package net.jxta.impl.endpoint.tls;

import COM.claymoresystems.cert.WrappedObject;
import COM.claymoresystems.crypto.EAYEncryptedPrivateKey;
import COM.claymoresystems.ptls.SSLDebug;
import java.io.BufferedWriter;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.FileWriter;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateCrtKey;
import java.util.Calendar;
import java.util.Date;
import java.util.Hashtable;
import jxta.security.exceptions.CryptoException;
import jxta.security.hash.Hash;
import jxta.security.impl.crypto.JxtaCryptoSuite;
import jxta.security.impl.random.JRandom;
import jxta.security.util.URLBase64;
import jxta.security.util.Util;
import org.apache.log4j.Category;
import org.bouncycastle.asn1.x509.X509Name;
import org.bouncycastle.jce.X509Principal;
import org.bouncycastle.jce.X509V3CertificateGenerator;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: input_file:lib/ptolemy.jar:/ptII/vendors/sun/jxta/jxta.jar:net/jxta/impl/endpoint/tls/PeerCerts.class */
public class PeerCerts {
    private static final Category LOG;
    static final String testPw = "password";
    private static final int NUM_BYTES = 128;
    static final String[] dh;
    static Class class$net$jxta$impl$endpoint$tls$PeerCerts;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: net.jxta.impl.endpoint.tls.PeerCerts$1, reason: invalid class name */
    /* loaded from: input_file:lib/ptolemy.jar:/ptII/vendors/sun/jxta/jxta.jar:net/jxta/impl/endpoint/tls/PeerCerts$1.class */
    public class AnonymousClass1 {
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:lib/ptolemy.jar:/ptII/vendors/sun/jxta/jxta.jar:net/jxta/impl/endpoint/tls/PeerCerts$IssuerInfo.class */
    public static class IssuerInfo {
        PrivateKey rootKey;
        Hashtable issuer;
        PrivateKey subjectPkey;
        byte[] passwd;

        private IssuerInfo() {
        }

        IssuerInfo(AnonymousClass1 anonymousClass1) {
            this();
        }
    }

    public static IssuerInfo genPeerRootCert(String str, String str2) throws IOException {
        String stringBuffer = new StringBuffer().append(JTlsUtil.getPCERootPath()).append("peer-root.pem").toString();
        SSLDebug.debug(128, "Generating root cert ...");
        IssuerInfo genCert = genCert(stringBuffer, new StringBuffer().append(str).append("-CA").toString(), null);
        genCert.passwd = genPassPhrase(str2);
        appendPrivateKey(genCert, stringBuffer);
        return genCert;
    }

    public static void genPeerServiceCert(String str, IssuerInfo issuerInfo, String str2) throws IOException {
        String stringBuffer = new StringBuffer().append(JTlsUtil.getPCEClientPath()).append("peer-service.pem").toString();
        SSLDebug.debug(128, "\nGenerating client cert ...");
        IssuerInfo genCert = genCert(stringBuffer, str, issuerInfo);
        genCert.passwd = issuerInfo.passwd;
        appendPrivateKey(genCert, stringBuffer);
    }

    private static void appendPrivateKey(IssuerInfo issuerInfo, String str) throws IOException {
        RSAPrivateCrtKey rSAPrivateCrtKey = (RSAPrivateCrtKey) issuerInfo.subjectPkey;
        FileWriter fileWriter = new FileWriter(str, true);
        BufferedWriter bufferedWriter = new BufferedWriter(fileWriter);
        EAYEncryptedPrivateKey.writePrivateKey(rSAPrivateCrtKey, issuerInfo.passwd, bufferedWriter);
        bufferedWriter.flush();
        fileWriter.close();
    }

    public static SecureRandom seedSRN() throws CryptoException {
        byte[] bArr = new byte[128];
        new JRandom().nextBytes(bArr);
        return new SecureRandom(bArr);
    }

    private static byte[] genPassPhrase(String str) throws IOException {
        String stringBuffer = new StringBuffer().append(JTlsUtil.getPCEClientPath()).append("peer.phrase").toString();
        byte[] bArr = new byte[128];
        try {
            seedSRN().nextBytes(bArr);
            System.arraycopy(bArr, 0, new byte[bArr.length], 0, bArr.length);
            try {
                Hash jxtaHash = new JxtaCryptoSuite((byte) 4, null, (byte) 0, (byte) 0).getJxtaHash((byte) 1);
                byte[] bArr2 = new byte[jxtaHash.getDigestLength()];
                int i = 128;
                for (int i2 = 0; i2 < 127; i2++) {
                    jxtaHash.doFinal(bArr, 0, i, bArr2, 0);
                    System.arraycopy(bArr2, 0, bArr, 0, bArr2.length);
                    i = bArr2.length;
                }
                byte[] encode = URLBase64.encode(bArr2);
                writePassphrase(stringBuffer, new String(encode), str);
                return encode;
            } catch (CryptoException e) {
                throw new IOException("Could not generate passphrase");
            }
        } catch (CryptoException e2) {
            return null;
        }
    }

    public static void writePassphrase(String str, String str2, String str3) throws CryptoException, IOException {
        byte[] bytes = str2.getBytes();
        File createTempFile = File.createTempFile("yyj", null);
        FileWriter fileWriter = new FileWriter(createTempFile);
        BufferedWriter bufferedWriter = new BufferedWriter(fileWriter);
        WrappedObject.writeHeader("PASSPHRASE", bufferedWriter);
        WrappedObject.writeObject(bytes, "PASSPHRASE", bufferedWriter);
        fileWriter.close();
        int length = (int) createTempFile.length();
        FileInputStream fileInputStream = new FileInputStream(createTempFile);
        byte[] bArr = new byte[length];
        fileInputStream.read(bArr, 0, length);
        fileInputStream.close();
        createTempFile.delete();
        byte[] tlsCipher = JTlsUtil.tlsCipher(bArr, str3, (byte) 1);
        FileOutputStream fileOutputStream = new FileOutputStream(str);
        fileOutputStream.write(tlsCipher, 0, length);
        fileOutputStream.close();
    }

    public static IssuerInfo genCert(String str, String str2, IssuerInfo issuerInfo) throws IOException {
        Hashtable hashtable;
        PrivateKey privateKey;
        String str3;
        try {
            SecureRandom seedSRN = seedSRN();
            Security.addProvider(new BouncyCastleProvider());
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "BC");
            keyPairGenerator.initialize(1024, seedSRN);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            PrivateKey privateKey2 = generateKeyPair.getPrivate();
            PublicKey publicKey = generateKeyPair.getPublic();
            Hashtable hashtable2 = new Hashtable();
            hashtable2.put(X509Name.C, "US");
            hashtable2.put(X509Name.O, "www.jxta.org");
            hashtable2.put(X509Name.L, "SF");
            byte[] bArr = new byte[10];
            seedSRN.nextBytes(bArr);
            hashtable2.put(X509Name.OU, Util.hexEncode(bArr));
            hashtable2.put(X509Name.CN, str2);
            Date date = new Date();
            Calendar calendar = Calendar.getInstance();
            calendar.setTime(date);
            calendar.add(1, 10);
            Date time = calendar.getTime();
            if (issuerInfo == null) {
                hashtable = hashtable2;
                privateKey = privateKey2;
                str3 = "\nRoot Cert:";
            } else {
                hashtable = issuerInfo.issuer;
                privateKey = issuerInfo.rootKey;
                str3 = "\nClient Cert:";
            }
            X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
            x509V3CertificateGenerator.setSerialNumber(BigInteger.valueOf(1L));
            x509V3CertificateGenerator.setIssuerDN(new X509Principal(hashtable));
            x509V3CertificateGenerator.setNotBefore(date);
            x509V3CertificateGenerator.setNotAfter(time);
            x509V3CertificateGenerator.setSubjectDN(new X509Principal(hashtable2));
            x509V3CertificateGenerator.setPublicKey(publicKey);
            x509V3CertificateGenerator.setSignatureAlgorithm("SHA1withRSA");
            X509Certificate generateX509Certificate = x509V3CertificateGenerator.generateX509Certificate(privateKey);
            FileWriter fileWriter = new FileWriter(str);
            BufferedWriter bufferedWriter = new BufferedWriter(fileWriter);
            bufferedWriter.write(generateX509Certificate.toString());
            bufferedWriter.flush();
            byte[] encoded = generateX509Certificate.getEncoded();
            WrappedObject.writeHeader("CERTIFICATE", bufferedWriter);
            WrappedObject.writeObject(encoded, "CERTIFICATE", bufferedWriter);
            fileWriter.close();
            if (SSLDebug.getDebug(128)) {
                COM.claymoresystems.util.Util.xdump(str3, encoded);
            }
            IssuerInfo issuerInfo2 = new IssuerInfo(null);
            issuerInfo2.issuer = hashtable;
            issuerInfo2.rootKey = privateKey;
            issuerInfo2.subjectPkey = privateKey2;
            return issuerInfo2;
        } catch (InvalidKeyException e) {
            System.out.println(new StringBuffer().append("genCert: ").append(e.getMessage()).toString());
            throw new IOException("Could not generate certificate");
        } catch (NoSuchAlgorithmException e2) {
            System.out.println(new StringBuffer().append("genCert: ").append(e2.getMessage()).toString());
            throw new IOException("Could not generate certificate");
        } catch (NoSuchProviderException e3) {
            System.out.println(new StringBuffer().append("genCert: ").append(e3.getMessage()).toString());
            throw new IOException("Could not generate certificate");
        } catch (SignatureException e4) {
            System.out.println(new StringBuffer().append("genCert: ").append(e4.getMessage()).toString());
            throw new IOException("Could not generate certificate");
        } catch (CertificateEncodingException e5) {
            System.out.println(new StringBuffer().append("genCert: ").append(e5.getMessage()).toString());
            throw new IOException("Could not generate certificate");
        } catch (CertificateException e6) {
            System.out.println(new StringBuffer().append("genCert: ").append(e6.getMessage()).toString());
            throw new IOException("Could not generate certificate");
        } catch (CryptoException e7) {
            System.out.println(new StringBuffer().append("genCert: ").append(e7.getMessage()).toString());
            throw new IOException("Could not generate certificate");
        }
    }

    public static void genDhfile() throws IOException {
        FileWriter fileWriter = new FileWriter(new StringBuffer().append(JTlsUtil.getPCEPath()).append("dh1024.pem").toString());
        BufferedWriter bufferedWriter = new BufferedWriter(fileWriter);
        for (int i = 0; i < dh.length; i++) {
            bufferedWriter.write(dh[i]);
        }
        bufferedWriter.flush();
        fileWriter.close();
    }

    public static void generateCerts(String str, String str2, boolean z) throws Exception {
        genPeerServiceCert(str, genPeerRootCert(str, str2), str2);
        if (z) {
            genDhfile();
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$net$jxta$impl$endpoint$tls$PeerCerts == null) {
            cls = class$("net.jxta.impl.endpoint.tls.PeerCerts");
            class$net$jxta$impl$endpoint$tls$PeerCerts = cls;
        } else {
            cls = class$net$jxta$impl$endpoint$tls$PeerCerts;
        }
        LOG = Category.getInstance(cls.getName());
        dh = new String[]{"-----BEGIN DH PARAMETERS-----\n", "MIGHAoGBANmAnfkETuKHOCWaE+W+F3kM/e7z5A8hZb7OqwGMQrUOaBEAr4BWeZBn\n", "G/87hhwZgNP69/KUchm714qd/PpOspCaUJ20x6PcmKujpAgca/f19HGMBjRawQMk\n", "R9oaBwazuQT0l0rTTKmvpMEcrQQIcVWii3CZI56I56oqF8biGPD7AgEC\n", "-----END DH PARAMETERS-----\n"};
    }
}
