package com.sun.deploy.security;

import com.sun.deploy.trace.Trace;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.lang.reflect.Field;
import java.security.Key;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.SecurityPermission;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.Enumeration;
import java.util.Iterator;

/* loaded from: input_file:com/sun/deploy/security/MozillaMyKeyStore.class */
public final class MozillaMyKeyStore extends KeyStoreSpi {
    private Collection keyEntries = new ArrayList();
    static Class class$java$lang$String;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/sun/deploy/security/MozillaMyKeyStore$KeyEntry.class */
    public class KeyEntry {
        private MozillaJSSPrivateKey privateKey;
        private X509Certificate[] certChain;
        private final MozillaMyKeyStore this$0;

        KeyEntry(MozillaMyKeyStore mozillaMyKeyStore, MozillaJSSPrivateKey mozillaJSSPrivateKey, X509Certificate[] x509CertificateArr) {
            this.this$0 = mozillaMyKeyStore;
            this.privateKey = mozillaJSSPrivateKey;
            this.certChain = x509CertificateArr;
        }

        String getAlias() {
            return this.privateKey.toString();
        }

        Key getPrivateKey() {
            return this.privateKey;
        }

        X509Certificate[] getCertificateChain() {
            return this.certChain;
        }
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
        if (cArr != null && cArr.length > 0) {
            throw new UnrecoverableKeyException("Password is not required for Mozilla MY keystore.");
        }
        if (!engineIsKeyEntry(str)) {
            return null;
        }
        for (KeyEntry keyEntry : this.keyEntries) {
            if (str.equals(keyEntry.getAlias())) {
                return keyEntry.getPrivateKey();
            }
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        for (KeyEntry keyEntry : this.keyEntries) {
            if (str.equals(keyEntry.getAlias())) {
                return (X509Certificate[]) keyEntry.getCertificateChain().clone();
            }
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        for (KeyEntry keyEntry : this.keyEntries) {
            if (str.equals(keyEntry.getAlias())) {
                return keyEntry.getCertificateChain()[0];
            }
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        return new Date();
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
        throw new KeyStoreException("Cannot assign the given key to the given alias.");
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
        throw new KeyStoreException("Cannot assign the given key to the given alias.");
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
        throw new KeyStoreException("Cannot assign the given certificate to the given alias.");
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) throws KeyStoreException {
        throw new KeyStoreException("Mozilla does not support alias removal.");
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration engineAliases() {
        return new Enumeration(this, this.keyEntries.iterator()) { // from class: com.sun.deploy.security.MozillaMyKeyStore.1
            private final Iterator val$iter;
            private final MozillaMyKeyStore this$0;

            {
                this.this$0 = this;
                this.val$iter = r5;
            }

            @Override // java.util.Enumeration
            public boolean hasMoreElements() {
                return this.val$iter.hasNext();
            }

            @Override // java.util.Enumeration
            public Object nextElement() {
                return ((KeyEntry) this.val$iter.next()).getAlias();
            }
        };
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        Enumeration engineAliases = engineAliases();
        while (engineAliases.hasMoreElements()) {
            if (((String) engineAliases.nextElement()).equals(str)) {
                return true;
            }
        }
        return false;
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        return this.keyEntries.size();
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        return str.startsWith("MozillaJSSRSAPrivateKey") || str.startsWith("MozillaJSSDSAPrivateKey");
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        return false;
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        for (KeyEntry keyEntry : this.keyEntries) {
            if (keyEntry.certChain != null && keyEntry.certChain[0].equals(certificate)) {
                return keyEntry.getAlias();
            }
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        throw new IOException("Mozilla cert store cannot be stored into stream.");
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(new SecurityPermission("authProvider.SunDeploy-MozillaJSS"));
        }
        if (inputStream != null) {
            throw new IOException("Mozilla cert store cannot be loaded from stream.");
        }
        this.keyEntries.clear();
        try {
            Class<?> cls = Class.forName("org.mozilla.jss.CryptoManager", true, ClassLoader.getSystemClassLoader());
            Object jSSCryptoManager = BrowserKeystore.getJSSCryptoManager();
            generateKeyAndCertificateFromToken(jSSCryptoManager, cls.getMethod("getInternalKeyStorageToken", null).invoke(jSSCryptoManager, null));
            Enumeration enumeration = (Enumeration) cls.getMethod("getExternalTokens", null).invoke(jSSCryptoManager, null);
            while (enumeration.hasMoreElements()) {
                generateKeyAndCertificateFromToken(jSSCryptoManager, enumeration.nextElement());
            }
        } catch (Throwable th) {
            th.printStackTrace();
        }
    }

    private void generateKeyAndCertificateFromToken(Object obj, Object obj2) throws Throwable {
        Class<?> cls;
        Class<?> cls2 = Class.forName("org.mozilla.jss.CryptoManager", true, ClassLoader.getSystemClassLoader());
        Object[] objArr = (Object[]) Class.forName("org.mozilla.jss.crypto.CryptoStore", true, ClassLoader.getSystemClassLoader()).getMethod("getCertificates", null).invoke(Class.forName("org.mozilla.jss.crypto.CryptoToken", true, ClassLoader.getSystemClassLoader()).getMethod("getCryptoStore", null).invoke(obj2, null), null);
        for (int i = 0; i < objArr.length; i++) {
            Class<?> cls3 = Class.forName("org.mozilla.jss.crypto.X509Certificate", true, ClassLoader.getSystemClassLoader());
            String str = (String) cls3.getMethod("getNickname", null).invoke(objArr[i], null);
            if (str != null) {
                Class<?> cls4 = Class.forName("org.mozilla.jss.CryptoManager$CertUsage", true, ClassLoader.getSystemClassLoader());
                Class<?>[] clsArr = new Class[3];
                if (class$java$lang$String == null) {
                    cls = class$("java.lang.String");
                    class$java$lang$String = cls;
                } else {
                    cls = class$java$lang$String;
                }
                clsArr[0] = cls;
                clsArr[1] = Boolean.TYPE;
                clsArr[2] = cls4;
                if (((Boolean) cls2.getMethod("isCertValid", clsArr).invoke(obj, str, Boolean.FALSE, cls4.getField("SSLClient").get(objArr[i]))).booleanValue()) {
                    try {
                        Object invoke = cls2.getMethod("findPrivKeyByCert", cls3).invoke(obj, objArr[i]);
                        Class<?> cls5 = Class.forName("org.mozilla.jss.crypto.PrivateKey", true, ClassLoader.getSystemClassLoader());
                        Object invoke2 = cls5.getMethod("getType", null).invoke(invoke, null);
                        Class<?> cls6 = Class.forName("org.mozilla.jss.crypto.PrivateKey$Type", true, ClassLoader.getSystemClassLoader());
                        Field field = cls6.getField("RSA");
                        Field field2 = cls6.getField("DSA");
                        Object obj3 = field.get(null);
                        Object obj4 = field2.get(null);
                        if (invoke2.equals(obj3) || invoke2.equals(obj4)) {
                            Object[] objArr2 = (Object[]) cls2.getMethod("buildCertificateChain", cls3).invoke(obj, objArr[i]);
                            ArrayList arrayList = new ArrayList();
                            for (Object obj5 : objArr2) {
                                generateCertificate((byte[]) cls3.getMethod("getEncoded", null).invoke(obj5, null), arrayList);
                            }
                            Integer num = (Integer) cls5.getMethod("getStrength", null).invoke(invoke, null);
                            if (invoke2.equals(obj3)) {
                                generateRSAKeyAndCertificateChain(invoke, num.intValue(), arrayList, this.keyEntries);
                            } else {
                                generateDSAKeyAndCertificateChain(invoke, num.intValue(), arrayList, this.keyEntries);
                            }
                        }
                    } catch (Throwable th) {
                        Trace.msgSecurityPrintln("mozillamykeystore.priv.notfound", new Object[]{str});
                    }
                }
            }
        }
    }

    private void generateRSAKeyAndCertificateChain(Object obj, int i, Collection collection, Collection collection2) {
        try {
            X509Certificate[] x509CertificateArr = new X509Certificate[collection.size()];
            int i2 = 0;
            Iterator it = collection.iterator();
            while (it.hasNext()) {
                x509CertificateArr[i2] = (X509Certificate) it.next();
                i2++;
            }
            collection2.add(new KeyEntry(this, new MozillaJSSRSAPrivateKey(obj, i), x509CertificateArr));
        } catch (Throwable th) {
            th.printStackTrace();
        }
    }

    private void generateDSAKeyAndCertificateChain(Object obj, int i, Collection collection, Collection collection2) {
        try {
            X509Certificate[] x509CertificateArr = new X509Certificate[collection.size()];
            int i2 = 0;
            Iterator it = collection.iterator();
            while (it.hasNext()) {
                x509CertificateArr[i2] = (X509Certificate) it.next();
                i2++;
            }
            collection2.add(new KeyEntry(this, new MozillaJSSDSAPrivateKey(obj, i), x509CertificateArr));
        } catch (Throwable th) {
            th.printStackTrace();
        }
    }

    private void generateCertificate(byte[] bArr, Collection collection) {
        try {
            Iterator<? extends Certificate> it = CertificateFactory.getInstance("X.509").generateCertificates(new ByteArrayInputStream(bArr)).iterator();
            while (it.hasNext()) {
                collection.add((X509Certificate) it.next());
            }
        } catch (CertificateException e) {
            e.printStackTrace();
        } catch (Throwable th) {
            th.printStackTrace();
        }
    }

    protected String getName() {
        return "MY";
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }
}
