package es.gob.afirma.keystores;

import es.gob.afirma.core.keystores.KeyStoreRefresher;
import es.gob.afirma.core.misc.Base64;
import es.gob.afirma.core.misc.protocol.UrlParametersToSign;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.logging.Logger;
import javax.security.auth.callback.PasswordCallback;

/* loaded from: input_file:es/gob/afirma/keystores/AOKeyStoreManager.class */
public class AOKeyStoreManager implements KeyStoreRefresher {
    protected static final Logger LOGGER = Logger.getLogger("es.gob.afirma");
    private String[] a = null;
    private AOKeyStore b;
    private KeyStore c;
    private InputStream d;
    private PasswordCallback e;
    private Object[] f;

    /* JADX INFO: Access modifiers changed from: protected */
    public void resetCachedAliases() {
        this.a = null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String[] getCachedAliases() {
        return this.a;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setCachedAliases(String[] strArr) {
        this.a = (String[]) strArr.clone();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setKeyStore(KeyStore keyStore) {
        if (keyStore == null) {
            throw new IllegalArgumentException("El almacen no puede ser nulo");
        }
        this.c = keyStore;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public KeyStore getKeyStore() {
        return this.c;
    }

    @Override // es.gob.afirma.core.keystores.KeyStoreRefresher
    public void refresh() {
        resetCachedAliases();
        try {
            init(this.b, this.d, this.e, this.f, true);
        } catch (AOKeyStoreManagerException e) {
            throw new IOException("Error al refrescar el almacen: " + e, e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean lacksKeyStores() {
        return this.c == null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setKeyStoreType(AOKeyStore aOKeyStore) {
        this.b = aOKeyStore;
    }

    public AOKeyStore getType() {
        return this.b;
    }

    public void init(AOKeyStore aOKeyStore, InputStream inputStream, PasswordCallback passwordCallback, Object[] objArr, boolean z) {
        Object[] objArr2;
        if (aOKeyStore == null) {
            throw new IllegalArgumentException("Se ha solicitado inicializar un AOKeyStore nulo");
        }
        LOGGER.info("Inicializamos el almacen de tipo: " + aOKeyStore);
        resetCachedAliases();
        this.b = aOKeyStore;
        this.d = inputStream;
        this.e = passwordCallback;
        if (objArr == null) {
            this.f = null;
        } else {
            this.f = new Object[objArr.length];
            System.arraycopy(objArr, 0, this.f, 0, objArr.length);
        }
        switch (a.a[this.b.ordinal()]) {
            case UrlParametersToSign.OP_SIGN /* 1 */:
                this.c = g.a(inputStream, passwordCallback);
                return;
            case UrlParametersToSign.OP_COSIGN /* 2 */:
                this.c = d.a(passwordCallback, (objArr == null || objArr.length <= 0) ? null : objArr[0]);
                return;
            case UrlParametersToSign.OP_COUNTERSIGN /* 3 */:
            case 4:
            case 5:
                this.c = e.a(inputStream, passwordCallback, this.b);
                return;
            case 6:
            case 7:
                this.c = c.a(this.b);
                return;
            case Base64.DO_BREAK_LINES /* 8 */:
                if (objArr != null) {
                    objArr2 = new Object[objArr.length];
                    System.arraycopy(objArr, 0, objArr2, 0, objArr.length);
                } else {
                    objArr2 = null;
                }
                this.c = f.a(passwordCallback, objArr2);
                return;
            case 9:
                this.c = b.a(inputStream);
                return;
            default:
                throw new UnsupportedOperationException("Tipo de almacen no soportado: " + inputStream);
        }
    }

    public KeyStore.PrivateKeyEntry getKeyEntry(String str, PasswordCallback passwordCallback) {
        if (this.c == null) {
            throw new IllegalStateException("Se han pedido claves a un almacen no inicializado");
        }
        if (str == null) {
            throw new IllegalArgumentException("El alias no puede ser nulo");
        }
        return (KeyStore.PrivateKeyEntry) this.c.getEntry(str, passwordCallback != null ? new KeyStore.PasswordProtection(passwordCallback.getPassword()) : null);
    }

    public X509Certificate getCertificate(String str) {
        if (str == null) {
            LOGGER.warning("El alias del certificado es nulo, se devolvera null");
            return null;
        }
        if (this.c == null) {
            LOGGER.warning("No se ha podido recuperar el certificado con alias '" + str + "' porque el KeyStore no estaba inicializado, se devolvera null");
            return null;
        }
        try {
            return (X509Certificate) this.c.getCertificate(str);
        } catch (Exception e) {
            LOGGER.severe("Error intentando recuperar el certificado con el alias '" + str + "', se devolvera null: " + e);
            return null;
        }
    }

    public X509Certificate[] getCertificateChain(String str) {
        if (str == null) {
            LOGGER.warning("El alias del certificado es nulo, se devolvera una cadena vacia");
            return new X509Certificate[0];
        }
        if (this.c == null) {
            LOGGER.warning("No se ha podido recuperar el certificado con alias '" + str + "' porque el KeyStore no estaba inicializado, se devolvera una cadena vacia");
            return new X509Certificate[0];
        }
        try {
            Certificate[] certificateChain = this.c.getCertificateChain(str);
            if (certificateChain == null) {
                return new X509Certificate[0];
            }
            ArrayList arrayList = new ArrayList();
            for (Certificate certificate : certificateChain) {
                if (certificate instanceof X509Certificate) {
                    arrayList.add((X509Certificate) certificate);
                }
            }
            return (X509Certificate[]) arrayList.toArray(new X509Certificate[0]);
        } catch (Exception e) {
            LOGGER.severe("Error intentando recuperar la cadena del certificado con alias '" + str + "', se continuara con el siguiente almacen: " + e);
            LOGGER.warning("El almacen no contiene ningun certificado con el alias '" + str + "', se devolvera una cadena vacia");
            return new X509Certificate[0];
        }
    }

    public String[] getAliases() {
        if (this.c == null) {
            throw new IllegalStateException("Se han pedido alias a un almacen no inicializado");
        }
        if (this.a != null) {
            return this.a;
        }
        try {
            this.a = (String[]) Collections.list(this.c.aliases()).toArray(new String[0]);
            return this.a;
        } catch (KeyStoreException e) {
            LOGGER.severe("Error intentando recuperar los alias, se devolvera una lista vacia: " + e);
            return new String[0];
        }
    }

    public String toString() {
        StringBuilder sb = new StringBuilder("Gestor de almacenes de claves");
        if (this.b != null) {
            String name = this.b.getName();
            if (name != null) {
                sb.append(" de tipo ");
                sb.append(name);
            }
            String name2 = this.b.getName();
            if (name2 != null) {
                sb.append(" con nombre ");
                sb.append(name2);
            }
            sb.append(" de clase ");
            sb.append(this.b.toString());
        }
        return sb.toString();
    }
}
