package sun.security.tools;

import com.alipay.sdk.m.j.d;
import com.baidu.mobstat.Config;
import com.sun.org.apache.xalan.internal.templates.Constants;
import com.sun.org.apache.xerces.internal.impl.xs.SchemaSymbols;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.PrintStream;
import java.security.Identity;
import java.security.Key;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.text.Collator;
import java.text.MessageFormat;
import java.util.Arrays;
import java.util.Collection;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.ResourceBundle;
import java.util.Vector;
import org.apache.commons.lang3.BooleanUtils;
import sun.misc.BASE64Encoder;
import sun.security.pkcs.PKCS10;
import sun.security.provider.IdentityDatabase;
import sun.security.provider.SystemIdentity;
import sun.security.provider.SystemSigner;
import sun.security.provider.X509Factory;
import sun.security.util.DerOutputStream;
import sun.security.util.Password;
import sun.security.x509.AlgorithmId;
import sun.security.x509.CertAndKeyGen;
import sun.security.x509.CertificateSerialNumber;
import sun.security.x509.CertificateValidity;
import sun.security.x509.X500Name;
import sun.security.x509.X500Signer;
import sun.security.x509.X509CertImpl;
import sun.security.x509.X509CertInfo;

/* loaded from: classes5.dex */
public final class KeyTool {
    private static final String JKS = "jks";
    private static final String NONE = "NONE";
    private static final String P11KEYSTORE = "PKCS11";
    private static final Collator collator;
    private static final Class[] PARAM_STRING = {String.class};
    private static final ResourceBundle rb = ResourceBundle.getBundle("sun.security.util.Resources");
    private boolean debug = false;
    private String command = null;
    private String sigAlgName = null;
    private String keyAlgName = "DSA";
    private boolean verbose = false;
    private int keysize = 1024;
    private boolean rfc = false;
    private long validity = 90;
    private String alias = null;
    private String dname = null;
    private String keyAlias = "mykey";
    private String dest = null;
    private String filename = null;
    private Vector providers = null;
    private final HashMap providerArgs = new HashMap();
    private String storetype = null;
    private String providerName = null;
    private char[] storePass = null;
    private char[] storePassNew = null;
    private char[] keyPass = null;
    private char[] keyPassNew = null;
    private char[] oldPass = null;
    private char[] newPass = null;
    private String ksfname = null;
    private File ksfile = null;
    private InputStream ksStream = null;
    private InputStream inStream = null;
    private KeyStore keyStore = null;
    private boolean token = false;
    private boolean nullStream = false;
    private boolean kssave = false;
    private boolean noprompt = false;
    private boolean trustcacerts = false;
    private boolean protectedPath = false;
    private CertificateFactory cf = null;
    private KeyStore caks = null;

    static {
        Collator collator2 = Collator.getInstance();
        collator = collator2;
        collator2.setStrength(0);
    }

    private KeyTool() {
    }

    /* JADX WARN: Removed duplicated region for block: B:23:0x00a9  */
    /* JADX WARN: Removed duplicated region for block: B:26:0x00b2 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private boolean addTrustedCert(java.lang.String r10, java.io.InputStream r11) throws java.lang.Exception {
        /*
            Method dump skipped, instructions count: 281
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: sun.security.tools.KeyTool.addTrustedCert(java.lang.String, java.io.InputStream):boolean");
    }

    private boolean buildChain(X509Certificate x509Certificate, Vector vector, Hashtable hashtable) {
        Principal subjectDN = x509Certificate.getSubjectDN();
        Principal issuerDN = x509Certificate.getIssuerDN();
        if (subjectDN.equals(issuerDN)) {
            vector.addElement(x509Certificate);
            return true;
        }
        Vector vector2 = (Vector) hashtable.get(issuerDN);
        if (vector2 == null) {
            return false;
        }
        Enumeration elements = vector2.elements();
        while (elements.hasMoreElements()) {
            X509Certificate x509Certificate2 = (X509Certificate) elements.nextElement();
            try {
                x509Certificate.verify(x509Certificate2.getPublicKey());
            } catch (Exception unused) {
            }
            if (buildChain(x509Certificate2, vector, hashtable)) {
                vector.addElement(x509Certificate);
                return true;
            }
        }
        return false;
    }

    private void byte2hex(byte b, StringBuffer stringBuffer) {
        char[] cArr = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};
        stringBuffer.append(cArr[(b & 240) >> 4]);
        stringBuffer.append(cArr[b & 15]);
    }

    private void doCertReq(String str, String str2, PrintStream printStream) throws Exception {
        if (str == null) {
            str = this.keyAlias;
        }
        Object[] recoverPrivateKey = recoverPrivateKey(str, this.storePass, this.keyPass);
        PrivateKey privateKey = (PrivateKey) recoverPrivateKey[0];
        if (this.keyPass == null) {
            this.keyPass = (char[]) recoverPrivateKey[1];
        }
        Certificate certificate = this.keyStore.getCertificate(str);
        if (certificate == null) {
            throw new Exception(new MessageFormat(rb.getString("alias has no public key (certificate)")).format(new Object[]{str}));
        }
        PKCS10 pkcs10 = new PKCS10(certificate.getPublicKey());
        if (str2 == null) {
            String algorithm = privateKey.getAlgorithm();
            if (algorithm.equalsIgnoreCase("DSA") || algorithm.equalsIgnoreCase("DSS")) {
                str2 = "SHA1WithDSA";
            } else {
                if (!algorithm.equalsIgnoreCase(d.a)) {
                    throw new Exception(rb.getString("Cannot derive signature algorithm"));
                }
                str2 = "MD5WithRSA";
            }
        }
        Signature signature = Signature.getInstance(str2);
        signature.initSign(privateKey);
        pkcs10.encodeAndSign(new X500Signer(signature, new X500Name(((X509Certificate) certificate).getSubjectDN().toString())));
        pkcs10.print(printStream);
    }

    private void doChangeKeyPasswd(String str) throws Exception {
        if (str == null) {
            str = this.keyAlias;
        }
        Object[] recoverPrivateKey = recoverPrivateKey(str, this.storePass, this.keyPass);
        PrivateKey privateKey = (PrivateKey) recoverPrivateKey[0];
        if (this.keyPass == null) {
            this.keyPass = (char[]) recoverPrivateKey[1];
        }
        if (this.keyPassNew == null) {
            this.keyPassNew = getNewPasswd(new MessageFormat(rb.getString("key password for <alias>")).format(new Object[]{str}), this.keyPass);
        }
        KeyStore keyStore = this.keyStore;
        keyStore.setKeyEntry(str, privateKey, this.keyPassNew, keyStore.getCertificateChain(str));
    }

    /* JADX WARN: Code restructure failed: missing block: B:11:0x002c, code lost:
    
        if (r6.keyPassNew == null) goto L13;
     */
    /* JADX WARN: Code restructure failed: missing block: B:12:0x002e, code lost:
    
        r0 = getKeyPasswd(r8, r7, r6.keyPass);
        r6.keyPassNew = r0;
     */
    /* JADX WARN: Code restructure failed: missing block: B:13:0x0038, code lost:
    
        if (r0.length >= 6) goto L16;
     */
    /* JADX WARN: Code restructure failed: missing block: B:14:0x003a, code lost:
    
        java.lang.System.err.println(sun.security.tools.KeyTool.rb.getString("Password is too short - must be at least 6 characters"));
        r6.keyPassNew = null;
     */
    /* JADX WARN: Code restructure failed: missing block: B:15:0x004a, code lost:
    
        r1 = r1 + 1;
        r0 = r6.keyPassNew;
     */
    /* JADX WARN: Code restructure failed: missing block: B:16:0x004d, code lost:
    
        if (r0 != null) goto L29;
     */
    /* JADX WARN: Code restructure failed: missing block: B:18:0x0050, code lost:
    
        if (r1 < 3) goto L30;
     */
    /* JADX WARN: Code restructure failed: missing block: B:20:0x0052, code lost:
    
        if (r0 == null) goto L22;
     */
    /* JADX WARN: Code restructure failed: missing block: B:22:0x0062, code lost:
    
        throw new java.lang.Exception(sun.security.tools.KeyTool.rb.getString("Too many failures. Key entry not cloned"));
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void doCloneKey(java.lang.String r7, java.lang.String r8) throws java.lang.Exception {
        /*
            r6 = this;
            if (r7 != 0) goto L4
            java.lang.String r7 = r6.keyAlias
        L4:
            java.security.KeyStore r0 = r6.keyStore
            boolean r0 = r0.containsAlias(r8)
            r1 = 0
            r2 = 1
            if (r0 == r2) goto L6f
            char[] r0 = r6.storePass
            char[] r3 = r6.keyPass
            java.lang.Object[] r0 = r6.recoverPrivateKey(r7, r0, r3)
            r3 = r0[r1]
            java.security.PrivateKey r3 = (java.security.PrivateKey) r3
            char[] r4 = r6.keyPass
            if (r4 != 0) goto L26
            r0 = r0[r2]
            char[] r0 = (char[]) r0
            char[] r0 = (char[]) r0
            r6.keyPass = r0
        L26:
            boolean r0 = r6.token
            if (r0 != 0) goto L63
            char[] r0 = r6.keyPassNew
            if (r0 != 0) goto L63
        L2e:
            char[] r0 = r6.keyPass
            char[] r0 = r6.getKeyPasswd(r8, r7, r0)
            r6.keyPassNew = r0
            int r0 = r0.length
            r4 = 6
            if (r0 >= r4) goto L4a
            java.io.PrintStream r0 = java.lang.System.err
            java.util.ResourceBundle r4 = sun.security.tools.KeyTool.rb
            java.lang.String r5 = "Password is too short - must be at least 6 characters"
            java.lang.String r4 = r4.getString(r5)
            r0.println(r4)
            r0 = 0
            r6.keyPassNew = r0
        L4a:
            int r1 = r1 + r2
            char[] r0 = r6.keyPassNew
            if (r0 != 0) goto L52
            r4 = 3
            if (r1 < r4) goto L2e
        L52:
            if (r0 == 0) goto L55
            goto L63
        L55:
            java.lang.Exception r7 = new java.lang.Exception
            java.util.ResourceBundle r8 = sun.security.tools.KeyTool.rb
            java.lang.String r0 = "Too many failures. Key entry not cloned"
            java.lang.String r8 = r8.getString(r0)
            r7.<init>(r8)
            throw r7
        L63:
            java.security.KeyStore r0 = r6.keyStore
            char[] r1 = r6.keyPassNew
            java.security.cert.Certificate[] r7 = r0.getCertificateChain(r7)
            r0.setKeyEntry(r8, r3, r1, r7)
            return
        L6f:
            java.text.MessageFormat r7 = new java.text.MessageFormat
            java.util.ResourceBundle r0 = sun.security.tools.KeyTool.rb
            java.lang.String r3 = "Destination alias <dest> already exists"
            java.lang.String r0 = r0.getString(r3)
            r7.<init>(r0)
            java.lang.Object[] r0 = new java.lang.Object[r2]
            r0[r1] = r8
            java.lang.Exception r8 = new java.lang.Exception
            java.lang.String r7 = r7.format(r0)
            r8.<init>(r7)
            throw r8
        */
        throw new UnsupportedOperationException("Method not decompiled: sun.security.tools.KeyTool.doCloneKey(java.lang.String, java.lang.String):void");
    }

    private void doDeleteEntry(String str) throws Exception {
        if (!this.keyStore.containsAlias(str)) {
            throw new Exception(new MessageFormat(rb.getString("Alias <alias> does not exist")).format(new Object[]{str}));
        }
        this.keyStore.deleteEntry(str);
    }

    private void doExportCert(String str, PrintStream printStream) throws Exception {
        if (this.storePass == null) {
            printWarning();
        }
        if (str == null) {
            str = this.keyAlias;
        }
        if (!this.keyStore.containsAlias(str)) {
            throw new Exception(new MessageFormat(rb.getString("Alias <alias> does not exist")).format(new Object[]{str}));
        }
        X509Certificate x509Certificate = (X509Certificate) this.keyStore.getCertificate(str);
        if (x509Certificate == null) {
            throw new Exception(new MessageFormat(rb.getString("Alias <alias> has no certificate")).format(new Object[]{str}));
        }
        dumpCert(x509Certificate, printStream);
    }

    private void doGenKeyPair(String str, String str2, String str3, int i, String str4) throws Exception {
        if (str == null) {
            str = this.keyAlias;
        }
        if (this.keyStore.containsAlias(str)) {
            throw new Exception(new MessageFormat(rb.getString("Key pair not generated, alias <alias> already exists")).format(new Object[]{str}));
        }
        if (str4 == null) {
            if (str3.equalsIgnoreCase("DSA")) {
                str4 = "SHA1WithDSA";
            } else {
                if (!str3.equalsIgnoreCase(d.a)) {
                    throw new Exception(rb.getString("Cannot derive signature algorithm"));
                }
                str4 = "MD5WithRSA";
            }
        }
        CertAndKeyGen certAndKeyGen = new CertAndKeyGen(str3, str4, this.providerName);
        X500Name x500Name = str2 == null ? getX500Name() : new X500Name(str2);
        if (this.verbose) {
            System.err.println(new MessageFormat(rb.getString("Generating keysize bit keyAlgName key pair and self-signed certificate (sigAlgName)\n\tfor: x500Name")).format(new Object[]{new Integer(i), str3, str4, x500Name}));
        }
        certAndKeyGen.generate(i);
        PrivateKey privateKey = certAndKeyGen.getPrivateKey();
        X509Certificate[] x509CertificateArr = {certAndKeyGen.getSelfCertificate(x500Name, this.validity * 24 * 60 * 60)};
        if (!this.token && this.keyPass == null) {
            int i2 = 0;
            while (i2 < 3 && this.keyPass == null) {
                ResourceBundle resourceBundle = rb;
                System.err.println(new MessageFormat(resourceBundle.getString("Enter key password for <alias>")).format(new Object[]{str}));
                System.err.print(resourceBundle.getString("\t(RETURN if same as keystore password):  "));
                System.err.flush();
                char[] readPassword = Password.readPassword(System.in);
                this.keyPass = readPassword;
                if (readPassword == null) {
                    this.keyPass = this.storePass;
                } else if (readPassword.length < 6) {
                    System.err.println(resourceBundle.getString("Key password is too short - must be at least 6 characters"));
                    this.keyPass = null;
                }
                i2++;
            }
            if (i2 == 3) {
                throw new Exception(rb.getString("Too many failures - key not added to keystore"));
            }
        }
        this.keyStore.setKeyEntry(str, privateKey, this.keyPass, x509CertificateArr);
    }

    private void doImportIdentityDatabase(InputStream inputStream) throws Exception {
        Enumeration identities = IdentityDatabase.fromStream(inputStream).identities();
        Certificate[] certificateArr = null;
        while (identities.hasMoreElements()) {
            Identity identity = (Identity) identities.nextElement();
            boolean z = identity instanceof SystemSigner;
            if ((z && ((SystemSigner) identity).isTrusted()) || ((identity instanceof SystemIdentity) && ((SystemIdentity) identity).isTrusted())) {
                if (this.keyStore.containsAlias(identity.getName())) {
                    System.err.println(new MessageFormat(rb.getString("Keystore entry for <id.getName()> already exists")).format(new Object[]{identity.getName()}));
                } else {
                    java.security.Certificate[] certificates = identity.certificates();
                    if (certificates != null && certificates.length > 0) {
                        DerOutputStream derOutputStream = new DerOutputStream();
                        certificates[0].encode(derOutputStream);
                        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(derOutputStream.toByteArray());
                        X509Certificate x509Certificate = (X509Certificate) this.cf.generateCertificate(byteArrayInputStream);
                        byteArrayInputStream.close();
                        if (isSelfSigned(x509Certificate)) {
                            try {
                                x509Certificate.verify(x509Certificate.getPublicKey());
                            } catch (Exception unused) {
                            }
                        }
                        if (z) {
                            System.err.println(new MessageFormat(rb.getString("Creating keystore entry for <id.getName()> ...")).format(new Object[]{identity.getName()}));
                            if (certificateArr == null) {
                                certificateArr = new Certificate[1];
                            }
                            certificateArr[0] = x509Certificate;
                            this.keyStore.setKeyEntry(identity.getName(), ((SystemSigner) identity).getPrivateKey(), this.storePass, certificateArr);
                        } else {
                            this.keyStore.setCertificateEntry(identity.getName(), x509Certificate);
                        }
                        this.kssave = true;
                    }
                }
            }
        }
        if (this.kssave) {
            return;
        }
        System.err.println(rb.getString("No entries from identity database added"));
    }

    private void doPrintCert(InputStream inputStream, PrintStream printStream) throws Exception {
        try {
            Collection<? extends Certificate> generateCertificates = this.cf.generateCertificates(inputStream);
            if (generateCertificates.isEmpty()) {
                throw new Exception(rb.getString("Empty input"));
            }
            Certificate[] certificateArr = (Certificate[]) generateCertificates.toArray(new Certificate[generateCertificates.size()]);
            for (int i = 0; i < certificateArr.length; i++) {
                try {
                    X509Certificate x509Certificate = (X509Certificate) certificateArr[i];
                    if (certificateArr.length > 1) {
                        printStream.println(new MessageFormat(rb.getString("Certificate[(i + 1)]:")).format(new Object[]{new Integer(i + 1)}));
                    }
                    printX509Cert(x509Certificate, printStream);
                    if (i < certificateArr.length - 1) {
                        printStream.println();
                    }
                } catch (ClassCastException unused) {
                    throw new Exception(rb.getString("Not X.509 certificate"));
                }
            }
        } catch (CertificateException e) {
            throw new Exception(rb.getString("Failed to parse input"), e);
        }
    }

    private void doPrintEntries(PrintStream printStream) throws Exception {
        if (this.storePass == null) {
            printWarning();
        } else {
            printStream.println();
        }
        StringBuilder sb = new StringBuilder();
        ResourceBundle resourceBundle = rb;
        sb.append(resourceBundle.getString("Keystore type: "));
        sb.append(this.keyStore.getType());
        printStream.println(sb.toString());
        printStream.println(resourceBundle.getString("Keystore provider: ") + this.keyStore.getProvider().getName());
        printStream.println();
        printStream.println((this.keyStore.size() == 1 ? new MessageFormat(resourceBundle.getString("Your keystore contains keyStore.size() entry")) : new MessageFormat(resourceBundle.getString("Your keystore contains keyStore.size() entries"))).format(new Object[]{new Integer(this.keyStore.size())}));
        printStream.println();
        Enumeration<String> aliases = this.keyStore.aliases();
        while (aliases.hasMoreElements()) {
            doPrintEntry(aliases.nextElement(), printStream, false);
            if (this.verbose || this.rfc) {
                ResourceBundle resourceBundle2 = rb;
                printStream.println(resourceBundle2.getString("\n"));
                printStream.println(resourceBundle2.getString("*******************************************"));
                printStream.println(resourceBundle2.getString("*******************************************\n\n"));
            }
        }
    }

    private void doPrintEntry(String str, PrintStream printStream, boolean z) throws Exception {
        String str2;
        ResourceBundle resourceBundle;
        String str3;
        if (this.storePass == null && z) {
            printWarning();
        }
        if (!this.keyStore.containsAlias(str)) {
            throw new Exception(new MessageFormat(rb.getString("Alias <alias> does not exist")).format(new Object[]{str}));
        }
        if (this.verbose || this.rfc || this.debug) {
            ResourceBundle resourceBundle2 = rb;
            printStream.println(new MessageFormat(resourceBundle2.getString("Alias name: alias")).format(new Object[]{str}));
            if (!this.token) {
                printStream.println(new MessageFormat(resourceBundle2.getString("Creation date: keyStore.getCreationDate(alias)")).format(new Object[]{this.keyStore.getCreationDate(str)}));
            }
        } else {
            printStream.print(!this.token ? new MessageFormat(rb.getString("alias, keyStore.getCreationDate(alias), ")).format(new Object[]{str, this.keyStore.getCreationDate(str)}) : new MessageFormat(rb.getString("alias, ")).format(new Object[]{str}));
        }
        if (this.keyStore.isKeyEntry(str)) {
            if (this.verbose || this.rfc || this.debug) {
                resourceBundle = rb;
                str3 = "Entry type: keyEntry";
            } else {
                resourceBundle = rb;
                str3 = "keyEntry,";
            }
            printStream.println(resourceBundle.getString(str3));
            Certificate[] certificateChain = this.keyStore.getCertificateChain(str);
            if (certificateChain == null) {
                return;
            }
            if (this.verbose || this.rfc || this.debug) {
                printStream.println(rb.getString("Certificate chain length: ") + certificateChain.length);
                int i = 0;
                while (i < certificateChain.length) {
                    int i2 = i + 1;
                    printStream.println(new MessageFormat(rb.getString("Certificate[(i + 1)]:")).format(new Object[]{new Integer(i2)}));
                    if (this.verbose && (certificateChain[i] instanceof X509Certificate)) {
                        printX509Cert((X509Certificate) certificateChain[i], printStream);
                    } else if (this.debug) {
                        printStream.println(certificateChain[i].toString());
                    } else {
                        dumpCert(certificateChain[i], printStream);
                    }
                    i = i2;
                }
                return;
            }
            str2 = rb.getString("Certificate fingerprint (MD5): ") + getCertFingerPrint("MD5", certificateChain[0]);
        } else {
            Certificate certificate = this.keyStore.getCertificate(str);
            if (this.verbose && (certificate instanceof X509Certificate)) {
                printStream.println(rb.getString("Entry type: trustedCertEntry\n"));
                printX509Cert((X509Certificate) certificate, printStream);
                return;
            }
            if (this.rfc) {
                printStream.println(rb.getString("Entry type: trustedCertEntry\n"));
                dumpCert(certificate, printStream);
                return;
            } else if (this.debug) {
                str2 = certificate.toString();
            } else {
                ResourceBundle resourceBundle3 = rb;
                printStream.println(resourceBundle3.getString("trustedCertEntry,"));
                str2 = resourceBundle3.getString("Certificate fingerprint (MD5): ") + getCertFingerPrint("MD5", certificate);
            }
        }
        printStream.println(str2);
    }

    private void doSelfCert(String str, String str2, String str3) throws Exception {
        String str4;
        X500Name x500Name;
        String str5 = str == null ? this.keyAlias : str;
        Object[] recoverPrivateKey = recoverPrivateKey(str5, this.storePass, this.keyPass);
        PrivateKey privateKey = (PrivateKey) recoverPrivateKey[0];
        if (this.keyPass == null) {
            this.keyPass = (char[]) recoverPrivateKey[1];
        }
        if (str3 == null) {
            String algorithm = privateKey.getAlgorithm();
            if (algorithm.equalsIgnoreCase("DSA") || algorithm.equalsIgnoreCase("DSS")) {
                str4 = "SHA1WithDSA";
            } else {
                if (!algorithm.equalsIgnoreCase(d.a)) {
                    throw new Exception(rb.getString("Cannot derive signature algorithm"));
                }
                str4 = "MD5WithRSA";
            }
        } else {
            str4 = str3;
        }
        Certificate certificate = this.keyStore.getCertificate(str5);
        if (certificate == null) {
            throw new Exception(new MessageFormat(rb.getString("alias has no public key")).format(new Object[]{str5}));
        }
        if (!(certificate instanceof X509Certificate)) {
            throw new Exception(new MessageFormat(rb.getString("alias has no X.509 certificate")).format(new Object[]{str5}));
        }
        X509CertInfo x509CertInfo = (X509CertInfo) new X509CertImpl(certificate.getEncoded()).get(X509CertInfo.IDENT);
        Date date = new Date();
        Date date2 = new Date();
        date2.setTime(date2.getTime() + (this.validity * 1000 * 24 * 60 * 60));
        x509CertInfo.set("validity", new CertificateValidity(date, date2));
        x509CertInfo.set("serialNumber", new CertificateSerialNumber((int) (date.getTime() / 1000)));
        if (str2 == null) {
            x500Name = (X500Name) x509CertInfo.get("subject.dname");
        } else {
            X500Name x500Name2 = new X500Name(str2);
            x509CertInfo.set("subject.dname", x500Name2);
            x500Name = x500Name2;
        }
        x509CertInfo.set("issuer.dname", x500Name);
        X509CertImpl x509CertImpl = new X509CertImpl(x509CertInfo);
        x509CertImpl.sign(privateKey, str4);
        x509CertInfo.set("algorithmID.algorithm", (AlgorithmId) x509CertImpl.get(X509CertImpl.SIG_ALG));
        X509CertImpl x509CertImpl2 = new X509CertImpl(x509CertInfo);
        x509CertImpl2.sign(privateKey, str4);
        KeyStore keyStore = this.keyStore;
        char[] cArr = this.keyPass;
        if (cArr == null) {
            cArr = this.storePass;
        }
        keyStore.setKeyEntry(str5, privateKey, cArr, new Certificate[]{x509CertImpl2});
        if (this.verbose) {
            System.err.println(rb.getString("New certificate (self-signed):"));
            System.err.print(x509CertImpl2.toString());
            System.err.println();
        }
    }

    private void dumpCert(Certificate certificate, PrintStream printStream) throws IOException, CertificateException {
        if (!this.rfc) {
            printStream.write(certificate.getEncoded());
            return;
        }
        BASE64Encoder bASE64Encoder = new BASE64Encoder();
        printStream.println(X509Factory.BEGIN_CERT);
        bASE64Encoder.encodeBuffer(certificate.getEncoded(), printStream);
        printStream.println(X509Factory.END_CERT);
    }

    private Certificate[] establishCertChain(Certificate certificate, Certificate certificate2) throws Exception {
        KeyStore keyStore;
        if (certificate != null) {
            if (!certificate.getPublicKey().equals(certificate2.getPublicKey())) {
                throw new Exception(rb.getString("Public keys in reply and keystore don't match"));
            }
            if (certificate2.equals(certificate)) {
                throw new Exception(rb.getString("Certificate reply and certificate in keystore are identical"));
            }
        }
        Hashtable hashtable = null;
        if (this.keyStore.size() > 0) {
            hashtable = new Hashtable(11);
            keystorecerts2Hashtable(this.keyStore, hashtable);
        }
        if (this.trustcacerts && (keyStore = this.caks) != null && keyStore.size() > 0) {
            if (hashtable == null) {
                hashtable = new Hashtable(11);
            }
            keystorecerts2Hashtable(this.caks, hashtable);
        }
        Vector vector = new Vector(2);
        if (!buildChain((X509Certificate) certificate2, vector, hashtable)) {
            throw new Exception(rb.getString("Failed to establish chain from reply"));
        }
        Certificate[] certificateArr = new Certificate[vector.size()];
        int i = 0;
        for (int size = vector.size() - 1; size >= 0; size--) {
            certificateArr[i] = (Certificate) vector.elementAt(size);
            i++;
        }
        return certificateArr;
    }

    private String getAlias(String str) throws Exception {
        PrintStream printStream;
        String string;
        if (str != null) {
            MessageFormat messageFormat = new MessageFormat(rb.getString("Enter prompt alias name:  "));
            Object[] objArr = {str};
            printStream = System.err;
            string = messageFormat.format(objArr);
        } else {
            printStream = System.err;
            string = rb.getString("Enter alias name:  ");
        }
        printStream.print(string);
        return new BufferedReader(new InputStreamReader(System.in)).readLine();
    }

    private KeyStore getCacertsKeyStore() throws Exception {
        String str = File.separator;
        File file = new File(System.getProperty("java.home") + str + "lib" + str + "security" + str + "cacerts");
        if (!file.exists()) {
            return null;
        }
        FileInputStream fileInputStream = new FileInputStream(file);
        KeyStore keyStore = KeyStore.getInstance(JKS);
        keyStore.load(fileInputStream, null);
        fileInputStream.close();
        return keyStore;
    }

    private String getCertFingerPrint(String str, Certificate certificate) throws Exception {
        return toHexString(MessageDigest.getInstance(str).digest(certificate.getEncoded()));
    }

    private char[] getKeyPasswd(String str, String str2, char[] cArr) throws Exception {
        PrintStream printStream;
        String format;
        char[] readPassword;
        int i = 0;
        do {
            ResourceBundle resourceBundle = rb;
            String string = resourceBundle.getString("Enter key password for <alias>");
            if (cArr != null) {
                System.err.println(new MessageFormat(string).format(new Object[]{str}));
                printStream = System.err;
                format = new MessageFormat(resourceBundle.getString("\t(RETURN if same as for <otherAlias>)")).format(new Object[]{str2});
            } else {
                printStream = System.err;
                format = new MessageFormat(string).format(new Object[]{str});
            }
            printStream.print(format);
            System.err.flush();
            readPassword = Password.readPassword(System.in);
            if (readPassword == null) {
                readPassword = cArr;
            }
            i++;
            if (readPassword != null) {
                break;
            }
        } while (i < 3);
        if (readPassword != null) {
            return readPassword;
        }
        throw new Exception(rb.getString("Too many failures - try later"));
    }

    private char[] getNewPasswd(String str, char[] cArr) throws Exception {
        PrintStream printStream;
        String str2;
        char[] cArr2 = null;
        for (int i = 0; i < 3; i++) {
            ResourceBundle resourceBundle = rb;
            System.err.print(new MessageFormat(resourceBundle.getString("New prompt: ")).format(new Object[]{str}));
            char[] readPassword = Password.readPassword(System.in);
            if (readPassword.length < 6) {
                printStream = System.err;
                str2 = "Password is too short - must be at least 6 characters";
            } else if (Arrays.equals(readPassword, cArr)) {
                printStream = System.err;
                str2 = "Passwords must differ";
            } else {
                System.err.print(new MessageFormat(resourceBundle.getString("Re-enter new prompt: ")).format(new Object[]{str}));
                cArr2 = Password.readPassword(System.in);
                if (Arrays.equals(readPassword, cArr2)) {
                    Arrays.fill(cArr2, ' ');
                    return readPassword;
                }
                printStream = System.err;
                str2 = "They don't match; try again";
            }
            printStream.println(resourceBundle.getString(str2));
            if (readPassword != null) {
                Arrays.fill(readPassword, ' ');
            }
            if (cArr2 != null) {
                Arrays.fill(cArr2, ' ');
                cArr2 = null;
            }
        }
        throw new Exception(rb.getString("Too many failures - try later"));
    }

    private X500Name getX500Name() throws IOException {
        ResourceBundle resourceBundle;
        X500Name x500Name;
        String inputString;
        Collator collator2;
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(System.in));
        String str = "Unknown";
        String str2 = "Unknown";
        String str3 = str2;
        String str4 = str3;
        String str5 = str4;
        String str6 = str5;
        do {
            resourceBundle = rb;
            str = inputString(bufferedReader, resourceBundle.getString("What is your first and last name?"), str);
            str2 = inputString(bufferedReader, resourceBundle.getString("What is the name of your organizational unit?"), str2);
            str3 = inputString(bufferedReader, resourceBundle.getString("What is the name of your organization?"), str3);
            str4 = inputString(bufferedReader, resourceBundle.getString("What is the name of your City or Locality?"), str4);
            str5 = inputString(bufferedReader, resourceBundle.getString("What is the name of your State or Province?"), str5);
            str6 = inputString(bufferedReader, resourceBundle.getString("What is the two-letter country code for this unit?"), str6);
            x500Name = new X500Name(str, str2, str3, str4, str5, str6);
            inputString = inputString(bufferedReader, new MessageFormat(resourceBundle.getString("Is <name> correct?")).format(new Object[]{x500Name}), resourceBundle.getString(BooleanUtils.NO));
            collator2 = collator;
            if (collator2.compare(inputString, resourceBundle.getString(BooleanUtils.YES)) == 0) {
                break;
            }
        } while (collator2.compare(inputString, resourceBundle.getString("y")) != 0);
        System.err.println();
        return x500Name;
    }

    private String getYesNoReply(String str) throws IOException {
        String str2;
        do {
            System.err.print(str);
            System.err.flush();
            String readLine = new BufferedReader(new InputStreamReader(System.in)).readLine();
            Collator collator2 = collator;
            if (collator2.compare(readLine, "") != 0) {
                ResourceBundle resourceBundle = rb;
                if (collator2.compare(readLine, resourceBundle.getString("n")) != 0 && collator2.compare(readLine, resourceBundle.getString(BooleanUtils.NO)) != 0) {
                    if (collator2.compare(readLine, resourceBundle.getString("y")) == 0 || collator2.compare(readLine, resourceBundle.getString(BooleanUtils.YES)) == 0) {
                        str2 = "YES";
                    } else {
                        System.err.println(resourceBundle.getString("Wrong answer, try again"));
                        str2 = null;
                    }
                }
            }
            str2 = "NO";
        } while (str2 == null);
        return str2;
    }

    private String inputString(BufferedReader bufferedReader, String str, String str2) throws IOException {
        System.err.println(str);
        System.err.print(new MessageFormat(rb.getString("  [defaultValue]:  ")).format(new Object[]{str2}));
        System.err.flush();
        String readLine = bufferedReader.readLine();
        return (readLine == null || collator.compare(readLine, "") == 0) ? str2 : readLine;
    }

    private boolean installReply(String str, InputStream inputStream) throws Exception {
        if (str == null) {
            str = this.keyAlias;
        }
        Object[] recoverPrivateKey = recoverPrivateKey(str, this.storePass, this.keyPass);
        PrivateKey privateKey = (PrivateKey) recoverPrivateKey[0];
        if (this.keyPass == null) {
            this.keyPass = (char[]) recoverPrivateKey[1];
        }
        Certificate certificate = this.keyStore.getCertificate(str);
        if (certificate == null) {
            throw new Exception(new MessageFormat(rb.getString("alias has no public key (certificate)")).format(new Object[]{str}));
        }
        Collection<? extends Certificate> generateCertificates = this.cf.generateCertificates(inputStream);
        if (generateCertificates.isEmpty()) {
            throw new Exception(rb.getString("Reply has no certificates"));
        }
        Certificate[] certificateArr = (Certificate[]) generateCertificates.toArray(new Certificate[generateCertificates.size()]);
        Certificate[] establishCertChain = certificateArr.length == 1 ? establishCertChain(certificate, certificateArr[0]) : validateReply(str, certificate, certificateArr);
        if (establishCertChain == null) {
            return false;
        }
        KeyStore keyStore = this.keyStore;
        char[] cArr = this.keyPass;
        if (cArr == null) {
            cArr = this.storePass;
        }
        keyStore.setKeyEntry(str, privateKey, cArr, establishCertChain);
        return true;
    }

    private boolean isSelfSigned(X509Certificate x509Certificate) {
        return x509Certificate.getSubjectDN().equals(x509Certificate.getIssuerDN());
    }

    private boolean isTrusted(Certificate certificate) throws Exception {
        KeyStore keyStore;
        if (this.keyStore.getCertificateAlias(certificate) != null) {
            return true;
        }
        return (!this.trustcacerts || (keyStore = this.caks) == null || keyStore.getCertificateAlias(certificate) == null) ? false : true;
    }

    /* JADX WARN: Code restructure failed: missing block: B:15:0x0032, code lost:
    
        if (r3.contains(r1) == false) goto L10;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void keystorecerts2Hashtable(java.security.KeyStore r6, java.util.Hashtable r7) throws java.lang.Exception {
        /*
            r5 = this;
            java.util.Enumeration r0 = r6.aliases()
        L4:
            boolean r1 = r0.hasMoreElements()
            if (r1 == 0) goto L39
            java.lang.Object r1 = r0.nextElement()
            java.lang.String r1 = (java.lang.String) r1
            java.security.cert.Certificate r1 = r6.getCertificate(r1)
            if (r1 == 0) goto L4
            r2 = r1
            java.security.cert.X509Certificate r2 = (java.security.cert.X509Certificate) r2
            java.security.Principal r2 = r2.getSubjectDN()
            java.lang.Object r3 = r7.get(r2)
            java.util.Vector r3 = (java.util.Vector) r3
            if (r3 != 0) goto L2e
            java.util.Vector r3 = new java.util.Vector
            r3.<init>()
        L2a:
            r3.addElement(r1)
            goto L35
        L2e:
            boolean r4 = r3.contains(r1)
            if (r4 != 0) goto L35
            goto L2a
        L35:
            r7.put(r2, r3)
            goto L4
        L39:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: sun.security.tools.KeyTool.keystorecerts2Hashtable(java.security.KeyStore, java.util.Hashtable):void");
    }

    public static void main(String[] strArr) {
        new KeyTool().run(strArr, System.out);
    }

    private void printWarning() {
        System.err.println();
        PrintStream printStream = System.err;
        ResourceBundle resourceBundle = rb;
        printStream.println(resourceBundle.getString("*****************  WARNING WARNING WARNING  *****************"));
        System.err.println(resourceBundle.getString("* The integrity of the information stored in your keystore  *"));
        System.err.println(resourceBundle.getString("* has NOT been verified!  In order to verify its integrity, *"));
        System.err.println(resourceBundle.getString("* you must provide your keystore password.                  *"));
        System.err.println(resourceBundle.getString("*****************  WARNING WARNING WARNING  *****************"));
        System.err.println();
    }

    private void printX509Cert(X509Certificate x509Certificate, PrintStream printStream) throws Exception {
        printStream.println(new MessageFormat(rb.getString("*PATTERN* printX509Cert")).format(new Object[]{x509Certificate.getSubjectDN().toString(), x509Certificate.getIssuerDN().toString(), x509Certificate.getSerialNumber().toString(16), x509Certificate.getNotBefore().toString(), x509Certificate.getNotAfter().toString(), getCertFingerPrint("MD5", x509Certificate), getCertFingerPrint("SHA1", x509Certificate)}));
    }

    private Object[] recoverPrivateKey(String str, char[] cArr, char[] cArr2) throws Exception {
        Key key;
        if (!this.keyStore.containsAlias(str)) {
            throw new Exception(new MessageFormat(rb.getString("Alias <alias> does not exist")).format(new Object[]{str}));
        }
        if (!this.keyStore.isKeyEntry(str)) {
            throw new Exception(new MessageFormat(rb.getString("Alias <alias> has no (private) key")).format(new Object[]{str}));
        }
        if (cArr2 == null) {
            try {
                key = this.keyStore.getKey(str, cArr);
            } catch (UnrecoverableKeyException e) {
                if (this.token) {
                    throw e;
                }
                cArr = getKeyPasswd(str, null, null);
                key = this.keyStore.getKey(str, cArr);
            }
        } else {
            key = this.keyStore.getKey(str, cArr2);
            cArr = cArr2;
        }
        if (key instanceof PrivateKey) {
            return new Object[]{(PrivateKey) key, cArr};
        }
        throw new Exception(rb.getString("Recovered key is not a private key"));
    }

    private String toHexString(byte[] bArr) {
        StringBuffer stringBuffer = new StringBuffer();
        int length = bArr.length;
        for (int i = 0; i < length; i++) {
            byte2hex(bArr[i], stringBuffer);
            if (i < length - 1) {
                stringBuffer.append(Config.TRACE_TODAY_VISIT_SPLIT);
            }
        }
        return stringBuffer.toString();
    }

    private void usage() {
        PrintStream printStream = System.err;
        ResourceBundle resourceBundle = rb;
        printStream.println(resourceBundle.getString("keytool usage:\n"));
        System.err.println(resourceBundle.getString("-certreq     [-v] [-protected]"));
        System.err.println(resourceBundle.getString("\t     [-alias <alias>] [-sigalg <sigalg>]"));
        System.err.println(resourceBundle.getString("\t     [-file <csr_file>] [-keypass <keypass>]"));
        System.err.println(resourceBundle.getString("\t     [-keystore <keystore>] [-storepass <storepass>]"));
        System.err.println(resourceBundle.getString("\t     [-storetype <storetype>] [-providerName <name>]"));
        System.err.println(resourceBundle.getString("\t     [-providerClass <provider_class_name> [-providerArg <arg>]] ..."));
        System.err.println();
        System.err.println(resourceBundle.getString("-delete      [-v] [-protected] -alias <alias>"));
        System.err.println(resourceBundle.getString("\t     [-keystore <keystore>] [-storepass <storepass>]"));
        System.err.println(resourceBundle.getString("\t     [-storetype <storetype>] [-providerName <name>]"));
        System.err.println(resourceBundle.getString("\t     [-providerClass <provider_class_name> [-providerArg <arg>]] ..."));
        System.err.println();
        System.err.println(resourceBundle.getString("-export      [-v] [-rfc] [-protected]"));
        System.err.println(resourceBundle.getString("\t     [-alias <alias>] [-file <cert_file>]"));
        System.err.println(resourceBundle.getString("\t     [-keystore <keystore>] [-storepass <storepass>]"));
        System.err.println(resourceBundle.getString("\t     [-storetype <storetype>] [-providerName <name>]"));
        System.err.println(resourceBundle.getString("\t     [-providerClass <provider_class_name> [-providerArg <arg>]] ..."));
        System.err.println();
        System.err.println(resourceBundle.getString("-genkey      [-v] [-protected]"));
        System.err.println(resourceBundle.getString("\t     [-alias <alias>]"));
        System.err.println(resourceBundle.getString("\t     [-keyalg <keyalg>] [-keysize <keysize>]"));
        System.err.println(resourceBundle.getString("\t     [-sigalg <sigalg>] [-dname <dname>]"));
        System.err.println(resourceBundle.getString("\t     [-validity <valDays>] [-keypass <keypass>]"));
        System.err.println(resourceBundle.getString("\t     [-keystore <keystore>] [-storepass <storepass>]"));
        System.err.println(resourceBundle.getString("\t     [-storetype <storetype>] [-providerName <name>]"));
        System.err.println(resourceBundle.getString("\t     [-providerClass <provider_class_name> [-providerArg <arg>]] ..."));
        System.err.println();
        System.err.println(resourceBundle.getString("-help"));
        System.err.println();
        System.err.println(resourceBundle.getString("-identitydb  [-v] [-protected]"));
        System.err.println(resourceBundle.getString("\t     [-file <idb_file>]"));
        System.err.println(resourceBundle.getString("\t     [-keystore <keystore>] [-storepass <storepass>]"));
        System.err.println(resourceBundle.getString("\t     [-storetype <storetype>] [-providerName <name>]"));
        System.out.println(resourceBundle.getString("\t     [-providerClass <provider_class_name> [-providerArg <arg>]] ..."));
        System.err.println();
        System.err.println(resourceBundle.getString("-import      [-v] [-noprompt] [-trustcacerts] [-protected]"));
        System.err.println(resourceBundle.getString("\t     [-alias <alias>]"));
        System.err.println(resourceBundle.getString("\t     [-file <cert_file>] [-keypass <keypass>]"));
        System.err.println(resourceBundle.getString("\t     [-keystore <keystore>] [-storepass <storepass>]"));
        System.err.println(resourceBundle.getString("\t     [-storetype <storetype>] [-providerName <name>]"));
        System.err.println(resourceBundle.getString("\t     [-providerClass <provider_class_name> [-providerArg <arg>]] ..."));
        System.err.println();
        System.err.println(resourceBundle.getString("-keyclone    [-v] [-protected]"));
        System.err.println(resourceBundle.getString("\t     [-alias <alias>] -dest <dest_alias>"));
        System.err.println(resourceBundle.getString("\t     [-keypass <keypass>] [-new <new_keypass>]"));
        System.err.println(resourceBundle.getString("\t     [-keystore <keystore>] [-storepass <storepass>]"));
        System.err.println(resourceBundle.getString("\t     [-storetype <storetype>] [-providerName <name>]"));
        System.err.println(resourceBundle.getString("\t     [-providerClass <provider_class_name> [-providerArg <arg>]] ..."));
        System.err.println();
        System.err.println(resourceBundle.getString("-keypasswd   [-v] [-alias <alias>]"));
        System.err.println(resourceBundle.getString("\t     [-keypass <old_keypass>] [-new <new_keypass>]"));
        System.err.println(resourceBundle.getString("\t     [-keystore <keystore>] [-storepass <storepass>]"));
        System.err.println(resourceBundle.getString("\t     [-storetype <storetype>] [-providerName <name>]"));
        System.err.println(resourceBundle.getString("\t     [-providerClass <provider_class_name> [-providerArg <arg>]] ..."));
        System.err.println();
        System.err.println(resourceBundle.getString("-list        [-v | -rfc] [-protected]"));
        System.err.println(resourceBundle.getString("\t     [-alias <alias>]"));
        System.err.println(resourceBundle.getString("\t     [-keystore <keystore>] [-storepass <storepass>]"));
        System.err.println(resourceBundle.getString("\t     [-storetype <storetype>] [-providerName <name>]"));
        System.err.println(resourceBundle.getString("\t     [-providerClass <provider_class_name> [-providerArg <arg>]] ..."));
        System.err.println();
        System.err.println(resourceBundle.getString("-printcert   [-v] [-file <cert_file>]"));
        System.err.println();
        System.err.println(resourceBundle.getString("-selfcert    [-v] [-protected]"));
        System.err.println(resourceBundle.getString("\t     [-alias <alias>]"));
        System.err.println(resourceBundle.getString("\t     [-dname <dname>] [-validity <valDays>]"));
        System.err.println(resourceBundle.getString("\t     [-keypass <keypass>] [-sigalg <sigalg>]"));
        System.err.println(resourceBundle.getString("\t     [-keystore <keystore>] [-storepass <storepass>]"));
        System.err.println(resourceBundle.getString("\t     [-storetype <storetype>] [-providerName <name>]"));
        System.err.println(resourceBundle.getString("\t     [-providerClass <provider_class_name> [-providerArg <arg>]] ..."));
        System.err.println();
        System.err.println(resourceBundle.getString("-storepasswd [-v] [-new <new_storepass>]"));
        System.err.println(resourceBundle.getString("\t     [-keystore <keystore>] [-storepass <storepass>]"));
        System.err.println(resourceBundle.getString("\t     [-storetype <storetype>] [-providerName <name>]"));
        System.err.println(resourceBundle.getString("\t     [-providerClass <provider_class_name> [-providerArg <arg>]] ..."));
        System.err.println();
        System.exit(1);
    }

    private Certificate[] validateReply(String str, Certificate certificate, Certificate[] certificateArr) throws Exception {
        Certificate certificate2;
        boolean z;
        KeyStore keyStore;
        PublicKey publicKey = certificate.getPublicKey();
        int i = 0;
        while (i < certificateArr.length && !publicKey.equals(certificateArr[i].getPublicKey())) {
            i++;
        }
        if (i == certificateArr.length) {
            throw new Exception(new MessageFormat(rb.getString("Certificate reply does not contain public key for <alias>")).format(new Object[]{str}));
        }
        Certificate certificate3 = certificateArr[0];
        certificateArr[0] = certificateArr[i];
        certificateArr[i] = certificate3;
        Principal issuerDN = ((X509Certificate) certificateArr[0]).getIssuerDN();
        for (int i2 = 1; i2 < certificateArr.length - 1; i2++) {
            int i3 = i2;
            while (true) {
                if (i3 >= certificateArr.length) {
                    break;
                }
                if (((X509Certificate) certificateArr[i3]).getSubjectDN().equals(issuerDN)) {
                    Certificate certificate4 = certificateArr[i2];
                    certificateArr[i2] = certificateArr[i3];
                    certificateArr[i3] = certificate4;
                    issuerDN = ((X509Certificate) certificateArr[i2]).getIssuerDN();
                    break;
                }
                i3++;
            }
            if (i3 == certificateArr.length) {
                throw new Exception(rb.getString("Incomplete certificate chain in reply"));
            }
        }
        int i4 = 0;
        while (i4 < certificateArr.length - 1) {
            int i5 = i4 + 1;
            try {
                certificateArr[i4].verify(certificateArr[i5].getPublicKey());
                i4 = i5;
            } catch (Exception e) {
                throw new Exception(rb.getString("Certificate chain in reply does not verify: ") + e.getMessage());
            }
        }
        if (this.noprompt) {
            return certificateArr;
        }
        Certificate certificate5 = certificateArr[certificateArr.length - 1];
        if (isTrusted(certificate5)) {
            return certificateArr;
        }
        if (!this.trustcacerts || (keyStore = this.caks) == null) {
            certificate2 = null;
        } else {
            Enumeration<String> aliases = keyStore.aliases();
            certificate2 = null;
            while (aliases.hasMoreElements()) {
                certificate2 = this.caks.getCertificate(aliases.nextElement());
                if (certificate2 != null) {
                    try {
                        certificate5.verify(certificate2.getPublicKey());
                        z = true;
                        break;
                    } catch (Exception unused) {
                    }
                }
            }
        }
        z = false;
        if (z) {
            if (isSelfSigned((X509Certificate) certificate5)) {
                return certificateArr;
            }
            int length = certificateArr.length + 1;
            Certificate[] certificateArr2 = new Certificate[length];
            System.arraycopy(certificateArr, 0, certificateArr2, 0, certificateArr.length);
            certificateArr2[length - 1] = certificate2;
            return certificateArr2;
        }
        System.err.println();
        PrintStream printStream = System.err;
        ResourceBundle resourceBundle = rb;
        printStream.println(resourceBundle.getString("Top-level certificate in reply:\n"));
        printX509Cert((X509Certificate) certificate5, System.out);
        System.err.println();
        System.err.print(resourceBundle.getString("... is not trusted. "));
        if (getYesNoReply(resourceBundle.getString("Install reply anyway? [no]:  ")).equals("NO")) {
            return null;
        }
        return certificateArr;
    }

    /* JADX WARN: Removed duplicated region for block: B:147:0x03e6  */
    /* JADX WARN: Removed duplicated region for block: B:150:0x03f4  */
    /* JADX WARN: Removed duplicated region for block: B:161:0x05a7  */
    /* JADX WARN: Removed duplicated region for block: B:184:? A[RETURN, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:185:0x043e  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    void doCommands(java.io.PrintStream r20) throws java.lang.Exception {
        /*
            Method dump skipped, instructions count: 1548
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: sun.security.tools.KeyTool.doCommands(java.io.PrintStream):void");
    }

    void parseArgs(String[] strArr) {
        String str;
        if (strArr.length == 0) {
            usage();
        }
        int i = 0;
        while (i < strArr.length && strArr[i].startsWith("-")) {
            String str2 = strArr[i];
            Collator collator2 = collator;
            if (collator2.compare(str2, "-certreq") == 0) {
                str = "certreq";
            } else if (collator2.compare(str2, "-delete") == 0) {
                str = "delete";
            } else if (collator2.compare(str2, "-export") == 0) {
                str = "export";
            } else if (collator2.compare(str2, "-genkey") == 0) {
                str = "genkey";
            } else {
                if (collator2.compare(str2, "-help") == 0) {
                    usage();
                    return;
                }
                if (collator2.compare(str2, "-identitydb") == 0) {
                    str = "identitydb";
                } else if (collator2.compare(str2, "-import") == 0) {
                    str = Constants.ELEMNAME_IMPORT_STRING;
                } else if (collator2.compare(str2, "-keyclone") == 0) {
                    str = "keyclone";
                } else if (collator2.compare(str2, "-keypasswd") == 0) {
                    str = "keypasswd";
                } else if (collator2.compare(str2, "-list") == 0) {
                    str = SchemaSymbols.ATTVAL_LIST;
                } else if (collator2.compare(str2, "-printcert") == 0) {
                    str = "printcert";
                } else if (collator2.compare(str2, "-selfcert") == 0) {
                    str = "selfcert";
                } else if (collator2.compare(str2, "-storepasswd") == 0) {
                    str = "storepasswd";
                } else {
                    if (collator2.compare(str2, "-keystore") == 0) {
                        i++;
                        if (i == strArr.length) {
                            usage();
                        }
                        this.ksfname = strArr[i];
                    } else if (collator2.compare(str2, "-storepass") == 0) {
                        i++;
                        if (i == strArr.length) {
                            usage();
                        }
                        this.storePass = strArr[i].toCharArray();
                    } else if (collator2.compare(str2, "-storetype") == 0) {
                        i++;
                        if (i == strArr.length) {
                            usage();
                        }
                        this.storetype = strArr[i];
                    } else if (collator2.compare(str2, "-providerName") == 0) {
                        i++;
                        if (i == strArr.length) {
                            usage();
                        }
                        this.providerName = strArr[i];
                    } else if (collator2.compare(str2, "-keypass") == 0) {
                        i++;
                        if (i == strArr.length) {
                            usage();
                        }
                        this.keyPass = strArr[i].toCharArray();
                    } else if (collator2.compare(str2, "-new") == 0) {
                        i++;
                        if (i == strArr.length) {
                            usage();
                        }
                        this.newPass = strArr[i].toCharArray();
                    } else if (collator2.compare(str2, "-alias") == 0) {
                        i++;
                        if (i == strArr.length) {
                            usage();
                        }
                        this.alias = strArr[i];
                    } else if (collator2.compare(str2, "-dest") == 0) {
                        i++;
                        if (i == strArr.length) {
                            usage();
                        }
                        this.dest = strArr[i];
                    } else if (collator2.compare(str2, "-dname") == 0) {
                        i++;
                        if (i == strArr.length) {
                            usage();
                        }
                        this.dname = strArr[i];
                    } else if (collator2.compare(str2, "-keysize") == 0) {
                        i++;
                        if (i == strArr.length) {
                            usage();
                        }
                        this.keysize = Integer.parseInt(strArr[i]);
                    } else if (collator2.compare(str2, "-keyalg") == 0) {
                        i++;
                        if (i == strArr.length) {
                            usage();
                        }
                        this.keyAlgName = strArr[i];
                    } else if (collator2.compare(str2, "-sigalg") == 0) {
                        i++;
                        if (i == strArr.length) {
                            usage();
                        }
                        this.sigAlgName = strArr[i];
                    } else if (collator2.compare(str2, "-validity") == 0) {
                        i++;
                        if (i == strArr.length) {
                            usage();
                        }
                        this.validity = Long.parseLong(strArr[i]);
                    } else if (collator2.compare(str2, "-file") == 0) {
                        i++;
                        if (i == strArr.length) {
                            usage();
                        }
                        this.filename = strArr[i];
                    } else if (collator2.compare(str2, "-provider") == 0 || collator2.compare(str2, "-providerClass") == 0) {
                        i++;
                        if (i == strArr.length) {
                            usage();
                        }
                        if (this.providers == null) {
                            this.providers = new Vector(3);
                        }
                        this.providers.add(strArr[i]);
                        int i2 = i + 1;
                        if (strArr.length > i2 && collator2.compare(strArr[i2], "-providerArg") == 0) {
                            int i3 = i + 2;
                            if (strArr.length == i3) {
                                usage();
                            }
                            this.providerArgs.put(strArr[i], strArr[i3]);
                            i = i3;
                        }
                    } else if (collator2.compare(str2, "-v") == 0) {
                        this.verbose = true;
                    } else if (collator2.compare(str2, "-debug") == 0) {
                        this.debug = true;
                    } else if (collator2.compare(str2, "-rfc") == 0) {
                        this.rfc = true;
                    } else if (collator2.compare(str2, "-noprompt") == 0) {
                        this.noprompt = true;
                    } else if (collator2.compare(str2, "-trustcacerts") == 0) {
                        this.trustcacerts = true;
                    } else if (collator2.compare(str2, "-protected") == 0) {
                        this.protectedPath = true;
                    } else {
                        System.err.println(rb.getString("Illegal option:  ") + str2);
                        usage();
                    }
                    i++;
                }
            }
            this.command = str;
            i++;
        }
        if (i < strArr.length || this.command == null) {
            usage();
        }
    }

    public void run(String[] strArr, PrintStream printStream) {
        char[] cArr;
        try {
            try {
                parseArgs(strArr);
                doCommands(printStream);
                char[] cArr2 = this.storePass;
                if (cArr2 != null) {
                    Arrays.fill(cArr2, ' ');
                    this.storePass = null;
                }
                char[] cArr3 = this.storePassNew;
                if (cArr3 != null) {
                    Arrays.fill(cArr3, ' ');
                    this.storePassNew = null;
                }
                char[] cArr4 = this.keyPass;
                if (cArr4 != null) {
                    Arrays.fill(cArr4, ' ');
                    this.keyPass = null;
                }
                char[] cArr5 = this.keyPassNew;
                if (cArr5 != null) {
                    Arrays.fill(cArr5, ' ');
                    this.keyPassNew = null;
                }
                char[] cArr6 = this.oldPass;
                if (cArr6 != null) {
                    Arrays.fill(cArr6, ' ');
                    this.oldPass = null;
                }
                cArr = this.newPass;
            } catch (Exception e) {
                System.out.println(rb.getString("keytool error: ") + ((Object) e));
                if (this.debug) {
                    e.printStackTrace();
                }
                System.exit(1);
                char[] cArr7 = this.storePass;
                if (cArr7 != null) {
                    Arrays.fill(cArr7, ' ');
                    this.storePass = null;
                }
                char[] cArr8 = this.storePassNew;
                if (cArr8 != null) {
                    Arrays.fill(cArr8, ' ');
                    this.storePassNew = null;
                }
                char[] cArr9 = this.keyPass;
                if (cArr9 != null) {
                    Arrays.fill(cArr9, ' ');
                    this.keyPass = null;
                }
                char[] cArr10 = this.keyPassNew;
                if (cArr10 != null) {
                    Arrays.fill(cArr10, ' ');
                    this.keyPassNew = null;
                }
                char[] cArr11 = this.oldPass;
                if (cArr11 != null) {
                    Arrays.fill(cArr11, ' ');
                    this.oldPass = null;
                }
                char[] cArr12 = this.newPass;
                if (cArr12 == null) {
                    return;
                } else {
                    Arrays.fill(cArr12, ' ');
                }
            }
            if (cArr != null) {
                Arrays.fill(cArr, ' ');
                this.newPass = null;
            }
        } catch (Throwable th) {
            char[] cArr13 = this.storePass;
            if (cArr13 != null) {
                Arrays.fill(cArr13, ' ');
                this.storePass = null;
            }
            char[] cArr14 = this.storePassNew;
            if (cArr14 != null) {
                Arrays.fill(cArr14, ' ');
                this.storePassNew = null;
            }
            char[] cArr15 = this.keyPass;
            if (cArr15 != null) {
                Arrays.fill(cArr15, ' ');
                this.keyPass = null;
            }
            char[] cArr16 = this.keyPassNew;
            if (cArr16 != null) {
                Arrays.fill(cArr16, ' ');
                this.keyPassNew = null;
            }
            char[] cArr17 = this.oldPass;
            if (cArr17 != null) {
                Arrays.fill(cArr17, ' ');
                this.oldPass = null;
            }
            char[] cArr18 = this.newPass;
            if (cArr18 != null) {
                Arrays.fill(cArr18, ' ');
                this.newPass = null;
            }
            throw th;
        }
    }
}
