package utils;

import com.certicom.security.cert.internal.x509.SSLPlusSupport;
import com.rsa.asn1.ASN1;
import com.rsa.certj.cert.AttributeValueAssertion;
import com.rsa.certj.cert.CertificateException;
import com.rsa.certj.cert.NameException;
import com.rsa.certj.cert.RDN;
import com.rsa.certj.cert.X500Name;
import com.rsa.certj.cert.X509Certificate;
import com.rsa.certj.cert.X509V3Extensions;
import com.rsa.certj.cert.extensions.BasicConstraints;
import com.rsa.certj.cert.extensions.KeyUsage;
import com.rsa.jsafe.JSAFE_PrivateKey;
import com.rsa.jsafe.JSAFE_PublicKey;
import com.rsa.jsafe.JSAFE_SecretKey;
import com.rsa.jsafe.JSAFE_SecureRandom;
import com.rsa.jsafe.JSAFE_SymmetricCipher;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.util.Calendar;
import java.util.Date;
import java.util.Enumeration;
import java.util.Properties;
import weblogic.management.internal.BootStrap;
import weblogic.security.spi.IdentityAsserter;

/* loaded from: input_file:weblogic.jar:utils/CertGen.class */
public class CertGen {
    public static final String COUNTRY_PROPERTY = "x500name.country";
    public static final String STATE_PROPERTY = "x500name.state";
    public static final String LOCALITY_PROPERTY = "x500name.town";
    public static final String ORGANIZATION_PROPERTY = "x500name.organization";
    public static final String ORG_UNIT_PROPERTY = "x500name.orgunit";
    public static final String COMMON_NAME_PROPERTY = "x500name.commonname";
    private static final String DEFAULT_COUNTRY = "US";
    private static final String DEFAULT_STATE = "MyState";
    private static final String DEFAULT_LOCALITY = "MyTown";
    private static final String DEFAULT_ORGANIZATION = "MyOrganization";
    private static final String DEFAULT_ORG_UNIT = "FOR TESTING ONLY";
    private static final String DEFAULT_COMMON_NAME = "localhost";
    private static final String DEFAULT_CA_CERT = "CertGenCA.der";
    private static final String DEFAULT_CA_KEY = "CertGenCAKey.der";
    private static final String DEFAULT_CA_PWD = "password";
    private static final int CERT_YEARS_VALID = 15;
    private static final int CA_YEARS_VALID = 20;
    private static final int EXPORT_KEY_STRENGTH = 512;
    private static final int DOMESTIC_KEY_STRENGTH = 1024;
    private JSAFE_SecureRandom random = (JSAFE_SecureRandom) JSAFE_SecureRandom.getInstance("MD5Random", "Java");
    private JSAFE_PrivateKey issuerPrivateKey;
    private X500Name issuerName;
    private JSAFE_PrivateKey subjectPrivateKey;
    private JSAFE_PublicKey subjectPublicKey;
    private X500Name subjectName;
    private X509Certificate subjectCert;
    private int keyStrength;

    public CertGen(boolean z) throws Exception {
        this.keyStrength = 1024;
        this.random.seed(generateSeed());
        this.keyStrength = z ? 512 : 1024;
    }

    public PrivateKey getSubjectPrivateKey() throws Exception {
        return convert(this.subjectPrivateKey);
    }

    public Certificate getSubjectCertificate() throws Exception {
        return convert(this.subjectCert);
    }

    private static byte[] generateSeed() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("IDH").append(System.identityHashCode(stringBuffer));
        stringBuffer.append("FM").append(Runtime.getRuntime().freeMemory());
        stringBuffer.append("CT").append(System.currentTimeMillis());
        Enumeration elements = System.getProperties().elements();
        while (elements.hasMoreElements()) {
            stringBuffer.append(elements.nextElement());
        }
        stringBuffer.append("VHC").append(stringBuffer.hashCode());
        return stringBuffer.toString().getBytes();
    }

    /*  JADX ERROR: NullPointerException in pass: RegionMakerVisitor
        java.lang.NullPointerException
        */
    private void generateKeys() throws java.lang.Exception {
        /*
            r5 = this;
            java.lang.String r0 = "RSA"
            java.lang.String r1 = "Java"
            com.rsa.jsafe.JSAFE_KeyPair r0 = com.rsa.jsafe.JSAFE_KeyPair.getInstance(r0, r1)
            r6 = r0
            r0 = 2
            int[] r0 = new int[r0]     // Catch: java.lang.Throwable -> L3c
            r1 = r0
            r2 = 0
            r3 = r5
            int r3 = r3.keyStrength     // Catch: java.lang.Throwable -> L3c
            r1[r2] = r3     // Catch: java.lang.Throwable -> L3c
            r1 = r0
            r2 = 1
            r3 = 65537(0x10001, float:9.1837E-41)
            r1[r2] = r3     // Catch: java.lang.Throwable -> L3c
            r7 = r0
            r0 = r6
            r1 = 0
            r2 = r7
            r3 = r5
            com.rsa.jsafe.JSAFE_SecureRandom r3 = r3.random     // Catch: java.lang.Throwable -> L3c
            r0.generateInit(r1, r2, r3)     // Catch: java.lang.Throwable -> L3c
            r0 = r6
            r0.generate()     // Catch: java.lang.Throwable -> L3c
            r0 = r5
            r1 = r6
            com.rsa.jsafe.JSAFE_PublicKey r1 = r1.getPublicKey()     // Catch: java.lang.Throwable -> L3c
            r0.subjectPublicKey = r1     // Catch: java.lang.Throwable -> L3c
            r0 = r5
            r1 = r6
            com.rsa.jsafe.JSAFE_PrivateKey r1 = r1.getPrivateKey()     // Catch: java.lang.Throwable -> L3c
            r0.subjectPrivateKey = r1     // Catch: java.lang.Throwable -> L3c
            r0 = jsr -> L42
        L39:
            goto L4e
        L3c:
            r8 = move-exception
            r0 = jsr -> L42
        L40:
            r1 = r8
            throw r1
        L42:
            r9 = r0
            r0 = r6
            if (r0 == 0) goto L4c
            r0 = r6
            r0.clearSensitiveData()
        L4c:
            ret r9
        L4e:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: utils.CertGen.generateKeys():void");
    }

    private void generateSubject(Properties properties) throws Exception {
        generateKeys();
        this.subjectName = createX500Name(properties);
    }

    public void generateCACertificate(Properties properties) throws Exception {
        generateSubject(properties);
        this.issuerPrivateKey = this.subjectPrivateKey;
        this.issuerName = this.subjectName;
        generateCertificate(true);
    }

    public void generateCertificate(Properties properties) throws Exception {
        generateCertificate(properties, findFile(DEFAULT_CA_CERT), findFile(DEFAULT_CA_KEY), "password");
    }

    public void generateCertificate(Properties properties, String str, String str2, String str3) throws Exception {
        generateCertificate(properties, loadX509Certificate(str), loadPKCS8PrivateKey(str2, str3));
    }

    public void generateCertificate(Properties properties, X509Certificate x509Certificate, JSAFE_PrivateKey jSAFE_PrivateKey) throws Exception {
        generateSubject(properties);
        this.issuerName = x509Certificate.getSubjectName();
        this.issuerPrivateKey = jSAFE_PrivateKey;
        generateCertificate(false);
    }

    private void generateCertificate(boolean z) throws Exception {
        X509Certificate x509Certificate = new X509Certificate();
        x509Certificate.setVersion(z ? 2 : 0);
        byte[] bArr = new byte[16];
        this.random.generateRandomBytes(bArr, 0, bArr.length);
        x509Certificate.setSerialNumber(bArr, 0, bArr.length);
        if (z) {
            X509V3Extensions x509V3Extensions = new X509V3Extensions(1);
            x509V3Extensions.addV3Extension(new KeyUsage(67108864, true));
            x509V3Extensions.addV3Extension(createBasicConstraintsExtension());
            x509Certificate.setExtensions(x509V3Extensions);
        }
        Calendar calendar = Calendar.getInstance();
        calendar.add(5, -1);
        Date time = calendar.getTime();
        calendar.add(5, 1);
        calendar.set(1, calendar.get(1) + (z ? 20 : 15));
        x509Certificate.setValidity(time, calendar.getTime());
        x509Certificate.setSubjectName(this.subjectName);
        x509Certificate.setSubjectPublicKey(this.subjectPublicKey);
        x509Certificate.setIssuerName(this.issuerName);
        x509Certificate.signCertificate("MD5/RSA/PKCS1Block01Pad", "Java", this.issuerPrivateKey, this.random);
        this.subjectCert = x509Certificate;
    }

    private BasicConstraints createBasicConstraintsExtension() throws CertificateException {
        return new BasicConstraints(true, 1, true);
    }

    public static byte[] getPrivateKeyData(JSAFE_PrivateKey jSAFE_PrivateKey, char[] cArr) throws Exception {
        byte[] bArr = {0, 17, 34, 51, 68, 85, 102, 119};
        JSAFE_SymmetricCipher jSAFE_SymmetricCipher = JSAFE_SymmetricCipher.getInstance("PBE/MD5/DES/CBC/PKCS5PBE-5-56", "Java");
        jSAFE_SymmetricCipher.setSalt(bArr, 0, bArr.length);
        JSAFE_SecretKey blankKey = jSAFE_SymmetricCipher.getBlankKey();
        blankKey.setPassword(cArr, 0, cArr.length);
        jSAFE_SymmetricCipher.encryptInit(blankKey, null);
        return jSAFE_SymmetricCipher.wrapPrivateKey(jSAFE_PrivateKey, true);
    }

    public static void writePKCS8PrivateKey(JSAFE_PrivateKey jSAFE_PrivateKey, String str, String str2) throws Exception {
        byte[] privateKeyData = getPrivateKeyData(jSAFE_PrivateKey, str.toCharArray());
        FileOutputStream fileOutputStream = new FileOutputStream(new StringBuffer().append(str2).append(".der").toString());
        fileOutputStream.write(privateKeyData);
        fileOutputStream.close();
        String stringBuffer = new StringBuffer().append(str2).append(".pem").toString();
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(privateKeyData);
        FileOutputStream fileOutputStream2 = new FileOutputStream(stringBuffer);
        der2pem.convertEncryptedKey(byteArrayInputStream, fileOutputStream2);
        byteArrayInputStream.close();
        fileOutputStream2.close();
    }

    private static void writeX509Certificate(X509Certificate x509Certificate, String str) throws Exception {
        byte[] bArr = new byte[x509Certificate.getDERLen(0)];
        x509Certificate.getDEREncoding(bArr, 0, 0);
        FileOutputStream fileOutputStream = new FileOutputStream(new StringBuffer().append(str).append(".der").toString());
        fileOutputStream.write(bArr);
        fileOutputStream.close();
        String stringBuffer = new StringBuffer().append(str).append(".pem").toString();
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        FileOutputStream fileOutputStream2 = new FileOutputStream(stringBuffer);
        der2pem.convertCertificate(byteArrayInputStream, fileOutputStream2);
        byteArrayInputStream.close();
        fileOutputStream2.close();
    }

    private static JSAFE_PrivateKey loadPKCS8PrivateKey(String str, String str2) throws Exception {
        byte[] readFile = readFile(str);
        JSAFE_SymmetricCipher jSAFE_SymmetricCipher = JSAFE_SymmetricCipher.getInstance(readFile, 0, "Java");
        JSAFE_SecretKey blankKey = jSAFE_SymmetricCipher.getBlankKey();
        blankKey.setPassword(str2.toCharArray(), 0, str2.length());
        jSAFE_SymmetricCipher.decryptInit(blankKey, null);
        return jSAFE_SymmetricCipher.unwrapPrivateKey(readFile, 0, readFile.length, true);
    }

    private static X509Certificate loadX509Certificate(String str) throws Exception {
        return new X509Certificate(readFile(str), 0, 0);
    }

    private static byte[] readFile(String str) throws IOException {
        FileInputStream fileInputStream = new FileInputStream(str);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(fileInputStream.available());
        while (true) {
            int read = fileInputStream.read();
            if (read == -1) {
                fileInputStream.close();
                return byteArrayOutputStream.toByteArray();
            }
            byteArrayOutputStream.write(read);
        }
    }

    private static X500Name createX500Name(Properties properties) throws NameException {
        if (properties == null) {
            properties = new Properties();
        }
        AttributeValueAssertion[] attributeValueAssertionArr = {makeAttribute(1, AttributeValueAssertion.COUNTRY_NAME_OID, properties.getProperty(COUNTRY_PROPERTY, DEFAULT_COUNTRY)), makeAttribute(3, AttributeValueAssertion.STATE_NAME_OID, properties.getProperty(STATE_PROPERTY, DEFAULT_STATE)), makeAttribute(2, AttributeValueAssertion.LOCALITY_NAME_OID, properties.getProperty(LOCALITY_PROPERTY, DEFAULT_LOCALITY)), makeAttribute(4, AttributeValueAssertion.ORGANIZATION_NAME_OID, properties.getProperty(ORGANIZATION_PROPERTY, DEFAULT_ORGANIZATION)), makeAttribute(5, AttributeValueAssertion.ORGANIZATIONAL_UNIT_NAME_OID, properties.getProperty(ORG_UNIT_PROPERTY, DEFAULT_ORG_UNIT)), makeAttribute(0, AttributeValueAssertion.COMMON_NAME_OID, properties.getProperty(COMMON_NAME_PROPERTY, "localhost"))};
        X500Name x500Name = new X500Name();
        for (AttributeValueAssertion attributeValueAssertion : attributeValueAssertionArr) {
            RDN rdn = new RDN();
            rdn.addNameAVA(attributeValueAssertion);
            x500Name.addRDN(rdn);
        }
        return x500Name;
    }

    private static AttributeValueAssertion makeAttribute(int i, byte[] bArr, String str) throws NameException {
        return new AttributeValueAssertion(i, bArr, isPrintable(str) ? ASN1.PRINT_STRING : ASN1.BMP_STRING, str);
    }

    private static boolean isPrintable(String str) {
        if (str == null) {
            return true;
        }
        int length = str.length();
        for (int i = 0; i < length; i++) {
            if (!isPrintable(str.charAt(i))) {
                return false;
            }
        }
        return true;
    }

    private static boolean isPrintable(char c) {
        return (c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z') || ((c >= '0' && c <= '9') || c == ' ' || c == '/' || c == '\'' || c == '(' || c == ')' || c == '?' || c == '+' || c == '-' || c == '=' || c == ',' || c == '.' || c == ':');
    }

    private static String findFile(String str) throws FileNotFoundException {
        String str2 = str;
        if (!new File(str2).exists()) {
            File file = new File(new File(BootStrap.getWebLogicHome(), "lib"), str);
            if (!file.exists()) {
                throw new FileNotFoundException(new StringBuffer().append("Cannot find file: ").append(str).toString());
            }
            str2 = file.getAbsolutePath();
        }
        return str2;
    }

    public static Certificate convert(X509Certificate x509Certificate) throws Exception {
        if (x509Certificate == null) {
            return null;
        }
        byte[] bArr = new byte[x509Certificate.getDERLen(0)];
        x509Certificate.getDEREncoding(bArr, 0, 0);
        return CertificateFactory.getInstance(IdentityAsserter.X509_TYPE).generateCertificate(new ByteArrayInputStream(bArr));
    }

    public static PrivateKey convert(JSAFE_PrivateKey jSAFE_PrivateKey) throws Exception {
        if (jSAFE_PrivateKey == null) {
            return null;
        }
        char[] cArr = {' '};
        return (PrivateKey) SSLPlusSupport.getLocalIdentityPartial(new ByteArrayInputStream(getPrivateKeyData(jSAFE_PrivateKey, cArr)), cArr).lastElement();
    }

    public static void main(String[] strArr) throws Exception {
        if (strArr.length < 3) {
            System.out.println("\n\tUsage: java utils.CertGen <password> <certfilename> <keyfilename> [export|domestic] [hostname] [genca]\n\n\tThere is no need to specify a file extension when specifying\n\tcertfilename and keyfilename. Appropriate extensions are appended\n\twhen the files are created. GENCA option means - to generate\n\tself-signed certificate that can be used as a trusted CA certificate\n");
            System.exit(0);
        }
        String str = strArr[0];
        String str2 = strArr[1];
        String str3 = strArr[2];
        boolean z = strArr.length > 3 && strArr[3].equalsIgnoreCase("EXPORT");
        String hostName = strArr.length > 4 ? strArr[4] : InetAddress.getLocalHost().getHostName();
        boolean z2 = strArr.length > 5 && strArr[5].equalsIgnoreCase("GENCA");
        System.out.println(new StringBuffer().append("......  Will generate ").append(z2 ? "new CA certificate (self signed)" : "certificate signed by CA from CertGenCA.der file").toString());
        System.out.println(new StringBuffer().append("......  With ").append(z ? "Export" : "Domestic").append(" Key Strength").toString());
        System.out.println(new StringBuffer().append("......  Common Name will have Hostname ").append(hostName).toString());
        Properties properties = new Properties();
        properties.setProperty(COMMON_NAME_PROPERTY, hostName);
        CertGen certGen = new CertGen(z);
        try {
            if (z2) {
                certGen.generateCACertificate(properties);
            } else {
                certGen.generateCertificate(properties);
            }
        } catch (Exception e) {
            System.out.println(new StringBuffer().append("Failed to generated certificate\n").append(e.getMessage()).toString());
            System.exit(1);
        }
        System.out.println(new StringBuffer().append("......  Issuer CA name is ").append(certGen.issuerName).toString());
        try {
            writePKCS8PrivateKey(certGen.subjectPrivateKey, str, str3);
            writeX509Certificate(certGen.subjectCert, str2);
        } catch (Exception e2) {
            System.out.println(new StringBuffer().append("Failed to write to file\n").append(e2.getMessage()).toString());
            System.exit(1);
        }
        System.exit(0);
    }
}
