package iaik.smime.ess.utils;

import iaik.DebugCMS;
import iaik.cms.CertificateIdentifier;
import iaik.cms.IssuerAndSerialNumber;
import iaik.cms.KeyIdentifier;
import iaik.cms.Utils;
import iaik.pkcs.pkcs12.CertificateBag;
import iaik.pkcs.pkcs12.KeyBag;
import iaik.pkcs.pkcs12.PKCS12;
import iaik.smime.TrustVerifier;
import iaik.utils.ASN1InputStream;
import iaik.utils.KeyAndCertificate;
import iaik.utils.Util;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.Hashtable;

/* loaded from: input_file:iaik/smime/ess/utils/KeyStoreDatabase.class */
public class KeyStoreDatabase implements KeyDatabase {
    protected TrustVerifier trustVerifier_;
    private static boolean a;
    protected Hashtable keyBase_ = new Hashtable(20);
    protected Hashtable certBase_ = new Hashtable(20);

    public String toString(boolean z) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(new StringBuffer("This KeyStoreDatabase contains ").append(this.keyBase_.size()).append(" key and ").append(this.certBase_.size()).append(" certificate entries.").toString());
        if (z) {
            stringBuffer.append("\nKey Entries: ");
            if (this.keyBase_.size() == 0) {
                stringBuffer.append("0");
            } else {
                Enumeration keys = this.keyBase_.keys();
                while (keys.hasMoreElements()) {
                    stringBuffer.append(new StringBuffer("\n ").append(Utils.printIndented(keys.nextElement().toString(), false)).toString());
                }
            }
            stringBuffer.append("\nCertificate Entries:\n");
            if (this.certBase_.size() == 0) {
                stringBuffer.append("0");
            } else {
                Enumeration keys2 = this.certBase_.keys();
                while (keys2.hasMoreElements()) {
                    stringBuffer.append(new StringBuffer("\n ").append(Utils.printIndented(keys2.nextElement().toString(), false)).toString());
                }
            }
        }
        stringBuffer.append("\n");
        return stringBuffer.toString();
    }

    public String toString() {
        return toString(false);
    }

    public void store(OutputStream outputStream, char[] cArr, String str, String str2) throws IOException, NoSuchAlgorithmException, NoSuchProviderException, KeyStoreDatabaseException {
        try {
            KeyStore keyStore = str2 == null ? KeyStore.getInstance(str) : KeyStore.getInstance(str, str2);
            keyStore.load(null, null);
            Enumeration elements = this.keyBase_.elements();
            while (elements.hasMoreElements()) {
                a aVar = (a) elements.nextElement();
                PrivateKey d = aVar.d();
                try {
                    d = (PrivateKey) ESSUtil.convertKey(d, str2);
                } catch (Exception e) {
                    if (a) {
                        System.out.println("Error converting key:");
                        e.printStackTrace();
                    }
                }
                X509Certificate[] b = aVar.b();
                try {
                    b = ESSUtil.convertCertificateChain(b, str2);
                } catch (Exception e2) {
                    if (a) {
                        System.out.println("Error converting certificate chain:");
                        e2.printStackTrace();
                    }
                }
                keyStore.setKeyEntry(aVar.a(), d, cArr, b);
            }
            Enumeration elements2 = this.certBase_.elements();
            while (elements2.hasMoreElements()) {
                c cVar = (c) elements2.nextElement();
                X509Certificate b2 = cVar.b();
                try {
                    b2 = ESSUtil.convertCertificate(b2, str2);
                } catch (Exception e3) {
                    if (a) {
                        System.out.println("Error converting certificate:");
                        e3.printStackTrace();
                    }
                }
                keyStore.setCertificateEntry(cVar.a(), b2);
            }
            keyStore.store(outputStream, cArr);
        } catch (KeyStoreException e4) {
            throw new KeyStoreDatabaseException(e4.toString());
        } catch (CertificateException e5) {
            throw new KeyStoreDatabaseException(e5.toString());
        }
    }

    public void setTrustVerifier(TrustVerifier trustVerifier) {
        this.trustVerifier_ = trustVerifier;
    }

    public void reset() {
        this.keyBase_.clear();
        this.certBase_.clear();
    }

    public void init(KeyStore keyStore, char[] cArr) throws KeyStoreDatabaseException {
        reset();
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (keyStore.isKeyEntry(nextElement)) {
                    addKey(keyStore.getKey(nextElement, cArr), keyStore.getCertificateChain(nextElement), nextElement);
                } else {
                    addCertificate(keyStore.getCertificate(nextElement), nextElement);
                }
            }
        } catch (Exception e) {
            throw new KeyStoreDatabaseException(new StringBuffer("Error in initializing KeyStoreDatabase: ").append(e.getMessage()).toString());
        }
    }

    public void init(InputStream inputStream, char[] cArr, String str, String str2) throws KeyStoreDatabaseException, IOException {
        try {
            KeyStore keyStore = str2 == null ? KeyStore.getInstance(str) : KeyStore.getInstance(str, str2);
            keyStore.load(inputStream, cArr);
            init(keyStore, cArr);
        } catch (IOException e) {
            throw e;
        } catch (Exception e2) {
            throw new KeyStoreDatabaseException(new StringBuffer("Error loading keystore: ").append(e2.toString()).toString());
        }
    }

    public TrustVerifier getTrustVerifier() {
        return this.trustVerifier_;
    }

    public int getSize() {
        return this.keyBase_.size() + this.certBase_.size();
    }

    public int getNumberOfKeyEntries() {
        return this.keyBase_.size();
    }

    public int getNumberOfCertificateEntries() {
        return this.certBase_.size();
    }

    @Override // iaik.smime.ess.utils.KeyDatabase
    public Key getKey(KeyIdentifier keyIdentifier) throws KeyStoreDatabaseException {
        if (!(keyIdentifier instanceof IssuerAndSerialNumber)) {
            throw new KeyStoreDatabaseException("Only KeyIdentifiers of type IssuerAndSerialNumbers are supported!");
        }
        PrivateKey privateKey = null;
        a aVar = (a) this.keyBase_.get((IssuerAndSerialNumber) keyIdentifier);
        if (aVar != null) {
            if (this.trustVerifier_ == null) {
                privateKey = aVar.d();
            } else if (this.trustVerifier_.verifyChain(aVar.b())) {
                privateKey = aVar.d();
            }
        }
        return privateKey;
    }

    @Override // iaik.smime.ess.utils.CertificateDatabase
    public iaik.x509.X509Certificate[] getCertificateChain(CertificateIdentifier certificateIdentifier) throws KeyStoreDatabaseException {
        if (!(certificateIdentifier instanceof IssuerAndSerialNumber)) {
            throw new KeyStoreDatabaseException("Only KeyIdentifiers of type IssuerAndSerialNumbers are supported!");
        }
        iaik.x509.X509Certificate[] x509CertificateArr = null;
        a aVar = (a) this.keyBase_.get((IssuerAndSerialNumber) certificateIdentifier);
        if (aVar != null) {
            x509CertificateArr = aVar.b();
        } else {
            c cVar = (c) this.certBase_.get((IssuerAndSerialNumber) certificateIdentifier);
            if (cVar != null) {
                x509CertificateArr = new iaik.x509.X509Certificate[]{cVar.b()};
            }
        }
        if (this.trustVerifier_ != null && x509CertificateArr != null && x509CertificateArr.length > 0 && !this.trustVerifier_.verifyChain(x509CertificateArr)) {
            x509CertificateArr = new iaik.x509.X509Certificate[0];
        }
        return x509CertificateArr;
    }

    @Override // iaik.smime.ess.utils.CertificateDatabase
    public iaik.x509.X509Certificate getCertificate(CertificateIdentifier certificateIdentifier) throws KeyStoreDatabaseException {
        iaik.x509.X509Certificate x509Certificate = null;
        iaik.x509.X509Certificate[] certificateChain = getCertificateChain(certificateIdentifier);
        if (certificateChain.length > 0) {
            x509Certificate = certificateChain[0];
        }
        return x509Certificate;
    }

    public KeyAndCertificate[] getAllKeys() {
        KeyAndCertificate[] keyAndCertificateArr = new KeyAndCertificate[this.keyBase_.size()];
        int i = 0;
        Enumeration elements = this.keyBase_.elements();
        while (elements.hasMoreElements()) {
            int i2 = i;
            i++;
            keyAndCertificateArr[i2] = ((a) elements.nextElement()).c();
        }
        return keyAndCertificateArr;
    }

    public iaik.x509.X509Certificate[] getAllCertificates() {
        int i = 0;
        iaik.x509.X509Certificate[] x509CertificateArr = new iaik.x509.X509Certificate[this.certBase_.size()];
        Enumeration elements = this.certBase_.elements();
        while (elements.hasMoreElements()) {
            int i2 = i;
            i++;
            x509CertificateArr[i2] = ((c) elements.nextElement()).b();
        }
        return x509CertificateArr;
    }

    public void addKey(Key key, Certificate[] certificateArr, String str) throws KeyStoreDatabaseException {
        if (!(key instanceof PrivateKey)) {
            throw new KeyStoreDatabaseException("Only private keys are supported as key entries!");
        }
        if (certificateArr == null && certificateArr.length == 0) {
            throw new KeyStoreDatabaseException("Cannot add key entry. Missing corresponding certificate!");
        }
        try {
            iaik.x509.X509Certificate[] convertCertificateChain = ESSUtil.convertCertificateChain(certificateArr);
            this.keyBase_.put(new IssuerAndSerialNumber(convertCertificateChain[0]), new a((PrivateKey) key, convertCertificateChain, str));
        } catch (Exception e) {
            throw new KeyStoreDatabaseException(new StringBuffer("Error adding certificate: ").append(e.toString()).toString());
        }
    }

    public void addKey(InputStream inputStream, char[] cArr, String str) throws KeyStoreDatabaseException, IOException {
        try {
            addKey(new PKCS12(new ASN1InputStream(inputStream)), cArr, str);
        } catch (IOException e) {
            throw e;
        } catch (Exception e2) {
            throw new KeyStoreDatabaseException(new StringBuffer("Cannot add key. Error parsing PKCS#12 file: ").append(e2.toString()).toString());
        }
    }

    public void addKey(PKCS12 pkcs12, char[] cArr, String str) throws KeyStoreDatabaseException {
        try {
            if (!pkcs12.verify(cArr)) {
                throw new KeyStoreDatabaseException("Error verifying MAC of PKCS#12 object!");
            }
            pkcs12.decrypt(cArr);
            KeyBag keyBag = pkcs12.getKeyBag();
            PrivateKey privateKey = keyBag.getPrivateKey();
            iaik.x509.X509Certificate[] certificates = CertificateBag.getCertificates(pkcs12.getCertificateBags());
            if (certificates == null || certificates.length < 1) {
                throw new KeyStoreDatabaseException("Missing certificates!");
            }
            iaik.x509.X509Certificate[] arrangeCertificateChain = Util.arrangeCertificateChain(ESSUtil.convertCertificateChain(certificates), false);
            if (arrangeCertificateChain == null) {
                throw new KeyStoreDatabaseException("Unable to sort certificates included in PKCS#12 object!");
            }
            String str2 = str;
            if (str2 == null) {
                str2 = keyBag.getFriendlyName();
            }
            if (str2 == null) {
                throw new KeyStoreDatabaseException("Cannot adding key entry: Missing alias!");
            }
            addKey((Key) privateKey, (Certificate[]) arrangeCertificateChain, str2);
        } catch (Exception e) {
            throw new KeyStoreDatabaseException(new StringBuffer("Cannot adding key entry: ").append(e.getMessage()).toString());
        }
    }

    public void addCertificate(Certificate certificate, String str) throws KeyStoreDatabaseException {
        if (certificate != null) {
            try {
                iaik.x509.X509Certificate convertCertificate = ESSUtil.convertCertificate(certificate);
                this.certBase_.put(new IssuerAndSerialNumber(convertCertificate), new c(convertCertificate, str));
            } catch (Exception e) {
                throw new KeyStoreDatabaseException(new StringBuffer("Error adding certificate: ").append(e.toString()).toString());
            }
        }
    }

    static {
        a = DebugCMS.getDebugMode() && a;
    }
}
