package com.unbound.provider;

import com.unbound.client.BaseObject;
import com.unbound.client.CertObject;
import com.unbound.client.Client;
import com.unbound.client.ECPrivateKeyObject;
import com.unbound.client.LocateParams;
import com.unbound.client.ObjectType;
import com.unbound.client.Partition;
import com.unbound.client.PrivateKeyObject;
import com.unbound.client.PublicKeyObject;
import com.unbound.client.RSAPrivateKeyObject;
import com.unbound.client.RSAPublicKeyObject;
import com.unbound.client.SecretKeyObject;
import java.security.Key;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.ProviderException;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import javax.crypto.SecretKey;
import javax.security.auth.x500.X500Principal;

/* loaded from: input_file:com/unbound/provider/UBEntry.class */
public final class UBEntry {
    static final int CERT = 1;
    static final int SECRET_KEY = 2;
    static final int PRV_KEY = 3;
    static final int PUB_KEY = 4;
    protected final BaseObject object;
    protected final CertObject userCert;
    protected final ArrayList<X509Certificate> caChain;

    /* JADX INFO: Access modifiers changed from: package-private */
    public UBEntry(PublicKeyObject publicKeyObject) {
        this.object = publicKeyObject;
        this.caChain = null;
        this.userCert = null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public UBEntry(PrivateKeyObject privateKeyObject, CertObject certObject, ArrayList<X509Certificate> arrayList) {
        this.object = privateKeyObject;
        this.userCert = certObject;
        this.caChain = arrayList;
    }

    UBEntry(PrivateKeyObject privateKeyObject) {
        this.object = privateKeyObject;
        this.userCert = null;
        this.caChain = null;
    }

    UBEntry(PrivateKeyObject privateKeyObject, CertObject certObject) {
        this.object = privateKeyObject;
        this.userCert = certObject;
        this.caChain = locateCaChain(certObject);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public UBEntry(SecretKeyObject secretKeyObject) {
        this.object = secretKeyObject;
        this.userCert = null;
        this.caChain = null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public UBEntry(CertObject certObject) {
        this.object = certObject;
        this.userCert = null;
        this.caChain = null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int getType() {
        ObjectType type = this.object.getType();
        if (type.isSecretKey()) {
            return 2;
        }
        if (type.isPrivateKey()) {
            return 3;
        }
        return type.isPublicKey() ? 4 : 1;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getName() {
        return this.object.getName();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Key getKey() {
        switch (getType()) {
            case 2:
                return new UBSecretKey((SecretKeyObject) this.object);
            case 3:
                return this.object.getType() == ObjectType.RSAPrv ? new UBRSAPrivateKey((RSAPrivateKeyObject) this.object) : new UBECPrivateKey((ECPrivateKeyObject) this.object);
            case 4:
                return new UBRSAPublicKey((RSAPublicKeyObject) this.object);
            default:
                return null;
        }
    }

    KeyStore.Entry getKeyStoreEntry() {
        Key key = getKey();
        switch (getType()) {
            case 1:
                return new KeyStore.TrustedCertificateEntry(((CertObject) this.object).getCert());
            case 2:
                return new KeyStore.SecretKeyEntry((SecretKey) key);
            case 3:
                return this.userCert == null ? new UBKeyStoreEntry((PrivateKey) key) : new KeyStore.PrivateKeyEntry((PrivateKey) key, getChain());
            case 4:
                return new UBKeyStoreEntry((PublicKey) key);
            default:
                throw new ProviderException("Unknown entry type");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void delete() {
        this.object.getPartition().deleteObject(this.object);
        if (this.userCert != null) {
            this.userCert.getPartition().deleteObject(this.userCert);
        }
    }

    void changeName(String str) {
        this.object.getPartition().changeObjectName(this.object, str);
        if (this.userCert != null) {
            this.userCert.getPartition().changeObjectName(this.userCert, str);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Certificate[] getChain() {
        if (this.userCert == null) {
            return null;
        }
        int size = this.caChain == null ? 0 : this.caChain.size();
        Certificate[] certificateArr = new Certificate[1 + size];
        certificateArr[0] = this.userCert.getCert();
        if (size > 0) {
            int i = 1;
            Iterator<X509Certificate> it = this.caChain.iterator();
            while (it.hasNext()) {
                int i2 = i;
                i++;
                certificateArr[i2] = it.next();
            }
        }
        return certificateArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Certificate getCertificate() {
        if (this.userCert != null) {
            return this.userCert.getCert();
        }
        if (this.object.getType() == ObjectType.Certificate) {
            return ((CertObject) this.object).getCert();
        }
        return null;
    }

    static ArrayList<X509Certificate> locateCaChain(CertObject certObject) {
        if (certObject == null) {
            return null;
        }
        Partition partition = certObject.getPartition();
        ArrayList<X509Certificate> arrayList = null;
        CertObject certObject2 = certObject;
        X500Principal subjectX500Principal = certObject.getCert().getSubjectX500Principal();
        LocateParams locateParams = new LocateParams();
        while (true) {
            X500Principal issuerX500Principal = certObject2.getCert().getIssuerX500Principal();
            if (subjectX500Principal.equals(issuerX500Principal)) {
                break;
            }
            subjectX500Principal = issuerX500Principal;
            locateParams.subject = subjectX500Principal;
            certObject2 = (CertObject) partition.locate(ObjectType.Certificate, locateParams);
            if (certObject2 == null) {
                break;
            }
            if (arrayList == null) {
                arrayList = new ArrayList<>();
            }
            arrayList.add(certObject2.getCert());
        }
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ArrayList<X509Certificate> getCaChain(X509Certificate x509Certificate, ArrayList<BaseObject> arrayList) {
        X509Certificate cert;
        ArrayList<X509Certificate> arrayList2 = null;
        X509Certificate x509Certificate2 = x509Certificate;
        X500Principal subjectX500Principal = x509Certificate.getSubjectX500Principal();
        while (true) {
            X500Principal issuerX500Principal = x509Certificate2.getIssuerX500Principal();
            if (subjectX500Principal.equals(issuerX500Principal)) {
                break;
            }
            subjectX500Principal = issuerX500Principal;
            X509Certificate x509Certificate3 = x509Certificate2;
            x509Certificate2 = null;
            Iterator<BaseObject> it = arrayList.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                BaseObject next = it.next();
                if (next != null && (cert = ((CertObject) next).getCert()) != x509Certificate3 && cert.getSubjectX500Principal().equals(issuerX500Principal)) {
                    x509Certificate2 = cert;
                    break;
                }
            }
            if (x509Certificate2 == null) {
                break;
            }
            if (arrayList2 == null) {
                arrayList2 = new ArrayList<>();
            }
            arrayList2.add(x509Certificate2);
        }
        return arrayList2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static UBEntry locate(Partition partition, String str) {
        BaseObject locate;
        LocateParams locateParams = new LocateParams();
        locateParams.name = str;
        BaseObject locate2 = partition.locate(ObjectType.RSAPrv, locateParams);
        if (locate2 == null) {
            locate2 = partition.locate(ObjectType.ECPrv, locateParams);
        }
        if (locate2 != null) {
            LocateParams locateParams2 = new LocateParams();
            locateParams2.privateKeyUid = locate2.getUid();
            CertObject certObject = (CertObject) partition.locate(ObjectType.Certificate, locateParams2);
            if (certObject != null || UBCryptoProvider.allowedPrivateKeyWithoutCertificate) {
                return new UBEntry((PrivateKeyObject) locate2, certObject);
            }
            return null;
        }
        BaseObject locate3 = partition.locate(ObjectType.Certificate, locateParams);
        if (locate3 != null) {
            return new UBEntry((CertObject) locate3);
        }
        BaseObject locate4 = partition.locate(ObjectType.GenericSecret, locateParams);
        if (locate4 != null) {
            return new UBEntry((SecretKeyObject) locate4);
        }
        BaseObject locate5 = partition.locate(ObjectType.AES, locateParams);
        if (locate5 != null) {
            return new UBEntry((SecretKeyObject) locate5);
        }
        if (!UBCryptoProvider.allowedPublicKey || (locate = partition.locate(ObjectType.RSAPub, locateParams)) == null) {
            return null;
        }
        return new UBEntry((RSAPublicKeyObject) locate);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static UBEntry locateCertEntryByValue(Partition partition, Certificate certificate) {
        LocateParams locateParams = new LocateParams();
        locateParams.x509 = (X509Certificate) certificate;
        CertObject certObject = (CertObject) partition.locate(ObjectType.Certificate, locateParams);
        if (certificate == null) {
            return null;
        }
        new LocateParams().uid = Client.getCertKeyUid(locateParams.x509);
        BaseObject locate = partition.locate(ObjectType.RSAPrv, locateParams);
        if (locate == null) {
            locate = partition.locate(ObjectType.ECPrv, locateParams);
        }
        return locate == null ? new UBEntry(certObject) : new UBEntry((PrivateKeyObject) locate, certObject);
    }
}
