package com.ibm.it.rome.slm.access;

import com.ibm.gsk.ikeyman.basic.KMSystem;
import com.ibm.it.rome.common.util.Base64Impl;
import com.ibm.it.rome.slm.catalogmanager.exporter.XMLTags;
import com.ibm.it.rome.slm.system.SlmPropertyNames;
import com.ibm.it.rome.slm.system.SlmRuntimeNames;
import com.ibm.it.rome.slm.system.Version;
import com.ibm.itam.camt.common.BuildVersion;
import com.ibm.security.pkcs10.CertificationRequest;
import com.ibm.security.pkcs10.CertificationRequestInfo;
import com.ibm.security.pkcs8.EncryptedPrivateKeyInfo;
import com.ibm.security.pkcs8.PrivateKeyInfo;
import com.ibm.security.pkcsutil.PKCSAttributes;
import com.ibm.security.pkcsutil.PKCSException;
import com.ibm.security.x509.X500Name;
import com.ibm.spi.IBMKeyStore;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Properties;
import java.util.Random;
import java.util.StringTokenizer;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:install/data/ITAMROOT0/4.2.0.0/assembly.dat:com/ibm/it/rome/slm/access/EncryptionAlgorithmBase.class */
public class EncryptionAlgorithmBase {
    static final String COPYRIGHT = "(C) Copyright IBM Corporation 2001-2005. All rights reserved.";
    public static final int ADMIN_SERVER_COMPONENT = 0;
    public static final int RUNTIME_SERVER_COMPONENT = 1;
    public static final int CATALOG_MANAGER_COMPONENT = 2;
    private static final int HEX_RADIX = 16;
    public static final String UTF8_ENCODING_NAME = "UTF-8";
    private static final String MD5_ALGORITHM = "MD5";
    private static final String SHA1_ALGORITHM = "SHA1";
    private static final String RSA_ALGORITHM = "RSA";
    private static final String RC240BIT_ALGORITHM = "40BitRC2";
    private static final String AES_ALGORITHM = "AES";
    private static final int MD5_SALT_LENGTH = 16;
    private static final int SHA1_SALT_LENGTH = 20;
    private static final int RSA_KEY_SIZE = 1024;
    private static final String IBM_JCE_FIPS_PROVIDER_NAME = "IBMJCEFIPS";
    public static final String JCE_TYPE_KEYSTORE = "JCEKS";
    private static final String IBM_JSSE_FIPS_PROVIDER_CLASS = "com.ibm.fips.jsse.IBMJSSEFIPSProvider";
    private static final String IBM_JCE_FIPS_PROVIDER_CLASS = "com.ibm.crypto.fips.provider.IBMJCEFIPS";
    private static final String COM_IBM_JSSE2_JSSEFIPS = "com.ibm.jsse2.JSSEFIPS";
    private static final String SSL_SOCKET_FACTORY = "ssl.SocketFactory.provider";
    private static final String IBM_JSSE_FIPS_SOCKET_FACTORY = "com.ibm.fips.jsse.JSSESocketFactory";
    private static final String SSL_SERVER_SOCKET_FACTORY = "ssl.ServerSocketFactory.provider";
    private static final String IBM_JSSE_FIPS_SERVER_SOCKET_FACTORY = "com.ibm.fips.jsse.JSSEServerSocketFactory";
    private static final String IBM_SECURE_RANDOM_GENERATOR = "IBMSecureRandom";
    public static final String MD5_HEX = "MD5_Hex";
    public static final String SHA1_HEX = "SHA1_Hex";
    public static final String MD5_BASE_64 = "MD5_Base64";
    public static final String SHA1_BASE_64 = "SHA1_Base64";
    public static final String TLM_ENCODE = "TLMEncode";
    private static final String PRIVATE_CERTIFICATE_LABEL = "itlm agent certificate";
    private static KeyPairGenerator rsaKeyPairGenerator;
    private static KeyGenerator keyGenerator;
    private static final String PRIV_KEY_HEADER = "-----BEGIN ENCRYPTED PRIVATE KEY-----\r\n";
    private static final String PRIV_KEY_FOOTER = "\r\n-----END ENCRYPTED PRIVATE KEY-----";
    private static final String TEMP_FILE_PREFIX = "ITLM_AGENT_KEY";
    private static final String KEY_STORE_FILE_NAME = "keys.jks";
    private static String KEY_STORE_PWD = "itlmkeystorepwd";
    public static String ADMIN_SUBSTRING = "admin";
    public static String RUNTIME_SUBSTRING = "runtime";
    public static final String IBM_JCE_PROVIDER_NAME = "IBMJCE";
    private static String currentJceProvider = IBM_JCE_PROVIDER_NAME;
    private static MessageDigest md5MessageDigest = null;
    private static boolean isMd5MessageDigestCloneable = false;
    private static MessageDigest sha1MessageDigest = null;
    private static boolean isSha1MessageDigestCloneable = false;
    private static boolean initialized = false;
    private static boolean kmInitialized = false;
    private static Key admDbPasswordKey = null;
    private static Key rtmDbPasswordKey = null;
    private static Key runtimePasswordKey = null;
    private static Key trustStorePasswordKey = null;
    public static String dbPasswordKeyLabel = SlmPropertyNames.DB_PASSWD;
    public static String runtimePasswordKeyLabel = SlmRuntimeNames.RUNTIME_PASSWORD;
    public static String trustStorePasswordKeyLabel = SlmRuntimeNames.TRUST_STORE_PASSWORD;
    public static String dbPasswordKeyAccessCode = dbPasswordKeyLabel.concat("AccessCode");
    public static String runtimePasswordKeyAccessCode = runtimePasswordKeyLabel.concat("AccessCode");
    public static String trustStorePasswordKeyAccessCode = trustStorePasswordKeyLabel.concat("AccessCode");
    private static String admKeyStoreName = null;
    private static String rtmKeyStoreName = null;
    private static byte[] alpha1 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-+=".getBytes();
    private static byte[] alpha2 = "+2abcpq<HI>KLM*O5PQs;u[de7f-ghiWX6n:3wx]8z=A4BC%EFG@1klm9TUV!RSYZ".getBytes();
    private static byte[] codes1 = new byte[256];
    private static byte[] codes2 = new byte[256];

    public static void main(String[] strArr) {
        String str = null;
        String str2 = null;
        String str3 = null;
        String str4 = null;
        String str5 = null;
        int length = strArr.length;
        if (length == 0) {
            printUsage("Incorrect number of parameters(0)");
            System.exit(1);
        }
        String str6 = strArr[0];
        if (!str6.equalsIgnoreCase("admin") && !str6.equalsIgnoreCase("runtime")) {
            printUsage(new StringBuffer().append("Unknown component (").append(str6).append(")").toString());
            System.exit(1);
        }
        boolean equalsIgnoreCase = str6.equalsIgnoreCase("admin");
        if (equalsIgnoreCase) {
            if (length != 3) {
                printUsage(new StringBuffer().append("Incorrect number of parameters (").append(length).append("), it must be 3").toString());
                System.exit(1);
            } else {
                str = strArr[1];
                str2 = strArr[2];
            }
        } else if (length != 5) {
            printUsage(new StringBuffer().append("Incorrect number of parameters (").append(length).append("), it must be 5").toString());
            System.exit(1);
        } else {
            str = strArr[1];
            str3 = strArr[2];
            str4 = strArr[3];
            str5 = strArr[4];
        }
        try {
            generateKeys(equalsIgnoreCase, str);
        } catch (Exception e) {
            e.printStackTrace();
            System.exit(1);
        }
        try {
            if (equalsIgnoreCase) {
                init(false, str, null);
                System.out.println(new StringBuffer().append("").append(convertAdminDbPwd(str2)).toString());
                System.exit(0);
            } else {
                init(false, null, str);
                System.out.println(new StringBuffer().append("").append(convertRuntimeDbPwd(str3)).toString());
                System.out.println(new StringBuffer().append("").append(convertRuntimePassword(str4)).toString());
                System.out.println(new StringBuffer().append("").append(convertTrustStorePassword(str5)).toString());
                System.exit(0);
            }
        } catch (Exception e2) {
            e2.printStackTrace();
            System.exit(1);
        }
    }

    private static void printUsage(String str) {
        System.out.println(new StringBuffer().append("Incorrect parameters:").append(str).toString());
        System.out.println("Usage: <component> <conf-dir> <password list>\n where\n <component> is 'admin' or 'runtime'\n <conf-dir> is the conf directory\n <password list> is (db password) for the admin, (db password, rt password, trust password) for the runtime");
    }

    protected EncryptionAlgorithmBase() {
    }

    public static final synchronized void initKmJni() throws Exception {
        if (kmInitialized) {
            return;
        }
        String property = System.getProperty("java.ext.dirs");
        StringTokenizer stringTokenizer = new StringTokenizer(property, new StringBuffer().append("").append(File.pathSeparatorChar).toString());
        while (true) {
            if (!stringTokenizer.hasMoreTokens()) {
                break;
            }
            String nextToken = stringTokenizer.nextToken();
            if (nextToken.indexOf("java\\jre\\lib\\ext") != -1) {
                System.setProperty("java.ext.dirs", nextToken);
                break;
            }
        }
        KMSystem.init();
        System.setProperty("java.ext.dirs", property);
        if (!KMSystem.isJNIEnabled()) {
            throw new Exception("Ikeyman JNI is not enabled!");
        }
        kmInitialized = true;
    }

    public static final synchronized void init(boolean z, String str, String str2) throws IllegalArgumentException, IllegalAccessException, InstantiationException, ClassNotFoundException, NoSuchProviderException, CertificateException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, IOException, InterruptedException, InitializationException {
        checkInputParms(str, str2);
        if (initialized) {
            return;
        }
        if (z) {
            if (Version.compareVersion(System.getProperty("java.version"), "1.5.0") >= 0) {
                int i = 1;
                if (Security.getProvider(IBM_JCE_PROVIDER_NAME) != null) {
                    Provider[] providers = Security.getProviders();
                    int i2 = 0;
                    while (true) {
                        if (i2 >= providers.length) {
                            break;
                        }
                        if (providers[i2].getName().equals(IBM_JCE_PROVIDER_NAME)) {
                            i = i2 + 1;
                            break;
                        }
                        i2++;
                    }
                }
                Security.insertProviderAt((Provider) Class.forName(IBM_JCE_FIPS_PROVIDER_CLASS).newInstance(), i);
                System.setProperty(COM_IBM_JSSE2_JSSEFIPS, XMLTags.ROOT_EXPORTED_VALUE);
            } else {
                if (Security.getProvider(IBM_JCE_FIPS_PROVIDER_CLASS) == null) {
                    Security.addProvider((Provider) Class.forName(IBM_JCE_FIPS_PROVIDER_CLASS).newInstance());
                }
                currentJceProvider = IBM_JCE_FIPS_PROVIDER_NAME;
                if (Security.getProvider(IBM_JSSE_FIPS_PROVIDER_CLASS) == null) {
                    Security.addProvider((Provider) Class.forName(IBM_JSSE_FIPS_PROVIDER_CLASS).newInstance());
                }
                Security.setProperty(SSL_SOCKET_FACTORY, IBM_JSSE_FIPS_SOCKET_FACTORY);
                Security.setProperty(SSL_SERVER_SOCKET_FACTORY, IBM_JSSE_FIPS_SERVER_SOCKET_FACTORY);
            }
        }
        KeyStore keyStore = null;
        KeyStore keyStore2 = null;
        FileInputStream fileInputStream = null;
        FileInputStream fileInputStream2 = null;
        if (str != null) {
            admKeyStoreName = new StringBuffer().append(str).append(File.separator).append(KEY_STORE_FILE_NAME).toString();
            keyStore = KeyStore.getInstance(JCE_TYPE_KEYSTORE, IBM_JCE_PROVIDER_NAME);
            fileInputStream = new FileInputStream(admKeyStoreName);
            keyStore.load(fileInputStream, KEY_STORE_PWD.toCharArray());
            if (keyStore.size() == 0) {
                throw new IllegalStateException("the number of entries in the admin key store cannot be zero.");
            }
        }
        if (str2 != null) {
            rtmKeyStoreName = new StringBuffer().append(str2).append(File.separator).append(KEY_STORE_FILE_NAME).toString();
            keyStore2 = KeyStore.getInstance(JCE_TYPE_KEYSTORE, IBM_JCE_PROVIDER_NAME);
            fileInputStream2 = new FileInputStream(rtmKeyStoreName);
            keyStore2.load(fileInputStream2, KEY_STORE_PWD.toCharArray());
            if (keyStore2.size() == 0) {
                throw new IllegalStateException("the number of entries in the runtime key store cannot be zero.");
            }
        }
        if (str != null) {
            admDbPasswordKey = keyStore.getKey(dbPasswordKeyLabel, dbPasswordKeyAccessCode.toCharArray());
            if (admDbPasswordKey == null) {
                throw new IllegalStateException("dbPasswordKey cannot be null where the label is not.");
            }
        }
        if (str2 != null) {
            rtmDbPasswordKey = keyStore2.getKey(dbPasswordKeyLabel, dbPasswordKeyAccessCode.toCharArray());
            if (rtmDbPasswordKey == null) {
                throw new IllegalStateException("dbPasswordKey cannot be null where the label is not.");
            }
            runtimePasswordKey = keyStore2.getKey(runtimePasswordKeyLabel, runtimePasswordKeyAccessCode.toCharArray());
            if (runtimePasswordKey == null) {
                throw new IllegalStateException("runtimePasswordKey cannot be null where the label is not.");
            }
            trustStorePasswordKey = keyStore2.getKey(trustStorePasswordKeyLabel, trustStorePasswordKeyAccessCode.toCharArray());
            if (trustStorePasswordKey == null) {
                throw new IllegalStateException("trustStorePasswordKey cannot be null where the label is not.");
            }
        }
        if (fileInputStream != null) {
            fileInputStream.close();
        }
        if (fileInputStream2 != null) {
            fileInputStream2.close();
        }
        md5MessageDigest = MessageDigest.getInstance("MD5");
        isMd5MessageDigestCloneable = true;
        try {
            md5MessageDigest.clone();
        } catch (CloneNotSupportedException e) {
            isMd5MessageDigestCloneable = false;
        }
        sha1MessageDigest = MessageDigest.getInstance(SHA1_ALGORITHM, currentJceProvider);
        isSha1MessageDigestCloneable = true;
        try {
            sha1MessageDigest.clone();
        } catch (CloneNotSupportedException e2) {
            isSha1MessageDigestCloneable = false;
        }
        rsaKeyPairGenerator = KeyPairGenerator.getInstance(RSA_ALGORITHM, currentJceProvider);
        rsaKeyPairGenerator.initialize(1024, SecureRandom.getInstance(IBM_SECURE_RANDOM_GENERATOR, currentJceProvider));
        keyGenerator = KeyGenerator.getInstance(AES_ALGORITHM, currentJceProvider);
        keyGenerator.init(128, getCurrentSecureRandom(System.currentTimeMillis()));
        initialized = true;
    }

    private static void checkInputParms(String str, String str2) throws IllegalArgumentException {
        if (str != null && str.indexOf(ADMIN_SUBSTRING) == -1) {
            throw new IllegalArgumentException("Invalid path to the admin keystore.");
        }
        if (str2 != null && str2.indexOf(RUNTIME_SUBSTRING) == -1) {
            throw new IllegalArgumentException("Invalid path to the runtime keystore.");
        }
        if (str == null && str2 == null) {
            throw new IllegalArgumentException("At least one keystore path must be provided.");
        }
    }

    public static final String getCurrentJceProvider() {
        if (initialized) {
            return currentJceProvider;
        }
        return null;
    }

    public static final String md5HashHexString(String str) {
        return md5HashBigInteger(str).toString(16);
    }

    public static final String sha1HashHexString(String str) {
        return sha1HashBigInteger(str).toString(16);
    }

    public static final int md5HashPositiveInt(String str) {
        return md5HashBigInteger(str).intValue() >>> 1;
    }

    private static final BigInteger md5HashBigInteger(String str) {
        return new BigInteger(md5Hash(str));
    }

    private static final BigInteger sha1HashBigInteger(String str) {
        return new BigInteger(sha1Hash(str));
    }

    private static final byte[] md5Hash(String str) {
        MessageDigest messageDigest = getMessageDigest("MD5");
        try {
            messageDigest.update(str.getBytes("UTF-8"));
            return messageDigest.digest();
        } catch (UnsupportedEncodingException e) {
            throw new IllegalStateException(new StringBuffer().append("Error converting string to UTF-8 ... - Exception message=").append(e.getMessage()).toString());
        }
    }

    private static final byte[] sha1Hash(String str) {
        MessageDigest messageDigest = getMessageDigest(SHA1_ALGORITHM);
        try {
            messageDigest.update(str.getBytes("UTF-8"));
            return messageDigest.digest();
        } catch (UnsupportedEncodingException e) {
            throw new IllegalStateException(new StringBuffer().append("Error converting string to UTF-8 ... - Exception message=").append(e.getMessage()).toString());
        }
    }

    public static final String md5HashWithSaltHexString(String str) {
        return md5HashHexString(getSaltBigInteger(str, 16).xor(md5HashBigInteger(str)).toString(16));
    }

    public static final String sha1HashWithSaltHexString(String str) {
        return sha1HashHexString(getSecureSaltBigInteger(str, 20).xor(sha1HashBigInteger(str)).toString(16));
    }

    private static BigInteger getSaltBigInteger(String str, int i) {
        byte[] bArr = new byte[i];
        new Random(str.hashCode()).nextBytes(bArr);
        return new BigInteger(bArr);
    }

    private static BigInteger getSecureSaltBigInteger(String str, int i) {
        byte[] bArr = new byte[i];
        getSecureRandom(str.hashCode()).nextBytes(bArr);
        return new BigInteger(bArr);
    }

    public static final String encrypt(String str, String str2) {
        if (str2.equals("MD5_Hex")) {
            return md5HashHexString(str);
        }
        if (str2.equals("MD5_Base64")) {
            return Base64Impl.encode(md5Hash(str));
        }
        if (str2.equals("SHA1_Hex")) {
            return sha1HashHexString(str);
        }
        if (str2.equals("SHA1_Base64")) {
            return Base64Impl.encode(sha1Hash(str));
        }
        if (str2.equals("TLMEncode")) {
            return new String(tlmEncode(str.getBytes()));
        }
        throw new IllegalArgumentException(new StringBuffer().append("Not recognized algorithm ").append(str2).toString());
    }

    private static synchronized Cipher getCipher(String str) {
        try {
            if (str.equals(AES_ALGORITHM)) {
                return Cipher.getInstance(AES_ALGORITHM, currentJceProvider);
            }
            throw new IllegalArgumentException(new StringBuffer().append("The algorithm ").append(str).append(" is not supported.").toString());
        } catch (Exception e) {
            throw new IllegalArgumentException(new StringBuffer().append("The algorithm ").append(str).append(" is not supported.").toString());
        }
    }

    private static byte[] decryptSymmetric(String str, Key key, byte[] bArr) {
        Cipher cipher = getCipher(str);
        try {
            cipher.init(2, key);
            try {
                return cipher.doFinal(bArr);
            } catch (Exception e) {
                throw new IllegalArgumentException(e.getMessage());
            }
        } catch (InvalidKeyException e2) {
            throw new IllegalArgumentException(e2.getMessage());
        }
    }

    public static byte[] encryptSymmetric(String str, Key key, byte[] bArr) {
        Cipher cipher = getCipher(str);
        try {
            cipher.init(1, key);
            try {
                return cipher.doFinal(bArr);
            } catch (Exception e) {
                throw new IllegalArgumentException(e.getMessage());
            }
        } catch (InvalidKeyException e2) {
            throw new IllegalArgumentException(e2.getMessage());
        }
    }

    public static byte[] decryptAdmDbPassword(String str) {
        if (admDbPasswordKey == null) {
            throw new IllegalStateException("cannot decrypt the db password since the key is null. Maybe the algorithm has not been inited.");
        }
        return decryptSymmetric(AES_ALGORITHM, admDbPasswordKey, Base64Impl.decode(str));
    }

    public static byte[] decryptRtmDbPassword(String str) {
        if (rtmDbPasswordKey == null) {
            throw new IllegalStateException("cannot decrypt the db password since the key is null. Maybe the algorithm has not been inited.");
        }
        return decryptSymmetric(AES_ALGORITHM, rtmDbPasswordKey, Base64Impl.decode(str));
    }

    public static byte[] decryptRuntimePassword(String str) {
        if (runtimePasswordKey == null) {
            throw new IllegalArgumentException("cannot decrypt the runtime password since the key is null. Maybe the algorithm has not been inited.");
        }
        return decryptSymmetric(AES_ALGORITHM, runtimePasswordKey, Base64Impl.decode(str));
    }

    public static byte[] decryptTrustStorePassword(String str) {
        if (trustStorePasswordKey == null) {
            throw new IllegalArgumentException("cannot decrypt the trust store password since the key is null. Maybe the algorithm has not been inited.");
        }
        return decryptSymmetric(AES_ALGORITHM, trustStorePasswordKey, Base64Impl.decode(str));
    }

    public static byte[] symmDecrypt(String str, String str2, int i) {
        if (str2.equals(trustStorePasswordKeyLabel)) {
            return decryptTrustStorePassword(str);
        }
        if (str2.equals(runtimePasswordKeyLabel)) {
            return decryptRuntimePassword(str);
        }
        if (!str2.equals(dbPasswordKeyLabel)) {
            throw new IllegalArgumentException("Unsupported password type");
        }
        if (i == 0) {
            return decryptAdmDbPassword(str);
        }
        if (i == 1) {
            return decryptRtmDbPassword(str);
        }
        return null;
    }

    public static final String decrypt(String str, String str2) {
        if (str2.equals("TLMEncode")) {
            return new String(tlmDecode(str.getBytes()));
        }
        throw new IllegalArgumentException(new StringBuffer().append("Cannot decrypt algorithm ").append(str2).toString());
    }

    private static byte[] tlmEncode(byte[] bArr) {
        byte[] bArr2 = new byte[bArr.length + 2];
        bArr2[0] = (byte) (bArr.length + 68);
        bArr2[bArr.length + 1] = (byte) (120 - bArr.length);
        for (int i = 0; i < bArr.length; i++) {
            if (codes1[bArr[i]] == -1) {
                throw new IllegalArgumentException(new StringBuffer().append("Wrong character ").append(i).append(" ").append((int) bArr[i]).toString());
            }
            bArr2[i + 1] = codes1[bArr[i]];
        }
        return bArr2;
    }

    private static byte[] tlmDecode(byte[] bArr) {
        byte[] bArr2 = new byte[bArr.length - 2];
        for (int i = 0; i < bArr.length - 2; i++) {
            if (codes2[bArr[i + 1]] == -1) {
                throw new IllegalArgumentException(new StringBuffer().append("Wrong character ").append(i + 1).append(" ").append((int) bArr[i + 1]).toString());
            }
            bArr2[i] = codes2[bArr[i + 1]];
        }
        return bArr2;
    }

    private static synchronized MessageDigest getMessageDigest(String str) {
        try {
            if (str.equals("MD5")) {
                return (md5MessageDigest == null || !isMd5MessageDigestCloneable) ? MessageDigest.getInstance("MD5") : (MessageDigest) md5MessageDigest.clone();
            }
            if (str.equals(SHA1_ALGORITHM)) {
                return (sha1MessageDigest == null || !isSha1MessageDigestCloneable) ? MessageDigest.getInstance(SHA1_ALGORITHM, currentJceProvider) : (MessageDigest) sha1MessageDigest.clone();
            }
            throw new IllegalArgumentException(new StringBuffer().append("The algorithm ").append(str).append(" is not supported").toString());
        } catch (CloneNotSupportedException e) {
            throw new IllegalStateException(new StringBuffer().append("Error cloning ").append(str).append("instance...- Exception message=").append(e.getMessage()).toString());
        } catch (NoSuchAlgorithmException e2) {
            throw new IllegalStateException(new StringBuffer().append("Error getting nstance for algorithm ").append(str).append(" - Exception message=").append(e2.getMessage()).toString());
        } catch (NoSuchProviderException e3) {
            throw new IllegalStateException(new StringBuffer().append("Error getting ").append(str).append(" instance with provider ").append(currentJceProvider).append(" - Exception message=").append(e3.getMessage()).toString());
        }
    }

    public static final synchronized SecureRandom getSecureRandom(long j) {
        try {
            SecureRandom secureRandom = SecureRandom.getInstance(IBM_SECURE_RANDOM_GENERATOR, IBM_JCE_PROVIDER_NAME);
            secureRandom.setSeed(j);
            return secureRandom;
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalStateException(new StringBuffer().append("Error getting instance of IBMSecureRandom from provider IBMJCE- Exception message=").append(e.getMessage()).toString());
        } catch (NoSuchProviderException e2) {
            throw new IllegalStateException(new StringBuffer().append("Error getting instance of IBMSecureRandom from provider IBMJCE- Exception message=").append(e2.getMessage()).toString());
        }
    }

    public static final synchronized SecureRandom getCurrentSecureRandom(long j) {
        try {
            SecureRandom secureRandom = SecureRandom.getInstance(IBM_SECURE_RANDOM_GENERATOR, currentJceProvider);
            secureRandom.setSeed(j);
            return secureRandom;
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalStateException(new StringBuffer().append("Error getting instance of IBMSecureRandom from provider ").append(currentJceProvider).append("- Exception message=").append(e.getMessage()).toString());
        } catch (NoSuchProviderException e2) {
            throw new IllegalStateException(new StringBuffer().append("Error getting instance of IBMSecureRandom from provider ").append(currentJceProvider).append("- Exception message=").append(e2.getMessage()).toString());
        }
    }

    private static final synchronized KeyPair getRsaKeyPair() {
        return rsaKeyPairGenerator.generateKeyPair();
    }

    private static final synchronized EncryptedPrivateKeyInfo getEncryptedPrivateKeyInfo(PrivateKey privateKey, String str) throws IOException, PKCSException {
        return new EncryptedPrivateKeyInfo(str.toCharArray(), new PrivateKeyInfo(privateKey.getEncoded(), currentJceProvider), SHA1_ALGORITHM, RC240BIT_ALGORITHM, IBM_JCE_PROVIDER_NAME);
    }

    private static final synchronized CertificationRequest getCertificationRequest(PublicKey publicKey, PrivateKey privateKey, X500Name x500Name) throws NoSuchAlgorithmException, IOException, PKCSException {
        return new CertificationRequest(new CertificationRequestInfo(x500Name, publicKey, (PKCSAttributes) null, currentJceProvider), privateKey, SHA1_ALGORITHM, currentJceProvider);
    }

    private static void generateKeyFile(PrivateKey privateKey, String str, String str2) throws IOException, PKCSException {
        EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = getEncryptedPrivateKeyInfo(privateKey, str2);
        File createTempFile = File.createTempFile(TEMP_FILE_PREFIX, null);
        encryptedPrivateKeyInfo.write(createTempFile.getAbsolutePath(), true);
        FileInputStream fileInputStream = new FileInputStream(createTempFile.getAbsolutePath());
        byte[] bArr = new byte[fileInputStream.available()];
        fileInputStream.read(bArr);
        fileInputStream.close();
        createTempFile.delete();
        FileOutputStream fileOutputStream = new FileOutputStream(str);
        fileOutputStream.write(PRIV_KEY_HEADER.getBytes());
        fileOutputStream.write(bArr);
        fileOutputStream.write(PRIV_KEY_FOOTER.getBytes());
        fileOutputStream.close();
    }

    private static void generateCsrFile(PublicKey publicKey, PrivateKey privateKey, String str, String str2, String str3, String str4, String str5) throws IOException, PKCSException, NoSuchAlgorithmException {
        getCertificationRequest(publicKey, privateKey, new X500Name(str, str2, str3, str4)).writeBASE64(str5);
    }

    public static void createCertificateSigningRequestAndKeys(String str, String str2, String str3, String str4, String str5, String str6, String str7) throws PKCSException, NoSuchAlgorithmException, IOException {
        KeyPair rsaKeyPair = getRsaKeyPair();
        generateCsrFile(rsaKeyPair.getPublic(), rsaKeyPair.getPrivate(), str4, str5, str6, str7, str);
        generateKeyFile(rsaKeyPair.getPrivate(), str2, str3);
    }

    public static void convertP12(String str, String str2, String str3, String str4, boolean z) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException, Exception {
        KeyStore keyStore = z ? KeyStore.getInstance("PKCS12") : IBMKeyStore.getInstance("CMS");
        keyStore.load(null, str4.toCharArray());
        KeyStore keyStore2 = KeyStore.getInstance("PKCS12");
        FileInputStream fileInputStream = new FileInputStream(str);
        keyStore2.load(fileInputStream, str2.toCharArray());
        fileInputStream.close();
        if (!keyStore2.isKeyEntry(PRIVATE_CERTIFICATE_LABEL)) {
            throw new Exception("The label itlm agent certificate in the input kesytore is missing or is not a private certificate");
        }
        Certificate[] certificateChain = keyStore2.getCertificateChain(PRIVATE_CERTIFICATE_LABEL);
        if (certificateChain.length < 2) {
            throw new Exception("The certificate chain starting from itlm agent certificate label is invalid since contains less than 2 certificates");
        }
        for (int length = certificateChain.length - 1; length > 0; length--) {
            Certificate certificate = certificateChain[length];
            keyStore.setCertificateEntry(keyStore2.getCertificateAlias(certificate), certificate);
        }
        keyStore.setKeyEntry(PRIVATE_CERTIFICATE_LABEL, new PrivateKeyInfo(keyStore2.getKey(PRIVATE_CERTIFICATE_LABEL, str2.toCharArray()).getEncoded()), str4.toCharArray(), new Certificate[]{keyStore2.getCertificate(PRIVATE_CERTIFICATE_LABEL)});
        File file = new File(str3);
        if (file.exists()) {
            file.delete();
        }
        FileOutputStream fileOutputStream = new FileOutputStream(file);
        keyStore.store(fileOutputStream, str4.toCharArray());
        fileOutputStream.close();
    }

    public static String convertAdminDbPwd(String str) throws UnsupportedEncodingException {
        return encryptAdmDbPassword(decrypt(str, "TLMEncode"));
    }

    public static String convertRuntimeDbPwd(String str) throws UnsupportedEncodingException {
        return encryptRtmDbPassword(decrypt(str, "TLMEncode"));
    }

    public static String convertRuntimePassword(String str) throws UnsupportedEncodingException {
        return encryptRuntimePassword(decrypt(str, "TLMEncode"));
    }

    public static String convertTrustStorePassword(String str) throws UnsupportedEncodingException {
        return encryptTrustStorePassword(decrypt(str, "TLMEncode"));
    }

    public static String encryptAdmDbPassword(String str) throws UnsupportedEncodingException {
        if (admDbPasswordKey == null) {
            throw new IllegalArgumentException("cannot encrypt the database password since the related key is null.");
        }
        return Base64Impl.encode(encryptSymmetric(AES_ALGORITHM, admDbPasswordKey, str.getBytes("UTF-8")));
    }

    public static String encryptRtmDbPassword(String str) throws UnsupportedEncodingException {
        if (rtmDbPasswordKey == null) {
            throw new IllegalArgumentException("cannot encrypt the database password since the related key is null.");
        }
        return Base64Impl.encode(encryptSymmetric(AES_ALGORITHM, rtmDbPasswordKey, str.getBytes("UTF-8")));
    }

    public static String encryptRuntimePassword(String str) throws UnsupportedEncodingException {
        if (runtimePasswordKey == null) {
            throw new IllegalArgumentException("cannot encrypt the runtime password since the related key is null.");
        }
        return Base64Impl.encode(encryptSymmetric(AES_ALGORITHM, runtimePasswordKey, str.getBytes("UTF-8")));
    }

    public static String encryptTrustStorePassword(String str) throws UnsupportedEncodingException {
        if (trustStorePasswordKey == null) {
            throw new IllegalArgumentException("cannot encrypt the trust store password since the related key is null.");
        }
        return Base64Impl.encode(encryptSymmetric(AES_ALGORITHM, trustStorePasswordKey, str.getBytes("UTF-8")));
    }

    public static String symmEncrypt(String str, String str2, int i) throws UnsupportedEncodingException {
        if (str2.equals(trustStorePasswordKeyLabel)) {
            return encryptTrustStorePassword(str);
        }
        if (str2.equals(runtimePasswordKeyLabel)) {
            return encryptRuntimePassword(str);
        }
        if (!str2.equals(dbPasswordKeyLabel)) {
            throw new IllegalArgumentException("Unsupported type of password.");
        }
        if (i == 0) {
            return encryptAdmDbPassword(str);
        }
        if (i == 1) {
            return encryptRtmDbPassword(str);
        }
        return null;
    }

    public static void generateKeys(boolean z, String str) throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException, NoSuchProviderException, InstantiationException, IllegalAccessException, ClassNotFoundException {
        KeyStore keyStore = KeyStore.getInstance(JCE_TYPE_KEYSTORE);
        String stringBuffer = new StringBuffer().append(str).append(File.separator).append(KEY_STORE_FILE_NAME).toString();
        FileInputStream fileInputStream = new FileInputStream(stringBuffer);
        keyStore.load(fileInputStream, KEY_STORE_PWD.toCharArray());
        if (z) {
            addKey(generateRandomKeySpec(), dbPasswordKeyLabel, keyStore, dbPasswordKeyAccessCode);
        } else {
            SecretKeySpec generateRandomKeySpec = generateRandomKeySpec();
            SecretKeySpec generateRandomKeySpec2 = generateRandomKeySpec();
            SecretKeySpec generateRandomKeySpec3 = generateRandomKeySpec();
            addKey(generateRandomKeySpec, dbPasswordKeyLabel, keyStore, dbPasswordKeyAccessCode);
            addKey(generateRandomKeySpec2, runtimePasswordKeyLabel, keyStore, runtimePasswordKeyAccessCode);
            addKey(generateRandomKeySpec3, trustStorePasswordKeyLabel, keyStore, trustStorePasswordKeyAccessCode);
        }
        FileOutputStream fileOutputStream = new FileOutputStream(stringBuffer);
        keyStore.store(fileOutputStream, KEY_STORE_PWD.toCharArray());
        fileOutputStream.close();
        fileInputStream.close();
    }

    public static void addKey(SecretKeySpec secretKeySpec, String str, KeyStore keyStore, String str2) throws NoSuchAlgorithmException, NoSuchProviderException, KeyStoreException {
        keyStore.setKeyEntry(str, secretKeySpec, str2.toCharArray(), null);
    }

    public static void deleteKey(String str, KeyStore keyStore) throws KeyStoreException {
        keyStore.deleteEntry(str);
    }

    public static void generateEmptyKeyStore(String str) throws KeyStoreException, NoSuchProviderException, NoSuchAlgorithmException, CertificateException, IOException {
        KeyStore keyStore = KeyStore.getInstance(JCE_TYPE_KEYSTORE, IBM_JCE_PROVIDER_NAME);
        keyStore.load(null, KEY_STORE_PWD.toCharArray());
        FileOutputStream fileOutputStream = new FileOutputStream(new File(str));
        keyStore.store(fileOutputStream, KEY_STORE_PWD.toCharArray());
        fileOutputStream.close();
    }

    public static SecretKeySpec generateRandomKeySpec() throws NoSuchAlgorithmException, NoSuchProviderException, InstantiationException, IllegalAccessException, ClassNotFoundException {
        if (keyGenerator == null) {
            keyGenerator = KeyGenerator.getInstance(AES_ALGORITHM, currentJceProvider);
            keyGenerator.init(128, getCurrentSecureRandom(System.currentTimeMillis()));
        }
        return new SecretKeySpec(keyGenerator.generateKey().getEncoded(), AES_ALGORITHM);
    }

    public static String encryptSymmetricWithKey(String str, String str2, SecretKeySpec secretKeySpec) throws UnsupportedEncodingException {
        byte[] bArr = null;
        if (str2.equals(dbPasswordKeyLabel)) {
            bArr = encryptSymmetric(AES_ALGORITHM, secretKeySpec, str.getBytes("UTF-8"));
        } else if (str2.equals(runtimePasswordKeyLabel)) {
            bArr = encryptSymmetric(AES_ALGORITHM, secretKeySpec, str.getBytes("UTF-8"));
        } else if (str2.equals(trustStorePasswordKeyLabel)) {
            bArr = encryptSymmetric(AES_ALGORITHM, secretKeySpec, str.getBytes("UTF-8"));
        }
        return Base64Impl.encode(bArr);
    }

    public static String getKEY_STORE_PWD() {
        return KEY_STORE_PWD;
    }

    public static String asHex(byte[] bArr) {
        StringBuffer stringBuffer = new StringBuffer(bArr.length * 9);
        for (int i = 0; i < bArr.length; i++) {
            stringBuffer.append("(byte)0x");
            if ((bArr[i] & 255) < 16) {
                stringBuffer.append(BuildVersion.MODIFICATION);
            }
            stringBuffer.append(Long.toString(bArr[i] & 255, 16));
            stringBuffer.append(",");
        }
        return stringBuffer.toString();
    }

    /* JADX WARN: Code restructure failed: missing block: B:50:0x0170, code lost:
    
        if (0 == 0) goto L48;
     */
    /* JADX WARN: Code restructure failed: missing block: B:51:0x0173, code lost:
    
        com.ibm.it.rome.slm.system.ProcessLocker.dismiss(null);
     */
    /* JADX WARN: Code restructure failed: missing block: B:53:0x017a, code lost:
    
        if (0 == 0) goto L51;
     */
    /* JADX WARN: Code restructure failed: missing block: B:54:0x017d, code lost:
    
        com.ibm.it.rome.slm.system.ProcessLocker.dismiss(null);
     */
    /* JADX WARN: Code restructure failed: missing block: B:56:0x016b, code lost:
    
        throw r14;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static synchronized void reloadKeys(int r5) throws java.security.NoSuchProviderException, java.security.cert.CertificateException, java.io.FileNotFoundException, java.security.KeyStoreException, java.security.NoSuchAlgorithmException, java.security.UnrecoverableKeyException, java.io.IOException, java.lang.InterruptedException, com.ibm.it.rome.slm.access.InitializationException {
        /*
            Method dump skipped, instructions count: 389
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.it.rome.slm.access.EncryptionAlgorithmBase.reloadKeys(int):void");
    }

    public static void createPasswdPropertiesFile(int i, String str, String str2, String str3, String str4) throws IOException {
        if (str2 == null) {
            throw new IllegalArgumentException("The database password can never be null.");
        }
        String symmEncrypt = symmEncrypt(str2, dbPasswordKeyLabel, i);
        String str5 = null;
        String str6 = null;
        if (i == 1) {
            if (str3 == null || str4 == null) {
                throw new IllegalArgumentException("Either the runtime or the trust store passwords cannot be null for the runtime component.");
            }
            str5 = symmEncrypt(str3, runtimePasswordKeyLabel, i);
            str6 = symmEncrypt(str4, trustStorePasswordKeyLabel, i);
        }
        Properties properties = new Properties();
        properties.setProperty(dbPasswordKeyLabel, symmEncrypt);
        if (i == 1) {
            properties.setProperty(runtimePasswordKeyLabel, str5);
            properties.setProperty(trustStorePasswordKeyLabel, str6);
        }
        FileOutputStream fileOutputStream = new FileOutputStream(new File(str), false);
        properties.store(fileOutputStream, (String) null);
        fileOutputStream.close();
    }

    static {
        for (int i = 0; i < 256; i++) {
            codes1[i] = -1;
        }
        for (int i2 = 0; i2 < 256; i2++) {
            codes2[i2] = -1;
        }
        for (int i3 = 0; i3 < alpha1.length; i3++) {
            codes1[alpha1[i3]] = alpha2[i3];
        }
        for (int i4 = 0; i4 < alpha1.length; i4++) {
            codes2[alpha2[i4]] = alpha1[i4];
        }
    }
}
