package kz.gov.pki.kalkan.jce.provider;

import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;
import kz.gov.pki.kalkan.jce.spec.ECKalkanPrivateKeySpec;
import kz.gov.pki.kalkan.jce.spec.KalkanRSAPrivateKeySpec;
import kz.gov.pki.kalkan.util.BigIntegers;
import kz.gov.pki.kalkan.util.io.Streams;
import org.apache.xml.security.keys.content.x509.XMLX509Certificate;

/* loaded from: classes.dex */
public class JDKKalkanFileKeyStore extends KeyStoreSpi {
    private static final byte BLOBHEADERSIZE = 8;
    private static final byte PRIVATEKEYBLOB = 7;
    private Hashtable<String, StoreEntry> entries = new Hashtable<>();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class StoreEntry {
        public String alias;
        public Certificate cert;
        public Certificate[] certChain;
        public Date date;
        public Key privKey;

        private StoreEntry() {
            this.alias = "";
            this.date = new Date();
            this.certChain = null;
            this.cert = null;
            this.privKey = null;
        }
    }

    private static void addIssuerCertToChain(String str, Certificate certificate, Vector<Certificate> vector) {
        Principal issuerDN = ((X509CertificateObject) certificate).getIssuerDN();
        File file = new File(str);
        if (!file.exists()) {
            throw new CertificateException("Specified directory not found");
        }
        File[] listFiles = file.listFiles();
        for (int i = 0; i < listFiles.length; i++) {
            if (listFiles[i].isFile() && listFiles[i].getName().indexOf(".cer") == listFiles[i].getName().length() - 4) {
                try {
                    Certificate certificateFromFile = getCertificateFromFile(listFiles[i].getPath());
                    Principal subjectDN = ((X509CertificateObject) certificateFromFile).getSubjectDN();
                    if (issuerDN.equals(subjectDN)) {
                        vector.add(certificateFromFile);
                        if (subjectDN.equals(((X509CertificateObject) certificateFromFile).getIssuerDN())) {
                            return;
                        }
                        addIssuerCertToChain(str, certificateFromFile, vector);
                        return;
                    }
                    continue;
                } catch (CertificateException e) {
                    e.toString();
                }
            }
        }
    }

    private static Certificate[] getCertificateChainFromFile(String str, String str2) {
        Vector vector = new Vector();
        Certificate certificateFromFile = getCertificateFromFile(str, str2);
        if (certificateFromFile == null) {
            return null;
        }
        vector.add(certificateFromFile);
        addIssuerCertToChain(str, certificateFromFile, vector);
        Certificate[] certificateArr = new Certificate[vector.size()];
        for (int i = 0; i < vector.size(); i++) {
            certificateArr[i] = (Certificate) vector.elementAt(i);
        }
        return certificateArr;
    }

    private static Certificate getCertificateFromFile(String str) {
        try {
            FileInputStream fileInputStream = new FileInputStream(str);
            Certificate generateCertificate = CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID, KalkanProvider.PROVIDER_NAME).generateCertificate(fileInputStream);
            fileInputStream.close();
            return generateCertificate;
        } catch (FileNotFoundException e) {
            e.toString();
            return null;
        } catch (IOException e2) {
            e2.toString();
            return null;
        }
    }

    private static Certificate getCertificateFromFile(String str, String str2) {
        return getCertificateFromFile(str + File.separator + str2 + File.separator + "MY" + File.separator + str2 + ".cer");
    }

    private static PrivateKey getPrivateKeyFromFile(String str, String str2, Certificate certificate) {
        try {
            FileInputStream fileInputStream = new FileInputStream(str + File.separator + str2 + File.separator + str2 + ".blob");
            byte[] readAll = Streams.readAll(fileInputStream);
            fileInputStream.close();
            String algorithm = ((X509CertificateObject) certificate).getPublicKey().getAlgorithm();
            if (algorithm.compareTo("ECGOST3410") == 0) {
                return new JCEKalkanECPrivateKey(new ECKalkanPrivateKeySpec(readAll));
            }
            if (algorithm.compareTo("RSA") == 0) {
                return new JDKKalkanRSAPrivateKey(new KalkanRSAPrivateKeySpec(readAll));
            }
            throw new NoSuchAlgorithmException("Unsupported algorithm");
        } catch (FileNotFoundException e) {
            e.toString();
            return null;
        } catch (IOException e2) {
            e2.toString();
            return null;
        }
    }

    private static RSAPrivateCrtKeySpec getRSAPrivateKeySpecFromBytes(byte[] bArr) {
        if (bArr[0] != 7) {
            throw new InvalidKeySpecException("Data is not a private key");
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr, 12, bArr.length - 12);
        int intValue = BigIntegers.getFromByteStream(byteArrayInputStream, 4, true).intValue();
        BigInteger fromByteStream = BigIntegers.getFromByteStream(byteArrayInputStream, 4, true);
        int i = intValue / 8;
        BigInteger fromByteStream2 = BigIntegers.getFromByteStream(byteArrayInputStream, i, true);
        int i2 = intValue / 16;
        BigInteger fromByteStream3 = BigIntegers.getFromByteStream(byteArrayInputStream, i2, true);
        BigInteger fromByteStream4 = BigIntegers.getFromByteStream(byteArrayInputStream, i2, true);
        BigInteger fromByteStream5 = BigIntegers.getFromByteStream(byteArrayInputStream, i2, true);
        BigInteger fromByteStream6 = BigIntegers.getFromByteStream(byteArrayInputStream, i2, true);
        BigInteger fromByteStream7 = BigIntegers.getFromByteStream(byteArrayInputStream, i2, true);
        BigInteger fromByteStream8 = BigIntegers.getFromByteStream(byteArrayInputStream, i, true);
        byteArrayInputStream.close();
        return new RSAPrivateCrtKeySpec(fromByteStream2, fromByteStream, fromByteStream8, fromByteStream3, fromByteStream4, fromByteStream5, fromByteStream6, fromByteStream7);
    }

    private StoreEntry readEntry(String str, String str2) {
        StoreEntry storeEntry = new StoreEntry();
        storeEntry.alias = str2.toUpperCase();
        storeEntry.cert = getCertificateFromFile(str, str2);
        storeEntry.certChain = getCertificateChainFromFile(str, str2);
        storeEntry.privKey = getPrivateKeyFromFile(str, str2, storeEntry.cert);
        if (storeEntry.cert != null) {
            storeEntry.date = ((X509CertificateObject) storeEntry.cert).getNotBefore();
        }
        return storeEntry;
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration<String> engineAliases() {
        return this.entries.keys();
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        return this.entries.get(str.toUpperCase()) == null;
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) {
        this.entries.remove(str.toUpperCase());
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        StoreEntry storeEntry = this.entries.get(str.toUpperCase());
        if (storeEntry == null) {
            return null;
        }
        return storeEntry.cert;
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        Enumeration<StoreEntry> elements = this.entries.elements();
        while (elements.hasMoreElements()) {
            StoreEntry nextElement = elements.nextElement();
            if (nextElement.cert.equals(certificate)) {
                return nextElement.alias.toUpperCase();
            }
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        StoreEntry storeEntry = this.entries.get(str.toUpperCase());
        if (storeEntry == null) {
            return null;
        }
        return storeEntry.certChain;
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        StoreEntry storeEntry = this.entries.get(str.toUpperCase());
        if (storeEntry == null) {
            return null;
        }
        return storeEntry.date;
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) {
        StoreEntry storeEntry = this.entries.get(str.toUpperCase());
        if (storeEntry == null) {
            return null;
        }
        return storeEntry.privKey;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        StoreEntry storeEntry = this.entries.get(str.toUpperCase());
        return storeEntry != null && storeEntry.privKey == null;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        StoreEntry storeEntry = this.entries.get(str.toUpperCase());
        return (storeEntry == null || storeEntry.privKey == null) ? false : true;
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) {
        String str = new String(Streams.readAll(inputStream));
        File file = new File(str);
        if (!file.exists()) {
            throw new IOException("Specified directory not found");
        }
        this.entries.clear();
        File[] listFiles = file.listFiles();
        for (int i = 0; i < listFiles.length; i++) {
            if (listFiles[i].isDirectory()) {
                try {
                    StoreEntry readEntry = readEntry(str, listFiles[i].getName());
                    if (readEntry.cert != null || (readEntry.privKey != null && readEntry.cert != null && readEntry.certChain != null)) {
                        this.entries.put(readEntry.alias.toUpperCase(), readEntry);
                    }
                } catch (NoSuchProviderException e) {
                    throw new CertificateException(e.getMessage());
                } catch (InvalidKeySpecException e2) {
                    throw new CertificateException(e2.getMessage());
                }
            }
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) {
        boolean z;
        StoreEntry storeEntry = this.entries.get(str.toUpperCase());
        if (storeEntry == null) {
            StoreEntry storeEntry2 = new StoreEntry();
            storeEntry2.alias = str.toUpperCase();
            storeEntry = storeEntry2;
            z = true;
        } else {
            z = false;
        }
        storeEntry.cert = certificate;
        storeEntry.date = ((X509CertificateObject) storeEntry.cert).getNotBefore();
        if (z) {
            this.entries.put(str.toUpperCase(), storeEntry);
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) {
        boolean z;
        if (key == null || certificateArr == null) {
            throw new KeyStoreException("Invalid arguments");
        }
        try {
            StoreEntry storeEntry = this.entries.get(str.toUpperCase());
            if (storeEntry == null) {
                StoreEntry storeEntry2 = new StoreEntry();
                storeEntry2.alias = str.toUpperCase();
                storeEntry = storeEntry2;
                z = true;
            } else {
                z = false;
            }
            storeEntry.cert = certificateArr[0];
            storeEntry.certChain = certificateArr;
            storeEntry.privKey = key;
            storeEntry.date = ((X509CertificateObject) storeEntry.cert).getNotBefore();
            if (z) {
                this.entries.put(str.toUpperCase(), storeEntry);
            }
        } catch (Exception e) {
            throw new KeyStoreException(e.getMessage());
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) {
        throw new UnsupportedOperationException();
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        return this.entries.size();
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) {
        throw new UnsupportedOperationException();
    }
}
