package com.sun.midp.jadtool;

import com.sun.j2me.log.LogChannels;
import com.sun.j2me.proxy.i18n.ResourceConstants;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Date;
import sun.security.x509.AlgorithmId;
import sun.security.x509.CertificateSerialNumber;
import sun.security.x509.CertificateValidity;
import sun.security.x509.X500Name;
import sun.security.x509.X509CertImpl;
import sun.security.x509.X509CertInfo;

/* loaded from: input_file:assets/foundation/midp/midp_linux_fb_gcc/bin/arm/JadTool.jar:com/sun/midp/jadtool/SignCert.class */
public class SignCert {
    public static void signACert(String str, String str2, char[] cArr, KeyStore keyStore, char[] cArr2) throws AppDescriptorException, CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException, InvalidKeyException, UnrecoverableKeyException, NoSuchProviderException, SignatureException, Exception {
        String str3;
        if (str == null || str2 == null || cArr == null || keyStore == null) {
            throw new AppDescriptorException("signACert got a null argument", 4);
        }
        Object[] recoverPrivateKey = recoverPrivateKey(str2, cArr2, cArr, keyStore);
        PrivateKey privateKey = (PrivateKey) recoverPrivateKey[0];
        if (cArr == null) {
            cArr = (char[]) recoverPrivateKey[1];
        }
        String algorithm = privateKey.getAlgorithm();
        if (algorithm.equalsIgnoreCase("DSA") || algorithm.equalsIgnoreCase("DSS")) {
            str3 = "SHA1WithDSA";
        } else {
            if (!algorithm.equalsIgnoreCase("RSA")) {
                throw new AppDescriptorException("Cannot derive signature algorithm", 5);
            }
            str3 = "SHA1WithRSA";
        }
        Certificate certificate = keyStore.getCertificate(str);
        if (certificate == null) {
            throw new AppDescriptorException(new StringBuffer().append(str).append(" has no public key").toString(), 4);
        }
        if (!(certificate instanceof X509Certificate)) {
            throw new AppDescriptorException(new StringBuffer().append(str).append(" has no X.509 certificate").toString(), 6);
        }
        Certificate certificate2 = keyStore.getCertificate(str2);
        if (certificate2 == null) {
            throw new AppDescriptorException(new StringBuffer().append(str).append(" has no public key").toString(), 7);
        }
        if (!(certificate2 instanceof X509Certificate)) {
            throw new AppDescriptorException(new StringBuffer().append(str).append(" has no X.509 certificate").toString(), 8);
        }
        X509CertInfo x509CertInfo = (X509CertInfo) new X509CertImpl(certificate.getEncoded()).get("x509.info");
        X509CertInfo x509CertInfo2 = (X509CertInfo) new X509CertImpl(certificate2.getEncoded()).get("x509.info");
        Date date = new Date();
        Date date2 = new Date();
        date2.setTime(date.getTime() + (ResourceConstants.AMS_MGR_LANDMARK_SETTINGS * LogChannels.LC_CORE * 24 * 60 * 60));
        x509CertInfo.set("validity", new CertificateValidity(date, date2));
        x509CertInfo.set("serialNumber", new CertificateSerialNumber((int) (date.getTime() / 1000)));
        x509CertInfo.set("issuer.dname", (X500Name) x509CertInfo2.get("subject.dname"));
        X509CertImpl x509CertImpl = new X509CertImpl(x509CertInfo);
        x509CertImpl.sign(privateKey, str3);
        x509CertInfo.set("algorithmID.algorithm", (AlgorithmId) x509CertImpl.get("x509.algorithm"));
        Certificate x509CertImpl2 = new X509CertImpl(x509CertInfo);
        x509CertImpl2.sign(privateKey, str3);
        keyStore.setKeyEntry(str, privateKey, cArr != null ? cArr : cArr2, new Certificate[]{x509CertImpl2});
        System.err.println("New certificate signed & inserted into KeyStore!");
        System.err.print(x509CertImpl2.toString());
        System.err.println();
    }

    private static Object[] recoverPrivateKey(String str, char[] cArr, char[] cArr2, KeyStore keyStore) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, Exception {
        Key key;
        if (!keyStore.containsAlias(str)) {
            throw new Exception(new StringBuffer().append("Alias <").append(str).append("> does not exist").toString());
        }
        if (!keyStore.isKeyEntry(str)) {
            throw new Exception(new StringBuffer().append("Alias <").append(str).append("> has no (private) key").toString());
        }
        if (cArr2 == null) {
            try {
                key = keyStore.getKey(str, cArr);
                cArr2 = cArr;
            } catch (UnrecoverableKeyException e) {
                throw new Exception("Invalid Key password entered");
            }
        } else {
            key = keyStore.getKey(str, cArr2);
        }
        if (key instanceof PrivateKey) {
            return new Object[]{(PrivateKey) key, cArr2};
        }
        throw new Exception("Recovered key is not a private key");
    }
}
