package org.astrogrid.security.delegation;

import java.io.IOException;
import java.io.Writer;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMWriter;

/* loaded from: input_file:org/astrogrid/security/delegation/InMemoryDelegations.class */
public class InMemoryDelegations extends Delegations {
    private Map<String, DelegatedIdentity> identities;
    private KeyPairGenerator keyPairGenerator;

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:org/astrogrid/security/delegation/InMemoryDelegations$DelegatedIdentity.class */
    public class DelegatedIdentity {
        protected final String dn;
        protected final KeyPair keys;
        protected final CertificateSigningRequest csr;
        protected X509Certificate certificate = null;

        protected DelegatedIdentity(String str, KeyPair keyPair) throws GeneralSecurityException {
            this.dn = str;
            this.keys = keyPair;
            this.csr = new CertificateSigningRequest(str, keyPair);
        }

        protected synchronized X509Certificate getCertificate() {
            return this.certificate;
        }

        protected synchronized void setCertificate(X509Certificate x509Certificate) throws InvalidKeyException {
            if (!x509Certificate.getPublicKey().equals(this.keys.getPublic())) {
                throw new InvalidKeyException("This certificate does not match the cached private-key.");
            }
            this.certificate = x509Certificate;
        }

        protected KeyPair getKeys() {
            return this.keys;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public InMemoryDelegations() {
        if (Security.getProvider("BC") == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
        erase();
        try {
            this.keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            this.keyPairGenerator.initialize(2048);
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            throw new RuntimeException("The JCE doesn't do RSA! Game over.");
        }
    }

    public void erase() {
        this.identities = new ConcurrentHashMap();
    }

    @Override // org.astrogrid.security.delegation.Delegations
    public String initializeIdentity(String str) throws GeneralSecurityException {
        return initializeIdentity(new X500Principal(str));
    }

    @Override // org.astrogrid.security.delegation.Delegations
    public String initializeIdentity(X500Principal x500Principal) throws GeneralSecurityException {
        String hash = hash(x500Principal);
        if (!this.identities.containsKey(hash)) {
            this.identities.put(hash, new DelegatedIdentity(x500Principal.getName("CANONICAL"), this.keyPairGenerator.generateKeyPair()));
        }
        return hash;
    }

    @Override // org.astrogrid.security.delegation.Delegations
    public CertificateSigningRequest getCsr(String str) {
        DelegatedIdentity delegatedIdentity = this.identities.get(str);
        if (delegatedIdentity == null) {
            return null;
        }
        return delegatedIdentity.csr;
    }

    @Override // org.astrogrid.security.delegation.Delegations
    public PrivateKey getPrivateKey(String str) {
        DelegatedIdentity delegatedIdentity = this.identities.get(str);
        if (delegatedIdentity == null) {
            return null;
        }
        return delegatedIdentity.keys.getPrivate();
    }

    @Override // org.astrogrid.security.delegation.Delegations
    public X509Certificate[] getCertificates(String str) {
        X509Certificate[] x509CertificateArr;
        DelegatedIdentity delegatedIdentity = this.identities.get(str);
        if (delegatedIdentity == null) {
            return null;
        }
        synchronized (delegatedIdentity) {
            x509CertificateArr = new X509Certificate[]{delegatedIdentity.certificate};
        }
        return x509CertificateArr;
    }

    @Override // org.astrogrid.security.delegation.Delegations
    public void remove(String str) {
        this.identities.remove(str);
    }

    @Override // org.astrogrid.security.delegation.Delegations
    public boolean isKnown(String str) {
        return this.identities.containsKey(str);
    }

    @Override // org.astrogrid.security.delegation.Delegations
    public void setCertificates(String str, X509Certificate[] x509CertificateArr) throws InvalidKeyException {
        DelegatedIdentity delegatedIdentity = this.identities.get(str);
        if (delegatedIdentity == null) {
            throw new InvalidKeyException("No identity matches the hash key " + str);
        }
        delegatedIdentity.setCertificate(x509CertificateArr[0]);
    }

    @Override // org.astrogrid.security.delegation.Delegations
    public Object[] getPrincipals() {
        return this.identities.keySet().toArray();
    }

    @Override // org.astrogrid.security.delegation.Delegations
    public String getName(String str) {
        DelegatedIdentity delegatedIdentity = this.identities.get(str);
        if (delegatedIdentity == null) {
            return null;
        }
        return delegatedIdentity.dn;
    }

    @Override // org.astrogrid.security.delegation.Delegations
    public KeyPair getKeys(String str) {
        DelegatedIdentity delegatedIdentity = this.identities.get(str);
        if (delegatedIdentity == null) {
            return null;
        }
        return delegatedIdentity.getKeys();
    }

    @Override // org.astrogrid.security.delegation.Delegations
    public void writeCertificate(String str, Writer writer) throws IOException {
        PEMWriter pEMWriter = new PEMWriter(writer);
        for (X509Certificate x509Certificate : getCertificates(str)) {
            pEMWriter.writeObject(x509Certificate);
        }
        pEMWriter.flush();
        pEMWriter.close();
    }

    @Override // org.astrogrid.security.delegation.Delegations
    public boolean hasCertificate(String str) {
        X509Certificate[] certificates = getCertificates(str);
        return certificates != null && certificates.length > 0;
    }
}
