package eu.europa.esig.dss.spi.x509;

import eu.europa.esig.dss.model.DSSException;
import eu.europa.esig.dss.model.x509.CertificateToken;
import eu.europa.esig.dss.spi.DSSUtils;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/dss-spi-6.0.jar:eu/europa/esig/dss/spi/x509/KeyStoreCertificateSource.class */
public class KeyStoreCertificateSource extends CommonCertificateSource {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) KeyStoreCertificateSource.class);
    private KeyStore keyStore;
    private char[] passwordProtection;

    @Deprecated
    public KeyStoreCertificateSource(String str, String str2) {
        this((InputStream) null, str, str2.toCharArray());
    }

    public KeyStoreCertificateSource(String str, char[] cArr) {
        this((InputStream) null, str, cArr);
    }

    @Deprecated
    public KeyStoreCertificateSource(String str, String str2, String str3) throws IOException {
        this(new File(str), str2, str3.toCharArray());
    }

    public KeyStoreCertificateSource(String str, String str2, char[] cArr) throws IOException {
        this(new File(str), str2, cArr);
    }

    @Deprecated
    public KeyStoreCertificateSource(File file, String str, String str2) throws IOException {
        this(Files.newInputStream(file.toPath(), new OpenOption[0]), str, str2.toCharArray());
    }

    public KeyStoreCertificateSource(File file, String str, char[] cArr) throws IOException {
        this(Files.newInputStream(file.toPath(), new OpenOption[0]), str, cArr);
    }

    @Deprecated
    public KeyStoreCertificateSource(InputStream inputStream, String str, String str2) {
        initKeystore(inputStream, str, str2.toCharArray());
    }

    public KeyStoreCertificateSource(InputStream inputStream, String str, char[] cArr) {
        initKeystore(inputStream, str, cArr);
    }

    private void initKeystore(InputStream inputStream, String str, char[] cArr) {
        try {
            try {
                this.keyStore = KeyStore.getInstance(str);
                this.keyStore.load(inputStream, cArr);
                this.passwordProtection = cArr;
                extractCertificates();
                if (inputStream != null) {
                    inputStream.close();
                }
            } finally {
            }
        } catch (IOException | GeneralSecurityException e) {
            throw new DSSException("Unable to initialize the keystore", e);
        }
    }

    private void extractCertificates() {
        try {
            Enumeration<String> aliases = this.keyStore.aliases();
            while (aliases.hasMoreElements()) {
                super.addCertificate(DSSUtils.loadCertificate(this.keyStore.getCertificate(getKey(aliases.nextElement())).getEncoded()));
            }
        } catch (GeneralSecurityException e) {
            throw new DSSException("Unable to retrieve certificates from the keystore", e);
        }
    }

    public CertificateToken getCertificate(String str) {
        try {
            String key = getKey(str);
            if (this.keyStore.containsAlias(key)) {
                return DSSUtils.loadCertificate(this.keyStore.getCertificate(key).getEncoded());
            }
            LOG.warn("Certificate '{}' not found in the keystore", key);
            return null;
        } catch (GeneralSecurityException e) {
            throw new DSSException("Unable to retrieve certificate from the keystore", e);
        }
    }

    public void addAllCertificatesToKeyStore(List<CertificateToken> list) {
        Iterator<CertificateToken> it = list.iterator();
        while (it.hasNext()) {
            addCertificateToKeyStore(it.next());
        }
    }

    public void addCertificateToKeyStore(CertificateToken certificateToken) {
        try {
            this.keyStore.setCertificateEntry(getKey(certificateToken.getDSSIdAsString()), certificateToken.getCertificate());
            super.addCertificate(certificateToken);
            LOG.debug("Certificate '{}' successfully added to the keystore", certificateToken);
        } catch (GeneralSecurityException e) {
            throw new DSSException("Unable to add certificate to the keystore", e);
        }
    }

    @Override // eu.europa.esig.dss.spi.x509.CommonCertificateSource, eu.europa.esig.dss.spi.x509.CertificateSource
    public CertificateToken addCertificate(CertificateToken certificateToken) {
        throw new UnsupportedOperationException("Use addCertificateToKeyStore(CertificateToken) method to add a certificate to keyStore!");
    }

    public void deleteCertificateFromKeyStore(String str) {
        try {
            if (this.keyStore.containsAlias(str)) {
                removeCertificate(getCertificate(str));
                this.keyStore.deleteEntry(str);
                LOG.debug("Certificate '{}' successfully removed from the keystore", str);
            } else {
                LOG.warn("Certificate '{}' not found in the keystore", str);
            }
        } catch (GeneralSecurityException e) {
            throw new DSSException("Unable to delete certificate from the keystore", e);
        }
    }

    public void clearAllCertificates() {
        try {
            Enumeration<String> aliases = this.keyStore.aliases();
            while (aliases.hasMoreElements()) {
                deleteCertificateFromKeyStore(aliases.nextElement());
            }
            reset();
            LOG.debug("Keystore has been successfully cleared");
        } catch (GeneralSecurityException e) {
            throw new DSSException("Unable to clear certificates from the keystore", e);
        }
    }

    public void store(OutputStream outputStream) {
        try {
            this.keyStore.store(outputStream, this.passwordProtection);
        } catch (IOException | GeneralSecurityException e) {
            throw new DSSException("Unable to store the keystore", e);
        }
    }

    private String getKey(String str) {
        return "PKCS12".equals(this.keyStore.getType()) ? str.toLowerCase(Locale.ROOT) : str;
    }
}
