package eu.europa.esig.dss.x509;

import eu.europa.esig.dss.DSSEncodingException;
import eu.europa.esig.dss.DSSUtils;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
import org.apache.commons.io.IOUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:eu/europa/esig/dss/x509/KeyStoreCertificateSource.class */
public class KeyStoreCertificateSource extends CommonCertificateSource {
    private static final Logger logger = LoggerFactory.getLogger(KeyStoreCertificateSource.class);
    private static final String DEFAULT_KEYSTORE_TYPE = "JKS";
    private File keyStoreFile;
    private String password;
    private String keyStoreType;

    public KeyStoreCertificateSource(String str, String str2, CertificatePool certificatePool) {
        this(new File(str), DEFAULT_KEYSTORE_TYPE, str2, certificatePool);
    }

    public KeyStoreCertificateSource(File file, String str, CertificatePool certificatePool) {
        this(file, DEFAULT_KEYSTORE_TYPE, str, certificatePool);
    }

    public KeyStoreCertificateSource(String str, String str2) {
        this(new File(str), DEFAULT_KEYSTORE_TYPE, str2);
    }

    public KeyStoreCertificateSource(File file, String str) {
        this(file, DEFAULT_KEYSTORE_TYPE, str);
    }

    public KeyStoreCertificateSource(File file, String str, String str2, CertificatePool certificatePool) {
        super(certificatePool);
        this.keyStoreFile = file;
        this.keyStoreType = str;
        this.password = str2;
    }

    public KeyStoreCertificateSource(File file, String str, String str2) {
        this.keyStoreFile = file;
        this.keyStoreType = str;
        this.password = str2;
    }

    public List<CertificateToken> populate() {
        ArrayList arrayList = new ArrayList();
        try {
            KeyStore keyStore = getKeyStore();
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                Certificate certificate = keyStore.getCertificate(nextElement);
                if (certificate != null) {
                    X509Certificate x509Certificate = (X509Certificate) certificate;
                    logger.debug("Alias " + nextElement + " Cert " + x509Certificate.getSubjectDN());
                    arrayList.add(this.certPool.getInstance(new CertificateToken(x509Certificate), CertificateSourceType.OTHER));
                }
                Certificate[] certificateChain = keyStore.getCertificateChain(nextElement);
                if (certificateChain != null) {
                    for (Certificate certificate2 : certificateChain) {
                        logger.debug("Alias " + nextElement + " Cert " + ((X509Certificate) certificate2).getSubjectDN());
                        CertificateToken certificatePool = this.certPool.getInstance(new CertificateToken((X509Certificate) certificate2), CertificateSourceType.OCSP_RESPONSE);
                        if (!arrayList.contains(certificatePool)) {
                            arrayList.add(certificatePool);
                        }
                    }
                }
            }
            return arrayList;
        } catch (Exception e) {
            throw new DSSEncodingException(DSSEncodingException.MSG.CERTIFICATE_CANNOT_BE_READ, e);
        }
    }

    public void addCertificateToKeyStore(CertificateToken certificateToken) {
        try {
            KeyStore keyStore = getKeyStore();
            keyStore.setCertificateEntry(certificateToken.getDSSIdAsString(), certificateToken.getCertificate());
            persistKeyStore(keyStore);
        } catch (Exception e) {
            logger.error("Unable to add certificate to the keystore : " + e.getMessage(), e);
        }
    }

    private void persistKeyStore(KeyStore keyStore) {
        FileOutputStream fileOutputStream = null;
        try {
            try {
                fileOutputStream = new FileOutputStream(this.keyStoreFile);
                keyStore.store(fileOutputStream, this.password.toCharArray());
                IOUtils.closeQuietly(fileOutputStream);
            } catch (Exception e) {
                logger.error("Unable to persist the keystore : " + e.getMessage(), e);
                IOUtils.closeQuietly(fileOutputStream);
            }
        } catch (Throwable th) {
            IOUtils.closeQuietly(fileOutputStream);
            throw th;
        }
    }

    public void deleteCertificateFromKeyStore(String str) {
        KeyStore keyStore = getKeyStore();
        try {
            if (keyStore.containsAlias(str)) {
                keyStore.deleteEntry(str);
                persistKeyStore(keyStore);
                logger.info("Certificate with ID " + str + " successfuly removed from the keystore");
            } else {
                logger.warn("Certificate " + str + " not found in the keystore");
            }
        } catch (Exception e) {
            logger.error("Unable to delete certificate from the keystore : " + e.getMessage(), e);
        }
    }

    public List<CertificateToken> getCertificatesFromKeyStore() {
        ArrayList arrayList = new ArrayList();
        KeyStore keyStore = getKeyStore();
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (keyStore.isCertificateEntry(nextElement)) {
                    arrayList.add(DSSUtils.loadCertificate(keyStore.getCertificate(nextElement).getEncoded()));
                }
            }
        } catch (Exception e) {
            logger.error("Unable to retrieve certificates from the keystore : " + e.getMessage(), e);
        }
        return arrayList;
    }

    private KeyStore getKeyStore() {
        KeyStore keyStore = null;
        FileInputStream fileInputStream = null;
        try {
            try {
                keyStore = KeyStore.getInstance(this.keyStoreType);
                fileInputStream = new FileInputStream(this.keyStoreFile);
                keyStore.load(fileInputStream, this.password.toCharArray());
                IOUtils.closeQuietly(fileInputStream);
            } catch (Exception e) {
                logger.error("Unable to read keystore : " + e.getMessage(), e);
                IOUtils.closeQuietly(fileInputStream);
            }
            return keyStore;
        } catch (Throwable th) {
            IOUtils.closeQuietly(fileInputStream);
            throw th;
        }
    }
}
