package es.gob.afirma.keystores.main.common;

import com.lowagie.text.xml.TagMap;
import es.gob.afirma.core.AOCancelledOperationException;
import es.gob.afirma.core.misc.Platform;
import es.gob.afirma.core.ui.AOUIFactory;
import es.gob.afirma.core.ui.NameCertificateBean;
import es.gob.afirma.keystores.main.callbacks.NullPasswordCallback;
import es.gob.afirma.keystores.main.callbacks.UIPasswordCallback;
import es.gob.afirma.keystores.main.filters.CertificateFilter;
import java.io.File;
import java.lang.reflect.Field;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collection;
import java.util.Comparator;
import java.util.List;
import java.util.Map;
import java.util.logging.Logger;
import javax.security.auth.callback.PasswordCallback;

/* loaded from: input_file:es/gob/afirma/keystores/main/common/KeyStoreUtilities.class */
public final class KeyStoreUtilities {
    static final Logger LOGGER = Logger.getLogger("es.gob.afirma");
    private static final String OPENSC_USR_LIB_LINUX = "/usr/lib/opensc-pkcs11.so";
    private static final int ALIAS_MAX_LENGTH = 120;

    private KeyStoreUtilities() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String createPKCS11ConfigFile(String str, String str2, Integer num) {
        StringBuilder sb = new StringBuilder("library=");
        if (!new File(str).exists()) {
            String systemLibDir = Platform.getSystemLibDir();
            if (!systemLibDir.endsWith(File.separator)) {
                systemLibDir = String.valueOf(systemLibDir) + File.separator;
            }
            sb.append(systemLibDir);
        }
        sb.append(str).append("\r\n").append("name=").append(str2 != null ? str2 : "AFIRMA-PKCS11").append("\r\n").append("showInfo=true\r\n");
        if (num != null) {
            sb.append("slot=").append(num);
        }
        LOGGER.info("Creada configuracion PKCS#11:\r\n" + sb.toString());
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void cleanCAPIDuplicateAliases(KeyStore keyStore) throws NoSuchFieldException, IllegalAccessException {
        Field declaredField = keyStore.getClass().getDeclaredField("keyStoreSpi");
        declaredField.setAccessible(true);
        KeyStoreSpi keyStoreSpi = (KeyStoreSpi) declaredField.get(keyStore);
        if ("sun.security.mscapi.KeyStore$MY".equals(keyStoreSpi.getClass().getName())) {
            Field declaredField2 = keyStoreSpi.getClass().getEnclosingClass().getDeclaredField("entries");
            declaredField2.setAccessible(true);
            for (Object obj : (Collection) declaredField2.get(keyStoreSpi)) {
                Field declaredField3 = obj.getClass().getDeclaredField("certChain");
                declaredField3.setAccessible(true);
                String num = Integer.toString(((X509Certificate[]) declaredField3.get(obj))[0].hashCode());
                Field declaredField4 = obj.getClass().getDeclaredField(TagMap.AttributeHandler.ALIAS);
                declaredField4.setAccessible(true);
                String str = (String) declaredField4.get(obj);
                if (!str.equals(num)) {
                    declaredField4.set(obj, str.concat(" - ").concat(num));
                }
            }
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:26:0x011e, code lost:
    
        if (r16 != null) goto L32;
     */
    /* JADX WARN: Code restructure failed: missing block: B:28:0x0126, code lost:
    
        if (r17 != null) goto L35;
     */
    /* JADX WARN: Code restructure failed: missing block: B:29:0x0129, code lost:
    
        es.gob.afirma.keystores.main.common.KeyStoreUtilities.LOGGER.warning("El KeyStore no permite extraer el certificado publico para el siguiente alias: " + r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:31:0x0141, code lost:
    
        if (r11 != false) goto L42;
     */
    /* JADX WARN: Code restructure failed: missing block: B:33:0x0146, code lost:
    
        if (r17 == null) goto L42;
     */
    /* JADX WARN: Code restructure failed: missing block: B:35:0x0149, code lost:
    
        r17.checkValidity();
     */
    /* JADX WARN: Code restructure failed: missing block: B:37:0x0151, code lost:
    
        r22 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:38:0x0153, code lost:
    
        es.gob.afirma.keystores.main.common.KeyStoreUtilities.LOGGER.info("Se ocultara el certificado '" + r0 + "' por no ser valido: " + r22);
        r0.remove(r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:40:0x0240, code lost:
    
        r19 = r19 + 1;
     */
    /* JADX WARN: Code restructure failed: missing block: B:42:0x0182, code lost:
    
        if (r10 == false) goto L104;
     */
    /* JADX WARN: Code restructure failed: missing block: B:44:0x0187, code lost:
    
        if (r17 == null) goto L105;
     */
    /* JADX WARN: Code restructure failed: missing block: B:47:0x0194, code lost:
    
        if ("KeychainStore".equals(r16.getType()) == false) goto L49;
     */
    /* JADX WARN: Code restructure failed: missing block: B:48:0x0197, code lost:
    
        r0 = r16;
        java.security.AccessController.doPrivileged(new es.gob.afirma.keystores.main.common.KeyStoreUtilities.AnonymousClass1());
     */
    /* JADX WARN: Code restructure failed: missing block: B:51:0x01c1, code lost:
    
        if ((r16.getEntry(r0, new java.security.KeyStore.PasswordProtection(new char[0])) instanceof java.security.KeyStore.PrivateKeyEntry) != false) goto L107;
     */
    /* JADX WARN: Code restructure failed: missing block: B:52:0x01c4, code lost:
    
        r0.remove(r0);
        es.gob.afirma.keystores.main.common.KeyStoreUtilities.LOGGER.info("El certificado '" + r0 + "' no era tipo trusted pero su clave tampoco era de tipo privada, no se mostrara");
     */
    /* JADX WARN: Code restructure failed: missing block: B:56:0x01ef, code lost:
    
        r0.remove(r0);
        es.gob.afirma.keystores.main.common.KeyStoreUtilities.LOGGER.info("El certificado '" + r0 + "' no se mostrara por no soportar operaciones de clave privada");
     */
    /* JADX WARN: Code restructure failed: missing block: B:58:0x021b, code lost:
    
        r22 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:59:0x021d, code lost:
    
        es.gob.afirma.keystores.main.common.KeyStoreUtilities.LOGGER.info("Se ha incluido un certificado (" + r0 + ") con clave privada inaccesible: " + r22);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.util.Map<java.lang.String, java.lang.String> getAliasesByFriendlyName(java.lang.String[] r8, es.gob.afirma.keystores.main.common.AOKeyStoreManager r9, boolean r10, boolean r11, java.util.List<es.gob.afirma.keystores.main.filters.CertificateFilter> r12) {
        /*
            Method dump skipped, instructions count: 996
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: es.gob.afirma.keystores.main.common.KeyStoreUtilities.getAliasesByFriendlyName(java.lang.String[], es.gob.afirma.keystores.main.common.AOKeyStoreManager, boolean, boolean, java.util.List):java.util.Map");
    }

    public static String showCertSelectionDialog(String[] strArr, AOKeyStoreManager aOKeyStoreManager, Object obj, boolean z, boolean z2, boolean z3) throws AOCertificatesNotFoundException {
        return showCertSelectionDialog(strArr, aOKeyStoreManager, obj, z, z2, z3, null, false);
    }

    public static String showCertSelectionDialog(String[] strArr, AOKeyStoreManager aOKeyStoreManager, Object obj, boolean z, boolean z2, boolean z3, List<CertificateFilter> list, boolean z4) throws AOCertificatesNotFoundException {
        if (strArr == null || strArr.length == 0) {
            throw new AOCertificatesNotFoundException("El almacén no contenía entradas");
        }
        Map<String, String> aliasesByFriendlyName = getAliasesByFriendlyName(strArr, aOKeyStoreManager, z, z3, list);
        if (aliasesByFriendlyName.size() == 0) {
            throw new AOCertificatesNotFoundException("El almacen no contenia entradas validas");
        }
        if (z4 && aliasesByFriendlyName.size() == 1) {
            return aliasesByFriendlyName.keySet().toArray()[0].toString();
        }
        int i = 0;
        NameCertificateBean[] nameCertificateBeanArr = new NameCertificateBean[aliasesByFriendlyName.size()];
        for (String str : (String[]) aliasesByFriendlyName.keySet().toArray(new String[0])) {
            int i2 = i;
            i++;
            nameCertificateBeanArr[i2] = new NameCertificateBean(str, aliasesByFriendlyName.get(str), aOKeyStoreManager.getCertificate(str));
        }
        Arrays.sort(nameCertificateBeanArr, new Comparator<NameCertificateBean>() { // from class: es.gob.afirma.keystores.main.common.KeyStoreUtilities.2
            @Override // java.util.Comparator
            public int compare(NameCertificateBean nameCertificateBean, NameCertificateBean nameCertificateBean2) {
                if (nameCertificateBean == null && nameCertificateBean2 == null) {
                    return 0;
                }
                if (nameCertificateBean == null) {
                    return 1;
                }
                if (nameCertificateBean2 == null) {
                    return -1;
                }
                return nameCertificateBean.getName().compareToIgnoreCase(nameCertificateBean2.getName());
            }
        });
        String str2 = (String) AOUIFactory.showCertificateSelectionDialog(obj, nameCertificateBeanArr);
        if (str2 == null) {
            throw new AOCancelledOperationException("Operacion de seleccion de certificado cancelada");
        }
        if (z2 && aOKeyStoreManager != null) {
            boolean z5 = false;
            for (KeyStore keyStore : aOKeyStoreManager.getKeyStores()) {
                try {
                    if (keyStore.containsAlias(str2)) {
                        String str3 = null;
                        try {
                            ((X509Certificate) keyStore.getCertificate(str2)).checkValidity();
                        } catch (KeyStoreException unused) {
                            str3 = KeyStoreMessages.getString("KeyStoreUtilities.4");
                        } catch (CertificateExpiredException unused2) {
                            str3 = KeyStoreMessages.getString("KeyStoreUtilities.2");
                        } catch (CertificateNotYetValidException unused3) {
                            str3 = KeyStoreMessages.getString("KeyStoreUtilities.3");
                        }
                        if (str3 != null) {
                            LOGGER.warning("Error durante la validacion: " + str3);
                            if (AOUIFactory.showConfirmDialog(obj, str3, KeyStoreMessages.getString("KeyStoreUtilities.5"), AOUIFactory.YES_NO_OPTION, AOUIFactory.WARNING_MESSAGE) == AOUIFactory.YES_OPTION) {
                                return str2;
                            }
                            z5 = true;
                        }
                        if (z5) {
                            throw new AOCancelledOperationException("Se ha reusado un certificado probablemente no valido");
                        }
                    }
                } catch (Exception unused4) {
                }
            }
        }
        return str2;
    }

    public static PasswordCallback getPreferredPCB(AOKeyStore aOKeyStore, Object obj) {
        if (aOKeyStore == null) {
            throw new IllegalArgumentException("No se ha indicado el KeyStore del que desea obtener la PasswordCallBack");
        }
        if (aOKeyStore == AOKeyStore.WINDOWS || aOKeyStore == AOKeyStore.WINROOT || aOKeyStore == AOKeyStore.APPLE) {
            return new NullPasswordCallback();
        }
        if (aOKeyStore == AOKeyStore.DNIEJAVA) {
            return null;
        }
        return new UIPasswordCallback(KeyStoreMessages.getString("KeyStoreUtilities.6", aOKeyStore.getDescription()), obj);
    }

    public static PasswordCallback getCertificatePC(AOKeyStore aOKeyStore, Object obj) {
        if (aOKeyStore == AOKeyStore.WINDOWS || aOKeyStore == AOKeyStore.WINROOT || aOKeyStore == AOKeyStore.WINADDRESSBOOK || aOKeyStore == AOKeyStore.WINCA || aOKeyStore == AOKeyStore.SINGLE || aOKeyStore == AOKeyStore.MOZ_UNI || aOKeyStore == AOKeyStore.PKCS11 || aOKeyStore == AOKeyStore.APPLE) {
            return new NullPasswordCallback();
        }
        if (aOKeyStore == AOKeyStore.DNIEJAVA) {
            return null;
        }
        return new UIPasswordCallback(KeyStoreMessages.getString("KeyStoreUtilities.7"), obj);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getPKCS11DNIeLib() throws AOKeyStoreManagerException {
        if (Platform.OS.WINDOWS.equals(Platform.getOS())) {
            String systemLibDir = Platform.getSystemLibDir();
            if (new File(String.valueOf(systemLibDir) + "\\UsrPkcs11.dll").exists()) {
                return String.valueOf(systemLibDir) + "\\UsrPkcs11.dll";
            }
            if (new File(String.valueOf(systemLibDir) + "\\opensc-pkcs11.dll").exists()) {
                return String.valueOf(systemLibDir) + "\\opensc-pkcs11.dll";
            }
            throw new AOKeyStoreManagerException("No hay controlador PKCS#11 de DNIe instalado en este sistema Windows");
        }
        if (Platform.OS.MACOSX.equals(Platform.getOS())) {
            if (new File("/Library/OpenSC/lib/libopensc-dnie.dylib").exists()) {
                return "/Library/OpenSC/lib/libopensc-dnie.dylib";
            }
            if (new File("/Library/OpenSC/lib/opensc-pkcs11.so").exists()) {
                return "/Library/OpenSC/lib/opensc-pkcs11.so";
            }
            if (new File("/Library/OpenSC/lib/libopensc-dnie.1.0.3.dylib").exists()) {
                return "/Library/OpenSC/lib/libopensc-dnie.1.0.3.dylib";
            }
            if (new File(OPENSC_USR_LIB_LINUX).exists()) {
                return OPENSC_USR_LIB_LINUX;
            }
            throw new AOKeyStoreManagerException("No hay controlador PKCS#11 de DNIe instalado en este sistema Mac OS X");
        }
        if (new File("/usr/local/lib/libopensc-dnie.so").exists()) {
            return "/usr/local/lib/libopensc-dnie.so";
        }
        if (new File("/usr/lib/libopensc-dnie.so").exists()) {
            return "/usr/lib/libopensc-dnie.so";
        }
        if (new File("/lib/libopensc-dnie.so").exists()) {
            return "/lib/libopensc-dnie.so";
        }
        if (new File(OPENSC_USR_LIB_LINUX).exists()) {
            return OPENSC_USR_LIB_LINUX;
        }
        if (new File("/lib/opensc-pkcs11.so").exists()) {
            return "/lib/opensc-pkcs11.so";
        }
        if (new File("/usr/local/lib/opensc-pkcs11.so").exists()) {
            return "/usr/local/lib/opensc-pkcs11.so";
        }
        throw new AOKeyStoreManagerException("No hay controlador PKCS#11 de DNIe instalado en este sistema");
    }
}
