ca;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.openqa.jetty.html.Input;

/* loaded from: input_file:cybervillains/ca/KeyStoreManager.class */
public class KeyStoreManager {
    static Logger log = Logger.getLogger(KeyStoreManager.class.getName());
    public static final String _caPrivKeyAlias = "signingCertPrivKey";
    X509Certificate _caCert;
    PrivateKey _caPrivKey;
    KeyStore _ks;
    private HashMap<PublicKey, PrivateKey> _rememberedPrivateKeys;
    private HashMap<PublicKey, PublicKey> _mappedPublicKeys;
    private HashMap<String, String> _certMap;
    private HashMap<String, String> _subjectMap;
    public final KeyPairGenerator _rsaKpg;
    public final KeyPairGenerator _dsaKpg;
    private File root;
    private final String certificateRevocationList;
    private final String CERTMAP_SER_FILE = "certmap.ser";
    private final String SUBJMAP_SER_FILE = "subjmap.ser";
    private final String EXPORTED_CERT_NAME = "cybervillainsCA.cer";
    private final char[] _keypassword = Input.Password.toCharArray();
    private final char[] _keystorepass = Input.Password.toCharArray();
    private final String _caPrivateKeystore = "cybervillainsCA.jks";
    private final String _caCertAlias = "signingCert";
    private final String KEYMAP_SER_FILE = "keymap.ser";
    private final String PUB_KEYMAP_SER_FILE = "pubkeymap.ser";
    public final String RSA_KEYGEN_ALGO = "RSA";
    public final String DSA_KEYGEN_ALGO = "DSA";
    private boolean persistImmediately = true;

    public KeyStoreManager(File file, String str) {
        this.root = file;
        this.certificateRevocationList = str;
        Security.insertProviderAt(new BouncyCastleProvider(), 2);
        SecureRandom secureRandom = new SecureRandom();
        try {
            this._rsaKpg = KeyPairGenerator.getInstance("RSA");
            this._dsaKpg = KeyPairGenerator.getInstance("DSA");
            try {
                File file2 = new File(file, "keymap.ser");
                if (file2.exists()) {
                    ObjectInputStream objectInputStream = new ObjectInputStream(new FileInputStream(file2));
                    this._rememberedPrivateKeys = (HashMap) objectInputStream.readObject();
                    objectInputStream.close();
                } else {
                    this._rememberedPrivateKeys = new HashMap<>();
                }
                File file3 = new File(file, "pubkeymap.ser");
                if (file3.exists()) {
                    ObjectInputStream objectInputStream2 = new ObjectInputStream(new FileInputStream(file3));
                    this._mappedPublicKeys = (HashMap) objectInputStream2.readObject();
                    objectInputStream2.close();
                } else {
                    this._mappedPublicKeys = new HashMap<>();
                }
            } catch (FileNotFoundException e) {
                e.printStackTrace();
            } catch (IOException e2) {
                e2.printStackTrace();
                throw new Error(e2);
            } catch (ClassNotFoundException e22) {
                e22.printStackTrace();
                throw new Error(e22);
            }
            this._rsaKpg.initialize(1024, secureRandom);
            this._dsaKpg.initialize(1024, secureRandom);
            try {
                this._ks = KeyStore.getInstance("JKS");
                reloadKeystore();
            } catch (FileNotFoundException e3) {
                try {
                    createKeystore();
                } catch (Exception e222) {
                    throw new Error(e222);
                }
            } catch (Exception e2222) {
                throw new Error(e2222);
            }
            try {
                File file4 = new File(file, "certmap.ser");
                if (file4.exists()) {
                    ObjectInputStream objectInputStream3 = new ObjectInputStream(new FileInputStream(file4));
                    this._certMap = (HashMap) objectInputStream3.readObject();
                    objectInputStream3.close();
                } else {
                    this._certMap = new HashMap<>();
                }
            } catch (FileNotFoundException e4) {
                e4.printStackTrace();
            } catch (IOException e22222) {
                e22222.printStackTrace();
                throw new Error(e22222);
            } catch (ClassNotFoundException e222222) {
                e222222.printStackTrace();
                throw new Error(e222222);
            }
            try {
                File file5 = new File(file, "subjmap.ser");
                if (file5.exists()) {
                    ObjectInputStream objectInputStream4 = new ObjectInputStream(new FileInputStream(file5));
                    this._subjectMap = (HashMap) objectInputStream4.readObject();
                    objectInputStream4.close();
                } else {
                    this._subjectMap = new HashMap<>();
                }
            } catch (FileNotFoundException e5) {
                e5.printStackTrace();
            } catch (IOException e2222222) {
                e2222222.printStackTrace();
                throw new Error(e2222222);
            } catch (ClassNotFoundException e22222222) {
                e22222222.printStackTrace();
                throw new Error(e22222222);
            }
        } finally {
            Error error = new Error(e22222222);
        }
    }

    private void reloadKeystore() throws IOException, NoSuchAlgorithmException, CertificateException, KeyStoreException, UnrecoverableKeyException {
        this._ks.load(new FileInputStream(new File(this.root, "cybervillainsCA.jks")), this._keystorepass);
        this._caCert = (X509Certificate) this._ks.getCertificate("signingCert");
        this._caPrivKey = (PrivateKey) this._ks.getKey(_caPrivKeyAlias, this._keypassword);
    }

    protected void createKeystore() {
        if (this._caCert != null && this._caPrivKey != null) {
            log.fine("Successfully loaded keystore.");
            log.fine(String.valueOf(this._caCert));
            return;
        }
        try {
            log.fine("Keystore or signing cert & keypair not found.  Generating...");
            KeyPair rSAKeyPair = getRSAKeyPair();
            PrivateKey privateKey = rSAKeyPair.getPrivate();
            X509Certificate createTypicalMasterCert = CertificateCreator.createTypicalMasterCert(rSAKeyPair);
            log.fine("Done generating signing cert");
            log.fine(String.valueOf(createTypicalMasterCert));
            this._ks.load(null, this._keystorepass);
            this._ks.setCertificateEntry("signingCert", createTypicalMasterCert);
            this._ks.setKeyEntry(_caPrivKeyAlias, privateKey, this._keypassword, new Certificate[]{createTypicalMasterCert});
            File file = new File(this.root, "cybervillainsCA.jks");
            this._ks.store(new FileOutputStream(file), this._keystorepass);
            log.fine("Wrote JKS keystore to: " + file.getAbsolutePath());
            File file2 = new File(this.root, "cybervillainsCA.cer");
            FileOutputStream fileOutputStream = new FileOutputStream(file2);
            byte[] encoded = createTypicalMasterCert.getEncoded();
            log.fine("Wrote signing cert to: " + file2.getAbsolutePath());
            fileOutputStream.write(encoded);
            fileOutputStream.flush();
            fileOutputStream.close();
            this._caCert = createTypicalMasterCert;
            this._caPrivKey = privateKey;
        } catch (Exception e) {
            log.log(Level.SEVERE, "Fatal error creating/storing keystore or signing cert.", (Throwable) e);
            throw new Error(e);
        }
    }

    public synchronized void addCertAndPrivateKey(String str, X509Certificate x509Certificate, PrivateKey privateKey) throws KeyStoreException, CertificateException, NoSuchAlgorithmException {
        this._ks.deleteEntry(str);
        this._ks.setCertificateEntry(str, x509Certificate);
        this._ks.setKeyEntry(str, privateKey, this._keypassword, new Certificate[]{x509Certificate});
        if (this.persistImmediately) {
            persist();
        }
    }

    public synchronized void persist() throws KeyStoreException, NoSuchAlgorithmException, CertificateException {
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(new File(this.root, "cybervillainsCA.jks"));
            this._ks.store(fileOutputStream, this._keystorepass);
            fileOutputStream.flush();
            fileOutputStream.close();
            persistCertMap();
            persistSubjectMap();
            persistKeyPairMap();
            persistPublicKeyMap();
        } catch (IOException e) {
            e.printStackTrace();
        }
    }

    public synchronized X509Certificate getCertificateByAlias(String str) throws KeyStoreException {
        return (X509Certificate) this._ks.getCertificate(str);
    }

    public synchronized X509Certificate getCertificateByHostname(String str) throws KeyStoreException, InvalidKeyException, SignatureException, CertificateException, NoSuchAlgorithmException, NoSuchProviderException, UnrecoverableKeyException {
        String str2 = this._subjectMap.get(getSubjectForHostname(str));
        return str2 != null ? (X509Certificate) this._ks.getCertificate(str2) : getMappedCertificateForHostname(str);
    }

    public synchronized X509Certificate getSigningCert() throws KeyStoreException {
        return this._caCert;
    }

    public synchronized PrivateKey getSigningPrivateKey() throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        return this._caPrivKey;
    }

    public X509Certificate getMappedCertificateForHostname(String str) throws InvalidKeyException, SignatureException, CertificateException, NoSuchAlgorithmException, NoSuchProviderException, KeyStoreException, UnrecoverableKeyException {
        String subjectForHostname = getSubjectForHostname(str);
        String str2 = this._subjectMap.get(subjectForHostname);
        if (str2 != null) {
            return getCertificateByAlias(str2);
        }
        KeyPair rSAKeyPair = getRSAKeyPair();
        X509Certificate generateStdSSLServerCertificate = CertificateCreator.generateStdSSLServerCertificate(rSAKeyPair.getPublic(), getSigningCert(), getSigningPrivateKey(), subjectForHostname, this.certificateRevocationList);
        addCertAndPrivateKey(str, generateStdSSLServerCertificate, rSAKeyPair.getPrivate());
        this._subjectMap.put(subjectForHostname, ThumbprintUtil.getThumbprint(generateStdSSLServerCertificate));
        if (this.persistImmediately) {
            persist();
        }
        return generateStdSSLServerCertificate;
    }

    private String getSubjectForHostname(String str) {
        return "CN=" + str + ", OU=Test, O=CyberVillainsCA, L=Seattle, S=Washington, C=US";
    }

    private synchronized void persistCertMap() {
        try {
            ObjectOutputStream objectOutputStream = new ObjectOutputStream(new FileOutputStream(new File(this.root, "certmap.ser")));
            objectOutputStream.writeObject(this._certMap);
            objectOutputStream.flush();
            objectOutputStream.close();
        } catch (FileNotFoundException e) {
            e.printStackTrace();
        } catch (IOException e2) {
            e2.printStackTrace();
            throw new Error(e2);
        }
    }

    private synchronized void persistSubjectMap() {
        try {
            ObjectOutputStream objectOutputStream = new ObjectOutputStream(new FileOutputStream(new File(this.root, "subjmap.ser")));
            objectOutputStream.writeObject(this._subjectMap);
            objectOutputStream.flush();
            objectOutputStream.close();
        } catch (FileNotFoundException e) {
            e.printStackTrace();
        } catch (IOException e2) {
            e2.printStackTrace();
            throw new Error(e2);
        }
    }

    public KeyPair getRSAKeyPair() {
        KeyPair generateKeyPair = this._rsaKpg.generateKeyPair();
        rememberKeyPair(generateKeyPair);
        return generateKeyPair;
    }

    private synchronized void persistPublicKeyMap() {
        try {
            ObjectOutputStream objectOutputStream = new ObjectOutputStream(new FileOutputStream(new File(this.root, "pubkeymap.ser")));
            objectOutputStream.writeObject(this._mappedPublicKeys);
            objectOutputStream.flush();
            objectOutputStream.close();
        } catch (FileNotFoundException e) {
            e.printStackTrace();
        } catch (IOException e2) {
            e2.printStackTrace();
            throw new Error(e2);
        }
    }

    private synchronized void persistKeyPairMap() {
        try {
            ObjectOutputStream objectOutputStream = new ObjectOutputStream(new FileOutputStream(new File(this.root, "keymap.ser")));
            objectOutputStream.writeObject(this._rememberedPrivateKeys);
            objectOutputStream.flush();
            objectOutputStream.close();
        } catch (FileNotFoundException e) {
            e.printStackTrace();
        } catch (IOException e2) {
            e2.printStackTrace();
            throw new Error(e2);
        }
    }

    private synchronized void rememberKeyPair(KeyPair keyPair) {
        this._rememberedPrivateKeys.put(keyPair.getPublic(), keyPair.getPrivate());
        if (this.persistImmediately) {
            persistKeyPairMap();
        }
    }

    public KeyStore getKeyStore() {
        return this._ks;
    }
}
