package nl.clockwork.ebms.common.util;

import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Enumeration;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.security.cert.CertificateException;
import nl.clockwork.ebms.validation.ValidationException;
import nl.clockwork.ebms.validation.ValidatorException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:nl/clockwork/ebms/common/util/SecurityUtils.class */
public class SecurityUtils {
    private static final Log logger = LogFactory.getLog(SecurityUtils.class);
    private static final int KEYSIZE_192 = 192;
    private static final int KEYSIZE_128 = 128;
    private static final int KEYSIZE_256 = 256;

    public static KeyPair getKeyPair(KeyStore keyStore, String str, String str2) throws GeneralSecurityException {
        Key key = keyStore.getKey(str, str2.toCharArray());
        if (key instanceof PrivateKey) {
            return new KeyPair(keyStore.getCertificate(str).getPublicKey(), (PrivateKey) key);
        }
        return null;
    }

    public static void validateCertificate(KeyStore keyStore, X509Certificate x509Certificate, Date date) throws KeyStoreException, ValidationException {
        Certificate certificate;
        try {
            x509Certificate.checkValidity(date);
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                try {
                    certificate = keyStore.getCertificate(aliases.nextElement());
                } catch (GeneralSecurityException e) {
                    logger.trace("", e);
                }
                if ((certificate instanceof X509Certificate) && x509Certificate.getIssuerDN().getName().equals(((X509Certificate) certificate).getSubjectDN().getName())) {
                    x509Certificate.verify(certificate.getPublicKey());
                    return;
                }
            }
            throw new ValidationException("Certificate " + x509Certificate.getIssuerDN() + " not found!");
        } catch (CertificateExpiredException | CertificateNotYetValidException e2) {
            throw new ValidationException(e2);
        }
    }

    public static void validateCertificate(KeyStore keyStore, javax.security.cert.X509Certificate x509Certificate, Date date) throws KeyStoreException, ValidatorException {
        Certificate certificate;
        try {
            x509Certificate.checkValidity(date);
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                try {
                    certificate = keyStore.getCertificate(aliases.nextElement());
                } catch (GeneralSecurityException | CertificateException e) {
                    logger.trace("", e);
                }
                if ((certificate instanceof X509Certificate) && x509Certificate.getIssuerDN().getName().equals(((X509Certificate) certificate).getSubjectDN().getName())) {
                    x509Certificate.verify(certificate.getPublicKey());
                    return;
                }
            }
            throw new ValidationException("Certificate " + x509Certificate.getIssuerDN() + " not found!");
        } catch (javax.security.cert.CertificateExpiredException | javax.security.cert.CertificateNotYetValidException e2) {
            throw new ValidationException(e2);
        }
    }

    public static SecretKey generateKey(String str) throws NoSuchAlgorithmException {
        boolean z = -1;
        switch (str.hashCode()) {
            case -1827000816:
                if (str.equals("http://www.w3.org/2001/04/xmlenc#aes128-cbc")) {
                    z = false;
                    break;
                }
                break;
            case -1632137885:
                if (str.equals("http://www.w3.org/2001/04/xmlenc#aes192-cbc")) {
                    z = true;
                    break;
                }
                break;
            case -855456724:
                if (str.equals("http://www.w3.org/2001/04/xmlenc#aes256-cbc")) {
                    z = 2;
                    break;
                }
                break;
            case 340266362:
                if (str.equals("http://www.w3.org/2001/04/xmlenc#tripledes-cbc")) {
                    z = 3;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return generateKey("AES", 128);
            case true:
                return generateKey("AES", 192);
            case true:
                return generateKey("AES", 256);
            case true:
                return generateKey("DESede", 192);
            default:
                throw new NoSuchAlgorithmException(str);
        }
    }

    private static SecretKey generateKey(String str, int i) throws NoSuchAlgorithmException {
        KeyGenerator keyGenerator = KeyGenerator.getInstance(str);
        keyGenerator.init(i);
        return keyGenerator.generateKey();
    }
}
