package com.ibm.rational.test.lt.models.wscore.datamodel.security.xmlsec.util;

import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.SecretKeySpec;
import org.apache.ws.security.util.WSSecurityUtil;
import org.apache.xml.security.algorithms.JCEMapper;
import org.jasypt.salt.RandomSaltGenerator;

/* loaded from: input_file:coremdl.jar:com/ibm/rational/test/lt/models/wscore/datamodel/security/xmlsec/util/SecurityKeyUtil.class */
public class SecurityKeyUtil {
    private static final String RSA = "RSA";
    private static final String AES = "AES";

    public static boolean isRSAAlias(KeyStore keyStore, String str) {
        try {
            Certificate certificate = keyStore.getCertificate(str);
            if (certificate == null) {
                return false;
            }
            return "RSA".equals(certificate.getPublicKey().getAlgorithm());
        } catch (KeyStoreException unused) {
            return false;
        }
    }

    public static boolean areExtendedLibrariesInstalled() {
        try {
            encrypt("sample text to encrypt", getKeyAESSpecification());
            return true;
        } catch (Exception unused) {
            return false;
        }
    }

    public static boolean canEncryptKey(String str, byte[] bArr) {
        try {
            Cipher cipherInstance = WSSecurityUtil.getCipherInstance(str);
            cipherInstance.init(1, WSSecurityUtil.prepareSecretKey(str, bArr));
            cipherInstance.doFinal("sample text to encrypt".getBytes());
            return true;
        } catch (Exception unused) {
            return false;
        }
    }

    public static boolean canEncryptKey(String str, String str2, X509Certificate x509Certificate) {
        try {
            createAndEncryptKey(str, str2, x509Certificate);
            return true;
        } catch (Exception unused) {
            return false;
        }
    }

    public static int getX509Version(X509Certificate x509Certificate) {
        return x509Certificate.getVersion();
    }

    private static SecretKeySpec getKeyAESSpecification() throws IOException, NoSuchAlgorithmException {
        byte[] bArr = new byte[16];
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(256);
        return new SecretKeySpec(keyGenerator.generateKey().getEncoded(), "AES");
    }

    public static boolean canEncryptEncryptedKey(String str, int i, X509Certificate x509Certificate) {
        try {
            Cipher cipherInstance = WSSecurityUtil.getCipherInstance(str);
            cipherInstance.init(1, x509Certificate.getPublicKey());
            cipherInstance.doFinal(getEphemeralKey(i));
            return true;
        } catch (Exception unused) {
            return false;
        }
    }

    private static byte[] getEphemeralKey(int i) throws Exception {
        SecureRandom secureRandom = SecureRandom.getInstance(RandomSaltGenerator.DEFAULT_SECURE_RANDOM_ALGORITHM);
        secureRandom.setSeed(System.currentTimeMillis());
        byte[] bArr = new byte[i / 8];
        secureRandom.nextBytes(bArr);
        return bArr;
    }

    private static void encrypt(String str, SecretKeySpec secretKeySpec) throws Exception {
        Cipher cipher = Cipher.getInstance("AES");
        cipher.init(1, secretKeySpec);
        cipher.doFinal(str.getBytes());
    }

    private static void createAndEncryptKey(String str, String str2, X509Certificate x509Certificate) throws Exception {
        byte[] encoded = getKeyGenerator(str).generateKey().getEncoded();
        Cipher cipherInstance = WSSecurityUtil.getCipherInstance(str2);
        cipherInstance.init(1, x509Certificate.getPublicKey());
        cipherInstance.doFinal(encoded);
    }

    private static KeyGenerator getKeyGenerator(String str) throws Exception {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(JCEMapper.getJCEKeyAlgorithmFromURI(str));
            if (str.equalsIgnoreCase("http://www.w3.org/2001/04/xmlenc#aes128-cbc")) {
                keyGenerator.init(128);
            } else if (str.equalsIgnoreCase("http://www.w3.org/2001/04/xmlenc#aes192-cbc")) {
                keyGenerator.init(192);
            } else if (str.equalsIgnoreCase("http://www.w3.org/2001/04/xmlenc#aes256-cbc")) {
                keyGenerator.init(256);
            }
            return keyGenerator;
        } catch (Exception e) {
            throw e;
        }
    }
}
