package org.nhindirect.stagent.cert.tools;

import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.OutputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.IOUtils;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.nhindirect.stagent.CryptoExtensions;
import org.nhindirect.stagent.NHINDException;
import org.nhindirect.stagent.cert.X509CertificateEx;

/* loaded from: input_file:org/nhindirect/stagent/cert/tools/StripP12Passphrase.class */
public class StripP12Passphrase {
    private static File p12File;
    private static String filePassPhrase = "";
    private static String keyPassPhrase = "";
    private static File createFile;

    public static void main(String[] strArr) {
        if (strArr.length == 0) {
            System.err.println("Invalid number of arguments: can't have 0 arguments.");
            printUsage();
            System.exit(-1);
        }
        int i = 0;
        while (i < strArr.length) {
            String str = strArr[i];
            if (!str.startsWith("-")) {
                System.err.println("Error: Unexpected argument [" + str + "]\n");
                printUsage();
                System.exit(-1);
            } else if (str.equalsIgnoreCase("-p12")) {
                if (i == strArr.length - 1 || strArr[i + 1].startsWith("-")) {
                    System.err.println("Error: p12 file name.");
                    System.exit(-1);
                }
                i++;
                p12File = new File(strArr[i]);
            } else if (str.equals("-filePass")) {
                if (i == strArr.length - 1 || strArr[i + 1].startsWith("-")) {
                    System.err.println("Error: Missing p12 file passphrase.");
                    System.exit(-1);
                }
                i++;
                filePassPhrase = strArr[i];
            } else if (str.equals("-keyPass")) {
                if (i == strArr.length - 1 || strArr[i + 1].startsWith("-")) {
                    System.err.println("Error: Missing private key passphrase.");
                    System.exit(-1);
                }
                i++;
                keyPassPhrase = strArr[i];
            } else if (str.equals("-out")) {
                if (i == strArr.length - 1 || strArr[i + 1].startsWith("-")) {
                    System.err.println("Error: Missing output file.");
                    System.exit(-1);
                }
                i++;
                createFile = new File(strArr[i]);
            } else if (str.equals("-help")) {
                printUsage();
                System.exit(-1);
            } else {
                System.err.println("Error: Unknown argument " + str + "\n");
                printUsage();
                System.exit(-1);
            }
            i++;
        }
        if (validateParameters()) {
            stripP12File();
        }
        System.exit(0);
    }

    private static void stripP12File() {
        FileOutputStream fileOutputStream = null;
        try {
            try {
                byte[] loadFileData = loadFileData(p12File);
                if (loadFileData != null) {
                    X509CertificateEx certFromData = certFromData(loadFileData);
                    if (certFromData == null) {
                        IOUtils.closeQuietly((OutputStream) null);
                        return;
                    }
                    File pKCS12OutFile = getPKCS12OutFile();
                    KeyStore keyStore = KeyStore.getInstance("PKCS12", CryptoExtensions.getJCEProviderName());
                    keyStore.load(null, null);
                    char[] charArray = "".toCharArray();
                    keyStore.setKeyEntry("privCert", certFromData.getPrivateKey(), charArray, new Certificate[]{certFromData});
                    fileOutputStream = new FileOutputStream(pKCS12OutFile);
                    keyStore.store(fileOutputStream, charArray);
                    System.out.println("Created pcks12 file " + createFile.getAbsolutePath());
                }
                IOUtils.closeQuietly(fileOutputStream);
            } catch (Exception e) {
                System.out.println("Could not create p12 file " + e.getMessage());
                IOUtils.closeQuietly(fileOutputStream);
            }
        } catch (Throwable th) {
            IOUtils.closeQuietly(fileOutputStream);
            throw th;
        }
    }

    private static boolean validateParameters() {
        if (p12File == null) {
            System.out.println("Missing input p12 file name");
            return false;
        }
        if (p12File.exists()) {
            return true;
        }
        System.out.println("P12 file " + p12File.getAbsolutePath() + " does not exist.");
        return false;
    }

    private static byte[] loadFileData(File file) throws Exception {
        return FileUtils.readFileToByteArray(file);
    }

    private static File getPKCS12OutFile() throws Exception {
        if (createFile == null) {
            String name = p12File.getName();
            int lastIndexOf = name.lastIndexOf(".");
            if (lastIndexOf > -1) {
                name = name.substring(0, lastIndexOf);
            }
            createFile = new File(name + "_nopass.p12");
        }
        if (createFile.exists()) {
            createFile.delete();
        }
        createFile.createNewFile();
        return createFile;
    }

    private static X509CertificateEx certFromData(byte[] bArr) {
        X509CertificateEx x509CertificateEx = null;
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            try {
                KeyStore keyStore = KeyStore.getInstance("PKCS12", CryptoExtensions.getJCEProviderName());
                keyStore.load(byteArrayInputStream, filePassPhrase.toCharArray());
                Enumeration<String> aliases = keyStore.aliases();
                if (aliases.hasMoreElements()) {
                    String nextElement = aliases.nextElement();
                    X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(nextElement);
                    Key key = keyStore.getKey(nextElement, keyPassPhrase.toCharArray());
                    if (key != null && (key instanceof PrivateKey)) {
                        x509CertificateEx = X509CertificateEx.fromX509Certificate(x509Certificate, (PrivateKey) key);
                    }
                }
            } catch (Exception e) {
                System.out.println("Error decoding p12 input file: " + e.getMessage());
            }
            IOUtils.closeQuietly(byteArrayInputStream);
            return x509CertificateEx;
        } catch (Exception e2) {
            throw new NHINDException("Data cannot be converted to a valid X.509 Certificate", e2);
        }
    }

    private static void printUsage() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("Usage:\n");
        stringBuffer.append("java StripP12Passphrase (options)...\n\n");
        stringBuffer.append("options:\n");
        stringBuffer.append("-p12        p12 File         P12 formatted file to strip the passphrase from.\n");
        stringBuffer.append("\n");
        stringBuffer.append("-filePass   File passphrase  Optional file passphrase protecting the p12 file.\n");
        stringBuffer.append("            Default: \"\"\n\n");
        stringBuffer.append("-keyPass    Key passphrase   Optional private key passphrase protecting the internal private key.\n");
        stringBuffer.append("            Default: \"\"\n\n");
        stringBuffer.append("-out        Out File         Optional output file name.\n");
        stringBuffer.append("            Default: <p12 file>_nopass.p12\n\n");
        System.err.println(stringBuffer);
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
    }
}
