package com.idemia.mdw.security;

import com.idemia.mdw.exception.CredentialValueException;
import com.idemia.mdw.exception.GenericServiceException;
import com.idemia.mdw.provider.SEAuthProvider;
import com.idemia.mdw.security.keystore.SEFileEntry;
import com.idemia.mdw.security.spec.AccessKeySpec;
import com.idemia.mdw.smartcardio.ICardTerminal;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.AuthProvider;
import java.security.InvalidParameterException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.TreeMap;
import javax.security.auth.login.LoginException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes2.dex */
public class SEKeyStore extends KeyStoreSpi {

    /* renamed from: a, reason: collision with root package name */
    private static final Logger f1123a = LoggerFactory.getLogger((Class<?>) SEKeyStore.class);
    private com.idemia.mdw.provider.b e;
    private AuthProvider g;
    private com.idemia.mdw.j.e h;
    private List<String> f = new ArrayList();
    private Map<String, com.idemia.mdw.security.a> b = new TreeMap();
    private Map<String, com.idemia.mdw.data.a> d = new TreeMap();
    private Map<String, k> c = new TreeMap();

    /* loaded from: classes2.dex */
    class a extends com.idemia.mdw.security.a {
        a(SEKeyStore sEKeyStore, X509Certificate x509Certificate, k kVar, com.idemia.mdw.j.e eVar) {
            super(x509Certificate, null, eVar);
        }
    }

    public SEKeyStore(AuthProvider authProvider) {
        this.g = authProvider;
    }

    private String a(String str) {
        if (!engineIsKeyEntry(str)) {
            return "";
        }
        for (String str2 : this.b.keySet()) {
            if (this.b.get(str2).b().a() && this.b.get(str2).b().b().equals(this.c.get(str))) {
                return str2;
            }
        }
        return "";
    }

    private void a() {
        Logger logger = f1123a;
        logger.debug(" ## Reload ====================== ");
        this.b.clear();
        this.b.putAll(this.h.i());
        logger.debug(" ##        ======== " + this.b.size());
        this.c.clear();
        this.c.putAll(this.h.h());
        logger.debug(" ##        ======== " + this.c.size());
        b();
        c();
        logger.debug(" == end of reload ############### ");
    }

    private String b(String str) {
        if (!engineIsCertificateEntry(str) || !this.b.get(str).b().a()) {
            return "";
        }
        for (String str2 : this.c.keySet()) {
            if (this.b.get(str).b().b().equals(this.c.get(str2))) {
                return str2;
            }
        }
        return "";
    }

    private void b() {
        f1123a.debug(" ... fillInAliasesAndKeyRecordMap ====================== ");
        this.f.clear();
        for (String str : this.b.keySet()) {
            f1123a.debug(" ... adding in alias: " + str);
            this.f.add(str);
        }
        for (String str2 : this.c.keySet()) {
            f1123a.debug(" ... adding in alias: " + str2);
            this.f.add(str2);
        }
        for (String str3 : this.d.keySet()) {
            f1123a.debug(" ... adding in alias: " + str3);
            this.f.add(str3);
        }
        f1123a.debug(" === fillInAliasesAndKeyRecordMap ....................... ");
    }

    private void c() {
        f1123a.debug(" + certificateKeyRecordMap ");
        Iterator<String> it = this.b.keySet().iterator();
        while (it.hasNext()) {
            f1123a.debug(" + \t [] " + it.next());
        }
        f1123a.debug(" + keyRecordMap ");
        Iterator<String> it2 = this.c.keySet().iterator();
        while (it2.hasNext()) {
            f1123a.debug(" + \t [] " + it2.next());
        }
        f1123a.debug(" + fileRecordMap ");
        Iterator<String> it3 = this.d.keySet().iterator();
        while (it3.hasNext()) {
            f1123a.debug(" + \t [] " + it3.next());
        }
        f1123a.debug(" + aliases ");
        Iterator<String> it4 = this.f.iterator();
        while (it4.hasNext()) {
            f1123a.debug(" + \t [] " + it4.next());
        }
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration<String> engineAliases() {
        return Collections.enumeration(this.f);
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        return this.f.contains(str);
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) throws KeyStoreException {
        f1123a.debug("engineDeleteEntry");
        if (str == null) {
            throw new KeyStoreException("Null alias");
        }
        if (!engineContainsAlias(str)) {
            throw new KeyStoreException("Alias not found: " + str);
        }
        try {
            if (engineIsKeyEntry(str)) {
                if (!this.e.a(com.idemia.mdw.j.f.KEY_DELETE, str)) {
                    throw new LoginException("Authentication failed");
                }
                if (!this.h.c(str)) {
                    throw new GenericServiceException("Failed to delete the key " + str);
                }
            } else {
                if (!engineIsCertificateEntry(str)) {
                    throw new KeyStoreException("Cannot remove the entry " + str);
                }
                if (!this.e.a(com.idemia.mdw.j.f.FILE_DELETE, str)) {
                    throw new LoginException("Authentication failed");
                }
                if (!this.h.b(str)) {
                    throw new GenericServiceException("Failed to delete the certificate " + str);
                }
            }
            a();
        } catch (GenericServiceException | LoginException e) {
            throw new KeyStoreException(e);
        }
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        String str2;
        Logger logger = f1123a;
        logger.debug("engineGetCertificate");
        if (str == null) {
            str2 = "Null alias";
        } else if (engineContainsAlias(str)) {
            try {
            } catch (GenericServiceException e) {
                f1123a.error("Failed to get certificate", (Throwable) e);
            }
            if (!engineIsKeyEntry(str)) {
                if (engineIsCertificateEntry(str)) {
                    return this.b.get(str).a();
                }
                return null;
            }
            String a2 = a(str);
            if (!a2.isEmpty()) {
                return this.b.get(a2).a();
            }
            str2 = "No certificate related to key alias";
        } else {
            str2 = "Alias not found: " + str;
        }
        logger.error(str2);
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        Logger logger = f1123a;
        logger.debug("engineGetCertificateAlias");
        if (certificate == null) {
            logger.error("Invalid parameter: Certificate is null");
            return null;
        }
        for (String str : this.b.keySet()) {
            try {
            } catch (GenericServiceException e) {
                f1123a.warn("Failed to get certificate (" + str + "): " + e);
            }
            if (certificate.equals(this.b.get(str).a())) {
                return str;
            }
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        String str2;
        Logger logger = f1123a;
        logger.debug("engineGetCertificateChain");
        if (str == null) {
            str2 = "Null alias";
        } else {
            if (engineContainsAlias(str)) {
                return com.idemia.mdw.k.b.a(com.idemia.mdw.k.b.a(), engineGetCertificate(str));
            }
            str2 = "Alias not found: " + str;
        }
        logger.error(str2);
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        String str2;
        Logger logger = f1123a;
        logger.debug("engineGetCreationDate");
        if (str == null) {
            str2 = "Null alias";
        } else {
            if (engineContainsAlias(str)) {
                if (engineIsKeyEntry(str)) {
                    logger.warn("No creation date for keys in keystore");
                    String a2 = a(str);
                    if (a2.isEmpty()) {
                        str2 = "No certificate related to key alias ";
                    } else {
                        logger.warn("Return creation date of certificate (" + a2 + ") associated with key (" + str + ")");
                        try {
                            return this.b.get(a2).a().getNotBefore();
                        } catch (GenericServiceException e) {
                            f1123a.error("Failed to get creation date for certificate (" + a2 + ")", (Throwable) e);
                        }
                    }
                } else if (engineIsCertificateEntry(str)) {
                    try {
                        return this.b.get(str).a().getNotBefore();
                    } catch (GenericServiceException e2) {
                        f1123a.error("Failed to get creation date for certificate (" + str + ")", (Throwable) e2);
                    }
                }
                return null;
            }
            str2 = "Alias not found: " + str;
        }
        logger.error(str2);
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public KeyStore.Entry engineGetEntry(String str, KeyStore.ProtectionParameter protectionParameter) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException {
        Logger logger = f1123a;
        logger.debug("engineGetEntry");
        if (str == null) {
            throw new KeyStoreException("Null alias");
        }
        if (!engineContainsAlias(str)) {
            throw new KeyStoreException("Alias not found: " + str);
        }
        if (engineIsKeyEntry(str) || engineIsCertificateEntry(str)) {
            return super.engineGetEntry(str, protectionParameter);
        }
        if (!this.d.containsKey(str)) {
            logger.error("Alias not identifying a file-related entry");
            return null;
        }
        com.idemia.mdw.provider.b bVar = new com.idemia.mdw.provider.b(this.g, this.h);
        try {
            if (bVar.b(com.idemia.mdw.j.f.FILE_READ, str) && !bVar.c(com.idemia.mdw.j.f.FILE_READ, str) && !bVar.a(com.idemia.mdw.j.f.FILE_READ, str)) {
                throw new LoginException("Authentication failed");
            }
            return new SEFileEntry(this.d.get(str));
        } catch (GenericServiceException | LoginException e) {
            throw new KeyStoreException(e);
        }
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
        Logger logger = f1123a;
        logger.debug("engineGetKey");
        if (str == null) {
            logger.error("Null alias");
            return null;
        }
        if (!engineContainsAlias(str)) {
            logger.error("Alias not found: " + str);
            return null;
        }
        if (engineIsKeyEntry(str)) {
            return new r(this.c.get(str), str);
        }
        if (!engineIsCertificateEntry(str)) {
            return null;
        }
        if (!this.b.get(str).b().a()) {
            logger.warn("Alias not identifying a key-related entry");
            return null;
        }
        String b = b(str);
        if (b.isEmpty()) {
            throw new UnrecoverableKeyException("Key alias not found");
        }
        return new r(this.b.get(str).b().b(), b);
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        return this.b.containsKey(str);
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        return this.c.containsKey(str);
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        Logger logger = f1123a;
        logger.debug("engineLoad");
        AuthProvider authProvider = this.g;
        ICardTerminal cardTerminal = authProvider instanceof SEAuthProvider ? ((SEAuthProvider) authProvider).getCardTerminal() : null;
        List<com.idemia.mdw.j.e> arrayList = new ArrayList<>();
        boolean z = false;
        if (arrayList.isEmpty() || !arrayList.get(0).c().b().getCard().a().equals(cardTerminal)) {
            try {
                arrayList = q.a().a(cardTerminal);
                if (arrayList.isEmpty()) {
                    throw new IllegalStateException("No Compatible Secure Element present - Insert a Secure Element first");
                }
            } catch (GenericServiceException e) {
                throw new IOException("Load failed", e);
            }
        }
        com.idemia.mdw.j.e eVar = arrayList.get(0);
        this.h = eVar;
        if (eVar.b()) {
            String f = this.h.f();
            if (cArr == null || cArr.length == 0) {
                throw new IOException("Keystore password is required but not given");
            }
            if (this.g.containsKey("Property.lock type") && (this.g.get("Property.lock type") instanceof String)) {
                f = (String) this.g.get("Property.lock type");
            } else {
                logger.warn("Provider property is not set - Property.lock type = " + f);
            }
            try {
                if (!this.h.a(new AccessKeySpec(com.idemia.mdw.c.a.d.a(cArr), "", f))) {
                    throw new IOException("Keystore was tampered with, or password validation failed");
                }
            } catch (CredentialValueException e2) {
                throw new IOException("Keystore password is incorrect", new UnrecoverableKeyException().initCause(e2));
            } catch (GenericServiceException e3) {
                throw new IOException("Keystore was tampered with, or password is incorrect", e3);
            }
        }
        if (this.g.containsKey("Property.file boolean") && this.g.get("Property.file boolean").equals(Boolean.TRUE)) {
            z = true;
        }
        try {
            this.h.a(z);
            this.b.clear();
            this.b.putAll(this.h.i());
            this.c.clear();
            this.c.putAll(this.h.h());
            this.d.clear();
            this.d.putAll(this.h.g());
            this.e = new com.idemia.mdw.provider.b(this.g, this.h);
            b();
            c();
        } catch (GenericServiceException e4) {
            throw new CertificateException("Failed to discover card content", e4);
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
        f1123a.debug("engineSetCertificateEntry");
        if (str == null || certificate == null) {
            throw new KeyStoreException("Null Input");
        }
        if (engineIsKeyEntry(str)) {
            throw new KeyStoreException("Cannot overwrite private key");
        }
        if (engineIsCertificateEntry(str)) {
            engineDeleteEntry(str);
        }
        try {
            if (!this.e.a(com.idemia.mdw.j.f.FILE_CREATE, "")) {
                throw new LoginException("Authentication Failed");
            }
            if (!this.h.a(str, new a(this, (X509Certificate) certificate, null, this.h))) {
                throw new GenericServiceException("Failed to write the certificate " + str);
            }
            a();
        } catch (GenericServiceException | LoginException e) {
            throw new KeyStoreException(e);
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
        f1123a.debug("engineSetKeyEntry");
        if (str == null || key == null || certificateArr == null || certificateArr.length == 0) {
            throw new KeyStoreException("Null Input");
        }
        if (!(key instanceof PrivateKey)) {
            throw new KeyStoreException("Cannot store non-PrivateKeys");
        }
        try {
            g a2 = h.a(key, certificateArr);
            if (engineContainsAlias(str)) {
                engineDeleteEntry(str);
            }
            try {
                if (!this.e.a(com.idemia.mdw.j.f.KEY_CREATE, "")) {
                    throw new LoginException("Authentication failed");
                }
                this.h.a(str, a2, certificateArr[0]);
                a2.b();
                a();
            } catch (GenericServiceException | LoginException e) {
                throw new KeyStoreException(e);
            }
        } catch (InvalidParameterException e2) {
            throw new KeyStoreException("Error while creating key components", e2);
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
        throw new UnsupportedOperationException("Not implemented");
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        return this.f.size();
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        throw new UnsupportedOperationException("Not implemented");
    }
}
