package es.gob.afirma.keystores;

import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.Constructor;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.logging.Logger;
import javax.crypto.BadPaddingException;
import javax.security.auth.callback.PasswordCallback;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:es/gob/afirma/keystores/f.class */
public final class f {
    private static final Logger a = Logger.getLogger("es.gob.afirma");

    /* JADX INFO: Access modifiers changed from: package-private */
    public static KeyStore a(PasswordCallback passwordCallback, Object[] objArr) {
        char[] password;
        if (objArr == null || objArr.length < 2) {
            throw new IOException("No se puede acceder al KeyStore PKCS#11 si no se especifica la biblioteca");
        }
        if (objArr[0] == null) {
            throw new IllegalArgumentException("No se puede acceder al KeyStore PKCS#11 si se especifica una biblioteca nula");
        }
        String obj = objArr[0].toString();
        Integer num = null;
        if (objArr.length >= 3 && (objArr[2] instanceof Integer)) {
            num = (Integer) objArr[2];
        }
        String replace = new File(obj).getName().replace('.', '_').replace(' ', '_');
        Provider provider = Security.getProvider("SunPKCS11-" + replace);
        if (provider == null) {
            try {
                Constructor<?> constructor = Class.forName("sun.security.pkcs11.SunPKCS11").getConstructor(InputStream.class);
                byte[] bytes = KeyStoreUtilities.a(obj, replace, num).getBytes();
                try {
                    provider = (Provider) constructor.newInstance(new ByteArrayInputStream(bytes));
                } catch (Exception e) {
                    try {
                        provider = (Provider) constructor.newInstance(new ByteArrayInputStream(bytes));
                    } catch (Exception e2) {
                        throw new AOKeyStoreManagerException("No se ha podido instanciar el proveedor SunPKCS11 para la la biblioteca " + obj, e2);
                    }
                }
                Security.addProvider(provider);
            } catch (Exception e3) {
                throw new MissingSunPKCS11Exception(e3);
            }
        } else {
            a.info("El proveedor SunPKCS11 solicitado ya estaba instanciado, se reutilizara esa instancia: " + provider.getName());
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(AOKeyStore.PKCS11.getProviderName(), provider);
            if (passwordCallback != null) {
                try {
                    password = passwordCallback.getPassword();
                } catch (IOException e4) {
                    if ((e4.getCause() instanceof UnrecoverableKeyException) || (e4.getCause() instanceof BadPaddingException)) {
                        throw new IOException("Contrasena invalida: " + e4, e4);
                    }
                    throw new AOKeyStoreManagerException("No se ha podido obtener el almacen PKCS#11 solicitado", e4);
                } catch (NoSuchAlgorithmException e5) {
                    Security.removeProvider(provider.getName());
                    throw new AOKeyStoreManagerException("No se ha podido verificar la integridad del almacen PKCS#11 solicitado", e5);
                } catch (CertificateException e6) {
                    Security.removeProvider(provider.getName());
                    throw new AOKeyStoreManagerException("No se han podido cargar los certificados del almacen PKCS#11 solicitado", e6);
                }
            } else {
                password = null;
            }
            keyStore.load(null, password);
            return keyStore;
        } catch (Exception e7) {
            Security.removeProvider(provider.getName());
            throw new AOKeyStoreManagerException("No se ha podido obtener el almacen PKCS#11", e7);
        }
    }
}
