package com.unbound.provider;

import com.unbound.client.BaseObject;
import com.unbound.client.CertObject;
import com.unbound.client.Client;
import com.unbound.client.ECPrivateKeyObject;
import com.unbound.client.ObjectType;
import com.unbound.client.Partition;
import com.unbound.client.PrivateKeyObject;
import com.unbound.client.RSAPrivateKeyObject;
import com.unbound.client.RSAPublicKeyObject;
import com.unbound.client.SecretKeyObject;
import com.unbound.common.Log;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.ProviderException;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.interfaces.RSAPublicKey;
import java.time.Clock;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.Map;
import javax.crypto.SecretKey;

/* loaded from: input_file:com/unbound/provider/UBKeyStore.class */
public final class UBKeyStore extends KeyStoreSpi {
    private static final int CACHE_TIMEOUT = 30000;
    private static final Clock clock = Clock.systemUTC();
    private Partition partition;
    private Map<String, UBEntry> cache = new HashMap();
    private long lastCacheClock = 0;

    public UBKeyStore(Partition partition) {
        this.partition = partition;
    }

    private UBEntry findEntry(String str) {
        UBEntry uBEntry;
        UBEntry uBEntry2 = null;
        Log end = Log.func("UBKeyStore.findEntry").log("alias", str).end();
        try {
            try {
                synchronized (this) {
                    uBEntry = this.cache.get(str.toUpperCase());
                }
                if (uBEntry != null) {
                    Log leavePrint = end.leavePrint();
                    if (uBEntry != null) {
                        leavePrint.log("entry", uBEntry.getName());
                    }
                    leavePrint.end();
                    return uBEntry;
                }
                UBEntry locate = UBEntry.locate(this.partition, str);
                if (locate != null) {
                    synchronized (this) {
                        this.cache.put(locate.getName().toUpperCase(), locate);
                    }
                }
                Log leavePrint2 = end.leavePrint();
                if (locate != null) {
                    leavePrint2.log("entry", locate.getName());
                }
                leavePrint2.end();
                return locate;
            } catch (Exception e) {
                end.failed(e);
                throw e;
            }
        } catch (Throwable th) {
            Log leavePrint3 = end.leavePrint();
            if (0 != 0) {
                leavePrint3.log("entry", uBEntry2.getName());
            }
            leavePrint3.end();
            throw th;
        }
    }

    private Enumeration<String> getAliases() {
        LinkedList linkedList = new LinkedList();
        Iterator<String> it = this.cache.keySet().iterator();
        while (it.hasNext()) {
            linkedList.add(this.cache.get(it.next()).getName());
        }
        return Collections.enumeration(linkedList);
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
        if (cArr != null && cArr.length != 0) {
            this.partition.login(cArr);
        }
        UBEntry findEntry = findEntry(str);
        if (findEntry == null) {
            return null;
        }
        return findEntry.getKey();
    }

    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        try {
            UBEntry findEntry = findEntry(str);
            if (findEntry == null) {
                return null;
            }
            return findEntry.getChain();
        } catch (Exception e) {
            throw new ProviderException(e);
        }
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        try {
            UBEntry findEntry = findEntry(str);
            if (findEntry == null) {
                return null;
            }
            return findEntry.getCertificate();
        } catch (Exception e) {
            throw new ProviderException(e);
        }
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        try {
            UBEntry findEntry = findEntry(str);
            if (findEntry == null) {
                return null;
            }
            return findEntry.object.getInitialDate();
        } catch (Exception e) {
            throw new ProviderException(e);
        }
    }

    private synchronized void deleteEntryCache(String str) {
        this.cache.remove(str.toUpperCase());
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) throws KeyStoreException {
        Log end = Log.func("UBKeyStore.engineDeleteEntry").log("alias", str).end();
        try {
            try {
                UBEntry findEntry = findEntry(str);
                if (findEntry == null) {
                    return;
                }
                findEntry.delete();
                deleteEntryCache(str);
                end.leave();
            } catch (Exception e) {
                end.failed(e);
                throw e;
            }
        } finally {
            end.leave();
        }
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        return findEntry(str) != null;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        UBEntry findEntry = findEntry(str);
        return (findEntry == null || findEntry.getType() == 1) ? false : true;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        UBEntry findEntry = findEntry(str);
        return findEntry != null && findEntry.getType() == 1;
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration<String> engineAliases() {
        Enumeration<String> aliases;
        synchronized (this) {
            if (clock.millis() < this.lastCacheClock + 30000) {
                return getAliases();
            }
            Log end = Log.func("UBKeyStore.engineAliases").end();
            try {
                try {
                    ArrayList arrayList = new ArrayList();
                    arrayList.addAll(this.partition.locate(ObjectType.RSAPrv));
                    arrayList.addAll(this.partition.locate(ObjectType.ECPrv));
                    if (Client.isNative()) {
                        arrayList.addAll(this.partition.locate(ObjectType.EDDSAPrv));
                    }
                    ArrayList<BaseObject> locate = this.partition.locate(ObjectType.Certificate);
                    ArrayList arrayList2 = new ArrayList();
                    arrayList2.addAll(this.partition.locate(ObjectType.AES));
                    arrayList2.addAll(this.partition.locate(ObjectType.GenericSecret));
                    HashMap hashMap = new HashMap();
                    int size = locate.size();
                    Iterator it = arrayList.iterator();
                    while (it.hasNext()) {
                        PrivateKeyObject privateKeyObject = (PrivateKeyObject) ((BaseObject) it.next());
                        CertObject certObject = null;
                        int i = 0;
                        while (true) {
                            if (i >= size) {
                                break;
                            }
                            CertObject certObject2 = (CertObject) locate.get(i);
                            if (certObject2 != null && certObject2.getCert().getPublicKey().equals(Client.getPublicKey(privateKeyObject))) {
                                certObject = certObject2;
                                locate.set(i, null);
                                break;
                            }
                            i++;
                        }
                        if (certObject != null) {
                            hashMap.put(privateKeyObject.getName().toUpperCase(), new UBEntry(privateKeyObject, certObject, UBEntry.getCaChain(certObject.getCert(), locate)));
                        } else if (UBCryptoProvider.allowedPrivateKeyWithoutCertificate) {
                            hashMap.put(privateKeyObject.getName().toUpperCase(), new UBEntry(privateKeyObject, null, null));
                        }
                    }
                    Iterator<BaseObject> it2 = locate.iterator();
                    while (it2.hasNext()) {
                        BaseObject next = it2.next();
                        if (next != null) {
                            hashMap.put(next.getName().toUpperCase(), new UBEntry((CertObject) next));
                        }
                    }
                    if (UBCryptoProvider.allowedPublicKey) {
                        Iterator<BaseObject> it3 = this.partition.locate(ObjectType.RSAPub).iterator();
                        while (it3.hasNext()) {
                            BaseObject next2 = it3.next();
                            hashMap.put(next2.getName().toUpperCase(), new UBEntry((RSAPublicKeyObject) next2));
                        }
                    }
                    synchronized (this) {
                        this.cache = hashMap;
                        this.lastCacheClock = clock.millis();
                        aliases = getAliases();
                    }
                    return aliases;
                } catch (Exception e) {
                    end.failed(e);
                    throw e;
                }
            } finally {
                end.leave();
            }
        }
    }

    /*  JADX ERROR: NullPointerException in pass: AttachTryCatchVisitor
        java.lang.NullPointerException: Cannot invoke "String.charAt(int)" because "obj" is null
        	at jadx.core.utils.Utils.cleanObjectName(Utils.java:38)
        	at jadx.core.dex.instructions.args.ArgType.object(ArgType.java:86)
        	at jadx.core.dex.info.ClassInfo.fromName(ClassInfo.java:42)
        	at jadx.core.dex.visitors.AttachTryCatchVisitor.convertToHandlers(AttachTryCatchVisitor.java:113)
        	at jadx.core.dex.visitors.AttachTryCatchVisitor.initTryCatches(AttachTryCatchVisitor.java:54)
        	at jadx.core.dex.visitors.AttachTryCatchVisitor.visit(AttachTryCatchVisitor.java:42)
        */
    @Override // java.security.KeyStoreSpi
    public java.lang.String engineGetCertificateAlias(java.security.cert.Certificate r5) {
        /*
            Method dump skipped, instructions count: 323
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.unbound.provider.UBKeyStore.engineGetCertificateAlias(java.security.cert.Certificate):java.lang.String");
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetEntry(String str, KeyStore.Entry entry, KeyStore.ProtectionParameter protectionParameter) throws KeyStoreException {
        Log end = Log.func("UBKeyStore.engineSetEntry").log("allow", str).end();
        try {
            char[] cArr = null;
            if (protectionParameter != null) {
                try {
                    if (protectionParameter instanceof KeyStore.PasswordProtection) {
                        cArr = ((KeyStore.PasswordProtection) protectionParameter).getPassword();
                    }
                } catch (Exception e) {
                    end.failed(e);
                    throw e;
                }
            }
            if (entry instanceof KeyStore.PrivateKeyEntry) {
                KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
                engineSetKeyEntry(str, privateKeyEntry.getPrivateKey(), cArr, privateKeyEntry.getCertificateChain());
                end.leave();
                return;
            }
            if (entry instanceof KeyStore.SecretKeyEntry) {
                engineSetKeyEntry(str, ((KeyStore.SecretKeyEntry) entry).getSecretKey(), cArr, null);
                end.leave();
                return;
            }
            if (entry instanceof KeyStore.TrustedCertificateEntry) {
                engineSetCertificateEntry(str, ((KeyStore.TrustedCertificateEntry) entry).getTrustedCertificate());
                end.leave();
                return;
            }
            if (!(entry instanceof UBKeyStoreEntry)) {
                throw new KeyStoreException(new UnsupportedOperationException("unsupported entry type: " + entry.getClass().getName()));
            }
            UBKeyStoreEntry uBKeyStoreEntry = (UBKeyStoreEntry) entry;
            PublicKey privateKey = uBKeyStoreEntry.getPrivateKey();
            if (privateKey != null && !UBCryptoProvider.allowedPrivateKeyWithoutCertificate) {
                throw new ProviderException("Orphan private key entry is not allowed");
            }
            if (privateKey == null) {
                privateKey = uBKeyStoreEntry.getPublicKey();
                if (privateKey != null && !UBCryptoProvider.allowedPublicKey) {
                    throw new ProviderException("Public key entry is not allowed");
                }
            }
            engineSetKeyEntry(str, privateKey, cArr, null, uBKeyStoreEntry.getKeyParameters());
            end.leave();
        } catch (Throwable th) {
            end.leave();
            throw th;
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
        engineSetKeyEntry(str, key, cArr, certificateArr, null);
    }

    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr, KeyParameters keyParameters) throws KeyStoreException {
        UBEntry uBEntry;
        Log end = Log.func("UBKeyStore.engineSetKeyEntry").log("allow", str).log("chain", certificateArr != null).end();
        try {
            if (cArr != null) {
                try {
                    if (cArr.length != 0) {
                        this.partition.login(cArr);
                    }
                } catch (Exception e) {
                    end.failed(e);
                    throw e;
                }
            }
            UBEntry findEntry = findEntry(str);
            if (findEntry != null) {
                if (findEntry.getType() == 1) {
                    throw new KeyStoreException("Trusted certificate entry present");
                }
                if (key.getClass() != findEntry.getKey().getClass()) {
                    engineDeleteEntry(str);
                } else {
                    if (findEntry.userCert != null) {
                        this.partition.deleteObject(findEntry.userCert);
                    }
                    deleteEntryCache(findEntry.getName());
                }
            }
            X509Certificate x509Certificate = null;
            ArrayList arrayList = null;
            if (certificateArr != null) {
                x509Certificate = (X509Certificate) certificateArr[0];
                if (certificateArr.length > 1) {
                    arrayList = new ArrayList();
                    for (int i = 1; i < certificateArr.length; i++) {
                        arrayList.add((X509Certificate) certificateArr[i]);
                    }
                }
            }
            if (key instanceof UBSecretKey) {
                SecretKeyObject secretKeyObject = ((UBSecretKey) key).object;
                deleteEntryCache(secretKeyObject.getName());
                this.partition.changeObjectName(secretKeyObject, str);
                uBEntry = new UBEntry(secretKeyObject);
            } else if (key instanceof UBRSAPublicKey) {
                RSAPublicKeyObject rSAPublicKeyObject = ((UBRSAPublicKey) key).object;
                deleteEntryCache(rSAPublicKeyObject.getName());
                this.partition.changeObjectName(rSAPublicKeyObject, str);
                uBEntry = new UBEntry(rSAPublicKeyObject);
            } else if (key instanceof UBRSAPrivateKey) {
                RSAPrivateKeyObject rSAPrivateKeyObject = ((UBRSAPrivateKey) key).object;
                deleteEntryCache(rSAPrivateKeyObject.getName());
                this.partition.changeObjectName(rSAPrivateKeyObject, str);
                uBEntry = new UBEntry(rSAPrivateKeyObject, x509Certificate == null ? null : this.partition.importCert(str, x509Certificate), arrayList);
            } else if (key instanceof UBECPrivateKey) {
                ECPrivateKeyObject eCPrivateKeyObject = ((UBECPrivateKey) key).object;
                deleteEntryCache(eCPrivateKeyObject.getName());
                this.partition.changeObjectName(eCPrivateKeyObject, str);
                uBEntry = new UBEntry(eCPrivateKeyObject, x509Certificate == null ? null : this.partition.importCert(str, x509Certificate), arrayList);
            } else if (key instanceof ECPrivateKey) {
                uBEntry = new UBEntry(this.partition.importEcKey(str, (ECPrivateKey) key, keyParameters), x509Certificate == null ? null : this.partition.importCert(str, x509Certificate), arrayList);
            } else if (key instanceof RSAPrivateCrtKey) {
                uBEntry = new UBEntry(this.partition.importRsaKey(str, (RSAPrivateCrtKey) key, keyParameters), x509Certificate == null ? null : this.partition.importCert(str, x509Certificate), arrayList);
            } else if (key instanceof RSAPublicKey) {
                if (!UBCryptoProvider.allowedPublicKey) {
                    throw new ProviderException("Public key is not allowed");
                }
                uBEntry = new UBEntry(this.partition.importPubRsaKey(str, (RSAPublicKey) key, keyParameters));
            } else {
                if (!(key instanceof SecretKey)) {
                    throw new KeyStoreException("Unsupported key type");
                }
                uBEntry = new UBEntry(this.partition.importSecretKey(str, ObjectType.get(key.getAlgorithm()), key.getEncoded(), keyParameters));
            }
            if (arrayList != null) {
                Iterator it = arrayList.iterator();
                while (it.hasNext()) {
                    try {
                        this.partition.importCert(null, (X509Certificate) ((Certificate) it.next()));
                    } catch (Exception e2) {
                    }
                }
            }
            synchronized (this) {
                this.cache.put(str.toUpperCase(), uBEntry);
            }
        } finally {
            end.leave();
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
        Log end = Log.func("UBKeyStore.engineSetCertificateEntry").log("alias", str).end();
        try {
            try {
                UBEntry findEntry = findEntry(str);
                if (findEntry != null) {
                    if (findEntry.getType() != 1) {
                        throw new KeyStoreException("Private or secret key entry present");
                    }
                    engineDeleteEntry(str);
                }
                UBEntry uBEntry = new UBEntry(this.partition.importCert(str, (X509Certificate) certificate));
                synchronized (this) {
                    this.cache.put(str.toUpperCase(), uBEntry);
                }
            } catch (Exception e) {
                end.failed(e);
                throw e;
            }
        } finally {
            end.leave();
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
        throw new KeyStoreException("Not supported");
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        if (cArr == null || cArr.length == 0) {
            return;
        }
        this.partition.login(cArr);
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        return 0;
    }
}
