package com.ibm.cfwk.tools;

import com.ibm.asn1.ASN1OID;
import com.ibm.cfwk.API;
import com.ibm.cfwk.Key;
import com.ibm.cfwk.RandomEngine;
import com.ibm.cfwk.RandomSource;
import com.ibm.cfwk.Vault;
import com.ibm.cfwk.VaultItem;
import com.ibm.cfwk.builtin.SoftVault;
import com.ibm.cfwk.key.RSAKey;
import com.ibm.cfwk.pkcs.PKCS12PBE;
import com.ibm.cfwk.pkcs.PKCS12Util;
import com.ibm.cfwk.pki.X509Chain;
import com.ibm.util.getopt.ArgEater;
import com.ibm.util.getopt.FileData;
import com.ibm.util.getopt.GUITrigger;
import com.ibm.util.getopt.GetOptSpec;
import com.ibm.util.getopt.HelpOption;
import com.ibm.util.getopt.KeywordData;
import com.ibm.util.getopt.Option;
import com.ibm.util.getopt.OptionSet;
import com.ibm.util.getopt.StringData;
import java.io.IOException;
import java.io.OutputStream;

/* loaded from: input_file:lib/swimport.zip:com/ibm/cfwk/tools/MakeP12Tool.class */
public class MakeP12Tool {
    static final String cmd = "mkp12";
    static final String doc = "Create PKCS#12 PDU.";
    static API api;
    static ASN1OID[] algIds;
    static String[] algTypes;
    static KeywordData encAlg;
    static Option encAlgOpt;
    static StringData passwd;
    static StringData vaultSpec;
    static StringData keyLabel;
    static StringData p12Passwd;
    static FileData p12File;
    static Option gui;
    static Option verbose;
    static Option[] opts;
    static ArgEater[] args;
    static GetOptSpec spec;
    static Class class$com$ibm$cfwk$Key;
    static Class class$com$ibm$cfwk$pki$X509Chain;

    private static void exit(String str, int i) {
        if (str != null) {
            System.err.println(new StringBuffer("mkp12: ").append(str).toString());
        }
        if (api != null) {
            api.close();
        }
        api = null;
        System.exit(i);
        throw new Error("Returned from System.exit");
    }

    private static Vault openVault(StringData stringData, StringData stringData2) throws IOException {
        String string = stringData2.getString();
        String string2 = stringData.getString();
        if (string2.equals("-")) {
            string2 = new PasswordDialog(false, stringData2.getString()).getPassword();
            if (string2 == null) {
                exit("Password input aborted.", 2);
            }
        }
        if (string.startsWith("soft:")) {
            string = string.substring(5);
        }
        return new SoftVault(string, string2, api);
    }

    public static void main(String[] strArr) {
        Class class$;
        Class class$2;
        spec.parse(strArr);
        try {
            Vault openVault = openVault(passwd, vaultSpec);
            String string = keyLabel.getString();
            if (class$com$ibm$cfwk$Key != null) {
                class$ = class$com$ibm$cfwk$Key;
            } else {
                class$ = class$("com.ibm.cfwk.Key");
                class$com$ibm$cfwk$Key = class$;
            }
            VaultItem findItem = openVault.findItem(class$, string);
            if (class$com$ibm$cfwk$pki$X509Chain != null) {
                class$2 = class$com$ibm$cfwk$pki$X509Chain;
            } else {
                class$2 = class$("com.ibm.cfwk.pki.X509Chain");
                class$com$ibm$cfwk$pki$X509Chain = class$2;
            }
            VaultItem findItem2 = openVault.findItem(class$2, string);
            if (findItem == null || findItem2 == null) {
                exit(new StringBuffer("The label '").append(string).append("' must refer to a key and a certificate chain object.").toString(), 1);
            }
            Key key = (Key) findItem.object();
            X509Chain x509Chain = (X509Chain) findItem2.object();
            RSAKey rSAKey = null;
            if (!key.keyType().equals(Key.RSA_CRT)) {
                exit(new StringBuffer("Only private keys of type RSA/private/CRT allowed: ").append(key.keyType()).toString(), 1);
            }
            try {
                rSAKey = (RSAKey) key.exportKeyMaterial(api);
            } catch (Exception e) {
                exit(new StringBuffer("Unable to export key material: ").append(e).toString(), 1);
            }
            RandomEngine makeRandomEngine = RandomSource.find("TL-Parity", api).makeRandomEngine();
            RandomEngine makeRandomEngine2 = RandomSource.find("SHA1", api).makeRandomEngine();
            makeRandomEngine2.seed(makeRandomEngine.extractRandomBytes(16));
            ASN1OID asn1oid = PKCS12PBE.SHA1_3DES3;
            if (encAlgOpt.isSet()) {
                int i = 0;
                while (true) {
                    if (i >= algTypes.length) {
                        break;
                    }
                    if (encAlg.getString().equals(algTypes[i])) {
                        asn1oid = algIds[i];
                        break;
                    }
                    i++;
                }
            }
            byte[] bArr = null;
            try {
                bArr = PKCS12Util.makePKCS12PDU(rSAKey, x509Chain, PKCS12PBE.makeBMPString(p12Passwd.getString()), asn1oid, makeRandomEngine2, api);
            } catch (Exception e2) {
                if (System.getProperty("PRINT.STACKTRACE") != null) {
                    e2.printStackTrace();
                }
                exit(new StringBuffer("Failed to create PKCS#12 PDU: ").append(e2).toString(), 1);
            }
            try {
                OutputStream outputStream = p12File.getOutputStream();
                outputStream.write(bArr);
                outputStream.close();
            } catch (Exception e3) {
                exit(new StringBuffer("Could not write file `").append(p12File.getString()).append("': ").append(e3).toString(), 1);
            }
        } catch (Exception e4) {
            if (System.getProperty("PRINT.STACKTRACE") != null) {
                e4.printStackTrace();
            }
            exit(new StringBuffer("Something failed: ").append(e4).toString(), 1);
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        try {
            api = new API() { // from class: com.ibm.cfwk.tools.MakeP12Tool.1
            }.open();
        } catch (Exception e) {
            exit(e.getMessage(), 1);
        }
        algIds = new ASN1OID[]{PKCS12PBE.SHA1_RC4_128, PKCS12PBE.SHA1_RC4_40, PKCS12PBE.SHA1_3DES3, PKCS12PBE.SHA1_2DES3, PKCS12PBE.SHA1_RC2_128, PKCS12PBE.SHA1_RC2_40};
        algTypes = new String[]{"RC4-128", "RC4-40", "3DES3", "2DES3", "RC2-128", "RC2-40"};
        encAlg = new KeywordData(null, null, algTypes, true, true);
        encAlgOpt = new Option("--alg", 'a', "Type of encryption algorithm", encAlg);
        passwd = new StringData("passwd", "The password to unlock vault. Without a password a vault cannot\nbe read, written, or created.\nIf the password is a dash then prompt for a new password.", null);
        vaultSpec = new StringData("vault", "The location of the vault. A format `pkcs11:sessnioname'\nrefers to a token based vault. All other\nnames refer to either a file or a URL", null);
        keyLabel = new StringData("keylabel", null, null);
        p12Passwd = new StringData("p12passwd", "The password to protect the PKCS#12 PDU.", null);
        p12File = new FileData("file", null, null, false, 0);
        gui = new GUITrigger();
        verbose = new Option("--verbose", (char) 0, null, null);
        opts = new Option[]{new HelpOption(), gui, encAlgOpt};
        args = new ArgEater[]{new OptionSet(opts, null), passwd, vaultSpec, keyLabel, p12Passwd, p12File};
        spec = new GetOptSpec(cmd, doc, args, 15, true, gui, null);
    }
}
