package org.structr.function;

import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.PrintStream;
import java.math.BigInteger;
import java.security.DigestOutputStream;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.Map;
import java.util.jar.Attributes;
import java.util.jar.JarEntry;
import java.util.jar.JarOutputStream;
import java.util.jar.Manifest;
import java.util.logging.Level;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.DEROutputStream;
import org.bouncycastle.cert.jcajce.JcaCertStore;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.CMSProcessableByteArray;
import org.bouncycastle.cms.CMSSignedDataGenerator;
import org.bouncycastle.cms.CMSTypedData;
import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
import org.bouncycastle.util.encoders.Base64;
import org.bouncycastle.x509.X509V3CertificateGenerator;
import org.structr.common.error.FrameworkException;
import org.structr.core.GraphObject;
import org.structr.schema.action.ActionContext;

/* loaded from: input_file:org/structr/function/CreateJarFileFunction.class */
public class CreateJarFileFunction extends UiFunction {
    public String getName() {
        return "create_jar_file";
    }

    public Object apply(ActionContext actionContext, GraphObject graphObject, Object[] objArr) throws FrameworkException {
        if (!arrayHasMinLengthAndAllElementsNotNull(objArr, 2)) {
            logParameterError(graphObject, objArr, actionContext.isJavaScriptContext());
            return "";
        }
        if (!(objArr[0] instanceof OutputStream)) {
            logger.log(Level.WARNING, "First parameter of create_jar_file() must be an output stream. Parameters: {0}", getParametersAsString(objArr));
            return "First parameter of create_jar_file() must be an output stream.";
        }
        try {
            JarOutputStream jarOutputStream = new JarOutputStream((OutputStream) objArr[0]);
            MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
            Manifest manifest = new Manifest();
            Attributes mainAttributes = manifest.getMainAttributes();
            PrivateKey orCreatePrivateKey = getOrCreatePrivateKey("RSA", "SHA1PRNG", "SHA1withRSA");
            X509Certificate orCreateCertificate = getOrCreateCertificate("RSA", "SHA1PRNG", "SHA1withRSA");
            System.out.println("This is the fingerprint of the keystore: " + hex(orCreateCertificate));
            jarOutputStream.setLevel(9);
            mainAttributes.put(Attributes.Name.MANIFEST_VERSION, "1.0");
            for (Object obj : objArr) {
                if (obj != null && (obj instanceof NameAndContent)) {
                    NameAndContent nameAndContent = (NameAndContent) obj;
                    JarEntry jarEntry = new JarEntry(nameAndContent.getName());
                    byte[] bytes = nameAndContent.getContent().getBytes("utf-8");
                    jarEntry.setTime(System.currentTimeMillis());
                    jarOutputStream.putNextEntry(jarEntry);
                    jarOutputStream.write(bytes);
                    jarOutputStream.closeEntry();
                    jarOutputStream.flush();
                    messageDigest.update(bytes);
                    Attributes attributes = manifest.getAttributes(jarEntry.getName());
                    if (attributes == null) {
                        attributes = new Attributes();
                        manifest.getEntries().put(jarEntry.getName(), attributes);
                    }
                    attributes.putValue("SHA1-Digest", new String(Base64.encode(messageDigest.digest()), "ASCII"));
                }
            }
            jarOutputStream.putNextEntry(new JarEntry("META-INF/MANIFEST.MF"));
            manifest.write(jarOutputStream);
            byte[] signatureForManifest = getSignatureForManifest(manifest, "SHA1");
            jarOutputStream.putNextEntry(new JarEntry("META-INF/CERT.SF"));
            jarOutputStream.write(signatureForManifest);
            if (orCreatePrivateKey == null || orCreateCertificate == null) {
                System.out.println("No certificate / key found, signinig disabled.");
            } else {
                jarOutputStream.putNextEntry(new JarEntry("META-INF/CERT." + orCreatePrivateKey.getAlgorithm()));
                writeSignatureBlock(jarOutputStream, "SHA1", new CMSProcessableByteArray(signatureForManifest), orCreateCertificate, orCreatePrivateKey);
            }
            jarOutputStream.flush();
            jarOutputStream.finish();
            return "";
        } catch (Throwable th) {
            logException(graphObject, th, objArr);
            return "";
        }
    }

    public String usage(boolean z) {
        return "create_jar_file()";
    }

    public String shortDescription() {
        return "Creates a signed JAR file from the given contents.";
    }

    private byte[] getSignatureForManifest(Manifest manifest, String str) throws IOException, GeneralSecurityException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        Manifest manifest2 = new Manifest();
        Attributes mainAttributes = manifest2.getMainAttributes();
        MessageDigest messageDigest = MessageDigest.getInstance(str);
        PrintStream printStream = new PrintStream((OutputStream) new DigestOutputStream(new ByteArrayOutputStream(), messageDigest), true, "UTF-8");
        mainAttributes.putValue("Signature-Version", "1.0");
        manifest.write(printStream);
        printStream.flush();
        mainAttributes.putValue(str + "-Digest-Manifest", new String(Base64.encode(messageDigest.digest()), "ASCII"));
        for (Map.Entry<String, Attributes> entry : manifest.getEntries().entrySet()) {
            printStream.print("Name: " + entry.getKey() + "\r\n");
            for (Map.Entry<Object, Object> entry2 : entry.getValue().entrySet()) {
                printStream.print(entry2.getKey() + ": " + entry2.getValue() + "\r\n");
            }
            printStream.print("\r\n");
            printStream.flush();
            Attributes attributes = new Attributes();
            attributes.putValue(str + "-Digest", new String(Base64.encode(messageDigest.digest()), "ASCII"));
            manifest2.getEntries().put(entry.getKey(), attributes);
        }
        manifest2.write(byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    private void writeSignatureBlock(JarOutputStream jarOutputStream, String str, CMSTypedData cMSTypedData, X509Certificate x509Certificate, PrivateKey privateKey) throws IOException, CertificateEncodingException, OperatorCreationException, CMSException {
        ArrayList arrayList = new ArrayList();
        arrayList.add(x509Certificate);
        JcaCertStore jcaCertStore = new JcaCertStore(arrayList);
        CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
        cMSSignedDataGenerator.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().build()).setDirectSignature(true).build(new JcaContentSignerBuilder(str + "with" + privateKey.getAlgorithm()).build(privateKey), x509Certificate));
        cMSSignedDataGenerator.addCertificates(jcaCertStore);
        new DEROutputStream(jarOutputStream).writeObject(new ASN1InputStream(cMSSignedDataGenerator.generate(cMSTypedData, false).getEncoded()).readObject());
    }

    private PrivateKey getOrCreatePrivateKey(String str, String str2, String str3) {
        KeyStore orCreateKeystore = getOrCreateKeystore(str, str2, str3);
        if (orCreateKeystore == null) {
            return null;
        }
        try {
            return (PrivateKey) orCreateKeystore.getKey("priv", "test".toCharArray());
        } catch (Throwable th) {
            logger.log(Level.WARNING, "", th);
            return null;
        }
    }

    private X509Certificate getOrCreateCertificate(String str, String str2, String str3) {
        KeyStore orCreateKeystore = getOrCreateKeystore(str, str2, str3);
        if (orCreateKeystore == null) {
            return null;
        }
        try {
            return (X509Certificate) orCreateKeystore.getCertificate("cert");
        } catch (Throwable th) {
            logger.log(Level.WARNING, "", th);
            return null;
        }
    }

    private KeyStore getOrCreateKeystore(String str, String str2, String str3) {
        File file = new File("test.keystore");
        if (file.exists()) {
            try {
                FileInputStream fileInputStream = new FileInputStream(file);
                Throwable th = null;
                try {
                    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                    keyStore.load(fileInputStream, "test".toCharArray());
                    if (fileInputStream != null) {
                        if (0 != 0) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                    return keyStore;
                } finally {
                }
            } catch (Throwable th3) {
                logger.log(Level.WARNING, "", th3);
                return null;
            }
        }
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(file);
            Throwable th4 = null;
            try {
                try {
                    KeyStore keyStore2 = KeyStore.getInstance(KeyStore.getDefaultType());
                    keyStore2.load(null, "test".toCharArray());
                    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str);
                    keyPairGenerator.initialize(1024, SecureRandom.getInstance(str2));
                    KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
                    SimpleDateFormat simpleDateFormat = new SimpleDateFormat("dd.MM.yyyy");
                    Date parse = simpleDateFormat.parse("01.01.2015");
                    Date parse2 = simpleDateFormat.parse("01.01.2017");
                    BigInteger valueOf = BigInteger.valueOf(1234L);
                    X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
                    X500Principal x500Principal = new X500Principal("CN=Test CA Certificate");
                    x509V3CertificateGenerator.setSerialNumber(valueOf);
                    x509V3CertificateGenerator.setIssuerDN(x500Principal);
                    x509V3CertificateGenerator.setNotBefore(parse);
                    x509V3CertificateGenerator.setNotAfter(parse2);
                    x509V3CertificateGenerator.setSubjectDN(x500Principal);
                    x509V3CertificateGenerator.setPublicKey(generateKeyPair.getPublic());
                    x509V3CertificateGenerator.setSignatureAlgorithm(str3);
                    X509Certificate generate = x509V3CertificateGenerator.generate(generateKeyPair.getPrivate(), "BC");
                    keyStore2.setCertificateEntry("cert", generate);
                    keyStore2.setKeyEntry("priv", generateKeyPair.getPrivate(), "test".toCharArray(), new Certificate[]{generate});
                    keyStore2.store(fileOutputStream, "test".toCharArray());
                    fileOutputStream.flush();
                    if (fileOutputStream != null) {
                        if (0 != 0) {
                            try {
                                fileOutputStream.close();
                            } catch (Throwable th5) {
                                th4.addSuppressed(th5);
                            }
                        } else {
                            fileOutputStream.close();
                        }
                    }
                    return keyStore2;
                } catch (Throwable th6) {
                    th4 = th6;
                    throw th6;
                }
            } finally {
            }
        } catch (Throwable th7) {
            logger.log(Level.WARNING, "", th7);
            return null;
        }
    }

    public String hex(Certificate certificate) {
        byte[] bArr;
        try {
            bArr = certificate.getEncoded();
        } catch (CertificateEncodingException e) {
            bArr = new byte[0];
        }
        return hex(bArr);
    }

    public String hex(byte[] bArr) {
        byte[] bArr2 = new byte[bArr.length * 2];
        for (int i = 0; i < bArr.length; i++) {
            byte b = bArr[i];
            int i2 = (b >> 4) & 15;
            bArr2[i * 2] = (byte) (i2 >= 10 ? (97 + i2) - 10 : 48 + i2);
            int i3 = b & 15;
            bArr2[(i * 2) + 1] = (byte) (i3 >= 10 ? (97 + i3) - 10 : 48 + i3);
        }
        return new String(bArr2);
    }
}
