package by.avest.crypto.pkcs11.provider.universal;

import by.avest.crypto.pkcs11.provider.AvestProvider;
import by.avest.crypto.pkcs11.provider.Util;
import by.avest.crypto.util.NativeLibraryLoader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.Key;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.ProviderException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;

/* loaded from: input_file:by/avest/crypto/pkcs11/provider/universal/AvPersonalKeyStore.class */
public class AvPersonalKeyStore extends KeyStoreSpi {
    static final int PROV_UNKNOWN = -1;
    static final int PROV_BASE = 0;
    static final int PROV_BIGN = 1;
    private List<KeyEntry> entries = new ArrayList();
    private CertificateFactory cf;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:by/avest/crypto/pkcs11/provider/universal/AvPersonalKeyStore$KeyEntry.class */
    public static class KeyEntry {
        private X509Certificate[] chain;
        private String alias;
        private int provType;

        public KeyEntry(X509Certificate[] x509CertificateArr, String str, int i) {
            this.chain = x509CertificateArr;
            if (str == null) {
                this.alias = String.valueOf(x509CertificateArr.hashCode());
            } else {
                this.alias = str;
            }
            this.provType = i;
        }

        public final X509Certificate[] getChain() {
            return this.chain;
        }

        public final String getAlias() {
            return this.alias;
        }

        public final int getProvType() {
            return this.provType;
        }
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineGetKey(" + str + ")");
        }
        if (str == null) {
            return null;
        }
        int provType = getProvType(str);
        if (provType == -1) {
            if (!Util.isDebug()) {
                return null;
            }
            Util.log(getClass().getName() + ".engineGetKey(" + str + "): unknown");
            return null;
        }
        if (cArr == null) {
            throw new IllegalArgumentException("password is null");
        }
        try {
            PrivateKey key = AbstractTokenKeyStore.getInstance(provType).getKey(str, cArr);
            if (Util.isDebug()) {
                Util.log(getClass().getName() + ".engineGetKey(" + str + "): " + (key == null ? "not found" : key.getClass().getName()));
            }
            return key;
        } catch (Exception e) {
            UnrecoverableKeyException unrecoverableKeyException = new UnrecoverableKeyException(e.getMessage());
            unrecoverableKeyException.initCause(e);
            throw unrecoverableKeyException;
        } catch (NoClassDefFoundError e2) {
            UnrecoverableKeyException unrecoverableKeyException2 = new UnrecoverableKeyException("Device type associated with selected certificate is not installed");
            unrecoverableKeyException2.initCause(e2);
            throw unrecoverableKeyException2;
        } catch (UnrecoverableKeyException e3) {
            throw e3;
        }
    }

    private String getEnumerator(int i) {
        switch (i) {
            case 0:
                return "AvToken";
            case 1:
                return "AvBign";
            default:
                throw new IllegalArgumentException("provType=" + i);
        }
    }

    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineGetCertificateChain(" + str + ")");
        }
        if (str == null) {
            return null;
        }
        X509Certificate[] chain = getChain(str);
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineGetCertificateChain(" + str + "): " + (chain == null ? "not found" : "found chain with " + chain.length + " certificates"));
        }
        return chain;
    }

    private int getProvType(String str) {
        for (KeyEntry keyEntry : this.entries) {
            if (keyEntry.getAlias().equals(str)) {
                return keyEntry.getProvType();
            }
        }
        return -1;
    }

    private X509Certificate[] getChain(String str) {
        for (KeyEntry keyEntry : this.entries) {
            if (keyEntry.getAlias().equals(str)) {
                return (X509Certificate[]) keyEntry.getChain().clone();
            }
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineGetCertificate(" + str + ")");
        }
        X509Certificate[] chain = getChain(str);
        X509Certificate x509Certificate = (chain == null || chain.length == 0) ? null : chain[0];
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineGetCertificate(" + str + "): " + (x509Certificate == null ? "not found" : "found"));
        }
        return x509Certificate;
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        if (!Util.isDebug()) {
            return null;
        }
        Util.log(getClass().getName() + ".engineGetCreationDate(" + str + ")");
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineSetKeyEntry(" + str + ", " + Util.getClassName(key) + ", password, certificate chain)");
        }
        throw new UnsupportedOperationException();
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineSetKeyEntry(" + str + ", protected key, certificate chain)");
        }
        throw new UnsupportedOperationException();
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineSetCertificateEntry(" + str + ", certificate)");
        }
        throw new UnsupportedOperationException();
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) throws KeyStoreException {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineDeleteEntry(" + str + ")");
        }
        throw new UnsupportedOperationException();
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration<String> engineAliases() {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineAliases()");
        }
        final Iterator<KeyEntry> it = this.entries.iterator();
        return new Enumeration<String>() { // from class: by.avest.crypto.pkcs11.provider.universal.AvPersonalKeyStore.1
            @Override // java.util.Enumeration
            public boolean hasMoreElements() {
                return it.hasNext();
            }

            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.util.Enumeration
            public String nextElement() {
                return ((KeyEntry) it.next()).getAlias();
            }
        };
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineContainsAlias(" + str + ")");
        }
        boolean z = getChain(str) != null;
        if (z) {
            if (Util.isDebug()) {
                Util.log(getClass().getName() + ".engineContainsAlias(" + str + "): exists");
            }
        } else if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineContainsAlias(" + str + "): does not exist");
        }
        return z;
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineSize()");
        }
        int size = this.entries.size();
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineSize(): " + size);
        }
        return size;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineIsKeyEntry(" + str + ")");
        }
        if (str == null) {
            return false;
        }
        if (getProvType(str) == -1) {
            if (!Util.isDebug()) {
                return false;
            }
            Util.log(getClass().getName() + ".engineIsKeyEntry(" + str + "): unknown");
            return false;
        }
        if (!Util.isDebug()) {
            return true;
        }
        Util.log(getClass().getName() + ".engineIsKeyEntry(" + str + "): true (entry exists but container presence check may require password)");
        return true;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineIsCertificateEntry(" + str + ")");
        }
        boolean z = getChain(str) != null;
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineIsCertificateEntry(" + str + "): " + z);
        }
        return z;
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineGetCertificateAlias(certificate)");
        }
        if (certificate == null) {
            return null;
        }
        String certificateAlias = getCertificateAlias(certificate);
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineGetCertificateAlias(certificate): " + certificateAlias);
        }
        return certificateAlias;
    }

    private String getCertificateAlias(Certificate certificate) {
        for (KeyEntry keyEntry : this.entries) {
            if (certificate.equals(keyEntry.getChain()[0])) {
                return keyEntry.getAlias();
            }
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineStore(stream, password)");
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        if (Util.isDebug()) {
            Util.log(getClass().getName() + ".engineLoad(stream, password)");
        }
        try {
            NativeLibraryLoader.getInstance(AvestProvider.NATIVE_LOADER_NAME).loadLibrary("AvUniversalJNI");
            this.entries.clear();
            loadMSCertificates();
            if (Util.isDebug()) {
                Util.log(getClass().getName() + ".engineLoad(stream, password): loaded entries count: " + this.entries.size());
            }
        } catch (KeyStoreException e) {
            throw new ProviderException(e.getMessage(), e);
        }
    }

    private void generateCertificate(byte[] bArr, Collection<Certificate> collection) {
        try {
            if (this.cf == null) {
                this.cf = CertificateFactory.getInstance("X.509");
            }
            collection.addAll(this.cf.generateCertificates(new ByteArrayInputStream(bArr)));
        } catch (CertificateException e) {
            if (Util.isDebug()) {
                Util.log("cert parse error");
                e.printStackTrace();
            }
        } catch (Throwable th) {
            if (Util.isDebug()) {
                Util.log("unexpected error");
                th.printStackTrace();
            }
        }
    }

    private void generateCertificateChainAndKey(String str, Collection<X509Certificate> collection, int i) {
        try {
            X509Certificate[] x509CertificateArr = (X509Certificate[]) collection.toArray(new X509Certificate[0]);
            if (Util.isDebug()) {
                Util.log("found private key entry, alias: " + str + ", provType (internal): " + i);
                Util.log("private key associated cert chain (size: " + collection.size() + "): ");
                Iterator<X509Certificate> it = collection.iterator();
                while (it.hasNext()) {
                    Util.debug(it.next());
                }
            }
            this.entries.add(new KeyEntry(x509CertificateArr, str, i));
        } catch (Throwable th) {
            if (Util.isDebug()) {
                Util.log("unexpected error");
                th.printStackTrace();
            }
        }
    }

    private native void loadMSCertificates() throws KeyStoreException;
}
