package com.cyclonecommerce.crossworks.certmgmt;

import com.cyclonecommerce.crossworks.pse.CycloneKeyStore;
import com.cyclonecommerce.util.ClassDescriptor;
import com.cyclonecommerce.util.file.FileUtil;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Observable;
import java.util.Observer;

/* loaded from: input_file:com/cyclonecommerce/crossworks/certmgmt/bq.class */
public class bq extends Observable {
    public static final String a = "Entrust/SEP";
    public static final String b = "Entrust/CMP";
    public static final String c = "Verisign/XKMS";
    public static final String d = "SelfIssued";
    public static final String e = "PSE Changed";
    public static final String f = "PSE Deleted";
    public static final String g = "friendlyName";
    protected String h;
    protected x i;
    protected w j;
    protected r k;
    protected HashMap l;
    protected CycloneKeyStore m;

    protected bq() {
        this.l = new HashMap();
        v();
    }

    protected bq(String str) throws bn {
        this();
        try {
            this.i = new x();
            this.k = new r();
            this.j = this.k.d();
            this.h = str;
            i().a(this);
        } catch (com.cyclonecommerce.crossworks.certpath.l e2) {
            throw new bn(new StringBuffer().append("Database error creating PSE with friendly name \"").append(str).append('\"').toString(), e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public bq(x xVar, w wVar) {
        this();
        this.i = xVar;
        this.j = wVar;
    }

    public static bq a(String str) throws bn {
        return new bq(str);
    }

    public static bq a(x xVar) throws bn {
        if (xVar == null) {
            throw new IllegalArgumentException("PSE.getInstance(null) is not allowed");
        }
        s sVar = new s();
        sVar.a(xVar);
        Collection a2 = a(sVar);
        if (a2.isEmpty()) {
            throw new bn(new StringBuffer().append("PSE with id ").append(xVar).append(" does not exist").toString());
        }
        return (bq) a2.iterator().next();
    }

    public static void b(x xVar) throws bn {
        try {
            if (xVar == null) {
                throw new IllegalArgumentException("PSE.delete(null) is not allowed");
            }
            String d2 = d(xVar);
            CycloneKeyStore.delete(d2);
            FileUtil.delete(new File(d2));
            a(xVar).w();
        } catch (IOException e2) {
            throw new bn(new StringBuffer().append("IOException deleting PSE with id ").append(xVar).toString(), e2);
        }
    }

    public static Collection a() throws bn {
        return a((s) null);
    }

    public void b(String str) throws bn {
        c(str);
        b("friendlyName", str);
    }

    public String b() {
        return this.h;
    }

    public q a(u uVar) throws bn {
        try {
            return i().b(uVar, g());
        } catch (com.cyclonecommerce.crossworks.certpath.l e2) {
            throw new bn(new StringBuffer().append("Database error retrieving personal certificate for id ").append(uVar).toString(), e2);
        }
    }

    public PrivateKey b(u uVar) throws bn {
        try {
            return j().getKey(j(uVar), k(uVar).toCharArray());
        } catch (KeyStoreException e2) {
            throw new bn(new StringBuffer().append("Key store error getting private key for certificate id ").append(uVar).toString(), e2);
        }
    }

    public Collection a(String str, p pVar) throws com.cyclonecommerce.crossworks.pki.s, bn {
        com.cyclonecommerce.crossworks.pki.c a2 = com.cyclonecommerce.crossworks.pki.d.a(str);
        a2.a(pVar);
        Collection a3 = a2.a();
        if (a3.size() < 1) {
            throw new com.cyclonecommerce.crossworks.pki.s(new StringBuffer().append("No personal certificate was created: ").append(a3.size()).toString());
        }
        Collection a4 = a(a3);
        t();
        return a4;
    }

    public u a(u uVar, String str, p pVar) {
        return null;
    }

    public q a(InputStream inputStream, String str) throws bn, com.cyclonecommerce.crossworks.m {
        com.cyclonecommerce.crossworks.b b2 = b(inputStream, str);
        h().b(b2.e());
        q a2 = a(b2);
        t();
        return a2;
    }

    public void c(u uVar) throws bn {
        if (uVar == null) {
            throw new IllegalArgumentException("PSE.deletePersonalCertificate(null) is not allowed");
        }
        try {
            bl.a(uVar);
            j().deleteKey(j(uVar));
            r();
            i().a(uVar, g());
            r f2 = f();
            if (uVar.equals(f2.b())) {
                f2.b((u) null);
            }
            if (uVar.equals(f2.a())) {
                f2.a((u) null);
            }
            t();
        } catch (com.cyclonecommerce.crossworks.certpath.l e2) {
            throw new bn(new StringBuffer().append("Database error deleting personal certificate ").append(uVar).append(" from PSE ").append(g()).toString(), e2);
        } catch (KeyStoreException e3) {
            throw new bn(new StringBuffer().append("Key store error deleting personal certificate ").append(uVar).append(" from PSE ").append(g()).toString(), e3);
        }
    }

    public Collection c() throws bn {
        try {
            return i().b(g());
        } catch (com.cyclonecommerce.crossworks.certpath.l e2) {
            throw new bn(new StringBuffer().append("Database error retrieving personal certificates for PSE ").append(g()).toString(), e2);
        }
    }

    public void d(u uVar) throws bn {
        if (uVar == null) {
            throw new IllegalArgumentException("PSE.addTrustedCertificate(null) is not allowed");
        }
        if (f(uVar)) {
            return;
        }
        bl a2 = bl.a(uVar);
        CycloneKeyStore j = j();
        try {
            i().c(uVar, g());
            try {
                j.setCertificateEntry(i(uVar), a2.a());
                r();
                t();
            } catch (KeyStoreException e2) {
                try {
                    i().d(uVar, g());
                } catch (com.cyclonecommerce.crossworks.certpath.l e3) {
                }
                throw new bn(new StringBuffer().append("Unable to trust certificate ").append(uVar).append(" in PSE ").append(g()).toString(), e2);
            }
        } catch (com.cyclonecommerce.crossworks.certpath.l e4) {
            throw new bn(new StringBuffer().append("Unable to trust certificate ").append(uVar).append(" in PSE ").append(g()).toString(), e4);
        }
    }

    public void e(u uVar) throws bn {
        if (uVar == null) {
            throw new IllegalArgumentException("PSE.deleteTrustedCertificate(null) is not allowed");
        }
        try {
            bl.a(uVar);
            j().deleteCertificateEntry(i(uVar));
            r();
            i().d(uVar, g());
            t();
        } catch (com.cyclonecommerce.crossworks.certpath.l e2) {
            throw new bn(new StringBuffer().append("Database error deleting trusted certificate ").append(uVar).append(" from PSE ").append(g()).toString(), e2);
        } catch (KeyStoreException e3) {
            throw new bn(new StringBuffer().append("Key store error deleting trusted certificate ").append(uVar).append(" from PSE ").append(g()).toString(), e3);
        }
    }

    public Collection d() throws bn {
        try {
            return i().c(g());
        } catch (com.cyclonecommerce.crossworks.certpath.l e2) {
            throw new bn(new StringBuffer().append("Database error retrieving trusted certificates for PSE ").append(g()).toString(), e2);
        }
    }

    public boolean f(u uVar) throws bn {
        return a(bl.a(uVar));
    }

    public boolean a(bl blVar) throws bn {
        try {
            return j().getCertificateAlias(blVar.a()) != null;
        } catch (KeyStoreException e2) {
            throw new bn(new StringBuffer().append("Key store error for PSE ").append(g()).toString(), e2);
        }
    }

    public boolean g(u uVar) throws bn {
        Iterator it = bl.a(uVar).p().iterator();
        while (it.hasNext()) {
            if (a((bl) it.next())) {
                return true;
            }
        }
        return false;
    }

    public boolean h(u uVar) throws bn {
        boolean z = true;
        try {
            b(bl.a(uVar));
        } catch (com.cyclonecommerce.crossworks.m e2) {
            z = false;
        }
        return z;
    }

    public void b(bl blVar) throws bn, com.cyclonecommerce.crossworks.m {
        if (!((com.cyclonecommerce.crossworks.x509.i) h()).a((Certificate) blVar.a())) {
            throw new com.cyclonecommerce.crossworks.m(new StringBuffer().append("Certificate isn't trusted for this PSE ").append(g()).toString());
        }
    }

    public void e() throws bn {
        try {
            j().load();
        } catch (KeyStoreException e2) {
            throw new bn(new StringBuffer().append("Key store error refreshing PSE ").append(g()).toString(), e2);
        }
    }

    public r f() throws bn {
        try {
            if (this.k == null) {
                this.k = r.a(this.j);
            }
            return this.k;
        } catch (com.cyclonecommerce.crossworks.certpath.l e2) {
            throw new bn(new StringBuffer().append("Database error retrieving policy for PSE ").append(g()).toString(), e2);
        }
    }

    public x g() {
        return this.i;
    }

    public com.cyclonecommerce.crossworks.c h() throws bn {
        com.cyclonecommerce.crossworks.x509.i iVar = new com.cyclonecommerce.crossworks.x509.i();
        iVar.a(j());
        iVar.a(q());
        if (f().c().b()) {
            iVar.a(false);
        }
        return iVar;
    }

    protected static n i() {
        return n.a();
    }

    public CycloneKeyStore j() throws bn {
        try {
            if (this.m == null) {
                this.m = CycloneKeyStore.getInstance(d(g()), null, c(g()).toCharArray());
            }
            return this.m;
        } catch (KeyStoreException e2) {
            throw new bn(new StringBuffer().append("Unable to get key store for PSE ").append(g()).toString(), e2);
        }
    }

    protected String k() {
        return g().toString();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public w l() {
        return this.j;
    }

    protected String m() {
        return e(g());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void c(String str) {
        this.h = str;
    }

    public HashMap n() {
        return this.l;
    }

    protected void a(String str, Object obj) {
        this.l.put(str, obj);
    }

    protected void b(String str, Object obj) throws bn {
        a(str, obj);
        o();
    }

    protected void o() throws bn {
        try {
            i().b(this);
        } catch (com.cyclonecommerce.crossworks.certpath.l e2) {
            throw new bn(new StringBuffer().append("Database error updating PSE ").append(g()).toString(), e2);
        }
    }

    protected static String i(u uVar) {
        if (uVar == null) {
            throw new IllegalArgumentException("PSE.getCertificateAlias(null) is not allowed");
        }
        return new StringBuffer().append("cert").append(uVar.toString()).toString();
    }

    protected static File p() {
        return com.cyclonecommerce.crossworks.e.a().g();
    }

    protected static String c(x xVar) {
        if (xVar == null) {
            throw new IllegalArgumentException("PSE.getKeyStorePassword(null) is not allowed");
        }
        return xVar.toString();
    }

    protected static String d(x xVar) {
        if (xVar == null) {
            throw new IllegalArgumentException("PSE.getKeyStoreFilename(null) is not allowed");
        }
        return new File(p(), new StringBuffer().append(xVar.toString()).append(".keys").toString()).getPath();
    }

    protected static String e(x xVar) {
        if (xVar == null) {
            throw new IllegalArgumentException("PSE.getKeyStoreURL(null) is not allowed");
        }
        return new StringBuffer().append("file:").append(d(xVar)).toString();
    }

    public static String j(u uVar) {
        if (uVar == null) {
            throw new IllegalArgumentException("PSE.getPrivateKeyAlias(null) is not allowed");
        }
        return new StringBuffer().append("key").append(uVar.toString()).toString();
    }

    public static String k(u uVar) {
        if (uVar == null) {
            throw new IllegalArgumentException("PSE.getPrivateKeyPassword(null) is not allowed");
        }
        return uVar.toString();
    }

    protected Collection a(Collection collection) throws bn {
        ArrayList arrayList = new ArrayList();
        Iterator it = collection.iterator();
        while (it.hasNext()) {
            arrayList.add(a((com.cyclonecommerce.crossworks.b) it.next()));
        }
        return arrayList;
    }

    protected com.cyclonecommerce.crossworks.certstore.a q() {
        return com.cyclonecommerce.crossworks.e.a().n();
    }

    public static Collection a(s sVar) throws bn {
        if (sVar == null) {
            sVar = new s();
        }
        try {
            return i().a(sVar);
        } catch (com.cyclonecommerce.crossworks.certpath.l e2) {
            throw new bn(new StringBuffer().append("Database error retrieving PSEs for selector: ").append(sVar).toString(), e2);
        }
    }

    protected q a(com.cyclonecommerce.crossworks.b bVar) throws bn {
        CycloneKeyStore j = j();
        try {
            bl blVar = (bl) i.a("JDBC", null).a(new com.cyclonecommerce.crossworks.x509.h(bVar.d())).get(0);
            boolean z = false;
            q a2 = a(blVar.d());
            if (a2 == null) {
                try {
                    a2 = new q(blVar, g(), false);
                    z = true;
                } catch (com.cyclonecommerce.crossworks.certpath.l e2) {
                    throw new bn(new StringBuffer().append("Unable to manage private key in PSE ").append(g()).toString(), e2);
                }
            }
            try {
                j.setKey(j(blVar.d()), bVar.a(), k(blVar.d()).toCharArray(), (com.cyclonecommerce.crossworks.x509.j[]) bVar.e());
                r();
                return a2;
            } catch (KeyStoreException e3) {
                if (z) {
                    try {
                        i().a(a2.d(), g());
                    } catch (com.cyclonecommerce.crossworks.certpath.l e4) {
                        throw new bn(new StringBuffer().append("Unable to manage private key in PSE ").append(g()).toString(), e3);
                    }
                }
                throw new bn(new StringBuffer().append("Unable to manage private key in PSE ").append(g()).toString(), e3);
            }
        } catch (Exception e5) {
            throw new bn(new StringBuffer().append("Unable to manage private key in PSE ").append(g()).toString(), e5);
        }
    }

    protected com.cyclonecommerce.crossworks.b b(InputStream inputStream, String str) throws bn {
        try {
            KeyStore keyStore = KeyStore.getInstance("pkcs12");
            keyStore.load(inputStream, str.toCharArray());
            inputStream.close();
            if (keyStore.size() > 1) {
                throw new bn("Unable to import pkcs#12 keystore with more than a single entry");
            }
            Enumeration<String> aliases = keyStore.aliases();
            if (!aliases.hasMoreElements()) {
                throw new bn("Unable to import pkcs#12 keystore with no entries or unrecognized format");
            }
            String nextElement = aliases.nextElement();
            PrivateKey privateKey = (PrivateKey) keyStore.getKey(nextElement, str.toCharArray());
            if (privateKey == null) {
                throw new bn(new StringBuffer().append("No key in to import with name: ").append(nextElement).toString());
            }
            return new com.cyclonecommerce.crossworks.b(privateKey, keyStore.getCertificateChain(nextElement));
        } catch (bn e2) {
            throw e2;
        } catch (Exception e3) {
            throw new bn(new StringBuffer().append("Unable to read PKCS#12 stream for PSE ").append(g()).toString(), e3);
        }
    }

    protected void r() throws bn, KeyStoreException {
        try {
            j().store();
        } catch (KeyStoreException e2) {
            j().load();
            throw e2;
        }
    }

    public static void f(x xVar) throws bn {
        try {
            if (xVar == null) {
                throw new IllegalArgumentException("PSE.refresh(null) is not allowed");
            }
            CycloneKeyStore.refresh(d(xVar));
        } catch (KeyStoreException e2) {
            throw new bn(new StringBuffer().append("Error refreshing PSE with id ").append(xVar).toString(), e2);
        }
    }

    public void s() throws bn {
        b(g());
    }

    protected void t() {
        setChanged();
        notifyObservers(e);
    }

    protected void u() {
        setChanged();
        notifyObservers(f);
    }

    protected void v() {
        for (ClassDescriptor classDescriptor : com.cyclonecommerce.crossworks.e.a().o()) {
            try {
                addObserver((Observer) classDescriptor.instantiate());
            } catch (ClassDescriptor.InstantiationException e2) {
                System.err.println(new StringBuffer().append("Unable to instantiate PSE observer for ").append(classDescriptor.getClassName()).append(": ").append(e2.toString()).toString());
            } catch (ClassNotFoundException e3) {
                System.err.println(new StringBuffer().append("Unable to find ").append(classDescriptor.getClassName()).append(" to instantiate PSE observer").toString());
            }
        }
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("PSE: [\n").append("PSE ID: ").append(g().toString()).append("\n").append("Friendly Name: ").append(b()).append("\n");
        try {
            stringBuffer.append(f());
        } catch (bn e2) {
        }
        stringBuffer.append("]");
        return stringBuffer.toString();
    }

    protected void w() throws bn {
        try {
            i().a(g());
            i().a(l());
            u();
        } catch (com.cyclonecommerce.crossworks.certpath.l e2) {
            throw new bn(new StringBuffer().append("CertStoreException deleting PSE with id ").append(this.i).toString(), e2);
        }
    }
}
