package com.djigzo.android.common.security.certstore;

import com.djigzo.android.common.database.ORMLiteUtils;
import com.j256.ormlite.dao.BaseDaoImpl;
import com.j256.ormlite.dao.GenericRawResults;
import com.j256.ormlite.field.DataType;
import com.j256.ormlite.stmt.DeleteBuilder;
import com.j256.ormlite.stmt.PreparedDelete;
import com.j256.ormlite.stmt.PreparedQuery;
import com.j256.ormlite.stmt.QueryBuilder;
import com.j256.ormlite.stmt.SelectIterator;
import com.j256.ormlite.stmt.Where;
import com.j256.ormlite.support.ConnectionSource;
import java.io.IOException;
import java.math.BigInteger;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.CertSelector;
import java.security.cert.CertStoreException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.sql.SQLException;
import java.util.Collection;
import java.util.Date;
import java.util.List;
import java.util.concurrent.atomic.AtomicReference;
import javax.security.auth.x500.X500Principal;
import mitm.common.mail.EmailAddressUtils;
import mitm.common.security.NoSuchProviderRuntimeException;
import mitm.common.security.certificate.X500PrincipalInspector;
import mitm.common.security.certificate.X509CertSelectorInspector;
import mitm.common.security.certificate.X509CertificateInspector;
import mitm.common.security.certstore.CertificateAlreadyExistsException;
import mitm.common.security.certstore.Expired;
import mitm.common.security.certstore.MissingKeyAlias;
import mitm.common.security.certstore.X509CertStoreEntry;
import mitm.common.security.certstore.X509CertStoreExt;
import mitm.common.security.certstore.X509StoreEventListener;
import mitm.common.util.BigIntegerUtils;
import mitm.common.util.Check;
import mitm.common.util.CloseableIterator;
import mitm.common.util.CloseableIteratorException;
import mitm.common.util.CloseableIteratorUtils;
import mitm.common.util.HexUtils;
import org.apache.commons.lang.StringUtils;

/* loaded from: classes.dex */
public class X509CertStoreExtImpl implements X509CertStoreExt {
    private final CertStoreDAO certStoreDAO;
    private final EmailDAO emailDAO;
    private final AtomicReference<X509StoreEventListener> eventListener = new AtomicReference<>();
    private final String store;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class CertStoreDAO extends BaseDaoImpl<X509CertStoreEntryEntity, Integer> {
        public CertStoreDAO(ConnectionSource connectionSource) throws SQLException {
            super(connectionSource, X509CertStoreEntryEntity.class);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class EmailDAO extends BaseDaoImpl<CertificateEmailEntity, Integer> {
        public EmailDAO(ConnectionSource connectionSource) throws SQLException {
            super(connectionSource, CertificateEmailEntity.class);
        }
    }

    public X509CertStoreExtImpl(String str, ConnectionSource connectionSource) throws SQLException {
        Check.notNull(str, "store");
        Check.notNull(connectionSource, "connectionSource");
        this.store = str;
        this.certStoreDAO = new CertStoreDAO(connectionSource);
        this.emailDAO = new EmailDAO(connectionSource);
    }

    private SelectIterator<X509CertStoreEntryEntity, Integer> createOptimizedSelectIterator(CertSelector certSelector, MissingKeyAlias missingKeyAlias, Integer num, Integer num2) throws CertStoreException {
        try {
            CertStoreDAO certStoreDAO = this.certStoreDAO;
            QueryBuilder<X509CertStoreEntryEntity, Integer> queryBuilder = certStoreDAO.queryBuilder();
            Where<X509CertStoreEntryEntity, Integer> eq = queryBuilder.where().eq("store", ORMLiteUtils.createArg(this.store));
            if (missingKeyAlias == MissingKeyAlias.NOT_ALLOWED) {
                eq.and().isNotNull(X509CertStoreEntryEntity.KEY_ALIAS_COLUMN);
            }
            if (num != null) {
                queryBuilder.offset(num);
            }
            if (num2 != null) {
                queryBuilder.limit(num2);
            }
            if (certSelector instanceof X509CertSelector) {
                try {
                    optimizeWhere((X509CertSelector) certSelector, eq);
                } catch (IOException e) {
                    throw new CertStoreException(e);
                }
            }
            return certStoreDAO.iterator((PreparedQuery) queryBuilder.prepare());
        } catch (SQLException e2) {
            throw new CertStoreException(e2);
        }
    }

    private void deleteEmails(X509CertStoreEntry x509CertStoreEntry) throws SQLException {
        EmailDAO emailDAO = this.emailDAO;
        DeleteBuilder<CertificateEmailEntity, Integer> deleteBuilder = emailDAO.deleteBuilder();
        deleteBuilder.where().idEq(((X509CertStoreEntryEntity) x509CertStoreEntry).getId());
        emailDAO.delete((PreparedDelete) deleteBuilder.prepare());
    }

    private void fireChangeEvent() {
        if (this.eventListener.get() != null) {
            this.eventListener.get().onChange();
        }
    }

    private void optimizeWhere(X509CertSelector x509CertSelector, Where<X509CertStoreEntryEntity, Integer> where) throws IOException, SQLException {
        X500Principal issuer = x509CertSelector.getIssuer();
        X500Principal subject = x509CertSelector.getSubject();
        BigInteger serialNumber = x509CertSelector.getSerialNumber();
        byte[] subjectKeyIdentifier = X509CertSelectorInspector.getSubjectKeyIdentifier(x509CertSelector);
        if (x509CertSelector.getCertificate() != null) {
            X509Certificate certificate = x509CertSelector.getCertificate();
            if (issuer == null) {
                issuer = certificate.getIssuerX500Principal();
            }
            if (subject == null) {
                subject = certificate.getSubjectX500Principal();
            }
            if (serialNumber == null) {
                serialNumber = certificate.getSerialNumber();
            }
            if (subjectKeyIdentifier == null) {
                subjectKeyIdentifier = X509CertificateInspector.getSubjectKeyIdentifier(certificate);
            }
        }
        if (issuer != null) {
            where.and().eq("issuer", ORMLiteUtils.createArg(X500PrincipalInspector.getCanonical(issuer)));
        }
        if (subject != null) {
            where.and().eq(X509CertStoreEntryEntity.SUBJECT_COLUMN, ORMLiteUtils.createArg(X500PrincipalInspector.getCanonical(subject)));
        }
        if (serialNumber != null) {
            where.and().eq(X509CertStoreEntryEntity.SERIAL_COLUMN, BigIntegerUtils.hexEncode(serialNumber));
        }
        if (subjectKeyIdentifier != null) {
            where.and().eq(X509CertStoreEntryEntity.SUBJECT_KEY_IDENTIFIER_COLUMN, HexUtils.hexEncode(subjectKeyIdentifier));
        }
        if (x509CertSelector.getCertificateValid() != null) {
            where.and().lt(X509CertStoreEntryEntity.NOT_BEFORE_COLUMN, x509CertSelector.getCertificateValid()).and().gt(X509CertStoreEntryEntity.NOT_AFTER_COLUMN, x509CertSelector.getCertificateValid());
        }
    }

    private Where<X509CertStoreEntryEntity, Integer> prepareQueryBuilder(QueryBuilder<X509CertStoreEntryEntity, Integer> queryBuilder, Expired expired, MissingKeyAlias missingKeyAlias, Integer num, Integer num2) throws SQLException {
        Where<X509CertStoreEntryEntity, Integer> eq = queryBuilder.where().eq("store", ORMLiteUtils.createArg(this.store));
        if (missingKeyAlias == MissingKeyAlias.NOT_ALLOWED) {
            eq.and().isNotNull(X509CertStoreEntryEntity.KEY_ALIAS_COLUMN);
        }
        if (expired == Expired.NOT_ALLOWED) {
            Date date = new Date();
            eq.and().lt(X509CertStoreEntryEntity.NOT_BEFORE_COLUMN, date).and().gt(X509CertStoreEntryEntity.NOT_AFTER_COLUMN, date);
        }
        if (num != null) {
            queryBuilder.offset(num);
        }
        if (num2 != null) {
            queryBuilder.limit(num2);
        }
        return eq;
    }

    @Override // mitm.common.security.certstore.X509CertStoreExt
    public X509CertStoreEntry addCertificate(X509Certificate x509Certificate) throws CertStoreException, CertificateAlreadyExistsException {
        return addCertificate(x509Certificate, null);
    }

    @Override // mitm.common.security.certstore.X509CertStoreExt
    public X509CertStoreEntry addCertificate(X509Certificate x509Certificate, String str) throws CertStoreException {
        try {
            X509CertStoreEntryEntity x509CertStoreEntryEntity = new X509CertStoreEntryEntity(this.store, x509Certificate);
            x509CertStoreEntryEntity.setKeyAlias(str);
            this.certStoreDAO.create(x509CertStoreEntryEntity);
            for (String str2 : x509CertStoreEntryEntity.getEmail()) {
                if (str2 != null) {
                    this.emailDAO.create(new CertificateEmailEntity(str2, x509CertStoreEntryEntity));
                }
            }
            fireChangeEvent();
            return x509CertStoreEntryEntity;
        } catch (IOException e) {
            throw new CertStoreException(e);
        } catch (CertificateException e2) {
            throw new CertStoreException(e2);
        } catch (SQLException e3) {
            throw new CertStoreException(e3);
        }
    }

    @Override // mitm.common.security.certstore.X509CertStoreExt
    public boolean contains(X509Certificate x509Certificate) throws CertStoreException {
        return getByCertificate(x509Certificate) != null;
    }

    protected List<CertificateEmailEntity> getAllCertificateEmailEntities() throws SQLException {
        return this.emailDAO.queryForAll();
    }

    @Override // mitm.common.security.certstore.X509CertStoreExt
    public X509CertStoreEntry getByCertificate(X509Certificate x509Certificate) throws CertStoreException {
        try {
            return getByThumbprint(X509CertificateInspector.getThumbprint(x509Certificate));
        } catch (NoSuchAlgorithmException e) {
            throw new CertStoreException(e);
        } catch (NoSuchProviderException e2) {
            throw new NoSuchProviderRuntimeException(e2);
        } catch (CertificateEncodingException e3) {
            throw new CertStoreException(e3);
        }
    }

    @Override // mitm.common.security.certstore.X509CertStoreExt
    public CloseableIterator<? extends X509CertStoreEntry> getByEmail(String str, Expired expired, MissingKeyAlias missingKeyAlias, Integer num, Integer num2) throws CertStoreException {
        try {
            String canonicalize = EmailAddressUtils.canonicalize(str);
            QueryBuilder<CertificateEmailEntity, Integer> queryBuilder = this.emailDAO.queryBuilder();
            queryBuilder.selectColumns(CertificateEmailEntity.CERTIFICATE_ID_COLUMN).where().eq("email", ORMLiteUtils.createArg(canonicalize));
            CertStoreDAO certStoreDAO = this.certStoreDAO;
            QueryBuilder<X509CertStoreEntryEntity, Integer> queryBuilder2 = certStoreDAO.queryBuilder();
            prepareQueryBuilder(queryBuilder2, expired, missingKeyAlias, num, num2).and().in("id", queryBuilder);
            return new X509CertStoreEntryIterator(certStoreDAO.iterator((PreparedQuery) queryBuilder2.prepare()), null);
        } catch (SQLException e) {
            throw new CertStoreException(e);
        }
    }

    @Override // mitm.common.security.certstore.X509CertStoreExt
    public X509CertStoreEntry getByThumbprint(String str) throws CertStoreException {
        try {
            CertStoreDAO certStoreDAO = this.certStoreDAO;
            QueryBuilder<X509CertStoreEntryEntity, Integer> queryBuilder = certStoreDAO.queryBuilder();
            queryBuilder.where().eq("store", ORMLiteUtils.createArg(this.store)).and().eq("thumbprint", ORMLiteUtils.createArg(str));
            return certStoreDAO.queryForFirst(queryBuilder.prepare());
        } catch (SQLException e) {
            throw new CertStoreException(e);
        }
    }

    @Override // mitm.common.security.certstore.X509CertStoreExt
    public CloseableIterator<? extends X509CertStoreEntry> getCertStoreIterator(CertSelector certSelector, MissingKeyAlias missingKeyAlias, Integer num, Integer num2) throws CertStoreException {
        return new X509CertStoreEntryIterator(createOptimizedSelectIterator(certSelector, missingKeyAlias, num, num2), certSelector);
    }

    protected List<CertificateEmailEntity> getCertificateEmailEntities(X509CertStoreEntry x509CertStoreEntry) throws SQLException {
        EmailDAO emailDAO = this.emailDAO;
        QueryBuilder<CertificateEmailEntity, Integer> queryBuilder = emailDAO.queryBuilder();
        queryBuilder.where().idEq(((X509CertStoreEntryEntity) x509CertStoreEntry).getId());
        return emailDAO.query(queryBuilder.prepare());
    }

    @Override // mitm.common.security.certstore.X509CertStoreExt, mitm.common.security.certstore.X509BasicCertStore, mitm.common.security.certstore.BasicCertStore
    public CloseableIterator<X509Certificate> getCertificateIterator(CertSelector certSelector) throws CertStoreException {
        return new X509CertStoreCertificateIterator(createOptimizedSelectIterator(certSelector, null, null, null), certSelector);
    }

    @Override // mitm.common.security.certstore.X509CertStoreExt, mitm.common.security.certstore.X509BasicCertStore, mitm.common.security.certstore.BasicCertStore
    public Collection<X509Certificate> getCertificates(CertSelector certSelector) throws CertStoreException {
        CloseableIterator<X509Certificate> certificateIterator = getCertificateIterator(certSelector);
        try {
            try {
                return CloseableIteratorUtils.toList(certificateIterator);
            } catch (CloseableIteratorException e) {
                throw new CertStoreException(e);
            }
        } finally {
            CloseableIteratorUtils.closeQuietly(certificateIterator);
        }
    }

    @Override // mitm.common.security.certstore.X509CertStoreExt
    public void removeAllEntries() throws CertStoreException {
        try {
            DeleteBuilder<X509CertStoreEntryEntity, Integer> deleteBuilder = this.certStoreDAO.deleteBuilder();
            deleteBuilder.where().eq("store", ORMLiteUtils.createArg(this.store));
            this.certStoreDAO.delete((PreparedDelete) deleteBuilder.prepare());
        } catch (SQLException e) {
            throw new CertStoreException(e);
        }
    }

    @Override // mitm.common.security.certstore.X509CertStoreExt
    public void removeCertificate(X509Certificate x509Certificate) throws CertStoreException {
        X509CertStoreEntry byCertificate = getByCertificate(x509Certificate);
        if (byCertificate != null) {
            try {
                deleteEmails(byCertificate);
                this.certStoreDAO.delete((CertStoreDAO) byCertificate);
                fireChangeEvent();
            } catch (SQLException e) {
                throw new CertStoreException(e);
            }
        }
    }

    @Override // mitm.common.security.certstore.X509CertStoreExt
    public CloseableIterator<? extends X509CertStoreEntry> searchBySubject(String str, Expired expired, MissingKeyAlias missingKeyAlias, Integer num, Integer num2) throws CertStoreException {
        try {
            String lowerCase = StringUtils.lowerCase(str);
            CertStoreDAO certStoreDAO = this.certStoreDAO;
            QueryBuilder<X509CertStoreEntryEntity, Integer> queryBuilder = certStoreDAO.queryBuilder();
            prepareQueryBuilder(queryBuilder, expired, missingKeyAlias, num, num2).and().like("subjectFriendly", ORMLiteUtils.createArg(lowerCase));
            return new X509CertStoreEntryIterator(certStoreDAO.iterator((PreparedQuery) queryBuilder.prepare()), null);
        } catch (SQLException e) {
            throw new CertStoreException(e);
        }
    }

    @Override // mitm.common.security.certstore.X509CertStoreExt
    public void setStoreEventListener(X509StoreEventListener x509StoreEventListener) {
        this.eventListener.set(x509StoreEventListener);
    }

    @Override // mitm.common.security.certstore.X509CertStoreExt
    public int size() throws CertStoreException {
        try {
            GenericRawResults<Object[]> queryRaw = this.certStoreDAO.queryRaw("select count(*) from certificate where store= ?", new DataType[]{DataType.INTEGER}, this.store);
            if (queryRaw != null) {
                return ((Integer) queryRaw.getResults().get(0)[0]).intValue();
            }
            return 0;
        } catch (SQLException e) {
            throw new CertStoreException(e);
        }
    }

    @Override // mitm.common.security.certstore.X509CertStoreExt
    public void update(X509CertStoreEntry x509CertStoreEntry) throws CertStoreException {
        if (!(x509CertStoreEntry instanceof X509CertStoreEntryEntity)) {
            throw new IllegalArgumentException("entry is-not-a X509CertStoreEntryEntity.");
        }
        try {
            this.certStoreDAO.update((CertStoreDAO) x509CertStoreEntry);
            fireChangeEvent();
        } catch (SQLException e) {
            throw new CertStoreException(e);
        }
    }
}
