package com.ibm.rational.test.lt.models.wscore.datamodel.security.xmlsec.impl;

import com.ibm.rational.test.lt.models.ws.LoggingUtil;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.KeyConfiguration;
import com.ibm.rational.test.lt.models.wscore.datamodel.security.util.KeyStoreUtil;
import com.ibm.rational.test.lt.models.wscore.transport.noblck.impl.PemAccess;
import com.ibm.rational.test.lt.models.wscore.transport.noblck.impl.PemConverter;
import java.io.IOException;
import java.io.InputStreamReader;
import java.security.KeyStoreException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.Properties;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.components.crypto.CredentialException;
import org.apache.ws.security.components.crypto.Merlin;

/* loaded from: input_file:coremdl.jar:com/ibm/rational/test/lt/models/wscore/datamodel/security/xmlsec/impl/CustomCrypto.class */
public final class CustomCrypto extends Merlin {
    String storepass;
    String provider;
    String type;

    public CustomCrypto(KeyConfiguration keyConfiguration) throws CredentialException, IOException {
        super(null);
        this.storepass = null;
        this.provider = null;
        this.type = null;
        this.properties = new Properties();
        this.properties.put("org.apache.ws.security.crypto.merlin.keystore.password", keyConfiguration.getPassWord());
        this.storepass = keyConfiguration.getPassWord();
        loadThisStoreTryingTheseTypeOfFiles(keyConfiguration);
    }

    private void loadThisStoreTryingTheseTypeOfFiles(KeyConfiguration keyConfiguration) {
        if (keyConfiguration.getResourceProxy() != null && keyConfiguration.getResourceProxy().getPortablePath() != null) {
            String typeKeyStoreOrNull = KeyStoreTypeUtil.getTypeKeyStoreOrNull(keyConfiguration.getResourceProxy());
            if (typeKeyStoreOrNull != null) {
                if (typeKeyStoreOrNull.equals(KeyStoreUtil.PEM)) {
                    this.properties.put("org.apache.ws.security.crypto.merlin.keystore.type", "JKS");
                    this.type = "JKS";
                } else {
                    this.properties.put("org.apache.ws.security.crypto.merlin.keystore.type", typeKeyStoreOrNull);
                    this.type = typeKeyStoreOrNull;
                }
            }
            try {
                if (!KeyStoreUtil.PEM.equals(typeKeyStoreOrNull)) {
                    setKeyStore(load(keyConfiguration.getInputStream(), this.storepass, this.provider, this.type));
                    return;
                } else {
                    if (PemAccess.CanPerformPEMTransformation()) {
                        setKeyStore(PemConverter.createKeyStoreFromSingleCertAndPotentialKeyPair(new InputStreamReader(keyConfiguration.getInputStream()), keyConfiguration.getPassWord().toCharArray()));
                        return;
                    }
                    return;
                }
            } catch (Exception e) {
                LoggingUtil.INSTANCE.error(getClass(), e);
            }
        }
        throw new UnsupportedOperationException();
    }

    public String getAliasForX509Cert(byte[] bArr) throws WSSecurityException {
        boolean z = false;
        try {
            Enumeration<String> aliases = this.keystore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                Object[] certificateChain = this.keystore.getCertificateChain(nextElement);
                Object certificate = (certificateChain == null || certificateChain.length == 0) ? this.keystore.getCertificate(nextElement) : certificateChain[0];
                if (certificate instanceof X509Certificate) {
                    byte[] sKIBytesFromCert = getSKIBytesFromCert((X509Certificate) certificate);
                    if (sKIBytesFromCert.length == bArr.length) {
                        int i = 0;
                        while (true) {
                            if (i >= sKIBytesFromCert.length) {
                                break;
                            }
                            if (sKIBytesFromCert[i] != bArr[i]) {
                                z = false;
                                break;
                            }
                            z = true;
                            i++;
                        }
                        if (z) {
                            return nextElement;
                        }
                    }
                }
            }
            return null;
        } catch (KeyStoreException unused) {
            throw new WSSecurityException(0, "keystore");
        }
    }
}
