package com.progress.ubroker.ssl;

import com.progress.common.util.crypto;
import com.progress.ubroker.util.Base64;
import com.rsa.certj.cert.X509Certificate;
import com.rsa.jsafe.JSAFE_Exception;
import com.rsa.jsafe.JSAFE_MessageDigest;
import com.rsa.jsafe.JSAFE_PrivateKey;
import com.rsa.jsafe.JSAFE_SecretKey;
import com.rsa.jsafe.JSAFE_SymmetricCipher;
import com.rsa.ssl.CipherSuite;
import com.rsa.ssl.SSLParams;
import com.rsa.ssl.SSLServerSocket;
import com.rsa.ssl.SSLSession;
import com.rsa.ssl.SSLSocket;
import com.rsa.ssl.ciphers.RSA_With_RC4_MD5;
import java.io.BufferedInputStream;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.EOFException;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.util.Date;
import java.util.Enumeration;
import java.util.StringTokenizer;
import java.util.Vector;

/* JADX WARN: Classes with same name are omitted:
  input_file:lib/o4glrt.jar:com/progress/ubroker/ssl/RSAKeyEntry.class
 */
/* loaded from: input_file:lib/progress.jar:com/progress/ubroker/ssl/RSAKeyEntry.class */
public class RSAKeyEntry {
    private static final int PEM_WHITE_SPACE = 0;
    private static final int PEM_CERTIFICATE = 1;
    private static final int PEM_X509_CERTIFICATE = 2;
    private static final int PEM_PKCS8_PRIVATE_KEY = 3;
    private static final int PEM_RSA_PRIVATE_KEY = 4;
    private static final int PEM_DSA_PRIVATE_KEY = 5;
    private static final String[] m_pemBeginStrings = {"", "-BEGIN CERTIFICATE-", "-BEGIN X509 CERTIFICATE-", "-BEGIN ENCRYPTED PRIVATE KEY-", "-BEGIN RSA PRIVATE KEY-", "-BEGIN DSA PRIVATE KEY-"};
    private static final String[] m_pemEndStrings = {"", "-END CERTIFICATE-", "-END X509 CERTIFICATE-", "-END ENCRYPTED PRIVATE KEY-", "-END RSA PRIVATE KEY-", "-END DSA PRIVATE KEY-"};
    public static final int NO_PRIVATE_KEY = 0;
    public static final int PKCS_1_KEY = 1;
    public static final int PKCS_8_KEY = 2;
    protected boolean m_flagDebug = true;
    protected boolean m_flagIgnoreLoadErrors = false;
    protected Vector m_certData = new Vector();
    protected byte[] m_pkcs1KeyData = null;
    protected byte[] m_pkcs8KeyData = null;
    protected String m_passwd = null;
    protected boolean m_pkcs8KeyLoaded = false;
    protected String m_algorithm = null;
    protected String m_iv = null;
    public PrintWriter m_printStream = new PrintWriter(System.out);

    public int loadedKeyType() {
        int i = 0;
        if (null != this.m_pkcs1KeyData) {
            i = 1;
        } else if (null != this.m_pkcs8KeyData) {
            i = 2;
        }
        return i;
    }

    public void loadKeyEntry(String str) throws IOException {
        try {
            loadKeyEntry(new File(str));
        } catch (InvalidCertificateException e) {
            throw e;
        } catch (IOException e2) {
            KeyException keyException = new KeyException(e2.getMessage());
            keyException.initCause(e2);
            throw keyException;
        }
    }

    public void loadKeyEntry(File file) throws IOException {
        String canonicalPath = file.getCanonicalPath();
        FileInputStream fileInputStream = new FileInputStream(file);
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(fileInputStream));
        if (this.m_flagDebug) {
            println("Reading from file: " + canonicalPath);
        }
        try {
            boolean readPem = readPem(bufferedReader);
            fileInputStream.close();
            if (!readPem) {
                if (!this.m_flagIgnoreLoadErrors) {
                    throw new IOException("No key/certificate found in the PEM file");
                }
                println("No certificate found in PEM file");
            }
        } catch (IOException e) {
            fileInputStream.close();
            if (!this.m_flagIgnoreLoadErrors) {
                throw e;
            }
        }
    }

    public X509Certificate[] certificates() {
        if (this.m_certData.isEmpty()) {
            return null;
        }
        X509Certificate[] x509CertificateArr = new X509Certificate[this.m_certData.size()];
        int i = 0;
        Enumeration elements = this.m_certData.elements();
        while (elements.hasMoreElements()) {
            int i2 = i;
            i++;
            x509CertificateArr[i2] = (X509Certificate) elements.nextElement();
        }
        return x509CertificateArr;
    }

    public byte[] pkcs1Key(String str) throws IOException {
        byte[] bArr = null;
        if (null == str) {
            getPassword();
            this.m_passwd = new crypto().encrypt(this.m_passwd);
        } else {
            this.m_passwd = str;
        }
        if (!this.m_pkcs8KeyLoaded) {
            bArr = decryptKeyBytes(this.m_pkcs1KeyData, this.m_passwd);
            convertToPKCS8(bArr);
        }
        return bArr;
    }

    public byte[] pkcs8Key() {
        if (this.m_pkcs8KeyLoaded) {
            return this.m_pkcs8KeyData;
        }
        return null;
    }

    private static byte[] encodeLength(int i) {
        byte[] bArr = null;
        if (i <= 127) {
            bArr = new byte[]{(byte) i};
        } else if (i <= 255) {
            bArr = new byte[]{-127, (byte) i};
        } else if (i <= 65535) {
            bArr = new byte[]{-126, (byte) (i >>> 8), (byte) i};
        }
        return bArr;
    }

    private static void destroyByteArray(byte[] bArr) {
        if (bArr != null) {
            for (int i = 0; i < bArr.length; i++) {
                bArr[i] = 0;
            }
        }
    }

    private void println(String str) {
        this.m_printStream.println(str);
    }

    protected void createAndStoreBinaryCertificate(byte[] bArr) throws IOException {
        try {
            if (this.m_flagDebug) {
                println("Creating X509Certificate...");
            }
            X509Certificate x509Certificate = new X509Certificate(bArr, 0, 0);
            if (this.m_flagDebug) {
                println("Storing X509Certificate...");
            }
            if (!x509Certificate.checkValidityDate(new Date())) {
                throw new InvalidCertificateException(x509Certificate.getStartDate(), x509Certificate.getEndDate());
            }
            this.m_certData.addElement(x509Certificate);
            if (this.m_flagDebug) {
                println("Certificate subject: " + x509Certificate.getSubjectName().toString());
                println("Certificate expires: " + x509Certificate.getEndDate().toString());
            }
        } catch (InvalidCertificateException e) {
            throw e;
        } catch (Exception e2) {
            if (!this.m_flagIgnoreLoadErrors) {
                throw new IOException("Can't create X509Certiciate : " + e2.toString());
            }
            println("Can't create X509Certiciate : " + e2.toString());
        }
    }

    protected boolean readPKCS8BinaryKey(BufferedInputStream bufferedInputStream) throws Exception, IOException, InstantiationException {
        if (null != this.m_pkcs8KeyData) {
            throw new IOException("Attempting to load more than one private key.");
        }
        if (null == bufferedInputStream) {
            throw new IOException("Attempting to load private key from a null stream.");
        }
        if (this.m_flagDebug) {
            println("Loading " + bufferedInputStream.available() + " bytes of encrypted private key data...");
        }
        this.m_pkcs8KeyData = new byte[bufferedInputStream.available()];
        if (0 == bufferedInputStream.read(this.m_pkcs8KeyData, 0, bufferedInputStream.available())) {
            throw new IOException("Error reading 0 bytes from file before EOL");
        }
        return false;
    }

    protected boolean readBinaryCert(BufferedInputStream bufferedInputStream) throws Exception, IOException, InstantiationException {
        int i = 0;
        byte[] bArr = new byte[4096];
        while (0 != bufferedInputStream.available()) {
            int read = bufferedInputStream.read(bArr, i, bArr.length - i);
            if (read <= 0) {
                throw new IOException("Error reading 0 bytes from file before EOL");
            }
            i += read;
        }
        if (this.m_flagDebug) {
            println("  Loaded " + i + " bytes of certificate data.");
        }
        byte[] bArr2 = new byte[i];
        System.arraycopy(bArr, 0, bArr2, 0, i);
        createAndStoreBinaryCertificate(bArr2);
        return true;
    }

    private byte[] convertHexToBytes(String str) {
        byte[] bArr = new byte[str.length() / 2];
        for (int i = 0; i < bArr.length; i++) {
            bArr[i] = (byte) Integer.parseInt(str.substring(i * 2, (i * 2) + 2), 16);
        }
        return bArr;
    }

    private JSAFE_SecretKey generatePBEKey(byte[] bArr, int i, int i2, byte[] bArr2, int i3, int i4, int i5, String str, String str2) throws IOException {
        JSAFE_MessageDigest jSAFE_MessageDigest = null;
        int i6 = 0;
        int i7 = 0;
        int i8 = 0;
        if (str.equals("3DES_EDE")) {
            i7 = 24;
        } else if (str.equals("DES")) {
            i7 = 8;
        }
        byte[] bArr3 = new byte[16];
        byte[] bArr4 = new byte[i7];
        try {
            try {
                jSAFE_MessageDigest = JSAFE_MessageDigest.getInstance("MD5", "Java");
                do {
                    jSAFE_MessageDigest.digestInit();
                    int i9 = i6;
                    i6++;
                    if (i9 > 0) {
                        jSAFE_MessageDigest.digestUpdate(bArr3, 0, bArr3.length);
                    }
                    jSAFE_MessageDigest.digestUpdate(bArr, i, i2);
                    if (bArr2 != null) {
                        jSAFE_MessageDigest.digestUpdate(bArr2, i3, i4);
                    }
                    jSAFE_MessageDigest.digestFinal(bArr3, 0);
                    for (int i10 = 1; i10 < i5; i10++) {
                        jSAFE_MessageDigest.digestInit();
                        jSAFE_MessageDigest.digestUpdate(bArr3, 0, 16);
                        jSAFE_MessageDigest.digestFinal(bArr3, 0);
                    }
                    if (i7 > 0) {
                        for (int i11 = 0; i7 != 0 && i11 != 16; i11++) {
                            int i12 = i8;
                            i8++;
                            bArr4[i12] = bArr3[i11];
                            i7--;
                        }
                    }
                } while (i7 != 0);
                JSAFE_SecretKey jSAFE_SecretKey = JSAFE_SecretKey.getInstance(str, str2);
                jSAFE_SecretKey.setSecretKeyData(bArr4, 0, bArr4.length);
                if (jSAFE_MessageDigest != null) {
                    jSAFE_MessageDigest.clearSensitiveData();
                }
                destroyByteArray(bArr4);
                destroyByteArray(bArr3);
                return jSAFE_SecretKey;
            } catch (JSAFE_Exception e) {
                throw new IOException("Error generating key input data.");
            }
        } catch (Throwable th) {
            if (jSAFE_MessageDigest != null) {
                jSAFE_MessageDigest.clearSensitiveData();
            }
            destroyByteArray(bArr4);
            destroyByteArray(bArr3);
            throw th;
        }
    }

    protected byte[] decryptKeyBytes(byte[] bArr, String str) throws IOException {
        JSAFE_SecretKey generatePBEKey;
        JSAFE_SymmetricCipher jSAFE_SymmetricCipher;
        if (null == bArr) {
            throw new IOException("Cannot decrypt an empty RSA Private Key.");
        }
        if (null == this.m_algorithm) {
            throw new IOException("Cannot decrypt an empty RSA Private Key without an encryption algorithm.");
        }
        if (null == this.m_iv) {
            throw new IOException("Cannot decrypt an empty RSA Private Key without an initialization vector.");
        }
        int length = bArr.length;
        if (null == str) {
            throw new IOException("Attempting to decrypt a private key without a password");
        }
        byte[] bytes = new crypto().decrypt(str).getBytes();
        int length2 = bytes.length;
        byte[] convertHexToBytes = convertHexToBytes(this.m_iv);
        try {
            try {
                if (this.m_algorithm.equals("DES-EDE3-CBC")) {
                    generatePBEKey = generatePBEKey(bytes, 0, length2, convertHexToBytes, 0, convertHexToBytes.length, 1, "3DES_EDE", "Java");
                    jSAFE_SymmetricCipher = JSAFE_SymmetricCipher.getInstance("3DES_EDE/CBC/PKCS5Padding", "Java");
                } else {
                    generatePBEKey = generatePBEKey(bytes, 0, length2, convertHexToBytes, 0, convertHexToBytes.length, 1, "DES", "Java");
                    jSAFE_SymmetricCipher = JSAFE_SymmetricCipher.getInstance("DES/CBC/PKCS5Padding", "Java");
                }
                jSAFE_SymmetricCipher.setIV(convertHexToBytes, 0, convertHexToBytes.length);
                jSAFE_SymmetricCipher.decryptInit(generatePBEKey);
                byte[] bArr2 = new byte[jSAFE_SymmetricCipher.getOutputBufferSize(length)];
                jSAFE_SymmetricCipher.decryptFinal(bArr2, jSAFE_SymmetricCipher.decryptUpdate(bArr, 0, length, bArr2, 0));
                destroyByteArray(convertHexToBytes);
                destroyByteArray(bytes);
                return bArr2;
            } catch (JSAFE_Exception e) {
                throw new InvalidKeyException("Invalid private key input data.");
            }
        } catch (Throwable th) {
            destroyByteArray(convertHexToBytes);
            destroyByteArray(bytes);
            throw th;
        }
    }

    protected void convertToPKCS8(byte[] bArr) throws IOException {
        if (null == bArr) {
            throw new IOException("Cannot convert an empty key to PKCS #8");
        }
        int length = bArr.length;
        byte[] encodeLength = encodeLength(length);
        byte[] bArr2 = {2, 1, 0, 48, 13, 6, 9, 42, -122, 72, -122, -9, 13, 1, 1, 1, 5, 0, 4};
        int length2 = encodeLength.length + bArr2.length + length;
        byte[] encodeLength2 = encodeLength(length2);
        this.m_pkcs8KeyData = new byte[1 + length2 + encodeLength2.length];
        this.m_pkcs8KeyData[0] = 48;
        System.arraycopy(encodeLength2, 0, this.m_pkcs8KeyData, 1, encodeLength2.length);
        int length3 = 1 + encodeLength2.length;
        System.arraycopy(bArr2, 0, this.m_pkcs8KeyData, length3, bArr2.length);
        int length4 = length3 + bArr2.length;
        System.arraycopy(encodeLength, 0, this.m_pkcs8KeyData, length4, encodeLength.length);
        System.arraycopy(bArr, 0, this.m_pkcs8KeyData, length4 + encodeLength.length, length);
    }

    protected boolean readPem(BufferedReader bufferedReader) throws IOException {
        int i = 0;
        boolean z = true;
        while (z) {
            int i2 = 0;
            boolean z2 = false;
            z = true;
            while (true) {
                if (1 != 0) {
                    String readLine = bufferedReader.readLine();
                    if (null == readLine) {
                        z = false;
                    } else {
                        int i3 = 1;
                        while (true) {
                            if (i3 < m_pemBeginStrings.length) {
                                if (-1 != readLine.indexOf(m_pemBeginStrings[i3])) {
                                    if (this.m_flagDebug) {
                                        println(readLine);
                                    }
                                    i2 = i3;
                                } else {
                                    i3++;
                                }
                            }
                        }
                        if (0 < i2) {
                        }
                    }
                }
            }
            if (0 < i2) {
                boolean z3 = false;
                StringBuffer stringBuffer = new StringBuffer(4096);
                while (true) {
                    if (1 != 0) {
                        String readLine2 = bufferedReader.readLine();
                        if (null == readLine2) {
                            throw new EOFException("Unexpected end of file");
                        }
                        if (-1 != readLine2.indexOf(m_pemEndStrings[i2])) {
                            if (this.m_flagDebug) {
                                println(readLine2);
                            }
                            z2 = true;
                        } else if (4 != i2 || z3) {
                            if (this.m_flagDebug) {
                                println(readLine2);
                            }
                            stringBuffer.append(readLine2);
                        } else if (readLine2.startsWith("Proc-Type")) {
                            if (-1 == readLine2.indexOf("ENCRYPTED")) {
                                throw new IOException("Unencrypted RSA PRIVATE KEY is not supported.");
                            }
                        } else if (readLine2.startsWith("DEK-Info")) {
                            StringTokenizer stringTokenizer = new StringTokenizer(readLine2, " ,");
                            stringTokenizer.nextToken();
                            this.m_algorithm = stringTokenizer.nextToken();
                            this.m_iv = stringTokenizer.nextToken();
                            if (this.m_flagDebug) {
                                println("RSA Private Key algorithm: " + this.m_algorithm);
                                println("RSA Private Key IV: " + this.m_iv);
                            }
                        } else if (0 == readLine2.length()) {
                            z3 = true;
                        }
                    }
                }
                if (!z2) {
                    throw new IOException("Could not find matching " + m_pemEndStrings[i2]);
                }
                try {
                    if (this.m_flagDebug) {
                        println("Converting PEM type " + i2 + " to binary...");
                    }
                    switch (i2) {
                        case 1:
                        case 2:
                            readBinaryCert(new BufferedInputStream(new ByteArrayInputStream(Base64.decode(stringBuffer.toString()))));
                            break;
                        case 3:
                            if (null == this.m_pkcs8KeyData && null == this.m_pkcs1KeyData) {
                                this.m_pkcs8KeyLoaded = true;
                                readPKCS8BinaryKey(new BufferedInputStream(new ByteArrayInputStream(Base64.decode(stringBuffer.toString()))));
                                break;
                            } else {
                                if (!this.m_flagIgnoreLoadErrors) {
                                    throw new IOException("A private key has already been defined, skipping encrypted private key");
                                }
                                println("A private key has already been defined, skipping encrypted private key");
                                break;
                            }
                        case 4:
                            if (null == this.m_pkcs1KeyData && null == this.m_pkcs1KeyData) {
                                this.m_pkcs8KeyLoaded = false;
                                this.m_pkcs1KeyData = Base64.decode(stringBuffer.toString());
                                break;
                            } else {
                                if (!this.m_flagIgnoreLoadErrors) {
                                    throw new IOException("A private key has already been defined, skipping RSA private key");
                                }
                                println("A private key has already been defined, skipping RSA private key");
                                break;
                            }
                            break;
                        case 5:
                            throw new IOException("Unsupported PEM type:  DSA");
                        default:
                            if (!this.m_flagIgnoreLoadErrors) {
                                throw new IOException("Unknown PEM type : " + i2);
                            }
                            println("Cannot convert unknown PEM type to binary : " + i2);
                            break;
                    }
                    i++;
                } catch (InvalidCertificateException e) {
                    throw e;
                } catch (Exception e2) {
                    if (!this.m_flagIgnoreLoadErrors) {
                        throw new IOException("Cannot convert type " + i2 + " key/PEM certificate to binary : " + e2.toString());
                    }
                    println("Cannot convert PEM type " + i2 + " key/certificate to binary : " + e2.toString());
                    if (this.m_flagDebug) {
                        e2.printStackTrace(this.m_printStream);
                    }
                }
            }
        }
        return 0 < i;
    }

    protected void getPassword() throws IOException {
        byte[] bArr = new byte[16];
        System.out.print("Private key password? ");
        System.out.flush();
        System.in.read(bArr, 0, 16);
        this.m_passwd = new String(bArr);
        for (int i = 0; i < 16; i++) {
            bArr[i] = 0;
        }
        if (this.m_flagDebug) {
            System.out.println("Using password: " + this.m_passwd);
        }
    }

    public void addCertificate(SSLParams sSLParams, String str) throws IOException {
        if (this.m_pkcs8KeyLoaded) {
            sSLParams.addCertificateChainAndKey(certificates(), pkcs8Key(), str.toCharArray());
            return;
        }
        try {
            pkcs1Key(str);
            sSLParams.addCertificateChainAndKey(certificates(), JSAFE_PrivateKey.getInstance(this.m_pkcs8KeyData, 0, "Java"));
        } catch (JSAFE_Exception e) {
            throw new IOException(e.getMessage());
        }
    }

    public void run(String[] strArr) throws Exception {
        if (0 == strArr.length) {
            println("usage: KeyCertLoader <keycertfile>.pem [password]");
            return;
        }
        if (null != System.getProperty("debug")) {
            this.m_flagDebug = true;
        }
        if (2 > strArr.length) {
            throw new IOException("Insufficient key-path and password arguments");
        }
        loadKeyEntry(strArr[0]);
        SSLParams sSLParams = new SSLParams();
        if (null != System.getProperty("debugssl")) {
            SSLParams.setDebug(2);
        }
        sSLParams.setCipherSuites(new CipherSuite[]{new RSA_With_RC4_MD5()});
        sSLParams.setVersions(new int[]{768});
        if (this.m_certData.size() <= 0) {
            System.out.println("No Certificates loaded, cannot set SSLParams");
            return;
        }
        if (null == this.m_pkcs8KeyData && null == this.m_pkcs1KeyData) {
            System.out.println("No private keys loaded, cannot set SSLParams");
            return;
        }
        if (this.m_flagDebug) {
            System.out.println("Adding X509Certificate array and private key to SSLParams...");
        }
        if (this.m_pkcs8KeyLoaded) {
            sSLParams.addCertificateChainAndKey(certificates(), pkcs8Key(), strArr[1].toCharArray());
        } else {
            pkcs1Key(strArr[1]);
            sSLParams.addCertificateChainAndKey(certificates(), JSAFE_PrivateKey.getInstance(this.m_pkcs8KeyData, 0, "Java"));
        }
        if (this.m_flagDebug) {
            System.out.println("Creating server socket on port 4443...");
        }
        SSLServerSocket sSLServerSocket = new SSLServerSocket(4443, 5, sSLParams);
        if (this.m_flagDebug) {
            System.out.println("Accepting connection on port 4443...");
        }
        if (this.m_flagDebug) {
            System.out.println("    SSLServerSocket: " + sSLServerSocket.getClass().getName());
        }
        SSLSocket accept = sSLServerSocket.accept();
        if (this.m_flagDebug) {
            System.out.println("    Socket: " + accept.getClass().getName());
        }
        byte[] bArr = new byte[1024];
        InputStream inputStream = accept.getInputStream();
        if (this.m_flagDebug) {
            System.out.println("    InputStream: " + inputStream.getClass().getName());
        }
        if (this.m_flagDebug) {
            SSLSession session = accept.getSession();
            if (null != session) {
                System.out.println("    SSLSession:");
                System.out.println("        Peer:      " + session.getAddress());
                CipherSuite negotiatedCipehrSuite = session.getNegotiatedCipehrSuite();
                if (null != negotiatedCipehrSuite) {
                    System.out.println("        Cipher:    " + negotiatedCipehrSuite.getCipherSuiteName());
                } else {
                    System.out.println("        No Cipher Suite??");
                }
                X509Certificate[] clientCertChain = session.getClientCertChain();
                if (null != clientCertChain) {
                    for (int i = 0; i < clientCertChain.length; i++) {
                        System.out.println("        Client " + i + " Subject: " + clientCertChain[i].getSubjectName().toString());
                        System.out.println("        Client " + i + " Issuer: " + clientCertChain[i].getIssuerName().toString());
                    }
                } else {
                    System.out.println("        No Client Certificate??");
                }
            } else {
                System.out.println("    No SSLSession!");
            }
        }
        while (true) {
            int read = inputStream.read(bArr);
            if (-1 == read) {
                System.out.println("InputStream closed by peer.");
                accept.close();
                sSLServerSocket.close();
                return;
            } else {
                System.out.println("Received " + read + " bytes...");
                if (0 < read) {
                    System.out.println("Received: " + new String(bArr));
                }
            }
        }
    }

    public void setDebugWriter(PrintWriter printWriter) {
        if (printWriter == null) {
            return;
        }
        this.m_printStream = printWriter;
    }

    public static void main(String[] strArr) {
        try {
            new RSAKeyEntry().run(strArr);
        } catch (Exception e) {
            System.out.println("Error: " + e.toString());
            e.printStackTrace(System.out);
        }
    }
}
