package org.jivesoftware.sparkimpl.certificates;

import java.awt.Component;
import java.awt.HeadlessException;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CRLException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.util.Base64;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
import javax.swing.JOptionPane;
import javax.swing.table.DefaultTableModel;
import org.jivesoftware.Spark;
import org.jivesoftware.resource.Res;
import org.jivesoftware.spark.ui.login.CertificateDialog;
import org.jivesoftware.spark.util.log.Log;
import org.jivesoftware.sparkimpl.settings.local.LocalPreferences;

/* loaded from: input_file:org/jivesoftware/sparkimpl/certificates/CertManager.class */
public abstract class CertManager {
    protected LocalPreferences localPreferences;
    protected boolean addToKeystore;
    protected KeyStore blackListStore;
    protected final List<CertificateModel> allCertificates = new LinkedList();
    protected final List<CertificateModel> blackListedCertificates = new LinkedList();
    protected DefaultTableModel tableModel;
    public static final char[] passwd = "changeit".toCharArray();
    public static final File BLACKLIST = new File(Spark.getSparkUserHome() + File.separator + "security" + File.separator + "blacklist");

    public abstract void deleteEntry(String str) throws KeyStoreException;

    public abstract void addOrRemoveFromExceptionList(boolean z);

    public abstract boolean isOnExceptionList(CertificateModel certificateModel);

    public abstract void createTableModel();

    protected abstract void refreshCertTable();

    public abstract void addEntryFileToKeyStore(File file) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, HeadlessException, InvalidNameException, InvalidKeySpecException;

    protected abstract boolean checkForSameAlias(String str) throws HeadlessException, KeyStoreException;

    public abstract void loadKeyStores();

    public abstract void overWriteKeyStores();

    public void setAddToKeystore(boolean z) {
        this.addToKeystore = z;
    }

    public boolean isAddToKeystore() {
        return this.addToKeystore;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean checkForSameCertificate(X509Certificate x509Certificate) {
        Iterator<CertificateModel> it = this.allCertificates.iterator();
        while (it.hasNext()) {
            if (Base64.getEncoder().encodeToString(x509Certificate.getSignature()).equals(Base64.getEncoder().encodeToString(it.next().getCertificate().getSignature()))) {
                JOptionPane.showMessageDialog((Component) null, Res.getString("dialog.certificate.cannot.have.copy"));
                return true;
            }
        }
        return false;
    }

    public boolean checkRevocation(X509Certificate x509Certificate) {
        boolean z = false;
        try {
            Collection<X509CRL> loadCRL = new SparkTrustManager().loadCRL(new X509Certificate[]{x509Certificate});
            CertificateFactory.getInstance("X.509");
            Iterator<X509CRL> it = loadCRL.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (it.next().isRevoked(x509Certificate)) {
                    z = true;
                    break;
                }
            }
        } catch (IOException | InvalidAlgorithmParameterException | NoSuchAlgorithmException | CRLException | CertificateException e) {
            Log.warning("Cannot check validity", e);
        }
        return z;
    }

    public void addCertificateToBlackList(X509Certificate x509Certificate) throws KeyStoreException, HeadlessException, InvalidNameException {
        this.blackListStore.setCertificateEntry(useCommonNameAsAlias(x509Certificate), x509Certificate);
        this.blackListedCertificates.add(new CertificateModel(x509Certificate));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String useCommonNameAsAlias(X509Certificate x509Certificate) throws InvalidNameException, HeadlessException, KeyStoreException {
        String str = null;
        Iterator it = new LdapName(x509Certificate.getSubjectX500Principal().getName()).getRdns().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Rdn rdn = (Rdn) it.next();
            if (rdn.getType().equals("CN")) {
                str = rdn.getValue().toString();
                int i = 1;
                while (checkForSameAlias(str)) {
                    str = str + i;
                    i++;
                }
            }
        }
        if (str == null) {
            str = "cert";
            int i2 = 1;
            while (checkForSameAlias(str)) {
                str = str + i2;
                i2++;
            }
        }
        return str;
    }

    public abstract void showCertificate();

    public CertificateDialog showCertificate(CertificateModel certificateModel, CertificateDialogReason certificateDialogReason) {
        return new CertificateDialog(this.localPreferences, certificateModel, this, certificateDialogReason);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public KeyStore openKeyStore(File file) {
        KeyStore keyStore = null;
        try {
            keyStore = KeyStore.getInstance("JKS");
            if (!file.exists() || file.isDirectory() || file.length() <= 0) {
                keyStore.load(null, passwd);
            } else {
                try {
                    FileInputStream fileInputStream = new FileInputStream(file);
                    try {
                        keyStore.load(fileInputStream, passwd);
                        fileInputStream.close();
                    } catch (Throwable th) {
                        try {
                            fileInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                        throw th;
                    }
                } catch (IOException | NoSuchAlgorithmException | CertificateException e) {
                    Log.error("Unable to access KeyStore", e);
                }
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e2) {
            Log.warning("Cannot create exceptions KeyStore", e2);
        }
        return keyStore;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public List<CertificateModel> fillTableListWithKeyStoreContent(KeyStore keyStore, List<CertificateModel> list) {
        if (keyStore != null) {
            try {
                Enumeration<String> aliases = keyStore.aliases();
                while (aliases.hasMoreElements()) {
                    String nextElement = aliases.nextElement();
                    X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(nextElement);
                    CertificateModel certificateModel = new CertificateModel(x509Certificate, nextElement);
                    certificateModel.setRevoked(this.blackListStore.getCertificateAlias(x509Certificate) != null);
                    if (list != null) {
                        list.add(certificateModel);
                    }
                    this.allCertificates.add(certificateModel);
                }
            } catch (KeyStoreException e) {
                Log.error("Cannot read KeyStore", e);
            }
        }
        return list;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void saveKeyStore(KeyStore keyStore, File file) {
        try {
            OutputStream newOutputStream = Files.newOutputStream(file.toPath(), new OpenOption[0]);
            if (keyStore != null) {
                try {
                    keyStore.store(newOutputStream, passwd);
                } finally {
                }
            }
            if (newOutputStream != null) {
                newOutputStream.close();
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            Log.error("Couldn't save KeyStore", e);
        }
    }

    public DefaultTableModel getTableModel() {
        return this.tableModel;
    }
}
