package uz.yt.cams.pki.provider;

import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.LinkedList;
import org.spongycastle.cert.X509CertificateHolder;
import org.spongycastle.cert.jcajce.JcaX509CertificateConverter;
import uz.yt.cams.pki.dto.CertificateMatch;
import uz.yt.cams.pki.exception.ProviderException;

/* loaded from: classes2.dex */
public class JksTrustedCertificateProvider implements TrustedCertificateProvider {
    public static final char[] DEFAULT_PASSWORD = "12345678".toCharArray();
    private static final String TYPE = "JKS";
    private final String jksFilePath;
    private final char[] password;
    private final Provider provider;

    public JksTrustedCertificateProvider(Provider provider, String str, char[] cArr) {
        this.provider = provider;
        this.jksFilePath = str;
        this.password = cArr;
    }

    public static void init(String str) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
        KeyStore keyStore = KeyStore.getInstance(TYPE);
        char[] cArr = DEFAULT_PASSWORD;
        keyStore.load(null, cArr);
        FileOutputStream fileOutputStream = new FileOutputStream(str);
        try {
            keyStore.store(fileOutputStream, cArr);
            fileOutputStream.close();
        } catch (Throwable th) {
            try {
                throw th;
            } catch (Throwable th2) {
                if (th != null) {
                    try {
                        fileOutputStream.close();
                    } catch (Throwable unused) {
                    }
                } else {
                    fileOutputStream.close();
                }
                throw th2;
            }
        }
    }

    @Override // uz.yt.cams.pki.provider.TrustedCertificateProvider
    public X509Certificate[] get(CertificateMatch certificateMatch) throws ProviderException {
        try {
            LinkedList linkedList = new LinkedList();
            KeyStore keyStore = KeyStore.getInstance(TYPE);
            keyStore.load(new FileInputStream(this.jksFilePath), this.password);
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                Certificate certificate = keyStore.getCertificate(aliases.nextElement());
                if (certificate != null) {
                    X509Certificate certificate2 = new JcaX509CertificateConverter().setProvider(this.provider).getCertificate(new X509CertificateHolder(certificate.getEncoded()));
                    if (certificateMatch != null) {
                        if (certificateMatch.getX500Name() == null || certificate2.getSubjectDN().getName().equals(certificateMatch.getX500Name().trim())) {
                            if (certificateMatch.getValidAt() != null) {
                                if (certificate2.getNotBefore().before(certificateMatch.getValidAt()) || certificate2.getNotBefore().equals(certificateMatch.getValidAt())) {
                                    if (!certificate2.getNotAfter().after(certificateMatch.getValidAt()) && !certificate2.getNotAfter().equals(certificateMatch.getValidAt())) {
                                    }
                                }
                            }
                        }
                    }
                    linkedList.add(certificate2);
                }
            }
            return (X509Certificate[]) linkedList.toArray(new X509Certificate[0]);
        } catch (Throwable th) {
            throw new ProviderException(th);
        }
    }
}
