package es.gob.jmulticard.jse.provider;

import es.gob.jmulticard.apdu.connection.ApduConnection;
import es.gob.jmulticard.card.AuthenticationModeLockedException;
import es.gob.jmulticard.card.BadPinException;
import es.gob.jmulticard.card.CryptoCard;
import es.gob.jmulticard.card.CryptoCardException;
import es.gob.jmulticard.card.PrivateKeyReference;
import es.gob.jmulticard.card.dnie.DnieFactory;
import es.gob.jmulticard.card.dnie.DniePrivateKeyReference;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreSpi;
import java.security.PrivateKey;
import java.security.ProviderException;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.List;
import java.util.logging.Logger;

/* loaded from: input_file:es/gob/jmulticard/jse/provider/DnieKeyStoreImpl.class */
public final class DnieKeyStoreImpl extends KeyStoreSpi {
    private CryptoCard a = null;
    private List b = null;

    @Override // java.security.KeyStoreSpi
    public Enumeration engineAliases() {
        return Collections.enumeration(this.b);
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        return this.b.contains(str);
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) {
        throw new UnsupportedOperationException();
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        if (!engineContainsAlias(str)) {
            return null;
        }
        try {
            return this.a.getCertificate(str);
        } catch (BadPinException e) {
            throw new BadPasswordProviderException(e);
        } catch (CryptoCardException e2) {
            throw new ProviderException(e2);
        }
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        if (!(certificate instanceof X509Certificate)) {
            return null;
        }
        BigInteger serialNumber = ((X509Certificate) certificate).getSerialNumber();
        for (String str : this.b) {
            if (((X509Certificate) engineGetCertificate(str)).getSerialNumber() == serialNumber) {
                return str;
            }
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        X509Certificate x509Certificate;
        if (!engineContainsAlias(str)) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add((X509Certificate) engineGetCertificate(str));
        try {
            x509Certificate = this.a.getCertificate("CertCAIntermediaDGP");
        } catch (AuthenticationModeLockedException e) {
            throw e;
        } catch (BadPinException e2) {
            throw new BadPasswordProviderException(e2);
        } catch (Exception e3) {
            Logger.getLogger("es.gob.jmulticard").warning("No se ha podido cargar el certificado de la CA intermedia: " + e3);
            x509Certificate = null;
        }
        X509Certificate x509Certificate2 = null;
        if (x509Certificate != null) {
            arrayList.add(x509Certificate);
            try {
                x509Certificate2 = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(DnieKeyStoreImpl.class.getResourceAsStream("/ACRAIZ-SHA2.crt"));
            } catch (Exception e4) {
                x509Certificate2 = null;
                Logger.getLogger("es.gob.jmulticard").warning("No se ha podido cargar el certificado de la CA raiz: " + e4);
            }
            if (x509Certificate2 != null) {
                try {
                    x509Certificate.verify(x509Certificate2.getPublicKey());
                } catch (Exception e5) {
                    x509Certificate2 = null;
                    Logger.getLogger("es.gob.jmulticard").info("La CA raiz de DNIe precargada no es la emisora de este DNIe: " + e5);
                }
            }
        }
        if (x509Certificate2 != null) {
            arrayList.add(x509Certificate2);
        }
        return (Certificate[]) arrayList.toArray(new X509Certificate[0]);
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        throw new UnsupportedOperationException();
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) {
        if (!engineContainsAlias(str)) {
            return null;
        }
        try {
            PrivateKeyReference privateKey = this.a.getPrivateKey(str);
            if (privateKey instanceof DniePrivateKeyReference) {
                return new DniePrivateKey((DniePrivateKeyReference) privateKey);
            }
            throw new ProviderException("La clave obtenida de la tarjeta no es del tipo esperado, se ha obtenido: " + privateKey.getClass().getName());
        } catch (CryptoCardException e) {
            throw new ProviderException(e);
        }
    }

    @Override // java.security.KeyStoreSpi
    public KeyStore.Entry engineGetEntry(String str, KeyStore.ProtectionParameter protectionParameter) {
        if (protectionParameter != null) {
            Logger.getLogger("es.gob.jmulticard").warning("Se ha proporcionado un ProtectionParameter, pero este se ignorara, ya que el PIN se gestiona internamente");
        }
        if (engineContainsAlias(str)) {
            return new KeyStore.PrivateKeyEntry((PrivateKey) engineGetKey(str, null), engineGetCertificateChain(str));
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        return this.b.contains(str);
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        return this.b.contains(str);
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) {
        if (loadStoreParameter != null) {
            Logger.getLogger("es.gob.jmulticard").warning("Se ha proporcionado un LoadStoreParameter, pero este se ignorara, la contrasena se gestiona internamente");
        }
        this.a = DnieFactory.getDnie(DnieProvider.a(), null, new JseCryptoHelper());
        this.b = Arrays.asList(this.a.getAliases());
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) {
        try {
            this.a = DnieFactory.getDnie(DnieProvider.a() == null ? (ApduConnection) Class.forName("es.gob.jmulticard.jse.smartcardio.SmartcardIoConnection").newInstance() : DnieProvider.a(), cArr != null ? new a(cArr) : null, new JseCryptoHelper());
            this.b = Arrays.asList(this.a.getAliases());
        } catch (Exception e) {
            throw new IllegalStateException("No hay una conexion de APDU por defecto: " + e);
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) {
        throw new UnsupportedOperationException();
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) {
        throw new UnsupportedOperationException();
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) {
        throw new UnsupportedOperationException();
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        return this.b.size();
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) {
        throw new UnsupportedOperationException();
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineEntryInstanceOf(String str, Class cls) {
        if (engineContainsAlias(str)) {
            return cls.equals(KeyStore.PrivateKeyEntry.class);
        }
        return false;
    }
}
