package es.mityc.javasign.trust;

import es.mityc.javasign.i18n.I18nFactory;
import es.mityc.javasign.i18n.II18nManager;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.AccessController;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivilegedAction;
import java.security.SignatureException;
import java.security.cert.CRLException;
import java.security.cert.CertPath;
import java.security.cert.CertSelector;
import java.security.cert.CertStore;
import java.security.cert.CertStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.X509CRL;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.MissingResourceException;
import java.util.Properties;
import java.util.StringTokenizer;
import java.util.Vector;
import javax.security.auth.x500.X500Principal;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.ocsp.ResponderID;
import org.bouncycastle.asn1.x509.X509Name;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.jce.X509Principal;
import org.bouncycastle.ocsp.BasicOCSPResp;
import org.bouncycastle.ocsp.OCSPException;
import org.bouncycastle.ocsp.OCSPResp;
import org.bouncycastle.tsp.TSPException;
import org.bouncycastle.tsp.TSPValidationException;
import org.bouncycastle.tsp.TimeStampToken;
import org.bouncycastle.util.encoders.Base64;

/* loaded from: input_file:es/mityc/javasign/trust/PropsTruster.class */
public class PropsTruster extends TrustAdapter {
    private static final Log LOG = LogFactory.getLog(PropsTruster.class);
    private static final II18nManager I18N = I18nFactory.getI18nManager(ConstantsTrust.LIB_NAME);
    private static final String CONF_DEFAULT = "trust/myTruster.properties";
    protected Properties externalProps = new Properties();
    protected static TrustAdapter instance;
    private CertStore issuersCerts;
    private CertStore certsCerts;
    private CertStore issuersOCSP;
    private CertStore certsOCSP;
    private CertStore issuersCRL;
    private CertStore issuersTSA;
    private CertStore certsTSA;

    /* loaded from: input_file:es/mityc/javasign/trust/PropsTruster$TrusterType.class */
    public enum TrusterType {
        TRUSTER_SIGNCERTS_ISSUER("signcerts.issuers"),
        TRUSTER_SIGNCERTS_CERTS("signcerts.certs"),
        TRUSTER_OCSP_ISSUER("ocsp.issuers"),
        TRUSTER_OCSP_CERTS("ocsp.certs"),
        TRUSTER_CRL_ISSUER("crl.issuers"),
        TRUSTER_TSA_ISSUER("tsa.issuers"),
        TRUSTER_TSA_CERTS("tsa.certs");

        private String id;

        TrusterType(String str) {
            this.id = str;
        }

        @Override // java.lang.Enum
        public String toString() {
            return this.id;
        }

        /* renamed from: values, reason: to resolve conflict with enum method */
        public static TrusterType[] valuesCustom() {
            TrusterType[] valuesCustom = values();
            int length = valuesCustom.length;
            TrusterType[] trusterTypeArr = new TrusterType[length];
            System.arraycopy(valuesCustom, 0, trusterTypeArr, 0, length);
            return trusterTypeArr;
        }
    }

    protected PropsTruster(String str) {
        loadConf(str, new Properties());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public PropsTruster(String str, InputStream inputStream) {
        loadConf(str, inputStream);
    }

    protected synchronized void loadConf(String str, InputStream inputStream) {
        Properties properties = null;
        if (inputStream != null) {
            try {
                properties = new Properties();
                properties.load(inputStream);
            } catch (IOException e) {
                LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_1, new Object[]{inputStream}));
                if (LOG.isDebugEnabled()) {
                    LOG.debug(e);
                }
            }
        } else {
            LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_1, new Object[]{inputStream}));
        }
        loadConf(str, properties);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public synchronized void loadConf(String str, Properties properties) {
        this.externalProps = properties;
        Properties properties2 = null;
        try {
            InputStream resourceAsStream = getClassLoader().getResourceAsStream(str);
            if (resourceAsStream != null) {
                properties2 = new Properties();
                properties2.load(resourceAsStream);
            } else {
                LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_1, new Object[]{str}));
            }
        } catch (IOException e) {
            LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_1, new Object[]{str}));
        }
        if (properties2 != null) {
            try {
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
                this.issuersCerts = loadCerts(certificateFactory, properties2, this.externalProps, TrusterType.TRUSTER_SIGNCERTS_ISSUER);
                this.certsCerts = loadCerts(certificateFactory, properties2, this.externalProps, TrusterType.TRUSTER_SIGNCERTS_CERTS);
                this.issuersOCSP = loadCerts(certificateFactory, properties2, this.externalProps, TrusterType.TRUSTER_OCSP_ISSUER);
                this.certsOCSP = loadCerts(certificateFactory, properties2, this.externalProps, TrusterType.TRUSTER_OCSP_CERTS);
                this.issuersCRL = loadCerts(certificateFactory, properties2, this.externalProps, TrusterType.TRUSTER_CRL_ISSUER);
                this.issuersTSA = loadCerts(certificateFactory, properties2, this.externalProps, TrusterType.TRUSTER_TSA_ISSUER);
                this.certsTSA = loadCerts(certificateFactory, properties2, this.externalProps, TrusterType.TRUSTER_TSA_CERTS);
            } catch (CertificateException e2) {
                LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_9, new Object[]{e2.getMessage()}));
                if (LOG.isDebugEnabled()) {
                    LOG.debug("", e2);
                }
            }
        }
    }

    @Override // es.mityc.javasign.trust.ITrustCRLEmisor
    public void isTrusted(X509CRL x509crl) throws TrustException {
        if (this.issuersCRL == null) {
            throw new UnknownTrustException();
        }
        boolean z = false;
        X509CertSelector x509CertSelector = new X509CertSelector();
        x509CertSelector.setSubject(x509crl.getIssuerX500Principal());
        try {
            Iterator<? extends Certificate> it = this.issuersCRL.getCertificates(x509CertSelector).iterator();
            while (it.hasNext()) {
                try {
                    x509crl.verify(((X509Certificate) it.next()).getPublicKey());
                    return;
                } catch (InvalidKeyException e) {
                    LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_2, new Object[]{e.getMessage()}));
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("", e);
                    }
                    throw new UnknownTrustException();
                } catch (NoSuchAlgorithmException e2) {
                    LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_4, new Object[]{e2.getMessage()}));
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("", e2);
                    }
                    throw new UnknownTrustException();
                } catch (NoSuchProviderException e3) {
                    LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_5, new Object[]{e3.getMessage()}));
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("", e3);
                    }
                    throw new UnknownTrustException();
                } catch (SignatureException e4) {
                    z = true;
                } catch (CRLException e5) {
                    LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_3, new Object[]{e5.getMessage()}));
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("", e5);
                    }
                    throw new UnknownTrustException();
                }
            }
            if (!z) {
                throw new NotTrustedException();
            }
            throw new FakedTrustException();
        } catch (CertStoreException e6) {
            LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_21, new Object[]{e6.getMessage()}));
            if (LOG.isDebugEnabled()) {
                LOG.debug("", e6);
            }
            throw new UnknownTrustException();
        }
    }

    @Override // es.mityc.javasign.trust.ITrustOCSPProducer
    public void isTrusted(OCSPResp oCSPResp) throws TrustException {
        try {
            BasicOCSPResp basicOCSPResp = (BasicOCSPResp) oCSPResp.getResponseObject();
            if (this.certsOCSP != null) {
                X509CertSelector x509CertSelector = null;
                try {
                    X509Certificate[] certs = basicOCSPResp.getCerts("SUN");
                    if (certs == null || certs.length <= 0) {
                        ResponderID aSN1Object = basicOCSPResp.getResponderId().toASN1Object();
                        if (aSN1Object != null) {
                            ASN1TaggedObject aSN1Object2 = aSN1Object.toASN1Object();
                            switch (aSN1Object2.getTagNo()) {
                                case 1:
                                    X500Principal x500Principal = new X500Principal(new X509Principal(X509Name.getInstance(aSN1Object2.getObject()).toString()).getDEREncoded());
                                    x509CertSelector = new X509CertSelector();
                                    x509CertSelector.setSubject(x500Principal);
                                    break;
                                case 2:
                                    ASN1OctetString object = aSN1Object2.getObject();
                                    x509CertSelector = new X509CertSelector();
                                    try {
                                        x509CertSelector.setSubjectPublicKey(object.getOctets());
                                        break;
                                    } catch (IOException e) {
                                        LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_13, new Object[]{e.getMessage()}));
                                        if (LOG.isDebugEnabled()) {
                                            LOG.debug("", e);
                                        }
                                        throw new UnknownTrustException();
                                    }
                                default:
                                    throw new UnknownTrustException();
                            }
                        }
                    } else {
                        x509CertSelector = new X509CertSelector();
                        x509CertSelector.setSubjectPublicKey(certs[0].getPublicKey());
                    }
                    if (x509CertSelector != null) {
                        try {
                            Iterator<? extends Certificate> it = this.certsOCSP.getCertificates(x509CertSelector).iterator();
                            if (it.hasNext()) {
                                try {
                                    if (basicOCSPResp.verify(((X509Certificate) it.next()).getPublicKey(), "SunRsaSign")) {
                                        return;
                                    } else {
                                        throw new FakedTrustException();
                                    }
                                } catch (OCSPException e2) {
                                    LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_15, new Object[]{e2.getMessage()}));
                                    if (LOG.isDebugEnabled()) {
                                        LOG.debug("", e2);
                                    }
                                    throw new UnknownTrustException();
                                } catch (NoSuchProviderException e3) {
                                    LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_14, new Object[]{e3.getMessage()}));
                                    if (LOG.isDebugEnabled()) {
                                        LOG.debug("", e3);
                                    }
                                    throw new UnknownTrustException();
                                }
                            }
                        } catch (CertStoreException e4) {
                            LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_22, new Object[]{e4.getMessage()}));
                            if (LOG.isDebugEnabled()) {
                                LOG.debug("", e4);
                            }
                            throw new UnknownTrustException();
                        }
                    }
                } catch (OCSPException e5) {
                    LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_12, new Object[]{e5.getMessage()}));
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("", e5);
                    }
                    throw new UnknownTrustException();
                } catch (NoSuchProviderException e6) {
                    LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_12, new Object[]{e6.getMessage()}));
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("", e6);
                    }
                    throw new UnknownTrustException();
                }
            }
            if (this.issuersOCSP == null) {
                throw new NotTrustedException();
            }
            try {
                X509Certificate[] certs2 = basicOCSPResp.getCerts("SUN");
                if (certs2 == null || certs2.length == 0) {
                    throw new UnknownTrustException();
                }
                validateIssuer(certs2, this.issuersOCSP);
                try {
                    if (basicOCSPResp.verify(certs2[0].getPublicKey(), "SunRsaSign")) {
                    } else {
                        throw new FakedTrustException();
                    }
                } catch (NoSuchProviderException e7) {
                    LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_14, new Object[]{e7.getMessage()}));
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("", e7);
                    }
                    throw new UnknownTrustException();
                } catch (OCSPException e8) {
                    LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_15, new Object[]{e8.getMessage()}));
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("", e8);
                    }
                    throw new UnknownTrustException();
                }
            } catch (OCSPException e9) {
                LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_12, new Object[]{e9.getMessage()}));
                if (LOG.isDebugEnabled()) {
                    LOG.debug("", e9);
                }
                throw new UnknownTrustException();
            } catch (NoSuchProviderException e10) {
                LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_12, new Object[]{e10.getMessage()}));
                if (LOG.isDebugEnabled()) {
                    LOG.debug("", e10);
                }
                throw new UnknownTrustException();
            }
        } catch (OCSPException e11) {
            LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_11, new Object[]{e11.getMessage()}));
            if (LOG.isDebugEnabled()) {
                LOG.debug("", e11);
            }
            throw new UnknownTrustException();
        }
    }

    private void validateIssuer(X509Certificate[] x509CertificateArr, CertStore certStore) throws UnknownTrustException, NotTrustedException {
        for (int i = 0; i < x509CertificateArr.length; i++) {
            X509CertSelector x509CertSelector = new X509CertSelector();
            if (x509CertificateArr.length > i + 1) {
                x509CertSelector.setSubjectPublicKey(x509CertificateArr[i + 1].getPublicKey());
            } else {
                x509CertSelector.setSubject(x509CertificateArr[i].getIssuerX500Principal());
            }
            try {
                Collection<? extends Certificate> certificates = certStore.getCertificates(x509CertSelector);
                if (certificates.size() > 0) {
                    Iterator<? extends Certificate> it = certificates.iterator();
                    while (it.hasNext()) {
                        try {
                            x509CertificateArr[i].verify(((X509Certificate) it.next()).getPublicKey());
                            return;
                        } catch (InvalidKeyException e) {
                            LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_23, new Object[]{e.getMessage()}));
                            if (LOG.isDebugEnabled()) {
                                LOG.debug("", e);
                            }
                            throw new UnknownTrustException();
                        } catch (NoSuchAlgorithmException e2) {
                            LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_23, new Object[]{e2.getMessage()}));
                            if (LOG.isDebugEnabled()) {
                                LOG.debug("", e2);
                            }
                            throw new UnknownTrustException();
                        } catch (NoSuchProviderException e3) {
                            LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_23, new Object[]{e3.getMessage()}));
                            if (LOG.isDebugEnabled()) {
                                LOG.debug("", e3);
                            }
                            throw new UnknownTrustException();
                        } catch (SignatureException e4) {
                        } catch (CertificateException e5) {
                            LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_23, new Object[]{e5.getMessage()}));
                            if (LOG.isDebugEnabled()) {
                                LOG.debug("", e5);
                            }
                            throw new UnknownTrustException();
                        }
                    }
                    throw new FakedTrustException();
                }
                if (i + 1 >= x509CertificateArr.length) {
                    throw new NotTrustedException();
                }
                try {
                    x509CertificateArr[i].verify(x509CertificateArr[i + 1].getPublicKey());
                } catch (InvalidKeyException e6) {
                    LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_23, new Object[]{e6.getMessage()}));
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("", e6);
                    }
                    throw new UnknownTrustException();
                } catch (NoSuchAlgorithmException e7) {
                    LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_23, new Object[]{e7.getMessage()}));
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("", e7);
                    }
                    throw new UnknownTrustException();
                } catch (NoSuchProviderException e8) {
                    LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_23, new Object[]{e8.getMessage()}));
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("", e8);
                    }
                    throw new UnknownTrustException();
                } catch (SignatureException e9) {
                    throw new FakedTrustException();
                } catch (CertificateException e10) {
                    LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_23, new Object[]{e10.getMessage()}));
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("", e10);
                    }
                    throw new UnknownTrustException();
                }
            } catch (CertStoreException e11) {
                LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_22, new Object[]{e11.getMessage()}));
                if (LOG.isDebugEnabled()) {
                    LOG.debug("", e11);
                }
                throw new UnknownTrustException();
            }
        }
        throw new NotTrustedException();
    }

    @Override // es.mityc.javasign.trust.ITrustSignCerts
    public void isTrusted(CertPath certPath) throws TrustException {
        if (certPath == null || certPath.getCertificates().size() == 0) {
            throw new UnknownTrustException();
        }
        if (this.certsCerts != null) {
            X509Certificate x509Certificate = (X509Certificate) certPath.getCertificates().get(0);
            X509CertSelector x509CertSelector = new X509CertSelector();
            x509CertSelector.setCertificate(x509Certificate);
            try {
                if (this.certsCerts.getCertificates(x509CertSelector).size() > 0) {
                    return;
                }
            } catch (CertStoreException e) {
                LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_24, new Object[]{e.getMessage()}));
                if (LOG.isDebugEnabled()) {
                    LOG.debug("", e);
                }
                throw new UnknownTrustException();
            }
        }
        if (this.issuersCerts == null) {
            throw new NotTrustedException();
        }
        validateIssuer((X509Certificate[]) certPath.getCertificates().toArray(new X509Certificate[0]), this.issuersCerts);
    }

    @Override // es.mityc.javasign.trust.ITrustTSProducer
    public void isTrusted(TimeStampToken timeStampToken) throws TrustException {
        if (this.certsTSA != null) {
            CertSelector sid = timeStampToken.getSID();
            if (sid == null) {
                throw new UnknownTrustException();
            }
            try {
                Collection<? extends Certificate> certificates = this.certsTSA.getCertificates(sid);
                if (certificates.size() > 0) {
                    Iterator<? extends Certificate> it = certificates.iterator();
                    if (it.hasNext()) {
                        try {
                            timeStampToken.validate((X509Certificate) it.next(), "SunRsaSign");
                            return;
                        } catch (CertificateExpiredException e) {
                            LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_26), e);
                            throw new NotTrustedException(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_26));
                        } catch (TSPValidationException e2) {
                            throw new FakedTrustException();
                        } catch (TSPException e3) {
                            LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_7, new Object[]{e3.getMessage()}));
                            if (LOG.isDebugEnabled()) {
                                LOG.debug("", e3);
                            }
                            throw new UnknownTrustException();
                        } catch (NoSuchProviderException e4) {
                            LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_6, new Object[]{e4.getMessage()}));
                            if (LOG.isDebugEnabled()) {
                                LOG.debug("", e4);
                            }
                            throw new UnknownTrustException();
                        } catch (CertificateNotYetValidException e5) {
                            LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_26), e5);
                            throw new NotTrustedException(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_26));
                        }
                    }
                }
            } catch (CertStoreException e6) {
                LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_25, new Object[]{e6.getMessage()}));
                if (LOG.isDebugEnabled()) {
                    LOG.debug("", e6);
                }
                throw new UnknownTrustException();
            }
        }
        if (this.issuersTSA != null) {
            try {
                X509Certificate[] x509CertificateArr = (X509Certificate[]) timeStampToken.getCertificatesAndCRLs("Collection", (String) null).getCertificates(null).toArray(new X509Certificate[0]);
                if (x509CertificateArr == null || x509CertificateArr.length == 0) {
                    throw new UnknownTrustException();
                }
                validateIssuer(x509CertificateArr, this.issuersTSA);
                try {
                    timeStampToken.validate(x509CertificateArr[0], "SunRsaSign");
                    return;
                } catch (TSPValidationException e7) {
                    throw new FakedTrustException();
                } catch (NoSuchProviderException e8) {
                    LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_6, new Object[]{e8.getMessage()}));
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("", e8);
                    }
                    throw new UnknownTrustException();
                } catch (CertificateExpiredException e9) {
                } catch (CertificateNotYetValidException e10) {
                } catch (TSPException e11) {
                    LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_7, new Object[]{e11.getMessage()}));
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("", e11);
                    }
                    throw new UnknownTrustException();
                }
            } catch (NoSuchAlgorithmException e12) {
                LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_19, new Object[]{e12.getMessage()}));
                if (LOG.isDebugEnabled()) {
                    LOG.debug("", e12);
                }
                throw new UnknownTrustException();
            } catch (NoSuchProviderException e13) {
                LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_19, new Object[]{e13.getMessage()}));
                if (LOG.isDebugEnabled()) {
                    LOG.debug("", e13);
                }
                throw new UnknownTrustException();
            } catch (CertStoreException e14) {
                LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_25, new Object[]{e14.getMessage()}));
                if (LOG.isDebugEnabled()) {
                    LOG.debug("", e14);
                }
                throw new UnknownTrustException();
            } catch (CMSException e15) {
                LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_19, new Object[]{e15.getMessage()}));
                if (LOG.isDebugEnabled()) {
                    LOG.debug("", e15);
                }
                throw new UnknownTrustException();
            }
        }
        throw new NotTrustedException();
    }

    public static TrustAdapter getInstance() {
        if (instance == null) {
            instance = new PropsTruster(CONF_DEFAULT, null);
        }
        return instance;
    }

    private static ClassLoader getClassLoader() {
        try {
            ClassLoader classLoader = (ClassLoader) AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() { // from class: es.mityc.javasign.trust.PropsTruster.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedAction
                public ClassLoader run() {
                    ClassLoader classLoader2 = null;
                    try {
                        classLoader2 = Thread.currentThread().getContextClassLoader();
                    } catch (SecurityException e) {
                    }
                    return classLoader2;
                }
            });
            if (classLoader != null) {
                return classLoader;
            }
        } catch (Exception e) {
        }
        return TrustFactory.class.getClassLoader();
    }

    private CertStore loadCerts(CertificateFactory certificateFactory, Properties properties, Properties properties2, TrusterType trusterType) {
        ArrayList arrayList = new ArrayList();
        if (properties != null) {
            ClassLoader classLoader = getClassLoader();
            Enumeration<?> propertyNames = properties.propertyNames();
            while (propertyNames.hasMoreElements()) {
                String str = (String) propertyNames.nextElement();
                if (str.startsWith(trusterType.toString())) {
                    try {
                        StringTokenizer stringTokenizer = new StringTokenizer(properties.getProperty(str), ",");
                        while (stringTokenizer.hasMoreTokens()) {
                            String nextToken = stringTokenizer.nextToken();
                            InputStream resourceAsStream = classLoader.getResourceAsStream(nextToken);
                            if (resourceAsStream != null) {
                                try {
                                    arrayList.add((X509Certificate) certificateFactory.generateCertificate(resourceAsStream));
                                } catch (CertificateException e) {
                                    LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_10, new Object[]{e.getMessage()}));
                                    if (LOG.isDebugEnabled()) {
                                        LOG.debug("", e);
                                    }
                                }
                            } else {
                                LOG.warn(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_8, new Object[]{nextToken}));
                            }
                        }
                    } catch (MissingResourceException e2) {
                    }
                }
            }
        }
        if (properties2 != null) {
            Enumeration<?> propertyNames2 = properties2.propertyNames();
            while (propertyNames2.hasMoreElements()) {
                String str2 = (String) propertyNames2.nextElement();
                if (str2.startsWith(trusterType.toString())) {
                    try {
                        StringTokenizer stringTokenizer2 = new StringTokenizer(properties2.getProperty(str2), ",");
                        while (stringTokenizer2.hasMoreTokens()) {
                            FileInputStream fileInputStream = new FileInputStream(stringTokenizer2.nextToken());
                            try {
                                try {
                                    arrayList.add((X509Certificate) certificateFactory.generateCertificate(fileInputStream));
                                    try {
                                        fileInputStream.close();
                                    } catch (Exception e3) {
                                    }
                                } catch (CertificateException e4) {
                                    ByteArrayOutputStream byteArrayOutputStream = null;
                                    try {
                                        try {
                                            fileInputStream.reset();
                                            byteArrayOutputStream = new ByteArrayOutputStream(fileInputStream.available());
                                            byte[] bArr = new byte[1000];
                                            for (int read = fileInputStream.read(bArr); read > 0; read = fileInputStream.read(bArr)) {
                                                byteArrayOutputStream.write(bArr, 0, read);
                                            }
                                            arrayList.add((X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(Base64.encode(byteArrayOutputStream.toByteArray()))));
                                            try {
                                                byteArrayOutputStream.close();
                                            } catch (Exception e5) {
                                            }
                                        } catch (Throwable th) {
                                            try {
                                                byteArrayOutputStream.close();
                                            } catch (Exception e6) {
                                            }
                                            throw th;
                                            break;
                                        }
                                    } catch (Exception e7) {
                                        LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_10, new Object[]{e4.getMessage()}));
                                        if (LOG.isDebugEnabled()) {
                                            LOG.debug("", e4);
                                            LOG.debug("", e7);
                                        }
                                        try {
                                            byteArrayOutputStream.close();
                                        } catch (Exception e8) {
                                        }
                                    }
                                    try {
                                        fileInputStream.close();
                                    } catch (Exception e9) {
                                    }
                                }
                            } catch (Throwable th2) {
                                try {
                                    fileInputStream.close();
                                } catch (Exception e10) {
                                }
                                throw th2;
                                break;
                            }
                        }
                    } catch (FileNotFoundException e11) {
                        LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_10, new Object[]{e11.getMessage()}));
                    } catch (MissingResourceException e12) {
                        LOG.warn(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_8, new Object[]{e12.getMessage()}));
                    }
                }
            }
        }
        CertStore certStore = null;
        if (arrayList.size() > 0) {
            try {
                certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(arrayList));
            } catch (InvalidAlgorithmParameterException e13) {
                LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_20, new Object[]{e13.getMessage()}));
                if (LOG.isDebugEnabled()) {
                    LOG.debug("", e13);
                }
            } catch (NoSuchAlgorithmException e14) {
                LOG.error(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_20, new Object[]{e14.getMessage()}));
                if (LOG.isDebugEnabled()) {
                    LOG.debug("", e14);
                }
            }
        }
        return certStore;
    }

    public CertPath getCertPath(X509Certificate x509Certificate) throws UnknownTrustException {
        Vector vector = new Vector();
        vector.add(x509Certificate);
        ArrayList arrayList = new ArrayList();
        arrayList.add(this.issuersCerts);
        arrayList.add(this.certsCerts);
        arrayList.add(this.issuersOCSP);
        arrayList.add(this.certsOCSP);
        arrayList.add(this.issuersCRL);
        arrayList.add(this.issuersTSA);
        arrayList.add(this.certsTSA);
        X509CertSelector x509CertSelector = new X509CertSelector();
        X509Certificate x509Certificate2 = x509Certificate;
        boolean z = false;
        for (int i = 0; i < arrayList.size() && !z; i++) {
            CertStore certStore = (CertStore) arrayList.get(i);
            int i2 = 0;
            while (i2 != vector.size() && certStore != null) {
                i2 = vector.size();
                try {
                    x509Certificate2.verify(x509Certificate2.getPublicKey());
                    z = true;
                    break;
                } catch (Exception e) {
                    x509CertSelector.setSubject(x509Certificate2.getIssuerX500Principal());
                    try {
                        Collection<? extends Certificate> certificates = certStore.getCertificates(x509CertSelector);
                        if (certificates != null) {
                            Iterator<? extends Certificate> it = certificates.iterator();
                            while (it.hasNext()) {
                                X509Certificate x509Certificate3 = (X509Certificate) it.next();
                                try {
                                    x509Certificate2.verify(x509Certificate3.getPublicKey());
                                    vector.add(x509Certificate3);
                                    x509Certificate2 = x509Certificate3;
                                    break;
                                } catch (Exception e2) {
                                }
                            }
                        }
                    } catch (CertStoreException e3) {
                        throw new UnknownTrustException();
                    }
                }
            }
        }
        if (!z) {
            throw new UnknownTrustException(I18N.getLocalMessage(ConstantsTrust.I18N_TRUST_PROPS_23, new Object[]{String.valueOf(x509Certificate.getSubjectX500Principal().getName()) + " -issuer:  " + x509Certificate.getIssuerDN()}));
        }
        try {
            return CertificateFactory.getInstance("X.509").generateCertPath(vector);
        } catch (CertificateException e4) {
            throw new UnknownTrustException();
        }
    }

    public Vector<X509Certificate> getTrustedCAs(TrusterType trusterType) {
        Vector<X509Certificate> vector = new Vector<>();
        if (trusterType == null) {
            vector.addAll(extractAllCerts(this.certsCerts));
            vector.addAll(extractAllCerts(this.issuersCerts));
            vector.addAll(extractAllCerts(this.certsOCSP));
            vector.addAll(extractAllCerts(this.issuersOCSP));
            vector.addAll(extractAllCerts(this.certsTSA));
            vector.addAll(extractAllCerts(this.issuersTSA));
            vector.addAll(extractAllCerts(this.issuersCRL));
        } else if (TrusterType.TRUSTER_SIGNCERTS_CERTS.equals(trusterType)) {
            vector.addAll(extractAllCerts(this.certsCerts));
        } else if (TrusterType.TRUSTER_SIGNCERTS_ISSUER.equals(trusterType)) {
            vector.addAll(extractAllCerts(this.issuersCerts));
        } else if (TrusterType.TRUSTER_OCSP_CERTS.equals(trusterType)) {
            vector.addAll(extractAllCerts(this.certsOCSP));
        } else if (TrusterType.TRUSTER_OCSP_ISSUER.equals(trusterType)) {
            vector.addAll(extractAllCerts(this.issuersOCSP));
        } else if (TrusterType.TRUSTER_TSA_CERTS.equals(trusterType)) {
            vector.addAll(extractAllCerts(this.certsTSA));
        } else if (TrusterType.TRUSTER_TSA_ISSUER.equals(trusterType)) {
            vector.addAll(extractAllCerts(this.issuersTSA));
        } else if (TrusterType.TRUSTER_CRL_ISSUER.equals(trusterType)) {
            vector.addAll(extractAllCerts(this.issuersCRL));
        } else {
            LOG.debug("No se reconoció el tipo indicado: " + trusterType);
        }
        return vector;
    }

    private Vector<X509Certificate> extractAllCerts(CertStore certStore) {
        Vector<X509Certificate> vector = new Vector<>();
        if (certStore != null) {
            try {
                Collection<? extends Certificate> certificates = certStore.getCertificates(null);
                if (certificates != null) {
                    Iterator<? extends Certificate> it = certificates.iterator();
                    while (it.hasNext()) {
                        try {
                            vector.add((X509Certificate) it.next());
                        } catch (Exception e) {
                            if (LOG.isDebugEnabled()) {
                                LOG.debug("", e);
                            }
                        }
                    }
                }
            } catch (CertStoreException e2) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("", e2);
                }
                return vector;
            }
        }
        return vector;
    }
}
