package org.jivesoftware.openfire.keystore.jce;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.Key;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.Iterator;
import org.directtruststandards.timplus.common.cert.CertStoreUtils;
import org.directtruststandards.timplus.common.cert.Thumbprint;
import org.jivesoftware.openfire.XMPPServer;
import org.jivesoftware.openfire.certificate.Certificate;
import org.jivesoftware.openfire.certificate.CertificateManager;
import org.jivesoftware.util.JiveGlobals;

/* loaded from: input_file:org/jivesoftware/openfire/keystore/jce/CertManagerKeyStore.class */
public class CertManagerKeyStore extends KeyStoreSpi {
    public static final String SUPRESS_FULL_ALIAS_LOAD = "xmpp.server.certstore.supressfullaliasload";
    protected final boolean suppressFullAliasLoad = Boolean.parseBoolean(JiveGlobals.getProperty(SUPRESS_FULL_ALIAS_LOAD, "false"));

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
        try {
            Certificate certificateByThumbprint = CertificateManager.getInstance().getCertificateByThumbprint(str);
            if (certificateByThumbprint == null) {
                return null;
            }
            try {
                return CertStoreUtils.certFromData(XMPPServer.getInstance().getKeyStoreProtectionManager(), certificateByThumbprint.getCertData()).getPrivateKey();
            } catch (Exception e) {
                throw new UnrecoverableKeyException("Failed to get private key.");
            }
        } catch (Exception e2) {
            return null;
        }
    }

    @Override // java.security.KeyStoreSpi
    public java.security.cert.Certificate[] engineGetCertificateChain(String str) {
        try {
            Certificate certificateByThumbprint = CertificateManager.getInstance().getCertificateByThumbprint(str);
            if (certificateByThumbprint == null) {
                return null;
            }
            try {
                return new java.security.cert.Certificate[]{CertStoreUtils.certFromData(XMPPServer.getInstance().getKeyStoreProtectionManager(), certificateByThumbprint.getCertData())};
            } catch (Exception e) {
                throw new IllegalStateException("Failed to get certifcate.", e);
            }
        } catch (Exception e2) {
            return null;
        }
    }

    @Override // java.security.KeyStoreSpi
    public java.security.cert.Certificate engineGetCertificate(String str) {
        java.security.cert.Certificate[] engineGetCertificateChain = engineGetCertificateChain(str);
        if (engineGetCertificateChain == null) {
            return null;
        }
        return engineGetCertificateChain[0];
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        return Calendar.getInstance().getTime();
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, java.security.cert.Certificate[] certificateArr) throws KeyStoreException {
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, java.security.cert.Certificate[] certificateArr) throws KeyStoreException {
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, java.security.cert.Certificate certificate) throws KeyStoreException {
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) throws KeyStoreException {
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration<String> engineAliases() {
        ArrayList arrayList = new ArrayList();
        try {
            if (this.suppressFullAliasLoad) {
                return Collections.enumeration(Collections.singleton("dummy"));
            }
            Iterator<Certificate> it = CertificateManager.getInstance().getCertificates().iterator();
            while (it.hasNext()) {
                arrayList.add(it.next().getThumbprint());
            }
            return Collections.enumeration(arrayList);
        } catch (Exception e) {
            throw new IllegalStateException("Failed to get certificate aliases", e);
        }
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        try {
            return CertificateManager.getInstance().getCertificateByThumbprint(str) != null;
        } catch (Exception e) {
            return false;
        }
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        return 0;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        try {
            return engineGetKey(str, "".toCharArray()) != null;
        } catch (Exception e) {
            return false;
        }
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        try {
            return engineContainsAlias(str);
        } catch (Exception e) {
            return false;
        }
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(java.security.cert.Certificate certificate) {
        if (certificate instanceof X509Certificate) {
            return Thumbprint.toThumbprint((X509Certificate) certificate).toString();
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
    }
}
