package es.gob.afirma.keystores;

import es.gob.afirma.core.InvalidOSException;
import es.gob.afirma.core.misc.AOUtil;
import es.gob.afirma.core.misc.Platform;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashSet;
import javax.security.auth.callback.PasswordCallback;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:es/gob/afirma/keystores/AppleKeyStoreManager.class */
public final class AppleKeyStoreManager extends AOKeyStoreManager {
    /* JADX INFO: Access modifiers changed from: package-private */
    public AppleKeyStoreManager() {
        setKeyStoreType(AOKeyStore.APPLE);
    }

    @Override // es.gob.afirma.keystores.AOKeyStoreManager
    public void init(AOKeyStore aOKeyStore, InputStream inputStream, PasswordCallback passwordCallback, Object[] objArr, boolean z) throws AOKeyStoreManagerException, IOException {
        setKeyStore(initApple(inputStream));
        getAliasesWithoutDuplicates();
    }

    @Override // es.gob.afirma.keystores.AOKeyStoreManager, es.gob.afirma.core.keystores.KeyStoreManager
    public KeyStore.PrivateKeyEntry getKeyEntry(String str) throws KeyStoreException {
        if (getKeyStore() == null) {
            throw new IllegalStateException("Se han pedido claves a un almacen no inicializado");
        }
        if (str == null) {
            throw new IllegalArgumentException("El alias no puede ser nulo");
        }
        if (!getKeyStore().containsAlias(str)) {
            LOGGER.warning("El almacen no contiene ninguna clave con el alias '" + str + "', se devolvera null");
            return null;
        }
        PrivateKey privateKey = null;
        try {
            LOGGER.info("Llavero de Mac OS X, se tratan directamente las claves privadas");
            privateKey = (PrivateKey) getKeyStore().getKey(str, "dummy".toCharArray());
        } catch (Exception e) {
            LOGGER.warning("Error recuperando directamente la clave privada en Mac OS X: " + e);
        }
        if (privateKey == null) {
            throw new UnsupportedOperationException("La entrada no tiene clave privada");
        }
        return new KeyStore.PrivateKeyEntry(privateKey, getCertificateChain(str));
    }

    private static KeyStore initApple(InputStream inputStream) throws AOKeyStoreManagerException, IOException {
        if (!Platform.OS.MACOSX.equals(Platform.getOS())) {
            throw new InvalidOSException("Apple Mac OS X");
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(AOKeyStore.APPLE.getProviderName());
            try {
                keyStore.load(inputStream, null);
                return keyStore;
            } catch (NoSuchAlgorithmException e) {
                throw new AOKeyStoreManagerException("No se ha podido verificar la integridad del almacen Apple.KeychainStore", e);
            } catch (CertificateException e2) {
                throw new AOKeyStoreManagerException("No se han podido cargar los certificados del almacen Apple.KeychainStore", e2);
            }
        } catch (Exception e3) {
            throw new AOKeyStoreManagerException("No se ha podido obtener el almacen Apple.KeychainStore", e3);
        }
    }

    private void getAliasesWithoutDuplicates() throws AOKeyStoreManagerException {
        ArrayList arrayList = new ArrayList();
        ArrayList<String> arrayList2 = new ArrayList();
        HashSet hashSet = new HashSet();
        try {
            Enumeration<String> aliases = getKeyStore().aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                try {
                    if (getKeyStore().isKeyEntry(nextElement)) {
                        arrayList2.add(nextElement);
                    }
                } catch (KeyStoreException e) {
                }
            }
            for (String str : arrayList2) {
                X509Certificate certificate = getCertificate(str);
                if (hashSet.contains(certificate.getSerialNumber())) {
                    LOGGER.info("Retirado certificado '" + AOUtil.getCN(certificate) + "' (serie=" + certificate.getSerialNumber() + ") por estar duplicado");
                } else {
                    hashSet.add(certificate.getSerialNumber());
                    arrayList.add(str);
                }
            }
            setCachedAliases((String[]) arrayList.toArray(new String[0]));
        } catch (KeyStoreException e2) {
            throw new AOKeyStoreManagerException("Error obteniendo los alias: " + e2, e2);
        }
    }
}
