package com.ibm.etools.sfm.models.host.common;

import com.ibm.eNetwork.beans.HOD.Session;
import com.ibm.security.pkcs12.PFX;
import com.ibm.security.pkcsutil.PKCSException;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import org.eclipse.rse.core.comm.SystemKeystoreProviderManager;

/* loaded from: input_file:com/ibm/etools/sfm/models/host/common/X509ProviderImpl.class */
public class X509ProviderImpl implements X509Provider {
    private static X509Provider provider;
    private Certificate[] known;

    private X509ProviderImpl() {
    }

    public static X509Provider init() {
        if (provider == null) {
            provider = new X509ProviderImpl();
        }
        return provider;
    }

    @Override // com.ibm.etools.sfm.models.host.common.X509Provider
    public Certificate[] getCertificates() throws IOException, PKCSException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        Certificate[] wellKnownCertificates = getWellKnownCertificates();
        Certificate[] customCertificates = getCustomCertificates();
        Certificate[] certificateArr = new Certificate[wellKnownCertificates.length + customCertificates.length];
        for (int i = 0; i < wellKnownCertificates.length; i++) {
            certificateArr[i] = wellKnownCertificates[i];
        }
        for (int i2 = 0; i2 < customCertificates.length; i2++) {
            certificateArr[i2 + wellKnownCertificates.length] = customCertificates[i2];
        }
        return certificateArr;
    }

    @Override // com.ibm.etools.sfm.models.host.common.X509Provider
    public Certificate[] getCustomCertificates() throws PKCSException, IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        Certificate certificate;
        KeyStore loadKeystore = loadKeystore();
        ArrayList arrayList = new ArrayList();
        Enumeration<String> aliases = loadKeystore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (loadKeystore.isCertificateEntry(nextElement) && (certificate = loadKeystore.getCertificate(nextElement)) != null && (certificate instanceof X509Certificate)) {
                arrayList.add((X509Certificate) certificate);
            }
        }
        return (Certificate[]) arrayList.toArray(new Certificate[arrayList.size()]);
    }

    @Override // com.ibm.etools.sfm.models.host.common.X509Provider
    public Certificate[] getWellKnownCertificates() throws IOException, PKCSException {
        if (this.known == null) {
            loadWellKnownCertificates();
        }
        return this.known;
    }

    @Override // com.ibm.etools.sfm.models.host.common.X509Provider
    public void importCertificate(String str, Certificate certificate) throws IOException, PKCSException, NoSuchAlgorithmException, KeyStoreException, CertificateException {
        KeyStore loadKeystore = loadKeystore();
        loadKeystore.setCertificateEntry(str, certificate);
        FileOutputStream fileOutputStream = new FileOutputStream(getKeyStoreLocation());
        loadKeystore.store(fileOutputStream, getKeyStorePassword().toCharArray());
        fileOutputStream.close();
    }

    @Override // com.ibm.etools.sfm.models.host.common.X509Provider
    public String getKeyStoreLocation() {
        return SystemKeystoreProviderManager.getInstance().getDefaultProvider().getKeyStorePath();
    }

    @Override // com.ibm.etools.sfm.models.host.common.X509Provider
    public String getKeyStorePassword() {
        return SystemKeystoreProviderManager.getInstance().getDefaultProvider().getKeyStorePassword();
    }

    private KeyStore loadKeystore() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        File file = new File(getKeyStoreLocation());
        FileInputStream fileInputStream = null;
        if (file.exists()) {
            fileInputStream = new FileInputStream(file);
        }
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(fileInputStream, getKeyStorePassword().toCharArray());
        if (fileInputStream != null) {
            fileInputStream.close();
        }
        return keyStore;
    }

    private void loadWellKnownCertificates() throws IOException, PKCSException {
        ArrayList arrayList = new ArrayList();
        InputStream resourceAsStream = Session.class.getClassLoader().getResourceAsStream(HostSecurityConstants.TRUSTEDCA_P12_FILENAME);
        Certificate[] certificates = new PFX(getBytesFromInputStream(resourceAsStream)).getCertificates(new char[]{'h', 'o', 'd'});
        for (int i = 0; i < certificates.length; i++) {
            if (certificates[i] instanceof X509Certificate) {
                arrayList.add((X509Certificate) certificates[i]);
            }
        }
        resourceAsStream.close();
        this.known = new Certificate[arrayList.size()];
        this.known = (Certificate[]) arrayList.toArray(this.known);
    }

    private static byte[] getBytesFromInputStream(InputStream inputStream) throws IOException {
        byte[] bArr;
        int read;
        int available = inputStream.available();
        int i = 0;
        byte[] bArr2 = new byte[available];
        while (available > 0 && (read = inputStream.read((bArr = new byte[available]))) >= 0) {
            for (int i2 = 0; i2 < read; i2++) {
                bArr2[i + i2] = bArr[i2];
            }
            i += read;
            available -= read;
        }
        return bArr2;
    }
}
