package es.gob.jmulticard.jse.provider.ceres;

import es.gob.jmulticard.JseCryptoHelper;
import es.gob.jmulticard.apdu.connection.ApduConnection;
import es.gob.jmulticard.card.PrivateKeyReference;
import es.gob.jmulticard.card.fnmt.ceres.Ceres;
import es.gob.jmulticard.card.fnmt.ceres.CeresPrivateKeyReference;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreSpi;
import java.security.PrivateKey;
import java.security.ProviderException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.List;
import java.util.logging.Logger;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public final class CeresKeyStoreImpl extends KeyStoreSpi {
    private static List<String> userCertAliases;
    private Ceres cryptoCard = null;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static final class CachePasswordCallback extends PasswordCallback {
        private static final long serialVersionUID = 816457144215238935L;

        CachePasswordCallback(char[] cArr) {
            super(">", false);
            setPassword(cArr);
        }
    }

    private static ApduConnection getApduConnection() {
        return CeresProvider.getDefaultApduConnection();
    }

    private void loadAliases() {
        String[] aliases = this.cryptoCard.getAliases();
        userCertAliases = new ArrayList(aliases.length);
        for (String str : aliases) {
            userCertAliases.add(str);
        }
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration<String> engineAliases() {
        return Collections.enumeration(userCertAliases);
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        return userCertAliases.contains(str);
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) {
        throw new UnsupportedOperationException();
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineEntryInstanceOf(String str, Class<? extends KeyStore.Entry> cls) {
        if (engineContainsAlias(str)) {
            return cls.equals(KeyStore.PrivateKeyEntry.class);
        }
        return false;
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        if (engineContainsAlias(str)) {
            return this.cryptoCard.getCertificate(str);
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        if (!(certificate instanceof X509Certificate)) {
            return null;
        }
        X509Certificate x509Certificate = (X509Certificate) certificate;
        BigInteger serialNumber = x509Certificate.getSerialNumber();
        X500Principal issuerX500Principal = x509Certificate.getIssuerX500Principal();
        for (String str : userCertAliases) {
            if (((X509Certificate) engineGetCertificate(str)).getSerialNumber() == serialNumber && issuerX500Principal.equals(issuerX500Principal)) {
                return str;
            }
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        if (engineContainsAlias(str)) {
            return new X509Certificate[]{(X509Certificate) engineGetCertificate(str)};
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        Logger.getLogger("es.gob.jmulticard").warning("No se soporta la obtencion de fecha de creacion, se devuelve la fecha actual");
        return new Date();
    }

    @Override // java.security.KeyStoreSpi
    public KeyStore.Entry engineGetEntry(String str, KeyStore.ProtectionParameter protectionParameter) {
        if (protectionParameter instanceof KeyStore.PasswordProtection) {
            this.cryptoCard.setPasswordCallback(new CachePasswordCallback(((KeyStore.PasswordProtection) protectionParameter).getPassword()));
        }
        if (engineContainsAlias(str)) {
            return new KeyStore.PrivateKeyEntry((PrivateKey) engineGetKey(str, null), engineGetCertificateChain(str));
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) {
        if (!engineContainsAlias(str)) {
            return null;
        }
        if (cArr != null) {
            this.cryptoCard.setPasswordCallback(new CachePasswordCallback(cArr));
        }
        PrivateKeyReference privateKey = this.cryptoCard.getPrivateKey(str);
        if (privateKey instanceof CeresPrivateKeyReference) {
            return new CeresPrivateKey((CeresPrivateKeyReference) privateKey, this.cryptoCard, ((RSAPublicKey) engineGetCertificate(str).getPublicKey()).getModulus());
        }
        throw new ProviderException("La clave obtenida de la tarjeta no es del tipo esperado, se ha obtenido: " + privateKey.getClass().getName());
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        return false;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        return userCertAliases.contains(str);
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) throws IOException {
        this.cryptoCard = new Ceres(getApduConnection(), new JseCryptoHelper());
        loadAliases();
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) throws IOException {
        if (loadStoreParameter != null) {
            KeyStore.ProtectionParameter protectionParameter = loadStoreParameter.getProtectionParameter();
            if (protectionParameter instanceof KeyStore.CallbackHandlerProtection) {
                KeyStore.CallbackHandlerProtection callbackHandlerProtection = (KeyStore.CallbackHandlerProtection) protectionParameter;
                if (callbackHandlerProtection.getCallbackHandler() == null) {
                    throw new IllegalArgumentException("El CallbackHandler no puede ser nulo");
                }
                this.cryptoCard = new Ceres(CeresProvider.getDefaultApduConnection(), new JseCryptoHelper());
                this.cryptoCard.setCallbackHandler(callbackHandlerProtection.getCallbackHandler());
            } else if (protectionParameter instanceof KeyStore.PasswordProtection) {
                CeresPasswordCallback ceresPasswordCallback = new CeresPasswordCallback((KeyStore.PasswordProtection) protectionParameter);
                this.cryptoCard = new Ceres(CeresProvider.getDefaultApduConnection(), new JseCryptoHelper());
                this.cryptoCard.setPasswordCallback(ceresPasswordCallback);
            } else {
                Logger logger = Logger.getLogger("es.gob.jmulticard");
                StringBuilder sb = new StringBuilder();
                sb.append("Se ha proporcionado un LoadStoreParameter de tipo no soportado, se ignorara: ");
                sb.append(protectionParameter != null ? protectionParameter.getClass().getName() : "NULO");
                logger.warning(sb.toString());
            }
        } else {
            this.cryptoCard = new Ceres(CeresProvider.getDefaultApduConnection(), new JseCryptoHelper());
        }
        userCertAliases = Arrays.asList(this.cryptoCard.getAliases());
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) {
        throw new UnsupportedOperationException();
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) {
        throw new UnsupportedOperationException();
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) {
        throw new UnsupportedOperationException();
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        return userCertAliases.size();
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) {
        throw new UnsupportedOperationException();
    }
}
