package com.ibm.mqlight.api.security;

import com.ibm.mqlight.api.impl.LogbackLogging;
import com.ibm.mqlight.api.logging.Logger;
import com.ibm.mqlight.api.logging.LoggerFactory;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.List;
import org.apache.commons.ssl.PKCS8Key;

/* loaded from: input_file:com/ibm/mqlight/api/security/KeyStoreUtils.class */
public class KeyStoreUtils {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) KeyStoreUtils.class);

    public static KeyStore loadKeyStore(File file, String str) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        logger.entry("loadKeyStore", file);
        String name = file.getName();
        KeyStore keyStore = name.matches("(?i).*\\.jks") ? KeyStore.getInstance("JKS") : name.matches("(?i).*\\.jceks") ? KeyStore.getInstance("JCEKS") : (name.matches("(?i).*\\.p12") || name.matches("(?i).*\\.pkcs12")) ? KeyStore.getInstance("PKCS12") : name.matches("(?i).*\\.kdb") ? KeyStore.getInstance("CMSKS") : KeyStore.getInstance(KeyStore.getDefaultType());
        FileInputStream fileInputStream = null;
        try {
            fileInputStream = new FileInputStream(file);
            keyStore.load(fileInputStream, str == null ? null : str.toCharArray());
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException e) {
                    logger.data("loadKeyStore", "failed to close file: ", file, " reason", e);
                }
            }
            logger.exit("loadKeyStore", keyStore);
            return keyStore;
        } catch (Throwable th) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException e2) {
                    logger.data("loadKeyStore", "failed to close file: ", file, " reason", e2);
                }
            }
            throw th;
        }
    }

    public static void addPrivateKey(KeyStore keyStore, File file, char[] cArr, List<Certificate> list) throws IOException, GeneralSecurityException {
        logger.entry("addPrivateKey", file, list);
        keyStore.setKeyEntry("key", createPrivateKey(file, cArr), cArr, (Certificate[]) list.toArray(new Certificate[list.size()]));
        logger.exit("addPrivateKey");
    }

    public static PrivateKey createPrivateKey(File file, char[] cArr) throws IOException, GeneralSecurityException {
        PrivateKey privateKey;
        logger.entry("createPrivateKey", file);
        PemFile pemFile = new PemFile(file);
        byte[] privateKeyBytes = pemFile.getPrivateKeyBytes();
        if (pemFile.containsEncryptedPrivateKey()) {
            privateKey = new PKCS8Key(privateKeyBytes, cArr).getPrivateKey();
        } else {
            PKCS8EncodedKeySpec pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(privateKeyBytes);
            InvalidKeySpecException invalidKeySpecException = null;
            PrivateKey privateKey2 = null;
            for (String str : new String[]{"RSA", "DSA", "DiffieHellman", "EC"}) {
                try {
                    privateKey2 = KeyFactory.getInstance(str).generatePrivate(pKCS8EncodedKeySpec);
                    break;
                } catch (InvalidKeySpecException e) {
                    if (invalidKeySpecException == null) {
                        invalidKeySpecException = e;
                    }
                }
            }
            if (privateKey2 == null) {
                throw invalidKeySpecException;
            }
            privateKey = privateKey2;
        }
        logger.exit("createPrivateKey", privateKey);
        return privateKey;
    }

    static {
        LogbackLogging.setup();
    }
}
