package org.catcert.crypto.keyStoreImpl;

import java.io.IOException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.ProviderException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;
import org.catcert.AddSunMSCAPIProvider;
import org.catcert.crypto.keyStoreImpl.jks.JavaKeyStore;
import org.catcert.crypto.keyStoreImpl.jks.JavaKeyStoreException;
import org.catcert.crypto.keyStoreImpl.macosx.MacOSXKeyStore;
import org.catcert.crypto.keyStoreImpl.macosx.MacOSXKeyStoreException;
import org.catcert.crypto.keyStoreImpl.mozilla.MozillaKeyStore;
import org.catcert.crypto.keyStoreImpl.mozilla.MozillaKeyStoreException;
import org.catcert.crypto.keyStoreImpl.mozilla.MozillaKeyStores;
import org.catcert.crypto.keyStoreImpl.pkcs11.PKCS11KeyStore;
import org.catcert.crypto.keyStoreImpl.pkcs11.PKCS11KeyStoreException;
import org.catcert.crypto.keyStoreImpl.pkcs12.PKCS12KeyStore;
import org.catcert.crypto.keyStoreImpl.pkcs12.PKCS12KeyStoreException;
import org.catcert.crypto.keyStoreImpl.windows.MSKeyStore;
import org.catcert.crypto.keyStoreImpl.windows.MSKeyStoreException;
import org.catcert.crypto.utils.Utils;
import org.catcert.utils.AppletUtils;
import org.catcert.utils.I18n;

/* loaded from: input_file:org/catcert/crypto/keyStoreImpl/CertificateStore.class */
public class CertificateStore {
    public static final int Generic_keystore = 0;
    public static final int MS_keystore = 1;
    public static final int PKCS12_keystore = 2;
    public static final int Smartcard_keystore = 3;
    public static final int Mozilla_keystore = 4;
    public static final int Java_keystore = 5;
    public static final int MacOSX_keystore = 6;
    private CompositeKeyStore store = new CompositeKeyStore();
    private HashMap<String, String> aliases = new HashMap<>();

    public CertificateStore(int i, List<String> list, char[] cArr) throws CertificateStoreException {
        try {
            switch (i) {
                case 1:
                    try {
                        try {
                            AddSunMSCAPIProvider.load();
                            this.store.addKeyStore(new MSKeyStore(MSKeyStore.USER_STORE));
                            try {
                                this.store.addKeyStore(new PKCS11KeyStore(new String[]{"C:\\WINDOWS\\system32\\pkcs11-win.dll", "C:\\WINNT\\system32\\pkcs11-win.dll", "C:\\Windows\\SysWOW64\\pkcs11-win.dll", "/usr/local/lib/libclauerpkcs11.so", "/usr/local/lib/libpkcs11.so"}, "clauer idCAT", "IDCAT_DEFAULT"));
                                return;
                            } catch (PKCS11KeyStoreException e) {
                                System.out.println("No s'ha pogut carregar el clauer");
                                return;
                            }
                        } catch (IOException e2) {
                            e2.printStackTrace();
                            throw new CertificateStoreException(e2.getMessage());
                        }
                    } catch (InterruptedException e3) {
                        e3.printStackTrace();
                        throw new CertificateStoreException(e3.getMessage());
                    }
                case 2:
                    try {
                        this.store.addKeyStore(new PKCS12KeyStore(list.get(0), cArr));
                        return;
                    } catch (PKCS12KeyStoreException e4) {
                        e4.printStackTrace();
                        throw new CertificateStoreException(e4.getMessage());
                    }
                case 3:
                    if (list != null && !list.isEmpty()) {
                        addPKCS11ToKS(list);
                    }
                    if (this.store.isEmpty()) {
                        throw new CertificateStoreException(I18n.getInstance().translate("pkcs11.onLoad.error"));
                    }
                    return;
                case 4:
                    try {
                        Iterator<MozillaKeyStore> it = new MozillaKeyStores().getMozillaKeystores().iterator();
                        while (it.hasNext()) {
                            this.store.addKeyStore(it.next());
                        }
                        try {
                            this.store.addKeyStore(new PKCS11KeyStore(new String[]{"C:\\WINDOWS\\system32\\pkcs11-win.dll", "C:\\WINNT\\system32\\pkcs11-win.dll", "C:\\Windows\\SysWOW64\\pkcs11-win.dll", "/usr/local/lib/libclauerpkcs11.so", "/usr/local/lib/libpkcs11.so"}, "clauer IdCAT", "IDCAT_DEFAULT"));
                        } catch (PKCS11KeyStoreException e5) {
                            System.out.println("No s'ha pogut carregar el clauer");
                        }
                        try {
                            this.store.addKeyStore(new PKCS11KeyStore(new String[]{"C:\\WINDOWS\\system32\\aetpkss1.dll", "C:\\WINNT\\system32\\aetpkss1.dll", "C:\\Windows\\SysWOW64\\aetpkss1.dll", "/usr/lib/libaetpkss.so"}, "TCAT", "TCAT_DEFAULT"));
                        } catch (PKCS11KeyStoreException e6) {
                            System.out.println("No s'ha pogut carregar la TCAT");
                        }
                        String[] strArr = {"/usr/lib/opensc-pkcs11.so", "/usr/local/lib/opensc-pkcs11.so", "/lib/opensc-pkcs11.so", "C:\\WINDOWS\\system32\\UsrPkcs11.dll", "C:\\Windows\\SysWOW64\\UsrPkcs11.dll"};
                        try {
                            this.store.addKeyStore(new PKCS11KeyStore(strArr, "dnie", "DNIE_DEFAULT"));
                        } catch (PKCS11KeyStoreException e7) {
                            if (e7.getCause() != null && e7.getCause().getClass().equals(ProviderException.class)) {
                                try {
                                    this.store.addKeyStore(new PKCS11KeyStore(strArr, "dnie", "DNIE_DEFAULT"));
                                } catch (PKCS11KeyStoreException e8) {
                                    System.out.println("No s'ha pogut carregar el dnie");
                                }
                            }
                        }
                        if (list == null || list.isEmpty()) {
                            return;
                        }
                        addPKCS11ToKS(list);
                        return;
                    } catch (MozillaKeyStoreException e9) {
                        e9.printStackTrace();
                        throw new CertificateStoreException(e9.getMessage());
                    }
                case 5:
                    try {
                        this.store.addKeyStore(new JavaKeyStore(list.get(0), cArr));
                        return;
                    } catch (JavaKeyStoreException e10) {
                        e10.printStackTrace();
                        throw new CertificateStoreException(e10.getMessage(), e10.getCause());
                    }
                case 6:
                    try {
                        this.store.addKeyStore(new MacOSXKeyStore(MacOSXKeyStore.KEY_CHAIN_STORE));
                        return;
                    } catch (MacOSXKeyStoreException e11) {
                        e11.printStackTrace();
                        throw new CertificateStoreException(e11.getMessage());
                    }
                default:
                    throw new CertificateStoreException("keystore specified doesn't exists, keyStore_type: " + i);
            }
        } catch (MSKeyStoreException e12) {
            e12.printStackTrace();
            throw new CertificateStoreException(e12.getMessage(), e12.getCause());
        }
        e12.printStackTrace();
        throw new CertificateStoreException(e12.getMessage(), e12.getCause());
    }

    private void addPKCS11ToKS(List<String> list) {
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            String replaceAll = it.next().replaceAll("\\s", "");
            if (replaceAll.contains("[")) {
                List<String> params = AppletUtils.getParams(replaceAll.replaceAll("\\[", ""), "]");
                try {
                    String replaceAll2 = params.get(1).replaceAll("\\,", "");
                    this.store.addKeyStore(new PKCS11KeyStore((String[]) AppletUtils.getParams(params.get(0), ",").toArray(new String[0]), replaceAll2, replaceAll2));
                } catch (IndexOutOfBoundsException e) {
                    System.out.println("No s'ha especificat correctament el parametre pkcs11_files");
                } catch (PKCS11KeyStoreException e2) {
                    System.out.println("No s'ha pogut carregar la llibreria del pkcs11: " + params.get(0));
                }
            } else {
                List<String> params2 = AppletUtils.getParams(replaceAll, ",");
                try {
                    this.store.addKeyStore(new PKCS11KeyStore(params2.get(0), params2.get(1), params2.get(1)));
                } catch (IndexOutOfBoundsException e3) {
                    System.out.println("No s'ha especificat correctament el parametre pkcs11_files");
                } catch (PKCS11KeyStoreException e4) {
                    System.out.println("No s'ha pogut carregar la llibreria del pkcs11: " + params2.get(0));
                }
            }
        }
    }

    public CompositeKeyStore getStore() {
        return this.store;
    }

    public Object[] getSigningCertificates(Vector<String> vector, Vector<String> vector2, String str) throws CertificateStoreException {
        try {
            Enumeration<String> aliases = this.store.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                X509Certificate certificate = this.store.getCertificate(nextElement);
                if (certificate.getKeyUsage() != null && (certificate.getKeyUsage()[0] || certificate.getKeyUsage()[1])) {
                    if (checkValidityPeriod(certificate) && isCAallowed(certificate, vector) && isOIDallowed(certificate, vector2) && isTextinSubjectDN(certificate, str)) {
                        try {
                            if (!this.store.getProvider(nextElement).getName().equals("Apple")) {
                                this.aliases.put(String.valueOf(Utils.getCN(certificate, "subject")) + " (" + Utils.getCN(certificate, "issuer") + ") - SN: " + certificate.getSerialNumber(), nextElement);
                            } else if (this.store.getKey(nextElement, "nonnull".toCharArray()) != null) {
                                this.aliases.put(String.valueOf(Utils.getCN(certificate, "subject")) + " (" + Utils.getCN(certificate, "issuer") + ") - SN: " + certificate.getSerialNumber(), nextElement);
                            }
                        } catch (NoSuchAlgorithmException e) {
                            e.printStackTrace();
                        } catch (UnrecoverableKeyException e2) {
                            e2.printStackTrace();
                        }
                    }
                }
            }
            if (this.aliases.isEmpty()) {
                throw new KeyStoreException("No hi ha certificats disponibles per a signar");
            }
            return this.aliases.keySet().toArray();
        } catch (KeyStoreException e3) {
            e3.printStackTrace();
            throw new CertificateStoreException(e3.getMessage());
        }
    }

    public String getAliasFromCN(String str) {
        return this.aliases.get(str);
    }

    public Object[] getCNFromAlias(String str) throws KeyStoreException {
        if (!this.store.containsAlias(str)) {
            throw new KeyStoreException("No hi ha certificats disponibles per a signar");
        }
        X509Certificate certificate = this.store.getCertificate(str);
        this.aliases.put(String.valueOf(Utils.getCN(certificate, "subject")) + " (" + Utils.getCN(certificate, "issuer") + ")", str);
        return new Object[]{Utils.getCN(certificate, "subject")};
    }

    public boolean isSelectedAliasInKeystore(String str) throws KeyStoreException {
        return this.store.containsAlias(str);
    }

    private boolean checkValidityPeriod(X509Certificate x509Certificate) {
        try {
            x509Certificate.checkValidity(new GregorianCalendar().getTime());
            return true;
        } catch (CertificateExpiredException e) {
            e.printStackTrace();
            return false;
        } catch (CertificateNotYetValidException e2) {
            e2.printStackTrace();
            return false;
        }
    }

    private boolean isCAallowed(X509Certificate x509Certificate, Vector<String> vector) {
        if (vector == null) {
            return true;
        }
        String cn = Utils.getCN(x509Certificate, "issuer");
        if (cn == null) {
            return false;
        }
        for (int i = 0; i < vector.size(); i++) {
            if (cn.equalsIgnoreCase(vector.get(i))) {
                return true;
            }
        }
        return false;
    }

    private boolean isOIDallowed(X509Certificate x509Certificate, Vector<String> vector) {
        if (vector == null) {
            return true;
        }
        try {
            String[] certificatePolicyOIDs = Utils.getCertificatePolicyOIDs(x509Certificate);
            if (certificatePolicyOIDs == null) {
                return false;
            }
            for (int i = 0; i < vector.size(); i++) {
                for (String str : certificatePolicyOIDs) {
                    if (str.equals(vector.get(i))) {
                        return true;
                    }
                }
            }
            return false;
        } catch (IOException e) {
            e.printStackTrace();
            return false;
        } catch (CertificateException e2) {
            e2.printStackTrace();
            return false;
        }
    }

    private boolean isTextinSubjectDN(X509Certificate x509Certificate, String str) {
        if (str == null) {
            return true;
        }
        return x509Certificate.getSubjectX500Principal().getName("RFC1779").toLowerCase().contains(str.toLowerCase());
    }
}
