package net.jsign.jca;

import java.io.InputStream;
import java.security.AccessController;
import java.security.InvalidKeyException;
import java.security.InvalidParameterException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.util.Enumeration;
import net.jsign.DigestAlgorithm;
import net.jsign.KeyStoreBuilder;
import net.jsign.KeyStoreType;

/* loaded from: input_file:net/jsign/jca/JsignJcaProvider.class */
public class JsignJcaProvider extends Provider {
    private String keystore;

    /* loaded from: input_file:net/jsign/jca/JsignJcaProvider$JsignJcaKeyStore.class */
    static class JsignJcaKeyStore extends AbstractKeyStoreSpi {
        private KeyStoreBuilder builder = new KeyStoreBuilder();
        private KeyStore keystore;

        public JsignJcaKeyStore(KeyStoreType keyStoreType, String str) {
            this.builder.storetype(keyStoreType);
            this.builder.keystore(str);
            this.builder.certfile("");
        }

        private KeyStore getKeyStore() throws KeyStoreException {
            if (this.keystore == null) {
                this.keystore = this.builder.build();
            }
            return this.keystore;
        }

        @Override // java.security.KeyStoreSpi
        public Key engineGetKey(String str, char[] cArr) throws UnrecoverableKeyException {
            if (cArr != null) {
                this.builder.keypass(new String(cArr));
            }
            try {
                return new JsignJcaPrivateKey((PrivateKey) getKeyStore().getKey(str, cArr), this.builder.provider());
            } catch (KeyStoreException | NoSuchAlgorithmException e) {
                throw new RuntimeException(e);
            } catch (UnrecoverableKeyException e2) {
                e2.printStackTrace();
                throw e2;
            }
        }

        @Override // java.security.KeyStoreSpi
        public Certificate[] engineGetCertificateChain(String str) {
            try {
                return getKeyStore().getCertificateChain(str);
            } catch (KeyStoreException e) {
                return null;
            }
        }

        @Override // java.security.KeyStoreSpi
        public Enumeration<String> engineAliases() {
            try {
                return getKeyStore().aliases();
            } catch (KeyStoreException e) {
                throw new RuntimeException(e);
            }
        }

        @Override // net.jsign.jca.AbstractKeyStoreSpi, java.security.KeyStoreSpi
        public void engineLoad(InputStream inputStream, char[] cArr) {
            if (cArr != null) {
                this.builder.storepass(new String(cArr));
            }
        }
    }

    /* loaded from: input_file:net/jsign/jca/JsignJcaProvider$JsignJcaPrivateKey.class */
    static class JsignJcaPrivateKey implements PrivateKey {
        private final PrivateKey privateKey;
        private final Provider provider;

        public JsignJcaPrivateKey(PrivateKey privateKey, Provider provider) {
            this.privateKey = privateKey;
            this.provider = provider;
        }

        @Override // java.security.Key
        public String getAlgorithm() {
            return this.privateKey.getAlgorithm();
        }

        @Override // java.security.Key
        public String getFormat() {
            return this.privateKey.getFormat();
        }

        @Override // java.security.Key
        public byte[] getEncoded() {
            return this.privateKey.getEncoded();
        }

        public PrivateKey getPrivateKey() {
            return this.privateKey;
        }

        public Provider getProvider() {
            return this.provider;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:net/jsign/jca/JsignJcaProvider$JsignJcaSignature.class */
    public static class JsignJcaSignature extends AbstractSignatureSpi {
        private Signature signature;

        public JsignJcaSignature(String str) {
            super(str);
        }

        @Override // java.security.SignatureSpi
        protected void engineInitSign(PrivateKey privateKey) throws InvalidKeyException {
            JsignJcaPrivateKey jsignJcaPrivateKey = (JsignJcaPrivateKey) privateKey;
            try {
                this.signature = Signature.getInstance(this.signingAlgorithm, jsignJcaPrivateKey.getProvider());
                this.signature.initSign(jsignJcaPrivateKey.getPrivateKey());
            } catch (NoSuchAlgorithmException e) {
                throw new RuntimeException(e);
            }
        }

        @Override // net.jsign.jca.AbstractSignatureSpi, java.security.SignatureSpi
        protected void engineUpdate(byte b) throws SignatureException {
            this.signature.update(b);
        }

        @Override // java.security.SignatureSpi
        protected void engineUpdate(byte[] bArr, int i, int i2) throws SignatureException {
            this.signature.update(bArr, i, i2);
        }

        @Override // java.security.SignatureSpi
        protected byte[] engineSign() throws SignatureException {
            return this.signature.sign();
        }
    }

    public JsignJcaProvider() {
        super("Jsign", 1.0d, "Jsign security provider");
        AccessController.doPrivileged(() -> {
            for (KeyStoreType keyStoreType : KeyStoreType.values()) {
                putService(new ProviderService(this, "KeyStore", keyStoreType.name(), JsignJcaKeyStore.class.getName(), () -> {
                    return new JsignJcaKeyStore(keyStoreType, this.keystore);
                }));
            }
            for (String str : new String[]{"RSA", "ECDSA"}) {
                for (DigestAlgorithm digestAlgorithm : DigestAlgorithm.values()) {
                    if (digestAlgorithm != DigestAlgorithm.MD5) {
                        String str2 = digestAlgorithm.name() + "with" + str;
                        putService(new ProviderService(this, "Signature", str2, JsignJcaSignature.class.getName(), () -> {
                            return new JsignJcaSignature(str2);
                        }));
                    }
                }
            }
            return null;
        });
    }

    public JsignJcaProvider(String str) {
        this();
        configure(str);
    }

    public Provider configure(String str) throws InvalidParameterException {
        this.keystore = str;
        return this;
    }
}
