package jeus.security.impl.atnrep;

import java.io.File;
import java.math.BigInteger;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.List;
import javax.management.ObjectName;
import jeus.security.base.SKI;
import jeus.security.base.SecurityCommonService;
import jeus.security.base.SecurityException;
import jeus.security.base.ServiceException;
import jeus.security.resource.SecretKeyInfo;
import jeus.security.resource.UserCertInfo;
import jeus.security.spi.SecurityInstaller;
import jeus.security.spi.UserCertMappingService;
import jeus.security.util.Base64Coder;
import jeus.security.util.Constants;
import jeus.security.util.NameAndPathUtil;
import jeus.security.util.X509Util;
import jeus.util.ErrorMsgManager;
import jeus.util.message.JeusMessage_Security_Exception;

/* loaded from: input_file:jeus/security/impl/atnrep/XMLUserCertMappingService.class */
public class XMLUserCertMappingService extends UserCertMappingService {
    private File userCertMapFile;
    private XMLUserCertMapConverter userCertMapConv;
    private File certUserMapFile;
    private XMLCertUserMapConverter certUserMapConv;
    private char[] keyStorePassword;

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // jeus.security.spi.UserCertMappingService, jeus.security.base.Service
    public void doCreate() throws ServiceException, SecurityException {
        super.doCreate();
        String property = getProperty(Constants.FILE_NAME_USER_CERT_MAP);
        if (property == null) {
            property = NameAndPathUtil.getPathWithEndingSeparator(SecurityInstaller.getEnvironment().baseSecurityConfigurationDirectory) + NameAndPathUtil.getPathWithEndingSeparator(getDomain().getName()) + Constants.DEFAULT_USER_CERT_MAP_FILE_NAME;
        }
        this.userCertMapFile = new File(property);
        if (!this.userCertMapFile.exists()) {
            destroy();
            return;
        }
        try {
            this.keyStorePassword = getDomain().getKeyStorePass();
            this.userCertMapConv = new XMLUserCertMapConverter(this.userCertMap, new String(this.keyStorePassword));
            this.certUserMapFile = new File(NameAndPathUtil.getPathWithEndingSeparator(SecurityInstaller.getEnvironment().baseSecurityConfigurationDirectory) + NameAndPathUtil.getPathWithEndingSeparator(getDomain().getName()) + Constants.DEFAULT_CERT_USER_MAP_FILE_NAME);
            if (this.certUserMapFile.exists()) {
                this.certUserMapConv = new XMLCertUserMapConverter(this.certUserMap);
            }
            refreshRead();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    @Override // jeus.security.spi.UserCertMappingService, jeus.security.base.Service
    protected void doDestroy() {
    }

    @Override // jeus.security.spi.UserCertMappingService, jeus.security.base.Service
    public void doRegisterMBean(ObjectName objectName) {
    }

    private void refreshRead() throws ServiceException {
        try {
            if (this.userCertMapConv != null) {
                this.userCertMapConv.unmarshal(this.userCertMapFile);
            }
            try {
                if (this.certUserMapConv != null) {
                    this.certUserMapConv.unmarshal(this.certUserMapFile);
                }
            } catch (Exception e) {
                throw new ServiceException(ErrorMsgManager.getErrorStringMessage(JeusMessage_Security_Exception._29, this.certUserMapFile.getAbsolutePath()), e);
            }
        } catch (Exception e2) {
            throw new ServiceException(ErrorMsgManager.getErrorStringMessage(JeusMessage_Security_Exception._29, this.userCertMapFile.getAbsolutePath()), e2);
        }
    }

    @Override // jeus.security.spi.UserCertMappingService
    public X509Certificate doGetCertInTrustStore(Principal principal) throws KeyStoreException {
        X509Certificate x509Certificate = (X509Certificate) this.trustStoreToCertMap.get(principal.getName());
        if (x509Certificate != null) {
            return x509Certificate;
        }
        X509Certificate certInTrustStore = X509Util.getCertInTrustStore(this.trustStore, principal);
        if (certInTrustStore != null) {
            this.trustStoreToCertMap.put(principal.getName(), certInTrustStore);
        }
        return certInTrustStore;
    }

    @Override // jeus.security.spi.UserCertMappingService
    public X509Certificate doGetCertInTrustStore(SKI ski) throws Exception {
        X509Certificate x509Certificate = (X509Certificate) this.trustStoreToCertMap.get(ski.getValue());
        if (x509Certificate != null) {
            return x509Certificate;
        }
        X509Certificate certInTrustStore = X509Util.getCertInTrustStore(this.trustStore, ski);
        if (certInTrustStore != null) {
            this.trustStoreToCertMap.put(ski.getValue(), certInTrustStore);
        }
        return certInTrustStore;
    }

    @Override // jeus.security.spi.UserCertMappingService
    public X509Certificate doGetCertInTrustStore(Principal principal, BigInteger bigInteger) throws KeyStoreException {
        X509Certificate x509Certificate = (X509Certificate) this.trustStoreToCertMap.get(principal.getName() + bigInteger);
        if (x509Certificate != null) {
            return x509Certificate;
        }
        X509Certificate certInTrustStore = X509Util.getCertInTrustStore(this.trustStore, principal, bigInteger);
        if (certInTrustStore != null) {
            this.trustStoreToCertMap.put(principal.getName() + bigInteger, certInTrustStore);
        }
        return certInTrustStore;
    }

    @Override // jeus.security.spi.UserCertMappingService
    public X509Certificate doGetCertInKeyStore(Principal principal) throws KeyStoreException {
        X509Certificate x509Certificate = (X509Certificate) this.keyStoreToCertMap.get(principal.getName());
        if (x509Certificate != null) {
            return x509Certificate;
        }
        X509Certificate certInKeyStore = X509Util.getCertInKeyStore(this.keyStore, principal);
        if (certInKeyStore != null) {
            this.keyStoreToCertMap.put(principal.getName(), certInKeyStore);
        }
        return certInKeyStore;
    }

    @Override // jeus.security.spi.UserCertMappingService
    public X509Certificate doGetCertInKeyStore(SKI ski) throws Exception {
        X509Certificate x509Certificate = (X509Certificate) this.keyStoreToCertMap.get(ski.getValue());
        if (x509Certificate != null) {
            return x509Certificate;
        }
        X509Certificate certInKeyStore = X509Util.getCertInKeyStore(this.keyStore, ski);
        if (certInKeyStore != null) {
            this.keyStoreToCertMap.put(ski.getValue(), certInKeyStore);
        }
        return certInKeyStore;
    }

    @Override // jeus.security.spi.UserCertMappingService
    public X509Certificate doGetCertInKeyStore(Principal principal, BigInteger bigInteger) throws KeyStoreException {
        X509Certificate x509Certificate = (X509Certificate) this.keyStoreToCertMap.get(principal.getName() + bigInteger);
        if (x509Certificate != null) {
            return x509Certificate;
        }
        X509Certificate certInKeyStore = X509Util.getCertInKeyStore(this.keyStore, principal, bigInteger);
        if (certInKeyStore != null) {
            this.keyStoreToCertMap.put(principal.getName() + bigInteger, certInKeyStore);
        }
        return certInKeyStore;
    }

    @Override // jeus.security.spi.UserCertMappingService
    public List doGetCertificates(String str) throws ServiceException, SecurityException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException {
        SecurityCommonService.checkPermission(USER_CERT_MAPPING_PERMISSION);
        return X509Util.getCertificates(this.userCertMap, this.keyStore, str, this.keyStorePassword);
    }

    @Override // jeus.security.spi.UserCertMappingService
    public PrivateKey doGetPrivateKey(String str) throws NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, ServiceException, SecurityException {
        SecurityCommonService.checkPermission(USER_CERT_MAPPING_PERMISSION);
        PrivateKey privateKey = (PrivateKey) this.privateKeyMap.get(str);
        if (privateKey != null) {
            return privateKey;
        }
        PrivateKey privateKey2 = X509Util.getPrivateKey(this.userCertMap, this.keyStore, str, this.keyStorePassword);
        if (privateKey2 != null) {
            this.privateKeyMap.put(str, privateKey2);
        }
        return privateKey2;
    }

    @Override // jeus.security.spi.UserCertMappingService
    public PrivateKey doGetPrivateKey(Principal principal) throws NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, SecurityException, ServiceException {
        PrivateKey privateKey;
        SecurityCommonService.checkPermission(USER_CERT_MAPPING_PERMISSION);
        PrivateKey privateKey2 = (PrivateKey) this.privateKeyMap.get(principal.getName());
        if (privateKey2 != null) {
            return privateKey2;
        }
        String str = (String) this.certUserMap.get(principal.getName());
        if (str != null) {
            privateKey = X509Util.getPrivateKey(this.userCertMap, this.keyStore, str, this.keyStorePassword);
        } else {
            privateKey = X509Util.getPrivateKey(this.userCertMap, this.keyStore, principal, this.keyStorePassword);
            this.certUserMap.put(principal.getName(), str);
        }
        if (privateKey != null) {
            this.privateKeyMap.put(principal.getName(), privateKey);
        }
        return privateKey;
    }

    @Override // jeus.security.spi.UserCertMappingService
    public PrivateKey doGetPrivateKey(SKI ski) throws Exception {
        PrivateKey privateKey;
        SecurityCommonService.checkPermission(USER_CERT_MAPPING_PERMISSION);
        PrivateKey privateKey2 = (PrivateKey) this.privateKeyMap.get(ski.getValue());
        if (privateKey2 != null) {
            return privateKey2;
        }
        String str = (String) this.certUserMap.get(ski.getValue());
        if (str != null) {
            privateKey = X509Util.getPrivateKey(this.userCertMap, this.keyStore, str, this.keyStorePassword);
        } else {
            privateKey = X509Util.getPrivateKey(this.userCertMap, this.keyStore, ski, this.keyStorePassword);
            this.certUserMap.put(ski.getValue(), str);
        }
        if (privateKey != null) {
            this.privateKeyMap.put(ski.getValue(), privateKey);
        }
        return privateKey;
    }

    @Override // jeus.security.spi.UserCertMappingService
    public PrivateKey doGetPrivateKey(Principal principal, BigInteger bigInteger) throws NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, SecurityException, ServiceException {
        PrivateKey privateKey;
        SecurityCommonService.checkPermission(USER_CERT_MAPPING_PERMISSION);
        PrivateKey privateKey2 = (PrivateKey) this.privateKeyMap.get(principal.getName() + bigInteger);
        if (privateKey2 != null) {
            return privateKey2;
        }
        String str = (String) this.certUserMap.get(principal.getName() + bigInteger);
        if (str != null) {
            privateKey = X509Util.getPrivateKey(this.userCertMap, this.keyStore, str, this.keyStorePassword);
        } else {
            privateKey = X509Util.getPrivateKey(this.userCertMap, this.keyStore, principal, bigInteger, this.keyStorePassword);
            this.certUserMap.put(principal.getName() + bigInteger, str);
        }
        if (privateKey != null) {
            this.privateKeyMap.put(principal.getName() + bigInteger, privateKey);
        }
        return privateKey;
    }

    @Override // jeus.security.spi.UserCertMappingService
    public boolean doIsValid(X509Certificate x509Certificate, boolean z) throws KeyStoreException {
        return X509Util.isValid(this.trustStore, this.keyStore, x509Certificate, z);
    }

    @Override // jeus.security.spi.UserCertMappingService
    public String doGetSubjectInTrustStore(SKI ski) throws SecurityException {
        return X509Util.getAliasForX509Cert(this.trustStore, Base64Coder.base64ToByteArray(ski.getValue()));
    }

    @Override // jeus.security.spi.UserCertMappingService
    public String doGetSubjectInTrustStore(Principal principal) throws SecurityException {
        return X509Util.getAliasForDN(this.trustStore, principal.getName());
    }

    @Override // jeus.security.spi.UserCertMappingService
    public String doGetSubjectInTrustStore(Principal principal, BigInteger bigInteger) throws SecurityException {
        return X509Util.getAliasForX509Cert(this.trustStore, principal.getName(), bigInteger);
    }

    @Override // jeus.security.spi.UserCertMappingService
    public String doGetSubjectInTrustStore(byte[] bArr) throws SecurityException {
        return X509Util.getAliasForX509CertThumb(this.trustStore, bArr);
    }

    @Override // jeus.security.spi.UserCertMappingService
    public X509Certificate doGetCertInTrustStore(String str) throws KeyStoreException, SecurityException {
        X509Certificate x509Certificate = (X509Certificate) this.trustStoreToCertMap.get(str);
        if (x509Certificate != null) {
            return x509Certificate;
        }
        X509Certificate certInKeyStore = X509Util.getCertInKeyStore(this.userCertMap, this.trustStore, str);
        if (certInKeyStore != null) {
            this.trustStoreToCertMap.put(str, certInKeyStore);
        }
        return certInKeyStore;
    }

    @Override // jeus.security.spi.UserCertMappingService
    public SecretKeyInfo doGetSecretKeyWithKeyName(String str) throws ServiceException, SecurityException {
        SecurityCommonService.checkPermission(USER_CERT_MAPPING_PERMISSION);
        Iterator it = this.userCertMap.values().iterator();
        while (it.hasNext()) {
            SecretKeyInfo secretKeyInfo = ((UserCertInfo) it.next()).getSecretKeyInfo();
            if (secretKeyInfo != null && secretKeyInfo.getKeyname().equals(str)) {
                return secretKeyInfo;
            }
        }
        return null;
    }

    @Override // jeus.security.spi.UserCertMappingService
    public SecretKeyInfo doGetSecretKeyWithKeyUser(String str) throws ServiceException, SecurityException {
        SecretKeyInfo secretKeyInfo;
        SecurityCommonService.checkPermission(USER_CERT_MAPPING_PERMISSION);
        UserCertInfo userCertInfo = (UserCertInfo) this.userCertMap.get(str);
        if (userCertInfo == null || (secretKeyInfo = userCertInfo.getSecretKeyInfo()) == null) {
            return null;
        }
        return secretKeyInfo;
    }

    @Override // jeus.security.spi.UserCertMappingService
    public String doGetSubjectInKeyStore(SKI ski) throws Exception {
        return X509Util.getAliasForX509Cert(this.keyStore, Base64Coder.base64ToByteArray(ski.getValue()));
    }

    @Override // jeus.security.spi.UserCertMappingService
    public String doGetSubjectInKeyStore(Principal principal) throws SecurityException {
        return X509Util.getAliasForDN(this.keyStore, principal.getName());
    }

    @Override // jeus.security.spi.UserCertMappingService
    public String doGetSubjectInKeyStore(Principal principal, BigInteger bigInteger) throws SecurityException {
        return X509Util.getAliasForX509Cert(this.keyStore, principal.getName(), bigInteger);
    }

    @Override // jeus.security.spi.UserCertMappingService
    public String doGetSubjectInKeyStore(byte[] bArr) throws SecurityException {
        return X509Util.getAliasForX509CertThumb(this.keyStore, bArr);
    }

    @Override // jeus.security.spi.UserCertMappingService
    public X509Certificate doGetCertInKeyStore(String str) throws KeyStoreException, SecurityException {
        X509Certificate x509Certificate = (X509Certificate) this.keyStoreToCertMap.get(str);
        if (x509Certificate != null) {
            return x509Certificate;
        }
        X509Certificate certInKeyStore = X509Util.getCertInKeyStore(this.userCertMap, this.keyStore, str);
        if (certInKeyStore != null) {
            this.keyStoreToCertMap.put(str, certInKeyStore);
        }
        return certInKeyStore;
    }

    @Override // jeus.security.spi.UserCertMappingService
    public String doGetUserInCert(String str) throws SecurityException, ServiceException {
        return (String) this.certUserMap.get(str);
    }
}
