package org.eclipse.ease.sign;

import java.io.BufferedInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import org.eclipse.ease.Activator;
import org.eclipse.ease.Logger;

/* loaded from: input_file:org/eclipse/ease/sign/PerformSignature.class */
public class PerformSignature {
    public static KeyStore loadKeyStore(InputStream inputStream, String str, String str2, String str3) throws ScriptSignatureException, UnrecoverableKeyException, IOException {
        if (inputStream == null) {
            throw new ScriptSignatureException("Given location of keystore can't be accessed.");
        }
        if (str == null || str.isEmpty() || "default".equalsIgnoreCase(str)) {
            str = KeyStore.getDefaultType();
        }
        if ("".equals(str2) || "preferred".equalsIgnoreCase(str2)) {
            str2 = null;
        }
        try {
            KeyStore keyStore = str2 == null ? KeyStore.getInstance(str) : KeyStore.getInstance(str, str2);
            keyStore.load(inputStream, str3.toCharArray());
            Logger.info(Activator.PLUGIN_ID, "Keystore loaded");
            return keyStore;
        } catch (IOException e) {
            Logger.error(Activator.PLUGIN_ID, Arrays.toString(e.getStackTrace()), e);
            if (e.getCause() instanceof UnrecoverableKeyException) {
                throw new UnrecoverableKeyException("Invalid Keystore Password");
            }
            if ((e.getCause() instanceof FileNotFoundException) || (e.getCause() instanceof SecurityException)) {
                throw new ScriptSignatureException("File can't be read. Chose another keystore or try again.", e);
            }
            throw new IOException("Error loading keystore");
        } catch (KeyStoreException e2) {
            Logger.error(Activator.PLUGIN_ID, Arrays.toString(e2.getStackTrace()), e2);
            throw new ScriptSignatureException("No provider support '" + str + "' type of keystore.", e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new ScriptSignatureException("Algorithm used for securing keystore can't be found. Chose another Keystore", e3);
        } catch (NoSuchProviderException e4) {
            throw new ScriptSignatureException("No such provider available.", e4);
        } catch (CertificateException e5) {
            throw new ScriptSignatureException("Some certificate/s in keystore can't be loaded", e5);
        }
    }

    public static Collection<String> getAliases(KeyStore keyStore) {
        if (keyStore == null) {
            return null;
        }
        try {
            ArrayList arrayList = new ArrayList();
            Iterator it = Collections.list(keyStore.aliases()).iterator();
            while (it.hasNext()) {
                String str = (String) it.next();
                if (keyStore.isKeyEntry(str)) {
                    arrayList.add(str);
                }
            }
            return arrayList;
        } catch (KeyStoreException e) {
            return null;
        }
    }

    public static String getCertificate(KeyStore keyStore, String str, boolean z) throws ScriptSignatureException {
        if (str == null) {
            throw new ScriptSignatureException("Alias is null. Try again.");
        }
        if (keyStore == null) {
            Logger.error(Activator.PLUGIN_ID, "Keystore not initialized properly. Try Again.");
            return null;
        }
        try {
            if (!keyStore.containsAlias(str)) {
                throw new ScriptSignatureException("Alias can't be found");
            }
            if (SignatureHelper.isSelfSignedCertificate(keyStore.getCertificateChain(str)[0]) && !z) {
                throw new ScriptSignatureException("This certificate is self-signed certificate. Chose another trusted certificate.");
            }
            Certificate[] certificateChain = keyStore.getCertificateChain(str);
            if (certificateChain == null) {
                throw new ScriptSignatureException("Not a valid Certificate chain");
            }
            StringBuffer stringBuffer = new StringBuffer();
            for (Certificate certificate : certificateChain) {
                stringBuffer.append(String.valueOf(SignatureHelper.convertBytesToBase64(certificate.getEncoded())) + ":");
            }
            return stringBuffer.toString();
        } catch (KeyStoreException e) {
            Logger.error(Activator.PLUGIN_ID, "Keystore not initialized properly. Try Again.", e);
            return null;
        } catch (CertificateEncodingException e2) {
            throw new ScriptSignatureException("Encoding of certificate is improper. Please try again or chose another alias.", e2);
        }
    }

    private static byte[] getSignature(Signature signature, InputStream inputStream) throws ScriptSignatureException {
        byte[] bArr = new byte[1024];
        BufferedInputStream bufferedInputStream = new BufferedInputStream(inputStream);
        try {
            while (true) {
                try {
                    int read = bufferedInputStream.read(bArr);
                    if (read < 0) {
                        break;
                    }
                    signature.update(bArr, 0, read);
                } catch (IOException e) {
                    throw new ScriptSignatureException("An error occured while reading file.", e);
                } catch (SignatureException e2) {
                    throw new ScriptSignatureException("Signature is not successful. Try again.", e2);
                }
            }
            return signature.sign();
        } finally {
            if (bufferedInputStream != null) {
                try {
                    bufferedInputStream.close();
                } catch (IOException e3) {
                    Logger.error(Activator.PLUGIN_ID, Arrays.toString(e3.getStackTrace()), e3);
                }
            }
        }
    }

    public static String createSignature(KeyStore keyStore, InputStream inputStream, String str, String str2, String str3, String str4) throws ScriptSignatureException, UnrecoverableKeyException {
        if (str == null || str2 == null) {
            throw new ScriptSignatureException("Alias or private key password is null. Try again.");
        }
        if ("".equals(str3) || "preferred".equalsIgnoreCase(str3)) {
            str3 = null;
        }
        if (str4 == null || str4.isEmpty() || "default".equalsIgnoreCase(str4)) {
            str4 = "SHA256";
        }
        if (keyStore == null) {
            Logger.error(Activator.PLUGIN_ID, "Keystore not initialized properly. Try Again.");
            return null;
        }
        try {
            if (!keyStore.containsAlias(str)) {
                throw new ScriptSignatureException("Alias can't be found. Try again.");
            }
            if (!keyStore.isKeyEntry(str)) {
                throw new ScriptSignatureException("Keystore does not contain alias. Please chose another alias.");
            }
            PrivateKey privateKey = (PrivateKey) keyStore.getKey(str, str2.toCharArray());
            String algorithm = privateKey.getAlgorithm();
            if (!algorithm.equals("DSA") && !algorithm.equals("RSA")) {
                throw new ScriptSignatureException("Key contain invalid algorithm. It must contain DSA or RSA.");
            }
            Signature signature = str3 == null ? Signature.getInstance(String.valueOf(str4) + "with" + algorithm) : Signature.getInstance(String.valueOf(str4) + "with" + algorithm, str3);
            String name = signature.getProvider().getName();
            signature.initSign(privateKey);
            byte[] signature2 = getSignature(signature, inputStream);
            Logger.info(Activator.PLUGIN_ID, "Signature performed.");
            return String.valueOf(name) + ":" + SignatureHelper.convertBytesToBase64(signature2);
        } catch (InvalidKeyException e) {
            throw new ScriptSignatureException("Key is invalid. Please try again or chose another alias.", e);
        } catch (KeyStoreException e2) {
            Logger.error(Activator.PLUGIN_ID, "Keystore not initialized properly. Try Again.", e2);
            return null;
        } catch (NoSuchAlgorithmException e3) {
            throw new ScriptSignatureException(e3.getMessage(), e3);
        } catch (NoSuchProviderException e4) {
            throw new ScriptSignatureException("No such provider available. Chose another provider.", e4);
        }
    }
}
