package com.silverpeas.util.security;

import com.silverpeas.export.ImportExportDescriptor;
import com.stratelia.silverpeas.notificationManager.NotificationManager;
import com.stratelia.webactiv.util.ResourceLocator;
import com.stratelia.webactiv.util.exception.UtilException;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import net.sourceforge.jcetaglib.lib.X509Cert;
import org.silverpeas.authentication.encryption.UnixDESEncryption;

/* loaded from: input_file:com/silverpeas/util/security/X509Factory.class */
public class X509Factory {
    private static String truststoreFile;
    private static String truststorePwd;
    private static String p12Dir;
    private static String p12Salt;
    private static int validity;
    private static String subjectDNSuffix;

    public static void buildP12(String str, String str2, String str3, String str4, String str5) throws UtilException {
        try {
            KeyPair generateKeyPair = X509Cert.generateKeyPair("RSA", 1024, new byte[0]);
            PrivateKey privateKey = generateKeyPair.getPrivate();
            PublicKey publicKey = generateKeyPair.getPublic();
            if (str4 == null) {
                str4 = ImportExportDescriptor.NO_FORMAT;
            }
            try {
                X509Certificate selfsign = X509Cert.selfsign(privateKey, publicKey, "MD5WithRSAEncryption", validity, subjectDNSuffix + ", CN=" + str4 + NotificationManager.FROM_NO + str3, false, "client");
                KeyStore keyStore = getKeyStore();
                try {
                    keyStore.setCertificateEntry(str, selfsign);
                    writeKeyStore(keyStore);
                    try {
                        X509Cert.saveAsP12(selfsign, (X509Certificate) null, privateKey, p12Dir + str2 + "_" + str5 + ".p12", str, new StringBuffer(new UnixDESEncryption().encrypt(str2, p12Salt.getBytes())));
                    } catch (Exception e) {
                        throw new UtilException("X509Factory.buildP12", 4, "util.CANT_CREATE_PKCS12_FILE", e);
                    }
                } catch (KeyStoreException e2) {
                    throw new UtilException("X509Factory.buildP12", 4, "util.CANT_STORE_X509_CERTIFICATE_INTO_TRUSTSTORE", e2);
                }
            } catch (CertificateException e3) {
                throw new UtilException("X509Factory.buildP12", 4, "util.CANT_CREATE_SELFSIGNED_X509_CERTIFICATE", e3);
            }
        } catch (Exception e4) {
            throw new UtilException("X509Factory.buildP12", 4, "util.CANT_GENERATE_KEYPAIR", e4);
        }
    }

    public static void revocateUserCertificate(String str) throws UtilException {
        KeyStore keyStore = getKeyStore();
        if (keyStore != null) {
            try {
                keyStore.deleteEntry(str);
                writeKeyStore(keyStore);
            } catch (KeyStoreException e) {
                throw new UtilException("X509Factory.revocateUserCertificate", 4, "util.CANT_DELETE_X509_CERTIFICATE_FROM_TRUSTSTORE", e);
            }
        }
    }

    private static KeyStore getKeyStore() throws UtilException {
        try {
            KeyStore keyStore = KeyStore.getInstance("jks");
            FileInputStream fileInputStream = null;
            try {
                fileInputStream = new FileInputStream(truststoreFile);
            } catch (FileNotFoundException e) {
                e.printStackTrace();
            }
            try {
                keyStore.load(fileInputStream, truststorePwd.toCharArray());
            } catch (IOException e2) {
                e2.printStackTrace();
            } catch (NoSuchAlgorithmException e3) {
                e3.printStackTrace();
            } catch (CertificateException e4) {
                e4.printStackTrace();
            }
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException e5) {
                    e5.printStackTrace();
                }
            }
            return keyStore;
        } catch (KeyStoreException e6) {
            throw new UtilException("X509Factory.getKeyStore", 4, "util.CANT_GET_KEYSTORE_INSTANCE", e6);
        }
    }

    private static void writeKeyStore(KeyStore keyStore) {
        FileOutputStream fileOutputStream = null;
        try {
            fileOutputStream = new FileOutputStream(truststoreFile);
        } catch (FileNotFoundException e) {
            e.printStackTrace();
        }
        try {
            keyStore.store(fileOutputStream, truststorePwd.toCharArray());
        } catch (IOException e2) {
            e2.printStackTrace();
        } catch (KeyStoreException e3) {
            e3.printStackTrace();
        } catch (NoSuchAlgorithmException e4) {
            e4.printStackTrace();
        } catch (CertificateException e5) {
            e5.printStackTrace();
        }
        try {
            fileOutputStream.close();
        } catch (IOException e6) {
            e6.printStackTrace();
        }
    }

    static {
        truststoreFile = null;
        truststorePwd = null;
        p12Dir = null;
        p12Salt = null;
        validity = -1;
        subjectDNSuffix = null;
        ResourceLocator resourceLocator = new ResourceLocator("com.silverpeas.util.security", ImportExportDescriptor.NO_FORMAT);
        truststoreFile = resourceLocator.getString("x509.TruststoreFile", "C:\\Silverpeas\\KMEdition\\Tools\\jboss403\\server\\default\\conf\\server.truststore");
        truststorePwd = resourceLocator.getString("x509.TruststorePwd", "servercert");
        subjectDNSuffix = "C=" + resourceLocator.getString("x509.DN_C", "FR") + ", L=" + resourceLocator.getString("x509.DN_L", "Grenoble") + ", O=" + resourceLocator.getString("x509.DN_O", "Silverpeas") + ", OU=" + resourceLocator.getString("x509.DN_OU", "silverpeas.com");
        validity = Integer.parseInt(resourceLocator.getString("x509.Validity", "365"));
        p12Dir = resourceLocator.getString("p12.dir", "C:\\Silverpeas\\KMEdition\\Tools\\jboss403\\server\\default\\conf\\");
        p12Salt = resourceLocator.getString("p12.salt", "SP");
    }
}
