package net.deterlab.abac;

import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.io.Reader;
import java.io.Writer;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Date;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.openssl.PEMReader;
import org.bouncycastle.openssl.PEMWriter;
import org.bouncycastle.x509.X509V1CertificateGenerator;

/* loaded from: input_file:lib/fedd/jabac-1.3.jar:net/deterlab/abac/Identity.class */
public class Identity implements Comparable {
    protected X509Certificate cert;
    protected String keyid;
    protected String cn;
    protected KeyPair kp;

    protected void init(Reader reader) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException, IOException {
        PEMReader pEMReader = new PEMReader(reader);
        while (true) {
            Object readObject = pEMReader.readObject();
            if (readObject == null) {
                return;
            }
            if (readObject instanceof X509Certificate) {
                if (this.cn != null) {
                    throw new CertificateException("Two certs in one file");
                }
                init((X509Certificate) readObject);
            } else {
                if (!(readObject instanceof KeyPair)) {
                    throw new CertificateException("Not an identity certificate");
                }
                setKeyPair((KeyPair) readObject);
            }
        }
    }

    protected void init(X509Certificate x509Certificate) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException, IOException {
        this.cert = x509Certificate;
        this.cert.verify(this.cert.getPublicKey());
        this.keyid = Context.extractKeyID(this.cert.getPublicKey());
        this.cn = this.cert.getSubjectDN().getName();
        if (this.cn.startsWith("CN=")) {
            this.cn = this.cn.substring(3);
        }
    }

    public Identity(String str) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException, IOException {
        X509V1CertificateGenerator x509V1CertificateGenerator = new X509V1CertificateGenerator();
        this.kp = KeyPairGenerator.getInstance("RSA").genKeyPair();
        x509V1CertificateGenerator.setIssuerDN(new X500Principal("CN=" + str));
        x509V1CertificateGenerator.setSubjectDN(new X500Principal("CN=" + str));
        x509V1CertificateGenerator.setNotAfter(new Date(System.currentTimeMillis() + 1471228928));
        x509V1CertificateGenerator.setNotBefore(new Date(System.currentTimeMillis()));
        x509V1CertificateGenerator.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis()));
        x509V1CertificateGenerator.setPublicKey(this.kp.getPublic());
        x509V1CertificateGenerator.setSignatureAlgorithm("SHA256WithRSAEncryption");
        init(x509V1CertificateGenerator.generate(this.kp.getPrivate(), "BC"));
    }

    public Identity(File file) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException, FileNotFoundException, IOException {
        this.kp = null;
        init(new FileReader(file));
    }

    public Identity(Reader reader) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException, IOException {
        this.kp = null;
        init(reader);
    }

    public Identity(InputStream inputStream) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException, IOException {
        this.kp = null;
        init(new InputStreamReader(inputStream));
    }

    public Identity(X509Certificate x509Certificate) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException, FileNotFoundException, IOException {
        this.kp = null;
        init(x509Certificate);
    }

    public boolean writePrivateKey(Writer writer) throws IOException {
        if (this.kp == null) {
            return false;
        }
        PEMWriter pEMWriter = new PEMWriter(writer);
        pEMWriter.writeObject(this.kp.getPrivate());
        pEMWriter.flush();
        return true;
    }

    public boolean writePrivateKey(String str) throws IOException, FileNotFoundException {
        return writePrivateKey(new FileWriter(str));
    }

    public boolean writePrivateKey(File file) throws IOException, FileNotFoundException {
        return writePrivateKey(new FileWriter(file));
    }

    public boolean writePrivateKey(OutputStream outputStream) throws IOException, FileNotFoundException {
        return writePrivateKey(new OutputStreamWriter(outputStream));
    }

    public void write(Writer writer) throws IOException {
        PEMWriter pEMWriter = new PEMWriter(writer);
        pEMWriter.writeObject(this.cert);
        pEMWriter.flush();
    }

    public void write(String str) throws IOException, FileNotFoundException {
        write(new FileWriter(str));
    }

    public void write(File file) throws IOException, FileNotFoundException {
        write(new FileWriter(file));
    }

    public void write(OutputStream outputStream) throws IOException, FileNotFoundException {
        write(new OutputStreamWriter(outputStream));
    }

    public String getKeyID() {
        return this.keyid;
    }

    public String getName() {
        return this.cn;
    }

    public X509Certificate getCertificate() {
        return this.cert;
    }

    public String toString() {
        String str = this.keyid + " (" + this.cn;
        if (this.keyid != null) {
            str = str + " [keyed]";
        }
        return str + ")";
    }

    public void setKeyPair(KeyPair keyPair) {
        if (this.keyid == null) {
            this.kp = keyPair;
            return;
        }
        String extractKeyID = Context.extractKeyID(keyPair.getPublic());
        if (extractKeyID == null || !extractKeyID.equals(this.keyid)) {
            throw new IllegalArgumentException("Keypair does not match certificate");
        }
        this.kp = keyPair;
    }

    public KeyPair getKeyPair() {
        return this.kp;
    }

    public boolean equals(Object obj) {
        if (obj != null && (obj instanceof Identity)) {
            return getKeyID().equals(((Identity) obj).getKeyID());
        }
        return false;
    }

    @Override // java.lang.Comparable
    public int compareTo(Object obj) {
        if (obj instanceof Identity) {
            return getKeyID().compareTo(((Identity) obj).getKeyID());
        }
        return 1;
    }

    static {
        Context.loadBouncyCastle();
    }
}
