package ptolemy.copernicus.applet;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.DSAPrivateKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.security.spec.RSAPrivateKeySpec;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.Map;
import java.util.Properties;
import java.util.jar.Attributes;
import java.util.jar.JarEntry;
import java.util.jar.JarFile;
import java.util.jar.JarOutputStream;
import java.util.jar.Manifest;
import java.util.zip.ZipFile;
import net.jxta.impl.pipe.WirePipe;
import oracle.net.ano.AnoServices;
import ptolemy.util.StreamExec;
import ptolemy.util.StringUtilities;
import sun.misc.BASE64Encoder;
import sun.security.util.ManifestDigester;
import util.ClassFileConst;

/* loaded from: input_file:lib/ptolemy.jar:ptolemy/copernicus/applet/JarSigner.class */
public class JarSigner {
    private String _alias;
    private static BASE64Encoder _b64Encoder = new BASE64Encoder();
    private PrivateKey _privateKey;
    private X509Certificate[] _certChain;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:lib/ptolemy.jar:ptolemy/copernicus/applet/JarSigner$SignatureFile.class */
    public class SignatureFile {
        private Object sigFile;
        private Class JDKsfClass = Class.forName(JDK_SIGNATURE_FILE);
        private Method getMetaNameMethod = JarSigner._findMethod(this.JDKsfClass, GETMETANAME_METHOD, new Class[0]);
        private Method writeMethod = JarSigner._findMethod(this.JDKsfClass, WRITE_METHOD, OutputStream.class);
        private static final String JDK_SIGNATURE_FILE = "sun.security.tools.SignatureFile";
        private static final String GETMETANAME_METHOD = "getMetaName";
        private static final String WRITE_METHOD = "write";

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: input_file:lib/ptolemy.jar:ptolemy/copernicus/applet/JarSigner$SignatureFile$Block.class */
        public class Block {
            private Object block;
            private static final String JDK_BLOCK = "sun.security.tools.SignatureFile$Block";
            private static final String JDK_CONTENT_SIGNER = "com.sun.jarsigner.ContentSigner";
            private Method getMetaNameMethod;
            private Method writeMethod;

            public Block(SignatureFile signatureFile, PrivateKey privateKey, X509Certificate[] x509CertificateArr, boolean z, ZipFile zipFile) throws ClassNotFoundException, NoSuchMethodException, InstantiationException, IllegalAccessException, InvocationTargetException {
                Class<?> cls = Class.forName(JDK_BLOCK);
                Class<?> cls2 = Class.forName(JDK_CONTENT_SIGNER);
                try {
                    this.block = JarSigner._findConstructor(cls, signatureFile.getJDKSignatureFileClass(), PrivateKey.class, X509Certificate[].class, Boolean.TYPE, String.class, X509Certificate.class, cls2, String[].class, ZipFile.class).newInstance(signatureFile.getJDKSignatureFile(), privateKey, x509CertificateArr, Boolean.valueOf(z), null, null, null, null, zipFile);
                } catch (NoSuchMethodException e) {
                    this.block = JarSigner._findConstructor(cls, signatureFile.getJDKSignatureFileClass(), PrivateKey.class, String.class, X509Certificate[].class, Boolean.TYPE, String.class, X509Certificate.class, cls2, String[].class, ZipFile.class).newInstance(signatureFile.getJDKSignatureFile(), privateKey, null, x509CertificateArr, Boolean.valueOf(z), null, null, null, null, zipFile);
                }
                this.getMetaNameMethod = JarSigner._findMethod(cls, SignatureFile.GETMETANAME_METHOD, new Class[0]);
                this.writeMethod = JarSigner._findMethod(cls, SignatureFile.WRITE_METHOD, OutputStream.class);
            }

            public String getMetaName() throws IllegalAccessException, InvocationTargetException {
                return (String) this.getMetaNameMethod.invoke(this.block, new Object[0]);
            }

            public void write(OutputStream outputStream) throws IllegalAccessException, InvocationTargetException {
                this.writeMethod.invoke(this.block, outputStream);
            }
        }

        public SignatureFile(MessageDigest[] messageDigestArr, Manifest manifest, ManifestDigester manifestDigester, String str, boolean z) throws ClassNotFoundException, NoSuchMethodException, InstantiationException, IllegalAccessException, InvocationTargetException {
            this.sigFile = JarSigner._findConstructor(this.JDKsfClass, MessageDigest[].class, Manifest.class, ManifestDigester.class, String.class, Boolean.TYPE).newInstance(messageDigestArr, manifest, manifestDigester, str, Boolean.valueOf(z));
        }

        public Block generateBlock(PrivateKey privateKey, X509Certificate[] x509CertificateArr, boolean z, ZipFile zipFile) throws NoSuchAlgorithmException, InvalidKeyException, IOException, SignatureException, CertificateException, ClassNotFoundException, NoSuchMethodException, InstantiationException, IllegalAccessException, InvocationTargetException {
            return new Block(this, privateKey, x509CertificateArr, z, zipFile);
        }

        public Class getJDKSignatureFileClass() {
            return this.JDKsfClass;
        }

        public Object getJDKSignatureFile() {
            return this.sigFile;
        }

        public String getMetaName() throws IllegalAccessException, InvocationTargetException {
            return (String) this.getMetaNameMethod.invoke(this.sigFile, new Object[0]);
        }

        public void write(OutputStream outputStream) throws IllegalAccessException, InvocationTargetException {
            this.writeMethod.invoke(this.sigFile, outputStream);
        }
    }

    public JarSigner(String str, PrivateKey privateKey, X509Certificate[] x509CertificateArr) {
        this._alias = str;
        this._privateKey = privateKey;
        this._certChain = new X509Certificate[x509CertificateArr.length];
        System.arraycopy(x509CertificateArr, 0, this._certChain, 0, x509CertificateArr.length);
    }

    public static void main(String[] strArr) {
        if (strArr.length != 2) {
            System.err.println("Usage: java -classpath $PTII ptolemy.copernicus.applet.JarSigner JNLPApplication.jar JNLPSignedApplication.jar");
        }
        String str = "/Users/cxh/ptII" + File.separator + "ptKeystore";
        String str2 = "this.is.the.storePassword,change.it";
        String str3 = "this.is.the.keyPassword,change.it";
        String str4 = "ptolemy";
        String str5 = String.valueOf(StringUtilities.getProperty("ptolemy.ptII.dir")) + File.separator + "ptKeystore.properties";
        Properties properties = new Properties();
        FileInputStream fileInputStream = null;
        try {
            try {
                fileInputStream = new FileInputStream(str5);
                properties.load(fileInputStream);
                String property = properties.getProperty("keystoreFileName");
                if (property != null) {
                    str = property;
                }
                str2 = properties.getProperty("storePassword");
                str3 = properties.getProperty("keyPassword");
                str4 = properties.getProperty("alias");
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
            } catch (IOException e) {
                System.out.println("Warning: failed to read \"" + str5 + "\", using default store password, key password and alias:" + e);
            }
            System.out.println("About to sign \"" + strArr[0] + "\" and create \"" + strArr[1] + "\" using keystore: \"" + str + "\" and alias: \"" + str4 + "\"");
            try {
                sign(strArr[0], strArr[1], str, str4, str2.toCharArray(), str3.toCharArray());
            } catch (Throwable th) {
                th.printStackTrace();
            }
        } catch (Throwable th2) {
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            throw th2;
        }
    }

    /* JADX WARN: Finally extract failed */
    public static void sign(String str, String str2, String str3, String str4, char[] cArr, char[] cArr2) throws Exception {
        KeySpec keySpec;
        FileInputStream fileInputStream = null;
        FileOutputStream fileOutputStream = null;
        try {
            fileInputStream = new FileInputStream(str3);
            KeyStore keyStore = KeyStore.getInstance("JKS");
            keyStore.load(fileInputStream, cArr);
            Certificate[] certificateChain = keyStore.getCertificateChain(str4);
            if (certificateChain == null) {
                throw new Exception("Could not get certificate chain from alias \"" + str4 + "\" from keystore \"" + str3 + "\"");
            }
            X509Certificate[] x509CertificateArr = new X509Certificate[0];
            X509Certificate[] x509CertificateArr2 = new X509Certificate[certificateChain.length];
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            for (int i = 0; i < certificateChain.length; i++) {
                x509CertificateArr2[i] = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(certificateChain[0].getEncoded()));
            }
            Key key = keyStore.getKey(str4, cArr2);
            if (key == null) {
                throw new Exception("Could not get key from alias \"" + str4 + "\" from keystore \"" + str3 + "\"");
            }
            KeyFactory keyFactory = KeyFactory.getInstance(key.getAlgorithm());
            try {
                keySpec = keyFactory.getKeySpec(key, DSAPrivateKeySpec.class);
            } catch (InvalidKeySpecException e) {
                System.out.println("Using RSA");
                keySpec = keyFactory.getKeySpec(key, RSAPrivateKeySpec.class);
            }
            JarSigner jarSigner = new JarSigner(str4, keyFactory.generatePrivate(keySpec), x509CertificateArr2);
            JarFile jarFile = null;
            try {
                jarFile = new JarFile(str);
                fileOutputStream = new FileOutputStream(str2);
                jarSigner._signJarFile(jarFile, fileOutputStream);
                if (jarFile != null) {
                    jarFile.close();
                }
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e2) {
                        if (fileOutputStream != null) {
                            fileOutputStream.close();
                        }
                        throw e2;
                    }
                }
                if (fileOutputStream != null) {
                    fileOutputStream.close();
                }
                System.out.println("Working around bug where the chain of certs is not included in the .RSA file");
                LinkedList linkedList = new LinkedList();
                linkedList.add("jarsigner -keystore \"" + str3 + "\" -keypass \"" + new String(cArr2) + "\" -storepass \"" + new String(cArr) + "\" \"" + str2 + "\"  \"" + str4 + "\"");
                StreamExec streamExec = new StreamExec();
                streamExec.setCommands(linkedList);
                streamExec.start();
            } catch (Throwable th) {
                if (jarFile != null) {
                    jarFile.close();
                }
                throw th;
            }
        } catch (Throwable th2) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException e3) {
                    if (fileOutputStream != null) {
                        fileOutputStream.close();
                    }
                    throw e3;
                }
            }
            if (fileOutputStream != null) {
                fileOutputStream.close();
            }
            throw th2;
        }
    }

    private static Map _createEntries(Manifest manifest, JarFile jarFile) throws IOException {
        Map<String, Attributes> entries;
        if (manifest.getEntries().size() > 0) {
            entries = _pruneManifest(manifest, jarFile);
        } else {
            Attributes mainAttributes = manifest.getMainAttributes();
            mainAttributes.putValue(Attributes.Name.MANIFEST_VERSION.toString(), WirePipe.WireVersion);
            mainAttributes.putValue("Created-By", String.valueOf(System.getProperty("java.version")) + " (" + System.getProperty("java.vendor") + ClassFileConst.SIG_ENDMETHOD);
            entries = manifest.getEntries();
        }
        return entries;
    }

    private SignatureFile _createSignatureFile(Manifest manifest, MessageDigest messageDigest) throws IOException, IllegalAccessException, NoSuchMethodException, InvocationTargetException, InstantiationException, ClassNotFoundException {
        return new SignatureFile(new MessageDigest[]{messageDigest}, manifest, new ManifestDigester(_serialiseManifest(manifest)), this._alias, true);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static Constructor _findConstructor(Class cls, Class... clsArr) throws NoSuchMethodException {
        Constructor declaredConstructor = cls.getDeclaredConstructor(clsArr);
        if (declaredConstructor == null) {
            throw new RuntimeException(cls.getName());
        }
        declaredConstructor.setAccessible(true);
        return declaredConstructor;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static Method _findMethod(Class cls, String str, Class... clsArr) throws NoSuchMethodException {
        Method declaredMethod = cls.getDeclaredMethod(str, clsArr);
        if (declaredMethod == null) {
            throw new RuntimeException(cls.getName());
        }
        declaredMethod.setAccessible(true);
        return declaredMethod;
    }

    private static Manifest _getManifestFile(JarFile jarFile) throws IOException {
        JarEntry jarEntry = jarFile.getJarEntry("META-INF/MANIFEST.MF");
        if (jarEntry != null) {
            Enumeration<JarEntry> entries = jarFile.entries();
            while (entries.hasMoreElements()) {
                jarEntry = entries.nextElement();
                if ("META-INF/MANIFEST.MF".equalsIgnoreCase(jarEntry.getName())) {
                    break;
                }
                jarEntry = null;
            }
        }
        Manifest manifest = new Manifest();
        if (jarEntry != null) {
            manifest.read(jarFile.getInputStream(jarEntry));
        }
        return manifest;
    }

    private static Map _pruneManifest(Manifest manifest, JarFile jarFile) throws IOException {
        Map<String, Attributes> entries = manifest.getEntries();
        Iterator<String> it = entries.keySet().iterator();
        while (it.hasNext()) {
            if (jarFile.getEntry(it.next()) == null) {
                it.remove();
            }
        }
        return entries;
    }

    private static byte[] _serialiseManifest(Manifest manifest) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = null;
        try {
            byteArrayOutputStream = new ByteArrayOutputStream();
            manifest.write(byteArrayOutputStream);
            byteArrayOutputStream.flush();
            if (byteArrayOutputStream != null) {
                byteArrayOutputStream.close();
            }
            return byteArrayOutputStream.toByteArray();
        } catch (Throwable th) {
            if (byteArrayOutputStream != null) {
                byteArrayOutputStream.close();
            }
            throw th;
        }
    }

    public void _signJarFile(JarFile jarFile, OutputStream outputStream) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, IOException, IllegalAccessException, InvocationTargetException, NoSuchMethodException, CertificateException, InstantiationException, ClassNotFoundException {
        Manifest _getManifestFile = _getManifestFile(jarFile);
        Map _createEntries = _createEntries(_getManifestFile, jarFile);
        MessageDigest messageDigest = MessageDigest.getInstance(AnoServices.CHECKSUM_SHA1);
        _updateManifestDigest(_getManifestFile, jarFile, messageDigest, _createEntries);
        SignatureFile _createSignatureFile = _createSignatureFile(_getManifestFile, messageDigest);
        SignatureFile.Block generateBlock = _createSignatureFile.generateBlock(this._privateKey, this._certChain, true, jarFile);
        JarOutputStream jarOutputStream = new JarOutputStream(outputStream);
        jarOutputStream.putNextEntry(new JarEntry("META-INF/MANIFEST.MF"));
        byte[] _serialiseManifest = _serialiseManifest(_getManifestFile);
        jarOutputStream.write(_serialiseManifest, 0, _serialiseManifest.length);
        jarOutputStream.closeEntry();
        String metaName = _createSignatureFile.getMetaName();
        jarOutputStream.putNextEntry(new JarEntry(metaName));
        _createSignatureFile.write(jarOutputStream);
        jarOutputStream.closeEntry();
        String metaName2 = generateBlock.getMetaName();
        jarOutputStream.putNextEntry(new JarEntry(metaName2));
        generateBlock.write(jarOutputStream);
        jarOutputStream.closeEntry();
        Enumeration<JarEntry> entries = jarFile.entries();
        while (entries.hasMoreElements()) {
            JarEntry nextElement = entries.nextElement();
            if (nextElement.getName().startsWith("META-INF") && !"META-INF/MANIFEST.MF".equalsIgnoreCase(nextElement.getName()) && !metaName.equalsIgnoreCase(nextElement.getName()) && !metaName2.equalsIgnoreCase(nextElement.getName())) {
                _writeJarEntry(nextElement, jarFile, jarOutputStream);
            }
        }
        Enumeration<JarEntry> entries2 = jarFile.entries();
        while (entries2.hasMoreElements()) {
            JarEntry nextElement2 = entries2.nextElement();
            if (!nextElement2.getName().startsWith("META-INF")) {
                _writeJarEntry(nextElement2, jarFile, jarOutputStream);
            }
        }
        jarOutputStream.flush();
        jarOutputStream.finish();
    }

    private static String _updateDigest(MessageDigest messageDigest, InputStream inputStream) throws IOException {
        try {
            byte[] bArr = new byte[2048];
            while (true) {
                int read = inputStream.read(bArr);
                if (read <= 0) {
                    inputStream.close();
                    return _b64Encoder.encode(messageDigest.digest());
                }
                messageDigest.update(bArr, 0, read);
            }
        } catch (Throwable th) {
            inputStream.close();
            throw th;
        }
    }

    private static Map _updateManifestDigest(Manifest manifest, JarFile jarFile, MessageDigest messageDigest, Map map) throws IOException {
        Enumeration<JarEntry> entries = jarFile.entries();
        while (entries.hasMoreElements()) {
            JarEntry nextElement = entries.nextElement();
            if (!nextElement.getName().startsWith("META-INF")) {
                if (manifest.getAttributes(nextElement.getName()) != null) {
                    manifest.getAttributes(nextElement.getName()).putValue("SHA1-Digest", _updateDigest(messageDigest, jarFile.getInputStream(nextElement)));
                } else if (!nextElement.isDirectory()) {
                    Attributes attributes = new Attributes();
                    attributes.putValue("SHA1-Digest", _updateDigest(messageDigest, jarFile.getInputStream(nextElement)));
                    map.put(nextElement.getName(), attributes);
                }
            }
        }
        return map;
    }

    protected static void _writeJarEntry(JarEntry jarEntry, JarFile jarFile, JarOutputStream jarOutputStream) throws IOException {
        jarOutputStream.putNextEntry(jarEntry);
        byte[] bArr = new byte[2048];
        try {
            InputStream inputStream = jarFile.getInputStream(jarEntry);
            while (true) {
                int read = inputStream.read(bArr);
                if (read <= 0) {
                    return;
                } else {
                    jarOutputStream.write(bArr, 0, read);
                }
            }
        } finally {
            jarOutputStream.closeEntry();
        }
    }
}
