package es.gob.afirma.keystores.single;

import es.gob.afirma.core.misc.AOUtil;
import es.gob.afirma.core.misc.Base64;
import es.gob.afirma.ui.utils.Constants;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.DataInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.security.Key;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Map;
import java.util.logging.Logger;

/* loaded from: input_file:es/gob/afirma/keystores/single/SingleCertKeyStore.class */
public final class SingleCertKeyStore extends KeyStoreSpi {
    private static final Logger LOGGER = Logger.getLogger(Constants.OUR_NODE_NAME);
    private static final String PEM_FOOTER = "-----END CERTIFICATE-----";
    private static final String PEM_HEADER = "-----BEGIN CERTIFICATE-----";
    private final Map<String, X509Certificate> certificates = new Hashtable();
    private CertificateFactory cf = null;

    @Override // java.security.KeyStoreSpi
    public Enumeration<String> engineAliases() {
        return Collections.enumeration(this.certificates.keySet());
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        if (str == null) {
            return false;
        }
        Enumeration<String> engineAliases = engineAliases();
        while (engineAliases.hasMoreElements()) {
            if (engineAliases.nextElement().equals(str)) {
                return true;
            }
        }
        return false;
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) throws KeyStoreException {
        if (str == null) {
            return;
        }
        this.certificates.remove(str);
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        if (str == null) {
            return null;
        }
        return this.certificates.get(str);
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        if (!(certificate instanceof X509Certificate)) {
            return null;
        }
        Enumeration<String> engineAliases = engineAliases();
        while (engineAliases.hasMoreElements()) {
            String nextElement = engineAliases.nextElement();
            if (this.certificates.get(nextElement).equals(certificate)) {
                return nextElement;
            }
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        return !engineContainsAlias(str) ? new Certificate[0] : new Certificate[]{this.certificates.get(str)};
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        return new Date();
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
        if (engineContainsAlias(str)) {
            return engineGetCertificate(str).getPublicKey();
        }
        throw new UnrecoverableKeyException("No hay ningun certificado con el alias '" + str + "'");
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        return false;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        return false;
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        if (inputStream == null) {
            throw new IOException("Se necesitan certificados");
        }
        byte[] dataFromInputStream = AOUtil.getDataFromInputStream(inputStream);
        try {
            if (this.cf == null) {
                this.cf = CertificateFactory.getInstance("X.509");
            }
            Collection<? extends Certificate> generateCertificates = this.cf.generateCertificates(new ByteArrayInputStream(dataFromInputStream));
            if (generateCertificates == null || generateCertificates.isEmpty()) {
                getCertificatesFromStream(dataFromInputStream);
                return;
            }
            for (Certificate certificate : generateCertificates) {
                if (certificate instanceof X509Certificate) {
                    try {
                        this.certificates.put(AOUtil.getCN((X509Certificate) certificate), (X509Certificate) certificate);
                    } catch (Exception e) {
                        LOGGER.warning("Error anadiendo un certificado, se ignorara y se continuara con los siguientes: " + e);
                    }
                } else {
                    LOGGER.warning("Se ha encontrado un certificado en un formato que no es X.509, se ignorara");
                }
            }
        } catch (Exception e2) {
            LOGGER.warning("La factoria no ha podido generar los certificados directamente, se probara con un pretratamiento: " + e2);
            getCertificatesFromStream(dataFromInputStream);
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        return 1;
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
    }

    private void getCertificatesFromStream(byte[] bArr) {
        Collection<? extends Certificate> collection = null;
        try {
            if (this.cf == null) {
                this.cf = CertificateFactory.getInstance("X.509");
            }
            collection = this.cf.generateCertificates(new ByteArrayInputStream(Base64.decode(new String(bArr).replace("%0A", "").replace("%2F", "/").replace("%2B", "+").replace("%3D", "="))));
        } catch (Exception e) {
        }
        if (collection != null) {
            for (Certificate certificate : collection) {
                if (certificate instanceof X509Certificate) {
                    try {
                        this.certificates.put(AOUtil.getCN((X509Certificate) certificate), (X509Certificate) certificate);
                    } catch (Exception e2) {
                        LOGGER.warning("Error anadiendo un certificado, se ignorara y se continuara con los siguientes: " + e2);
                    }
                } else {
                    LOGGER.warning("Se ha encontrado un certificado en un formato que no es X.509, se ignorara");
                }
            }
            return;
        }
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(new DataInputStream(new ByteArrayInputStream(bArr))));
        String str = null;
        StringBuilder sb = null;
        while (true) {
            try {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    return;
                }
                if (readLine.trim().equals(PEM_HEADER)) {
                    sb = new StringBuilder(readLine);
                    sb.append("\n");
                } else if (readLine.trim().equals(PEM_FOOTER)) {
                    if (sb != null) {
                        sb.append(readLine);
                        addCertificate(sb.toString(), str);
                        sb = null;
                        str = null;
                    }
                } else if (readLine.trim().startsWith("friendlyName:")) {
                    str = readLine.replace("friendlyName:", "").trim();
                } else if (sb != null) {
                    sb.append(readLine);
                    sb.append("\n");
                }
            } catch (Exception e3) {
                LOGGER.severe("Error leyendo los certificados, puede que no se anadiesen todos: " + e3);
                return;
            }
        }
    }

    private void addCertificate(String str, String str2) {
        if (str == null) {
            LOGGER.warning("El certificado es nulo, no se anadira al almacen");
            return;
        }
        try {
            if (this.cf == null) {
                this.cf = CertificateFactory.getInstance("X.509");
            }
            X509Certificate x509Certificate = (X509Certificate) this.cf.generateCertificate(new ByteArrayInputStream(str.getBytes()));
            if (x509Certificate == null) {
                LOGGER.warning("Error generando el certificado, no se anadira al almacen");
            } else {
                this.certificates.put(str2 != null ? str2 : AOUtil.getCN(x509Certificate), x509Certificate);
            }
        } catch (Exception e) {
            LOGGER.warning("Error generando el certificado, no se anadira al almacen: " + e);
        }
    }
}
