package com.sun.deploy.security;

import com.sun.deploy.config.Config;
import com.sun.deploy.resources.ResourceManager;
import com.sun.deploy.trace.Trace;
import com.sun.deploy.uitoolkit.ToolkitStore;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.AccessController;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Random;
import java.util.TreeSet;
import javax.swing.JDialog;

/* loaded from: input_file:jre/lib/deploy.jar:com/sun/deploy/security/DeployClientAuthCertStore.class */
public final class DeployClientAuthCertStore implements CertStore {
    private static JDialog myParent = null;
    private static String _userFilename;
    private static String _systemFilename;
    private long _userLastModified = 0;
    private long _sysLastModified = 0;
    private KeyStore _deploymentUserClientCerts = CertUtils.createEmptyKeyStore();
    private KeyStore _deploymentSystemClientCerts = CertUtils.createEmptyKeyStore();
    private char[] keyPass = null;
    private boolean cancelFlag = false;
    private int certStoreType;

    private DeployClientAuthCertStore(JDialog jDialog, int i) {
        this.certStoreType = 0;
        myParent = jDialog;
        this.certStoreType = i;
    }

    public static CertStore getCertStore(JDialog jDialog) {
        return new ImmutableCertStore(new DeployClientAuthCertStore(jDialog, 3));
    }

    public static DeployClientAuthCertStore getUserCertStore(JDialog jDialog) {
        return new DeployClientAuthCertStore(jDialog, 1);
    }

    public static CertStore getSystemCertStore(JDialog jDialog) {
        return new ImmutableCertStore(new DeployClientAuthCertStore(jDialog, 2));
    }

    @Override // com.sun.deploy.security.CertStore
    public void load() throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
        load(false);
    }

    @Override // com.sun.deploy.security.CertStore
    public void load(boolean z) throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
        if ((this.certStoreType & 1) == 1 && _userFilename != null) {
            long fileLastModified = CertUtils.getFileLastModified(_userFilename);
            if (fileLastModified != this._userLastModified) {
                this._deploymentUserClientCerts = loadCertStore(_userFilename, z);
                this._userLastModified = fileLastModified;
            }
        }
        if ((this.certStoreType & 2) != 2 || _systemFilename == null) {
            return;
        }
        long fileLastModified2 = CertUtils.getFileLastModified(_systemFilename);
        if (fileLastModified2 != this._sysLastModified) {
            this._deploymentSystemClientCerts = loadCertStore(_systemFilename, z);
            this._sysLastModified = fileLastModified2;
        }
    }

    private KeyStore loadCertStore(final String str, final boolean z) throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
        Trace.msgSecurityPrintln("clientauthcertstore.cert.loading", new Object[]{str});
        final KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null, null);
        try {
            AccessController.doPrivileged(new PrivilegedExceptionAction() { // from class: com.sun.deploy.security.DeployClientAuthCertStore.1
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
                    File file = new File(str);
                    if (!file.exists()) {
                        return null;
                    }
                    FileInputStream fileInputStream = new FileInputStream(file);
                    BufferedInputStream bufferedInputStream = new BufferedInputStream(fileInputStream);
                    if (z) {
                        DeployClientAuthCertStore.this.keyPass = DeployClientAuthCertStore.this.getPasswordDialog();
                        if (DeployClientAuthCertStore.this.keyPass != null) {
                            DeployClientAuthCertStore.this.cancelFlag = false;
                            keyStore.load(bufferedInputStream, DeployClientAuthCertStore.this.keyPass);
                        } else {
                            DeployClientAuthCertStore.this.cancelFlag = true;
                        }
                    } else {
                        keyStore.load(bufferedInputStream, null);
                    }
                    bufferedInputStream.close();
                    fileInputStream.close();
                    return null;
                }
            });
        } catch (PrivilegedActionException e) {
            Exception exception = e.getException();
            if (exception instanceof IOException) {
                throw ((IOException) exception);
            }
            if (exception instanceof CertificateException) {
                throw ((CertificateException) exception);
            }
            if (exception instanceof KeyStoreException) {
                throw ((KeyStoreException) exception);
            }
            if (exception instanceof NoSuchAlgorithmException) {
                throw ((NoSuchAlgorithmException) exception);
            }
            Trace.securityPrintException(e);
        }
        Trace.msgSecurityPrintln("clientauthcertstore.cert.loaded", new Object[]{str});
        return keyStore;
    }

    @Override // com.sun.deploy.security.CertStore
    public void save() throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
        Trace.msgSecurityPrintln("clientauthcertstore.cert.saving", new Object[]{_userFilename});
        if (this.keyPass != null) {
            try {
                AccessController.doPrivileged(new PrivilegedExceptionAction() { // from class: com.sun.deploy.security.DeployClientAuthCertStore.2
                    @Override // java.security.PrivilegedExceptionAction
                    public Object run() throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
                        File file = new File(DeployClientAuthCertStore._userFilename);
                        file.getParentFile().mkdirs();
                        FileOutputStream fileOutputStream = new FileOutputStream(file);
                        BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(fileOutputStream);
                        DeployClientAuthCertStore.this._deploymentUserClientCerts.store(bufferedOutputStream, DeployClientAuthCertStore.this.keyPass);
                        bufferedOutputStream.close();
                        fileOutputStream.close();
                        return null;
                    }
                });
            } catch (PrivilegedActionException e) {
                Exception exception = e.getException();
                if (exception instanceof IOException) {
                    throw ((IOException) exception);
                }
                if (exception instanceof CertificateException) {
                    throw ((CertificateException) exception);
                }
                if (exception instanceof KeyStoreException) {
                    throw ((KeyStoreException) exception);
                }
                if (exception instanceof NoSuchAlgorithmException) {
                    throw ((NoSuchAlgorithmException) exception);
                }
                Trace.securityPrintException(e);
            }
        }
        Trace.msgSecurityPrintln("clientauthcertstore.cert.saved", new Object[]{_userFilename});
    }

    @Override // com.sun.deploy.security.CertStore
    public boolean add(Certificate certificate) throws KeyStoreException {
        return add(certificate, null, false);
    }

    @Override // com.sun.deploy.security.CertStore
    public boolean add(Certificate certificate, String str, boolean z) throws KeyStoreException {
        String str2;
        Trace.msgSecurityPrintln("clientauthcertstore.cert.adding");
        if (this._deploymentUserClientCerts.getCertificateAlias(certificate) != null) {
            return true;
        }
        Random random = new Random();
        boolean z2 = false;
        do {
            str2 = "clientauthcert" + random.nextLong();
            if (this._deploymentUserClientCerts.getCertificate(str2) == null) {
                z2 = true;
            }
        } while (!z2);
        this._deploymentUserClientCerts.setCertificateEntry(str2, certificate);
        Trace.msgSecurityPrintln("clientauthcertstore.cert.added", new Object[]{str2});
        return true;
    }

    public boolean addCertKey(Certificate[] certificateArr, Key key) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException {
        String str;
        if (this._deploymentUserClientCerts.getCertificateAlias(certificateArr[0]) != null) {
            return false;
        }
        Random random = new Random();
        boolean z = false;
        do {
            str = "clientauthcert" + random.nextLong();
            if (this._deploymentUserClientCerts.getCertificate(str) == null) {
                z = true;
            }
        } while (!z);
        if (this.keyPass == null && !this.cancelFlag) {
            this.keyPass = getPasswordDialog();
        }
        if (this.keyPass == null) {
            return false;
        }
        if (!new File(_userFilename).exists()) {
            this._deploymentUserClientCerts.setKeyEntry(str, key, this.keyPass, certificateArr);
            return true;
        }
        FileInputStream fileInputStream = new FileInputStream(_userFilename);
        BufferedInputStream bufferedInputStream = new BufferedInputStream(fileInputStream);
        try {
            this._deploymentUserClientCerts.load(bufferedInputStream, this.keyPass);
            this._deploymentUserClientCerts.setKeyEntry(str, key, this.keyPass, certificateArr);
            return true;
        } catch (Exception e) {
            Trace.securityPrintException(e);
            return false;
        } finally {
            bufferedInputStream.close();
            fileInputStream.close();
        }
    }

    @Override // com.sun.deploy.security.CertStore
    public boolean remove(Certificate certificate) throws IOException, KeyStoreException {
        return remove(new Certificate[]{certificate});
    }

    public boolean remove(Certificate[] certificateArr) throws IOException, KeyStoreException {
        Trace.msgSecurityPrintln("clientauthcertstore.cert.removing");
        String str = null;
        if (this.keyPass == null) {
            return false;
        }
        try {
            KeyStore.getInstance("JKS").load(new BufferedInputStream(new FileInputStream(new File(_userFilename))), this.keyPass);
            for (Certificate certificate : certificateArr) {
                str = this._deploymentUserClientCerts.getCertificateAlias(certificate);
                if (str != null) {
                    this._deploymentUserClientCerts.deleteEntry(str);
                }
            }
            Trace.msgSecurityPrintln("clientauthcertstore.cert.removed", new Object[]{str});
            return true;
        } catch (Exception e) {
            if (e instanceof IOException) {
                throw ((IOException) e);
            }
            if (e instanceof KeyStoreException) {
                throw ((KeyStoreException) e);
            }
            Trace.securityPrintException(e);
            return false;
        }
    }

    @Override // com.sun.deploy.security.CertStore
    public boolean contains(Certificate certificate) throws KeyStoreException {
        return contains(certificate, null, false);
    }

    @Override // com.sun.deploy.security.CertStore
    public boolean contains(Certificate certificate, String str, boolean z) throws KeyStoreException {
        Trace.msgSecurityPrintln("clientauthcertstore.cert.instore");
        return (this._deploymentSystemClientCerts.getCertificateAlias(certificate) == null && this._deploymentUserClientCerts.getCertificateAlias(certificate) == null) ? false : true;
    }

    @Override // com.sun.deploy.security.CertStore
    public boolean verify(Certificate certificate) {
        Trace.msgSecurityPrintln("clientauthcertstore.cert.canverify");
        return false;
    }

    @Override // com.sun.deploy.security.CertStore
    public Collection getCertificates() throws KeyStoreException {
        HashSet hashSet = new HashSet();
        if ((this.certStoreType & 1) == 1) {
            hashSet.addAll(getCertificates(1));
        }
        if ((this.certStoreType & 2) == 2) {
            hashSet.addAll(getCertificates(2));
        }
        return hashSet;
    }

    private Collection getCertificates(int i) throws KeyStoreException {
        Trace.msgSecurityPrintln("clientauthcertstore.cert.getcertificates");
        KeyStore keyStore = i == 1 ? this._deploymentUserClientCerts : this._deploymentSystemClientCerts;
        Enumeration<String> aliases = keyStore.aliases();
        TreeSet treeSet = new TreeSet();
        while (aliases.hasMoreElements()) {
            String nextElement2 = aliases.nextElement2();
            if (keyStore.isKeyEntry(nextElement2)) {
                treeSet.add(nextElement2);
            }
        }
        ArrayList arrayList = new ArrayList();
        Iterator it = treeSet.iterator();
        while (it.hasNext()) {
            Certificate[] certificateChain = keyStore.getCertificateChain((String) it.next());
            if (certificateChain != null) {
                arrayList.add(certificateChain);
            }
        }
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public char[] getPasswordDialog() {
        CredentialInfo showPasswordDialog = ToolkitStore.getUI().showPasswordDialog(myParent, getMessage("password.dialog.title"), getMessage("clientauth.user.password.dialog.text"), false, false, null, false, null);
        if (showPasswordDialog == null) {
            return null;
        }
        return showPasswordDialog.getPassword();
    }

    private static String getMessage(String str) {
        return ResourceManager.getMessage(str);
    }

    static {
        _userFilename = null;
        _systemFilename = null;
        _userFilename = Config.getUserClientAuthCertFile();
        _systemFilename = Config.getSystemClientAuthCertFile();
    }
}
