package se.swedenconnect.security.credential.pkcs11;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.file.Files;
import java.nio.file.Path;
import java.security.InvalidParameterException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Date;
import java.util.Enumeration;
import java.util.Scanner;
import org.cryptacular.io.Resource;
import se.swedenconnect.security.credential.LibraryVersion;

/* loaded from: input_file:se/swedenconnect/security/credential/pkcs11/MockSunPkcs11Provider.class */
public class MockSunPkcs11Provider extends Provider {
    public static final String PROVIDER_BASE_NAME = "MockSunPKCS11";
    private boolean configured;
    private static final long serialVersionUID = LibraryVersion.SERIAL_VERSION_UID;

    /* loaded from: input_file:se/swedenconnect/security/credential/pkcs11/MockSunPkcs11Provider$MockKeyStoreSpi.class */
    public static class MockKeyStoreSpi extends KeyStoreSpi {
        private final KeyStore ks;

        public MockKeyStoreSpi() {
            try {
                this.ks = KeyStore.getInstance("JKS");
            } catch (KeyStoreException e) {
                throw new RuntimeException(e);
            }
        }

        @Override // java.security.KeyStoreSpi
        public void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            if (inputStream != null) {
                this.ks.load(inputStream, cArr);
                return;
            }
            Resource resource = MockedPkcs11ResourceHolder.getInstance().getResource();
            if (resource == null) {
                throw new IOException("No resource available");
            }
            InputStream inputStream2 = resource.getInputStream();
            try {
                this.ks.load(inputStream2, cArr);
                if (inputStream2 != null) {
                    inputStream2.close();
                }
            } catch (Throwable th) {
                if (inputStream2 != null) {
                    try {
                        inputStream2.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        }

        @Override // java.security.KeyStoreSpi
        public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
            try {
                return this.ks.getKey(str, cArr);
            } catch (KeyStoreException e) {
                throw new RuntimeException(e);
            }
        }

        @Override // java.security.KeyStoreSpi
        public Certificate[] engineGetCertificateChain(String str) {
            if (MockedPkcs11ResourceHolder.getInstance().isMockNoCertificate()) {
                return null;
            }
            try {
                return this.ks.getCertificateChain(str);
            } catch (KeyStoreException e) {
                return null;
            }
        }

        @Override // java.security.KeyStoreSpi
        public Certificate engineGetCertificate(String str) {
            if (MockedPkcs11ResourceHolder.getInstance().isMockNoCertificate()) {
                return null;
            }
            try {
                return this.ks.getCertificate(str);
            } catch (KeyStoreException e) {
                return null;
            }
        }

        @Override // java.security.KeyStoreSpi
        public Date engineGetCreationDate(String str) {
            try {
                return this.ks.getCreationDate(str);
            } catch (KeyStoreException e) {
                return null;
            }
        }

        @Override // java.security.KeyStoreSpi
        public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) {
            throw new IllegalArgumentException("Not allowed for PKCS11");
        }

        @Override // java.security.KeyStoreSpi
        public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) {
            throw new IllegalArgumentException("Not allowed for PKCS11");
        }

        @Override // java.security.KeyStoreSpi
        public void engineSetCertificateEntry(String str, Certificate certificate) {
            throw new IllegalArgumentException("Not allowed for PKCS11");
        }

        @Override // java.security.KeyStoreSpi
        public void engineDeleteEntry(String str) {
            throw new IllegalArgumentException("Not allowed for PKCS11");
        }

        @Override // java.security.KeyStoreSpi
        public Enumeration<String> engineAliases() {
            try {
                return this.ks.aliases();
            } catch (KeyStoreException e) {
                throw new RuntimeException(e);
            }
        }

        @Override // java.security.KeyStoreSpi
        public boolean engineContainsAlias(String str) {
            try {
                return this.ks.containsAlias(str);
            } catch (KeyStoreException e) {
                return false;
            }
        }

        @Override // java.security.KeyStoreSpi
        public int engineSize() {
            try {
                return this.ks.size();
            } catch (KeyStoreException e) {
                throw new RuntimeException(e);
            }
        }

        @Override // java.security.KeyStoreSpi
        public boolean engineIsKeyEntry(String str) {
            try {
                return this.ks.isKeyEntry(str);
            } catch (KeyStoreException e) {
                return false;
            }
        }

        @Override // java.security.KeyStoreSpi
        public boolean engineIsCertificateEntry(String str) {
            try {
                return this.ks.isCertificateEntry(str);
            } catch (KeyStoreException e) {
                return false;
            }
        }

        @Override // java.security.KeyStoreSpi
        public String engineGetCertificateAlias(Certificate certificate) {
            try {
                return this.ks.getCertificateAlias(certificate);
            } catch (KeyStoreException e) {
                throw new RuntimeException(e);
            }
        }

        @Override // java.security.KeyStoreSpi
        public void engineStore(OutputStream outputStream, char[] cArr) throws IOException {
            throw new IOException("Not allowed for PKCS11");
        }
    }

    /* loaded from: input_file:se/swedenconnect/security/credential/pkcs11/MockSunPkcs11Provider$MockedPkcs11ResourceHolder.class */
    public static class MockedPkcs11ResourceHolder {
        private static final MockedPkcs11ResourceHolder INSTANCE = new MockedPkcs11ResourceHolder();
        private Resource resource;
        private boolean mockNoCertificate = false;

        public static MockedPkcs11ResourceHolder getInstance() {
            return INSTANCE;
        }

        public Resource getResource() {
            return this.resource;
        }

        public void setResource(Resource resource) {
            this.resource = resource;
        }

        public boolean isMockNoCertificate() {
            return this.mockNoCertificate;
        }

        public void setMockNoCertificate(boolean z) {
            this.mockNoCertificate = z;
        }

        private MockedPkcs11ResourceHolder() {
        }
    }

    public MockSunPkcs11Provider() {
        this(PROVIDER_BASE_NAME, "1.0.0", "Mock provider");
    }

    protected MockSunPkcs11Provider(String str) {
        this(str, "1.0.0", "Mock provider");
    }

    protected MockSunPkcs11Provider(String str, String str2, String str3) {
        super(str, "1.0.0", "Mock provider");
        this.configured = false;
        Provider provider = Security.getProvider("SUN");
        for (Object obj : provider.keySet()) {
            if (!((String) obj).startsWith("Provider.id")) {
                put(obj, provider.get(obj));
            }
        }
        Provider provider2 = Security.getProvider("SunRsaSign");
        for (Object obj2 : provider2.keySet()) {
            if (!((String) obj2).startsWith("Provider.id")) {
                put(obj2, provider2.get(obj2));
            }
        }
        put("KeyStore.PKCS11", MockKeyStoreSpi.class.getName());
    }

    public static MockSunPkcs11Provider createStaticallyConfigured() {
        MockSunPkcs11Provider mockSunPkcs11Provider = new MockSunPkcs11Provider();
        mockSunPkcs11Provider.configured = true;
        return mockSunPkcs11Provider;
    }

    public Provider configure(String str) {
        if (str == null) {
            throw new NullPointerException("configArg is null");
        }
        if (this.configured) {
            return this;
        }
        try {
            String str2 = null;
            boolean z = false;
            Scanner scanner = new Scanner(new ByteArrayInputStream((str.startsWith("--") ? str.substring(2) : Files.readString(Path.of(str, new String[0]))).getBytes()));
            while (scanner.hasNextLine()) {
                try {
                    String trim = scanner.nextLine().trim();
                    if (!trim.startsWith("#")) {
                        if (trim.startsWith("library")) {
                            z = true;
                        } else if (trim.startsWith("name")) {
                            String[] split = trim.split("=", 2);
                            if (split.length == 2) {
                                str2 = split[1].trim();
                            }
                        }
                    }
                } finally {
                }
            }
            scanner.close();
            if (str2 == null) {
                throw new InvalidParameterException("Invalid configuration data - Missing name");
            }
            if (!z) {
                throw new InvalidParameterException("Invalid configuration data - Missing library");
            }
            MockSunPkcs11Provider mockSunPkcs11Provider = new MockSunPkcs11Provider("MockSunPKCS11-" + str2);
            mockSunPkcs11Provider.configured = true;
            return mockSunPkcs11Provider;
        } catch (IOException e) {
            throw new InvalidParameterException("Invalid configuration data - " + e.getMessage());
        }
    }

    public boolean isConfigured() {
        return this.configured;
    }
}
