package com.sun.deploy.security;

import com.sun.deploy.config.Config;
import com.sun.deploy.resources.ResourceManager;
import com.sun.deploy.trace.Trace;
import com.sun.deploy.uitoolkit.ToolkitStore;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.AccessController;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.TreeSet;

/* loaded from: input_file:com/sun/deploy/security/DeploySigningCertStore.class */
public final class DeploySigningCertStore implements CertStore {
    private static String _userFilename;
    private static String _systemFilename;
    private static String _sandboxFilename;
    private long _userLastModified = 0;
    private long _sysLastModified = 0;
    private long _sandLastModified = 0;
    private KeyStore _deploymentUserCerts = CertUtils.createEmptyKeyStore();
    private KeyStore _deploymentSystemCerts = CertUtils.createEmptyKeyStore();
    private KeyStore _deploymentSandboxCerts = CertUtils.createEmptyKeyStore();
    private char[] keyPassphrase = new char[0];
    private boolean cancelFlag = false;
    private int certStoreType;

    private DeploySigningCertStore(int i) {
        this.certStoreType = 0;
        this.certStoreType = i;
    }

    public static CertStore getCertStore() {
        return new ImmutableCertStore(new DeploySigningCertStore(3));
    }

    public static CertStore getUserCertStore() {
        return new DeploySigningCertStore(1);
    }

    public static CertStore getSystemCertStore() {
        return new ImmutableCertStore(new DeploySigningCertStore(2));
    }

    public static CertStore getSandboxCertStore() {
        return new DeploySigningCertStore(4);
    }

    public static boolean checkStoredCertificates(int i, int i2, boolean z, boolean z2) {
        DeploySigningCertStore deploySigningCertStore = new DeploySigningCertStore(i);
        try {
            deploySigningCertStore.load();
            return deploySigningCertStore.checkCertificateTimestamps(i2, z, z2);
        } catch (Exception e) {
            Trace.ignored(e);
            return false;
        }
    }

    @Override // com.sun.deploy.security.CertStore
    public void load() throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
        load(false);
    }

    @Override // com.sun.deploy.security.CertStore
    public void load(boolean z) throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
        if ((this.certStoreType & 1) == 1 && _userFilename != null) {
            long fileLastModified = CertUtils.getFileLastModified(_userFilename);
            if (fileLastModified != this._userLastModified) {
                this._deploymentUserCerts = loadCertStore(_userFilename, z);
                this._userLastModified = fileLastModified;
            }
        }
        if ((this.certStoreType & 2) == 2 && _systemFilename != null) {
            long fileLastModified2 = CertUtils.getFileLastModified(_systemFilename);
            if (fileLastModified2 != this._sysLastModified) {
                this._deploymentSystemCerts = loadCertStore(_systemFilename, z);
                this._sysLastModified = fileLastModified2;
            }
        }
        if ((this.certStoreType & 4) != 4 || _sandboxFilename == null) {
            return;
        }
        long fileLastModified3 = CertUtils.getFileLastModified(_sandboxFilename);
        if (fileLastModified3 != this._sandLastModified) {
            this._deploymentSandboxCerts = loadCertStore(_sandboxFilename, z);
            this._sandLastModified = fileLastModified3;
        }
    }

    private boolean checkCertificateTimestamps(long j, boolean z, boolean z2) {
        KeyStore keyStore;
        if (this.certStoreType == 1) {
            keyStore = this._deploymentUserCerts;
        } else {
            if (this.certStoreType != 4) {
                return false;
            }
            keyStore = this._deploymentSandboxCerts;
        }
        if (z && z2) {
            return false;
        }
        Date date = new Date();
        ArrayList arrayList = new ArrayList();
        try {
            Enumeration<String> aliases = keyStore.aliases();
            if (j == 0 && aliases.hasMoreElements()) {
                if (!z && !z2) {
                    return true;
                }
                arrayList = Collections.list(aliases);
            } else {
                while (aliases.hasMoreElements()) {
                    String nextElement = aliases.nextElement();
                    if (date.getTime() - keyStore.getCreationDate(nextElement).getTime() > j * 24 * 60 * 60 * 1000) {
                        if (!z && !z2) {
                            return true;
                        }
                        arrayList.add(nextElement);
                    }
                }
            }
            for (int i = 0; i < arrayList.size(); i++) {
                String str = (String) arrayList.get(i);
                if (z) {
                    keyStore.deleteEntry(str);
                } else {
                    keyStore.setCertificateEntry(str, keyStore.getCertificate(str));
                }
            }
            if (arrayList.isEmpty()) {
                return false;
            }
            save();
            return true;
        } catch (Exception e) {
            Trace.ignored(e);
            return false;
        }
    }

    private KeyStore loadCertStore(String str, boolean z) throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
        Trace.msgSecurityPrintln("deploycertstore.cert.loading", new Object[]{str});
        File file = new File(str);
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null, null);
        try {
            AccessController.doPrivileged(new PrivilegedExceptionAction(this, file, z, keyStore) { // from class: com.sun.deploy.security.DeploySigningCertStore.1
                private final File val$file;
                private final boolean val$integrityCheck;
                private final KeyStore val$keyStore;
                private final DeploySigningCertStore this$0;

                {
                    this.this$0 = this;
                    this.val$file = file;
                    this.val$integrityCheck = z;
                    this.val$keyStore = keyStore;
                }

                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
                    if (!this.val$file.exists()) {
                        return null;
                    }
                    FileInputStream fileInputStream = new FileInputStream(this.val$file);
                    BufferedInputStream bufferedInputStream = new BufferedInputStream(fileInputStream);
                    if (this.val$integrityCheck) {
                        this.this$0.cancelFlag = false;
                        this.val$keyStore.load(bufferedInputStream, new char[0]);
                    } else {
                        this.val$keyStore.load(bufferedInputStream, null);
                    }
                    bufferedInputStream.close();
                    fileInputStream.close();
                    return null;
                }
            });
        } catch (PrivilegedActionException e) {
            Exception exception = e.getException();
            if (exception instanceof IOException) {
                if (!z) {
                    throw ((IOException) exception);
                }
                FileInputStream fileInputStream = new FileInputStream(file);
                BufferedInputStream bufferedInputStream = new BufferedInputStream(fileInputStream);
                CredentialInfo showPasswordDialog = ToolkitStore.getUI().showPasswordDialog(null, ResourceManager.getMessage("password.dialog.title"), ResourceManager.getMessage("deploycertstore.password.dialog.text"), false, false, null, false, null);
                if (showPasswordDialog != null) {
                    this.cancelFlag = false;
                    this.keyPassphrase = showPasswordDialog.getPassword();
                    keyStore.load(bufferedInputStream, this.keyPassphrase);
                } else {
                    this.cancelFlag = true;
                }
                bufferedInputStream.close();
                fileInputStream.close();
            } else {
                if (exception instanceof CertificateException) {
                    throw ((CertificateException) exception);
                }
                if (exception instanceof KeyStoreException) {
                    throw ((KeyStoreException) exception);
                }
                if (exception instanceof NoSuchAlgorithmException) {
                    throw ((NoSuchAlgorithmException) exception);
                }
                Trace.securityPrintException(e);
            }
        }
        Trace.msgSecurityPrintln("deploycertstore.cert.loaded", new Object[]{str});
        return keyStore;
    }

    @Override // com.sun.deploy.security.CertStore
    public void save() throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
        String str = this.certStoreType == 4 ? _sandboxFilename : _userFilename;
        KeyStore keyStore = this.certStoreType == 4 ? this._deploymentSandboxCerts : this._deploymentUserCerts;
        Trace.msgSecurityPrintln("deploycertstore.cert.saving", new Object[]{str});
        try {
            AccessController.doPrivileged(new PrivilegedExceptionAction(this, str, keyStore) { // from class: com.sun.deploy.security.DeploySigningCertStore.2
                private final String val$filename;
                private final KeyStore val$ks;
                private final DeploySigningCertStore this$0;

                {
                    this.this$0 = this;
                    this.val$filename = str;
                    this.val$ks = keyStore;
                }

                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
                    File file = new File(this.val$filename);
                    file.getParentFile().mkdirs();
                    FileOutputStream fileOutputStream = new FileOutputStream(file);
                    BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(fileOutputStream);
                    this.val$ks.store(bufferedOutputStream, this.this$0.keyPassphrase);
                    bufferedOutputStream.close();
                    fileOutputStream.close();
                    return null;
                }
            });
        } catch (PrivilegedActionException e) {
            Exception exception = e.getException();
            if (exception instanceof IOException) {
                throw ((IOException) exception);
            }
            if (exception instanceof CertificateException) {
                throw ((CertificateException) exception);
            }
            if (exception instanceof KeyStoreException) {
                throw ((KeyStoreException) exception);
            }
            if (exception instanceof NoSuchAlgorithmException) {
                throw ((NoSuchAlgorithmException) exception);
            }
            Trace.securityPrintException(e);
        }
        Trace.msgSecurityPrintln("deploycertstore.cert.saved", new Object[]{str});
    }

    @Override // com.sun.deploy.security.CertStore
    public boolean add(Certificate certificate) throws KeyStoreException {
        return add(certificate, null, false);
    }

    @Override // com.sun.deploy.security.CertStore
    public boolean add(Certificate certificate, String str, boolean z) throws KeyStoreException {
        String str2;
        KeyStore keyStore;
        if (this.certStoreType == 4) {
            str2 = "deploymentsandboxcert";
            keyStore = this._deploymentSandboxCerts;
        } else {
            str2 = "deploymentusercert";
            keyStore = this._deploymentUserCerts;
        }
        return CertUtils.add(keyStore, str2, certificate, str, z);
    }

    @Override // com.sun.deploy.security.CertStore
    public boolean remove(Certificate certificate) throws IOException, KeyStoreException {
        if (this.cancelFlag) {
            return false;
        }
        Trace.msgSecurityPrintln("deploycertstore.cert.removing");
        KeyStore keyStore = this.certStoreType == 4 ? this._deploymentSandboxCerts : this._deploymentUserCerts;
        String certificateAlias = keyStore.getCertificateAlias(certificate);
        if (certificateAlias != null) {
            keyStore.deleteEntry(certificateAlias);
        }
        Trace.msgSecurityPrintln("deploycertstore.cert.removed", new Object[]{certificateAlias});
        return true;
    }

    @Override // com.sun.deploy.security.CertStore
    public boolean contains(Certificate certificate) throws KeyStoreException {
        return contains(certificate, null, false);
    }

    @Override // com.sun.deploy.security.CertStore
    public boolean contains(Certificate certificate, String str, boolean z) throws KeyStoreException {
        return this.certStoreType == 4 ? CertUtils.contains(this._deploymentSandboxCerts, certificate, str, z) : CertUtils.contains(this._deploymentUserCerts, certificate, str, z) || CertUtils.contains(this._deploymentSystemCerts, certificate, str, z);
    }

    @Override // com.sun.deploy.security.CertStore
    public boolean verify(Certificate certificate) {
        Trace.msgSecurityPrintln("deploycertstore.cert.canverify");
        return false;
    }

    @Override // com.sun.deploy.security.CertStore
    public Collection getCertificates() throws KeyStoreException {
        HashSet hashSet = new HashSet();
        if ((this.certStoreType & 1) == 1) {
            hashSet.addAll(getCertificates(1));
        }
        if ((this.certStoreType & 2) == 2) {
            hashSet.addAll(getCertificates(2));
        }
        if ((this.certStoreType & 4) == 4) {
            hashSet.addAll(getCertificates(4));
        }
        return hashSet;
    }

    private Collection getCertificates(int i) throws KeyStoreException {
        Trace.msgSecurityPrintln("deploycertstore.cert.getcertificates");
        ArrayList arrayList = new ArrayList();
        KeyStore keyStore = i == 4 ? this._deploymentSandboxCerts : i == 1 ? this._deploymentUserCerts : this._deploymentSystemCerts;
        Enumeration<String> aliases = keyStore.aliases();
        TreeSet treeSet = new TreeSet();
        while (aliases.hasMoreElements()) {
            treeSet.add(aliases.nextElement());
        }
        Iterator it = treeSet.iterator();
        while (it.hasNext()) {
            arrayList.add(keyStore.getCertificate((String) it.next()));
        }
        return arrayList;
    }

    static {
        _userFilename = null;
        _systemFilename = null;
        _sandboxFilename = null;
        _userFilename = Config.getUserTrustedCertificateFile();
        _systemFilename = Config.getSystemTrustedCertificateFile();
        _sandboxFilename = Config.getSandboxTrustedCertificateFile();
    }
}
