package iaik.pki.store.certstore.directory.indexed;

import iaik.logging.TransactionId;
import iaik.pki.store.certstore.AbstractCertStore;
import iaik.pki.store.certstore.CertStore;
import iaik.pki.store.certstore.CertStoreParameters;
import iaik.pki.store.certstore.CertStoreTypes;
import iaik.pki.store.certstore.directory.DirectoryCertSelector;
import iaik.pki.store.certstore.selector.CertSelector;
import iaik.pki.store.certstore.selector.DefaultCertSelector;
import iaik.pki.store.certstore.selector.email.DefaultEmailCertSelector;
import iaik.pki.store.certstore.selector.email.EmailCertSelectorFactory;
import iaik.pki.store.certstore.selector.is.DefaultIssuerSerialCertSelector;
import iaik.pki.store.certstore.selector.is.IssuerSerialCertSelectorFactory;
import iaik.pki.store.certstore.selector.kv.DefaultKeyValueCertSelector;
import iaik.pki.store.certstore.selector.kv.KeyValueCertSelectorFactory;
import iaik.pki.store.certstore.selector.sdn.DefaultSubjectDNCertSelector;
import iaik.pki.store.certstore.selector.sdn.SubjectDNCertSelectorFactory;
import iaik.pki.store.certstore.selector.ski.DefaultSubjectKeyIdentifierCertSelector;
import iaik.pki.store.certstore.selector.ski.SubjectKeyIdentifierCertSelectorFactory;
import iaik.pki.utils.CertUtil;
import iaik.pki.utils.Constants;
import iaik.x509.X509Certificate;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.cert.CertificateException;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class H extends AbstractCertStore implements CertStore {
    protected static final String S = "Error fecthing certificate from cert store: ";
    public static final String U = ".der";
    protected static final String V = "Error adding certificate to cert store: ";
    protected G R;
    protected IndexedDirectoryCertStoreParameters T;
    protected boolean W;
    protected File X;

    /* JADX INFO: Access modifiers changed from: package-private */
    public H(IndexedDirectoryCertStoreParameters indexedDirectoryCertStoreParameters, TransactionId transactionId) {
        if (indexedDirectoryCertStoreParameters == null) {
            throw new NullPointerException("Argument \"params\" must not be null.");
        }
        if (indexedDirectoryCertStoreParameters.getRootDirectory() == null) {
            throw new NullPointerException("Root directory specified within params must not be null");
        }
        if (!indexedDirectoryCertStoreParameters.getType().equals(CertStoreTypes.INDEXED_DIRECTORY)) {
            throw new IndexedDirectoryStoreException("Parameters not suitable for this type of certstore", null, new StringBuffer().append(getClass().getName()).append(":1").toString());
        }
        this.T = indexedDirectoryCertStoreParameters;
        this.W = indexedDirectoryCertStoreParameters.isReadOnly();
        this.X = new File(indexedDirectoryCertStoreParameters.getRootDirectory());
        if (!this.X.exists() && indexedDirectoryCertStoreParameters.createNew() && !this.X.mkdirs()) {
            throw new IndexedDirectoryStoreException(new StringBuffer("Can't create directory: ").append(this.X.toString()).toString(), null, new StringBuffer().append(getClass().getName()).append(":2").toString());
        }
        if (!this.X.canRead()) {
            throw new IndexedDirectoryStoreException(new StringBuffer("Can't read from directory: ").append(this.X.toString()).toString(), null, new StringBuffer().append(getClass().getName()).append(":3").toString());
        }
        if (!this.W && !this.X.canWrite()) {
            throw new IndexedDirectoryStoreException(new StringBuffer("Can't write to directory: ").append(this.X.toString()).toString(), null, new StringBuffer().append(getClass().getName()).append(":4").toString());
        }
        this.R = new G(this.T.getRootDirectory(), this.T.getIndexTables(), transactionId);
        D(transactionId);
        F(transactionId);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String A(String str) {
        return new StringBuffer().append(str).append(U).toString();
    }

    protected static String B(X509Certificate x509Certificate) {
        return A(C(x509Certificate));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String C(X509Certificate x509Certificate) {
        return CertUtil.getFingerPrintSHA(x509Certificate);
    }

    protected synchronized void A(IndexTable indexTable, TransactionId transactionId) {
        this.R.B(indexTable, transactionId);
    }

    protected synchronized void A(String str, TransactionId transactionId) {
        this.R.A(str, transactionId);
    }

    protected CertSelector D(CertSelector certSelector, TransactionId transactionId) {
        if (certSelector == null) {
            throw new NullPointerException(new StringBuffer("CertSelector must not be null.").append(getClass().getName()).append(":5").toString());
        }
        if (certSelector instanceof DirectoryCertSelector) {
            return certSelector;
        }
        if (certSelector instanceof DefaultCertSelector) {
            if (certSelector instanceof DefaultSubjectDNCertSelector) {
                AbstractCertStore.log_.debug(transactionId, "Converting default SubjectDNCertSelector to indexed directory SubjectDNCertSelector.", null);
                return SubjectDNCertSelectorFactory.createCertSelector(((DefaultSubjectDNCertSelector) certSelector).getSubjectDN(), CertStoreTypes.INDEXED_DIRECTORY);
            }
            if (certSelector instanceof DefaultIssuerSerialCertSelector) {
                AbstractCertStore.log_.debug(transactionId, "Converting default IssuerSerialCertSelector to indexed directory IssuerSerialCertSelector.", null);
                DefaultIssuerSerialCertSelector defaultIssuerSerialCertSelector = (DefaultIssuerSerialCertSelector) certSelector;
                return IssuerSerialCertSelectorFactory.createCertSelector(defaultIssuerSerialCertSelector.getNormalizedIssuer(), true, defaultIssuerSerialCertSelector.getSerialNumber(), CertStoreTypes.INDEXED_DIRECTORY);
            }
            if (certSelector instanceof DefaultKeyValueCertSelector) {
                AbstractCertStore.log_.debug(transactionId, "Converting default KeyValueCertSelector to indexed directory KeyValueCertSelector.", null);
                return KeyValueCertSelectorFactory.createCertSelector(((DefaultKeyValueCertSelector) certSelector).getPublicKey(), CertStoreTypes.INDEXED_DIRECTORY);
            }
            if (certSelector instanceof DefaultSubjectKeyIdentifierCertSelector) {
                AbstractCertStore.log_.debug(transactionId, "Converting default SubjectKeyIdentifierCertSelector to indexed directory SubjectKeyIdentifierCertSelector.", null);
                return SubjectKeyIdentifierCertSelectorFactory.createCertSelector(((DefaultSubjectKeyIdentifierCertSelector) certSelector).getSubjectKeyIdentifier(), CertStoreTypes.INDEXED_DIRECTORY);
            }
            if (certSelector instanceof DefaultEmailCertSelector) {
                AbstractCertStore.log_.debug(transactionId, "Converting default EmailCertSelector to indexed directory EmailCertSelector.", null);
                return EmailCertSelectorFactory.createCertSelector(((DefaultEmailCertSelector) certSelector).getEmailAddress(), CertStoreTypes.INDEXED_DIRECTORY);
            }
        }
        AbstractCertStore.log_.debug(transactionId, "Unknown cert selector type.", null);
        return null;
    }

    public String D() {
        return CertStoreTypes.INDEXED_DIRECTORY;
    }

    protected synchronized void D(TransactionId transactionId) {
        File file = new File(this.X, Constants.TO_BE_ADDED_DIRECTORY);
        if (file.exists()) {
            AbstractCertStore.log_.debug(transactionId, new StringBuffer("Adding certificates from directory \"").append(file.getAbsolutePath()).append("\" ...").toString(), null);
            if (!file.canRead()) {
                throw new IndexedDirectoryStoreException(new StringBuffer("Error adding certificate to cert store: Can't read from directory \"").append(file.toString()).append("\".").toString(), null, new StringBuffer().append(getClass().getName()).append(": 1").toString());
            }
            File[] listFiles = file.listFiles();
            for (File file2 : listFiles) {
                try {
                    try {
                        try {
                            FileInputStream fileInputStream = new FileInputStream(file2);
                            X509Certificate x509Certificate = new X509Certificate(fileInputStream);
                            fileInputStream.close();
                            storeCertificate(x509Certificate, transactionId);
                            if (!file2.delete()) {
                                AbstractCertStore.log_.warn(transactionId, new StringBuffer("Cannot delete certificate ").append(file2.getAbsolutePath()).toString(), null);
                            }
                        } catch (IOException e) {
                            AbstractCertStore.log_.warn(transactionId, new StringBuffer("Error adding certificate to cert store: \"").append(file2.getAbsolutePath()).append("\".").toString(), null);
                        }
                    } catch (FileNotFoundException e2) {
                        AbstractCertStore.log_.warn(transactionId, new StringBuffer("Error adding certificate to cert store: Could not read certificate \"").append(file2.getAbsolutePath()).append("\".").toString(), null);
                    }
                } catch (CertificateException e3) {
                    AbstractCertStore.log_.warn(transactionId, new StringBuffer("Error adding certificate to cert store: Could not parse certificate. Maybe file \"").append(file2.getAbsolutePath()).append("\" does not contain a certificate.").toString(), null);
                }
            }
        }
    }

    public void E(TransactionId transactionId) {
        this.R.A(true, transactionId);
    }

    protected synchronized void F(TransactionId transactionId) {
        File file = new File(this.X, Constants.TO_BE_REMOVED_DIRECTORY);
        if (file.exists()) {
            AbstractCertStore.log_.debug(transactionId, new StringBuffer("Removing certificates located in directory \"").append(file.getAbsolutePath()).append("\" from certificate store ...").toString(), null);
            File[] listFiles = file.listFiles();
            for (File file2 : listFiles) {
                try {
                    try {
                        FileInputStream fileInputStream = new FileInputStream(file2);
                        X509Certificate x509Certificate = new X509Certificate(fileInputStream);
                        fileInputStream.close();
                        if (removeCertificate(x509Certificate, transactionId) && !file2.delete()) {
                            AbstractCertStore.log_.warn(transactionId, new StringBuffer("Cannot delete certificate ").append(file2.getAbsolutePath()).toString(), null);
                        }
                    } catch (IOException e) {
                        throw new IndexedDirectoryStoreException(new StringBuffer().append("Error removing certificate from cert store: ").append("\"").append(file2.getAbsolutePath()).append("\".").toString(), null, new StringBuffer().append(getClass().getName()).append(":5").toString());
                    }
                } catch (FileNotFoundException e2) {
                    throw new IndexedDirectoryStoreException(new StringBuffer().append("Error removing certificate from cert store: ").append("Could not read certificate \"").append(file2.getAbsolutePath()).append("\".").toString(), null, new StringBuffer().append(getClass().getName()).append(": 3").toString());
                } catch (CertificateException e3) {
                    throw new IndexedDirectoryStoreException(new StringBuffer().append("Error removing certificate from cert store: ").append("Could not parse certificate. Maybe file \"").append(file2.getAbsolutePath()).append("\" does not contain a certificate.").toString(), null, new StringBuffer().append(getClass().getName()).append(": 2").toString());
                }
            }
        }
    }

    @Override // iaik.pki.store.certstore.CertStore
    public synchronized X509Certificate[] getCertificates(CertSelector certSelector, TransactionId transactionId) {
        X509Certificate[] x509CertificateArr;
        AbstractCertStore.log_.debug(transactionId, "Trying to get certificate from indexed directory cert store.", null);
        DirectoryCertSelector directoryCertSelector = (DirectoryCertSelector) D(certSelector, transactionId);
        if (directoryCertSelector == null) {
            throw new IndexedDirectoryStoreException(new StringBuffer("Cert selector \"").append(certSelector.getClass().getName()).append("\" not supported by IndexedDirectoryCertStore.").toString(), null, new StringBuffer().append(getClass().getName()).append(":6").toString());
        }
        String index = directoryCertSelector.getIndex();
        Set A = this.R.A(index, directoryCertSelector.getSelectorName());
        if (A == null) {
            A = this.R.B(index);
        }
        if (A.size() == 0) {
            x509CertificateArr = new X509Certificate[0];
        } else {
            HashSet hashSet = new HashSet(A.size());
            Iterator it = A.iterator();
            while (it.hasNext()) {
                File file = new File(this.X, A((String) it.next()));
                try {
                    try {
                        try {
                            X509Certificate x509Certificate = new X509Certificate(new FileInputStream(file));
                            if (certSelector.matches(x509Certificate, transactionId)) {
                                hashSet.add(x509Certificate);
                            }
                        } catch (FileNotFoundException e) {
                            throw new IndexedDirectoryStoreException(new StringBuffer("Error fecthing certificate from cert store: Could not read certificate \"").append(file.getAbsolutePath()).append("\".").toString(), null, new StringBuffer().append(getClass().getName()).append(": 3").toString());
                        }
                    } catch (IOException e2) {
                        throw new IndexedDirectoryStoreException(new StringBuffer("Error fecthing certificate from cert store: \"").append(file.getAbsolutePath()).append("\".").toString(), null, new StringBuffer().append(getClass().getName()).append(":5").toString());
                    }
                } catch (CertificateException e3) {
                    throw new IndexedDirectoryStoreException(new StringBuffer("Error fecthing certificate from cert store: Could not parse certificate \"").append(file.getAbsolutePath()).append("\".").toString(), null, new StringBuffer().append(getClass().getName()).append(": 2").toString());
                }
            }
            int size = hashSet.size();
            AbstractCertStore.log_.debug(transactionId, new StringBuffer("Found ").append(size).append(" certificates in indexed directory cert store.").toString(), null);
            x509CertificateArr = hashSet.size() == 0 ? new X509Certificate[0] : (X509Certificate[]) hashSet.toArray(new X509Certificate[size]);
        }
        return x509CertificateArr;
    }

    @Override // iaik.pki.store.certstore.AbstractCertStore, iaik.pki.store.certstore.CertStore
    public CertStoreParameters getParameters() {
        return this.T;
    }

    @Override // iaik.pki.store.certstore.AbstractCertStore, iaik.pki.store.certstore.CertStore
    public String getUniqueID() {
        return new StringBuffer().append(D()).append(this.T.getRootDirectory()).toString();
    }

    @Override // iaik.pki.store.certstore.AbstractCertStore, iaik.pki.store.certstore.CertStore
    public boolean isReadOnly() {
        return this.W;
    }

    @Override // iaik.pki.store.certstore.AbstractCertStore
    protected synchronized boolean removeCertificate(X509Certificate x509Certificate, TransactionId transactionId) {
        boolean z;
        if (x509Certificate == null) {
            throw new NullPointerException("Parameter \"cert\" must not be null.");
        }
        String A = this.R.A(x509Certificate);
        File file = new File(this.X, A);
        if (!file.exists() || file.delete()) {
            z = true;
        } else {
            AbstractCertStore.log_.warn(transactionId, new StringBuffer("Cannot delete file ").append(A).append(" from indexed directory cert store.").toString(), null);
            this.R.A(x509Certificate, transactionId);
            z = false;
        }
        return z;
    }

    @Override // iaik.pki.store.certstore.AbstractCertStore, iaik.pki.store.certstore.CertStore
    public synchronized void storeCertificate(X509Certificate x509Certificate, TransactionId transactionId) {
        FileOutputStream fileOutputStream;
        FileOutputStream fileOutputStream2 = null;
        synchronized (this) {
            if (x509Certificate == null) {
                throw new NullPointerException("Argument \"cert\" must not be null.");
            }
            if (this.W) {
                throw new IndexedDirectoryStoreException("Can't write certificate to read only store", null, new StringBuffer().append(getClass().getName()).append(":11").toString());
            }
            String C = C(x509Certificate);
            if (this.R.A(x509Certificate, C, transactionId)) {
                String A = A(C);
                try {
                    try {
                        File file = new File(this.X, A);
                        if (AbstractCertStore.log_.isDebugEnabled()) {
                            AbstractCertStore.log_.debug(null, new StringBuffer("Writing certificate (serial number: \"").append(x509Certificate.getSerialNumber()).append("\", subjectDN: \"").append(x509Certificate.getSubjectDN()).append("\") to: ").append(file.getAbsoluteFile()).append(".").toString(), null);
                        }
                        fileOutputStream = new FileOutputStream(file);
                    } catch (Throwable th) {
                        th = th;
                    }
                } catch (IOException e) {
                    e = e;
                }
                try {
                    x509Certificate.writeTo(fileOutputStream);
                    fileOutputStream.close();
                    if (fileOutputStream != null) {
                        try {
                            fileOutputStream.flush();
                            fileOutputStream.close();
                        } catch (IOException e2) {
                            AbstractCertStore.log_.debug(transactionId, new StringBuffer("Could not close/flush file.").append(A).append(".").toString(), e2);
                        }
                    }
                } catch (IOException e3) {
                    e = e3;
                    this.R.A(x509Certificate);
                    throw new IndexedDirectoryStoreException("Error when writing to file", e, new StringBuffer().append(getClass().getName()).append(":12").toString());
                } catch (Throwable th2) {
                    th = th2;
                    fileOutputStream2 = fileOutputStream;
                    if (fileOutputStream2 != null) {
                        try {
                            fileOutputStream2.flush();
                            fileOutputStream2.close();
                        } catch (IOException e4) {
                            AbstractCertStore.log_.debug(transactionId, new StringBuffer("Could not close/flush file.").append(A).append(".").toString(), e4);
                        }
                    }
                    throw th;
                }
            }
        }
    }
}
