package org.eclipse.mtj.core.internal.signing;

import java.io.IOException;
import java.io.InputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import org.eclipse.core.runtime.CoreException;
import org.eclipse.mtj.core.MTJCoreErrors;

/* loaded from: input_file:org/eclipse/mtj/core/internal/signing/KeyChainSet.class */
public class KeyChainSet {
    private PrivateKey m_key;
    private X509Certificate[] m_certChain;
    private String m_strProvider;

    private KeyChainSet(PrivateKey privateKey, X509Certificate[] x509CertificateArr, String str) {
        this.m_key = privateKey;
        this.m_certChain = x509CertificateArr;
        this.m_strProvider = str;
    }

    public PrivateKey getKey() {
        return this.m_key;
    }

    public X509Certificate[] getCertificateChain() {
        return this.m_certChain;
    }

    public String getProvider() {
        return this.m_strProvider;
    }

    public static KeyChainSet getInstance(InputStream inputStream, String str, String str2, String str3) throws CoreException {
        return getInstance(inputStream, null, null, str, str2, str3);
    }

    public static KeyChainSet getInstance(InputStream inputStream, String str, String str2, String str3, String str4, String str5) throws CoreException {
        PrivateKey privateKey = null;
        X509Certificate[] x509CertificateArr = (X509Certificate[]) null;
        if (str2 != null && str2.length() == 0) {
            str2 = null;
        }
        if (str != null && str.length() == 0) {
            str = null;
        }
        if (str == null) {
            try {
                str = KeyStore.getDefaultType();
            } catch (IOException unused) {
                MTJCoreErrors.throwCoreExceptionError(MTJCoreErrors.SIGNING_BAD_KEYSTORE_OR_PASSWORD);
            } catch (KeyStoreException e) {
                MTJCoreErrors.throwCoreExceptionError(MTJCoreErrors.SIGNING_KEYSTORE_TYPE_NOT_AVAILABLE, e);
            } catch (NoSuchAlgorithmException e2) {
                MTJCoreErrors.throwCoreExceptionError(MTJCoreErrors.SIGNING_MISSING_KEYSTORE_INTEGRITY_ALGORITHM, e2);
            } catch (NoSuchProviderException e3) {
                MTJCoreErrors.throwCoreExceptionError(MTJCoreErrors.SIGNING_PROVIDER_NOT_CONFIGURED, e3);
            } catch (UnrecoverableKeyException e4) {
                MTJCoreErrors.throwCoreExceptionError(MTJCoreErrors.SIGNING_INVALID_KEY_PASSWORD, e4);
            } catch (CertificateException e5) {
                MTJCoreErrors.throwCoreExceptionError(MTJCoreErrors.SIGNING_COULDNT_LOAD_CERTIFICATE, e5);
            }
        }
        KeyStore keyStore = str2 == null ? KeyStore.getInstance(str) : KeyStore.getInstance(str, str2);
        keyStore.load(inputStream, str3.toCharArray());
        Key key = keyStore.getKey(str4, str5.toCharArray());
        if (key == null) {
            MTJCoreErrors.throwCoreExceptionError(MTJCoreErrors.SIGNING_KEY_NOT_FOUND);
        }
        if (!(key instanceof PrivateKey)) {
            MTJCoreErrors.throwCoreExceptionError(MTJCoreErrors.SIGNING_BAD_KEY_TYPE);
        }
        privateKey = (PrivateKey) key;
        Certificate[] certificateChain = keyStore.getCertificateChain(str4);
        Certificate certificate = keyStore.getCertificate(str4);
        if (certificateChain != null && certificate != null) {
            if (!(certificate instanceof X509Certificate)) {
                MTJCoreErrors.throwCoreExceptionError(MTJCoreErrors.SIGNING_INVALID_CERTIFICATE_CHAIN);
            }
            X509Certificate x509Certificate = (X509Certificate) certificate;
            X509Certificate[] x509CertificateArr2 = new X509Certificate[certificateChain.length];
            for (int i = 0; i < certificateChain.length; i++) {
                if (certificateChain[i] instanceof X509Certificate) {
                    x509CertificateArr2[i] = (X509Certificate) certificateChain[i];
                } else {
                    MTJCoreErrors.throwCoreExceptionError(MTJCoreErrors.SIGNING_INVALID_CERTIFICATE_CHAIN);
                }
            }
            if (x509CertificateArr2[0].equals(x509Certificate)) {
                x509CertificateArr = x509CertificateArr2;
            } else {
                x509CertificateArr = new X509Certificate[certificateChain.length];
                x509CertificateArr[0] = x509Certificate;
                for (int i2 = 1; i2 < certificateChain.length; i2++) {
                    x509CertificateArr[i2] = findParentCertificate(x509CertificateArr[i2 - 1], x509CertificateArr2);
                    if (x509CertificateArr[i2] == null) {
                        MTJCoreErrors.throwCoreExceptionError(MTJCoreErrors.SIGNING_INVALID_CERTIFICATE_CHAIN);
                    }
                }
            }
        }
        return new KeyChainSet(privateKey, x509CertificateArr, str2);
    }

    private static X509Certificate findParentCertificate(X509Certificate x509Certificate, X509Certificate[] x509CertificateArr) {
        Principal issuerDN = x509Certificate.getIssuerDN();
        X509Certificate x509Certificate2 = null;
        int i = 0;
        while (true) {
            if (i >= x509CertificateArr.length) {
                break;
            }
            if (x509CertificateArr[i] != null && x509CertificateArr[i].getSubjectDN().equals(issuerDN)) {
                x509Certificate2 = x509CertificateArr[i];
                x509CertificateArr[i] = null;
                break;
            }
            i++;
        }
        return x509Certificate2;
    }

    void setKey(PrivateKey privateKey) {
        this.m_key = privateKey;
    }

    void setCertificateChain(X509Certificate[] x509CertificateArr) {
        this.m_certChain = x509CertificateArr;
    }

    void setProvider(String str) {
        this.m_strProvider = str;
    }
}
