package aQute.bnd.signing;

import aQute.bnd.osgi.EmbeddedResource;
import aQute.bnd.osgi.Jar;
import aQute.bnd.osgi.Processor;
import aQute.bnd.osgi.Resource;
import aQute.lib.base64.Base64;
import aQute.lib.io.IO;
import aQute.libg.cryptography.MD5;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.PrintWriter;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Signature;
import java.util.Map;
import java.util.jar.Manifest;
import java.util.regex.Pattern;

/* loaded from: input_file:lib/biz.aQute.bndlib-3.1.0.jar:aQute/bnd/signing/Signer.class */
public class Signer extends Processor {
    static final int BUFFER_SIZE = 4096;
    static Pattern METAINFDIR = Pattern.compile("META-INF/[^/]*");
    String[] digestNames = {MD5.ALGORITHM};
    File keystoreFile = new File("keystore");
    String password;
    String alias;

    public void signJar(Jar jar) {
        if (this.digestNames == null || this.digestNames.length == 0) {
            error("Need at least one digest algorithm name, none are specified", new Object[0]);
        }
        if (this.keystoreFile == null || !this.keystoreFile.getAbsoluteFile().exists()) {
            error("No such keystore file: " + this.keystoreFile, new Object[0]);
            return;
        }
        if (this.alias == null) {
            error("Private key alias not set for signing", new Object[0]);
            return;
        }
        MessageDigest[] messageDigestArr = new MessageDigest[this.digestNames.length];
        getAlgorithms(this.digestNames, messageDigestArr);
        try {
            Manifest manifest = jar.getManifest();
            manifest.getMainAttributes().putValue("Signed-By", "Bnd");
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            manifest.write(byteArrayOutputStream);
            doManifest(jar, this.digestNames, messageDigestArr, byteArrayOutputStream);
            byteArrayOutputStream.flush();
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            jar.putResource("META-INF/MANIFEST.MF", new EmbeddedResource(byteArray, 0L));
            byte[] doSignatureFile = doSignatureFile(this.digestNames, messageDigestArr, byteArray);
            jar.putResource("META-INF/BND.SF", new EmbeddedResource(doSignatureFile, 0L));
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            FileInputStream fileInputStream = null;
            try {
                try {
                    fileInputStream = new FileInputStream(this.keystoreFile);
                    char[] charArray = this.password == null ? new char[0] : this.password.toCharArray();
                    keyStore.load(fileInputStream, charArray);
                    fileInputStream.close();
                    KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(this.alias, new KeyStore.PasswordProtection(charArray));
                    IO.close(fileInputStream);
                    PrivateKey privateKey = privateKeyEntry.getPrivateKey();
                    Signature signature = Signature.getInstance("MD5withRSA");
                    signature.initSign(privateKey);
                    signature.update(doSignatureFile);
                    signature.sign();
                    jar.putResource("META-INF/BND.RSA", new EmbeddedResource(new ByteArrayOutputStream().toByteArray(), 0L));
                } catch (Exception e) {
                    error("No able to load the private key from the give keystore(" + this.keystoreFile.getAbsolutePath() + ") with alias " + this.alias + " : " + e, new Object[0]);
                    IO.close(fileInputStream);
                }
            } catch (Throwable th) {
                IO.close(fileInputStream);
                throw th;
            }
        } catch (Exception e2) {
            error("During signing: " + e2, new Object[0]);
        }
    }

    private byte[] doSignatureFile(String[] strArr, MessageDigest[] messageDigestArr, byte[] bArr) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        PrintWriter writer = IO.writer(byteArrayOutputStream);
        writer.print("Signature-Version: 1.0\r\n");
        for (int i = 0; i < messageDigestArr.length; i++) {
            if (messageDigestArr[i] != null) {
                byte[] digest = messageDigestArr[i].digest(bArr);
                writer.print(strArr[i] + "-Digest-Manifest: ");
                writer.print(new Base64(digest));
                writer.print("\r\n");
            }
        }
        return byteArrayOutputStream.toByteArray();
    }

    private void doManifest(Jar jar, String[] strArr, MessageDigest[] messageDigestArr, OutputStream outputStream) throws Exception {
        for (Map.Entry<String, Resource> entry : jar.getResources().entrySet()) {
            String key = entry.getKey();
            if (!METAINFDIR.matcher(key).matches()) {
                outputStream.write("\r\n".getBytes("UTF-8"));
                outputStream.write("Name: ".getBytes("UTF-8"));
                outputStream.write(key.getBytes("UTF-8"));
                outputStream.write("\r\n".getBytes("UTF-8"));
                digest(messageDigestArr, entry.getValue());
                for (int i = 0; i < messageDigestArr.length; i++) {
                    if (messageDigestArr[i] != null) {
                        outputStream.write((strArr[i] + "-Digest: " + new Base64(messageDigestArr[i].digest()) + "\r\n").getBytes("UTF-8"));
                    }
                }
            }
        }
    }

    private void digest(MessageDigest[] messageDigestArr, Resource resource) throws Exception {
        InputStream openInputStream = resource.openInputStream();
        byte[] bArr = new byte[4096];
        int read = openInputStream.read(bArr);
        while (true) {
            int i = read;
            if (i <= 0) {
                return;
            }
            for (int i2 = 0; i2 < messageDigestArr.length; i2++) {
                if (messageDigestArr[i2] != null) {
                    messageDigestArr[i2].update(bArr, 0, i);
                }
            }
            read = openInputStream.read(bArr);
        }
    }

    private void getAlgorithms(String[] strArr, MessageDigest[] messageDigestArr) {
        for (int i = 0; i < messageDigestArr.length; i++) {
            try {
                messageDigestArr[i] = MessageDigest.getInstance(strArr[i]);
            } catch (NoSuchAlgorithmException e) {
                error("Specified digest algorithm " + strArr[i] + ", but not such algorithm was found: " + e, new Object[0]);
            }
        }
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public void setKeystore(File file) {
        this.keystoreFile = file;
    }

    public void setAlias(String str) {
        this.alias = str;
    }
}
