package de.petendi.seccoco;

import de.petendi.commons.crypto.Signature;
import de.petendi.commons.crypto.connector.CryptoException;
import de.petendi.seccoco.connector.BCConnector;
import de.petendi.seccoco.model.Identity;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.FileWriter;
import java.io.IOException;
import java.io.Reader;
import java.io.StringReader;
import java.io.Writer;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.io.IOUtils;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:lib/seccoco-java-2.0.0.jar:de/petendi/seccoco/DefaultIdentities.class */
public class DefaultIdentities implements Identities {
    private static final String SUFFIX = ".pem";
    private File certDirectory;
    private final Identity ownIdentity;
    private BCConnector securityProviderConnector = new BCConnector();

    /* loaded from: input_file:lib/seccoco-java-2.0.0.jar:de/petendi/seccoco/DefaultIdentities$CertificateCorruptedException.class */
    class CertificateCorruptedException extends RuntimeException {
        private static final long serialVersionUID = 1;

        CertificateCorruptedException() {
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:lib/seccoco-java-2.0.0.jar:de/petendi/seccoco/DefaultIdentities$CertificateNotFoundException.class */
    public class CertificateNotFoundException extends RuntimeException {
        private static final long serialVersionUID = 1;

        CertificateNotFoundException() {
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public DefaultIdentities(File file, Identity identity) {
        this.ownIdentity = identity;
        this.certDirectory = file;
        file.mkdirs();
    }

    @Override // de.petendi.seccoco.Identities
    public boolean store(Identity identity) {
        if (!containsCertificate(identity.getCertificate())) {
            throw new CertificateCorruptedException();
        }
        File file = new File(this.certDirectory, identity.getFingerPrint() + SUFFIX);
        boolean exists = file.exists();
        if (!exists) {
            FileWriter fileWriter = null;
            try {
                try {
                    fileWriter = new FileWriter(file);
                    IOUtils.write(identity.getCertificate(), (Writer) fileWriter);
                    IOUtils.closeQuietly((Writer) fileWriter);
                } catch (IOException e) {
                    throw new IllegalStateException(e);
                }
            } catch (Throwable th) {
                IOUtils.closeQuietly((Writer) fileWriter);
                throw th;
            }
        }
        return exists;
    }

    boolean containsCertificate(String str) {
        return new Signature(this.securityProviderConnector).containsPublicKey(new StringReader(str));
    }

    @Override // de.petendi.seccoco.Identities
    public Identity extractFromPem(Reader reader) {
        try {
            String iOUtils = IOUtils.toString(reader);
            return new Identity(iOUtils, extractFingerPrint(this.securityProviderConnector.extractCertificate(new StringReader(iOUtils))));
        } catch (Exception e) {
            throw new IllegalArgumentException("could not extract certificate", e);
        }
    }

    @Override // de.petendi.seccoco.Identities
    public Identity getOwnIdentity() {
        return this.ownIdentity;
    }

    @Override // de.petendi.seccoco.Identities
    public Identity get(String str) {
        File file = new File(this.certDirectory, str + SUFFIX);
        try {
            Signature signature = new Signature(this.securityProviderConnector);
            FileReader fileReader = new FileReader(file);
            boolean containsPublicKey = signature.containsPublicKey(fileReader);
            IOUtils.closeQuietly((Reader) fileReader);
            FileReader fileReader2 = new FileReader(file);
            if (containsPublicKey) {
                return extractFromPem(fileReader2);
            }
            IOUtils.closeQuietly((Reader) fileReader2);
            throw new CertificateNotFoundException();
        } catch (FileNotFoundException e) {
            throw new CertificateNotFoundException();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isSignatureValid(Identity identity, byte[] bArr, byte[] bArr2) {
        try {
            return new Signature(this.securityProviderConnector).verify(bArr2, bArr, this.securityProviderConnector.extractPublicKey(new StringReader(identity.getCertificate())));
        } catch (CryptoException e) {
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isSignatureValid(String str, byte[] bArr, byte[] bArr2) {
        return isSignatureValid(get(str), bArr, bArr2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String extractFingerPrint(X509Certificate x509Certificate) throws CertificateEncodingException {
        return new String(Hex.encodeHex(DigestUtils.sha1(x509Certificate.getEncoded())));
    }
}
