package com.sun.deploy.security;

import com.sun.deploy.config.Config;
import com.sun.deploy.util.Trace;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.AccessController;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.Random;
import java.util.TreeSet;

/* loaded from: input_file:118666-05/SUNWj5rt/reloc/jdk/instances/jdk1.5.0/jre/lib/deploy.jar:com/sun/deploy/security/SSLRootCertStore.class */
public final class SSLRootCertStore implements CertStore {
    private static String _filenameUser;
    private static String _filenameSys;
    private long _userLastModified = 0;
    private long _sysLastModified = 0;
    private KeyStore _deploymentUserHttpsCACerts = CertUtils.createEmptyKeyStore();
    private KeyStore _deploymentSystemHttpsCACerts = CertUtils.createEmptyKeyStore();

    @Override // com.sun.deploy.security.CertStore
    public void load() throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
        if (_filenameUser != null) {
            long fileLastModified = CertUtils.getFileLastModified(_filenameUser);
            if (fileLastModified != this._userLastModified) {
                this._deploymentUserHttpsCACerts = load(_filenameUser);
                this._userLastModified = fileLastModified;
            }
        }
        if (_filenameSys != null) {
            long fileLastModified2 = CertUtils.getFileLastModified(_filenameSys);
            if (fileLastModified2 != this._sysLastModified) {
                this._deploymentSystemHttpsCACerts = load(_filenameSys);
                this._sysLastModified = fileLastModified2;
            }
        }
    }

    private KeyStore load(String str) throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
        Trace.msgSecurityPrintln("roothttpscertstore.cert.loading", new Object[]{str});
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null, null);
        try {
            AccessController.doPrivileged(new PrivilegedExceptionAction(this, str, keyStore) { // from class: com.sun.deploy.security.SSLRootCertStore.1
                private final String val$filename;
                private final KeyStore val$keyStore;
                private final SSLRootCertStore this$0;

                {
                    this.this$0 = this;
                    this.val$filename = str;
                    this.val$keyStore = keyStore;
                }

                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
                    File file = new File(this.val$filename);
                    if (!file.exists()) {
                        Trace.msgSecurityPrintln("roothttpscertstore.cert.noload", new Object[]{this.val$filename});
                        return null;
                    }
                    FileInputStream fileInputStream = new FileInputStream(file);
                    BufferedInputStream bufferedInputStream = new BufferedInputStream(fileInputStream);
                    this.val$keyStore.load(bufferedInputStream, null);
                    bufferedInputStream.close();
                    fileInputStream.close();
                    return null;
                }
            });
        } catch (PrivilegedActionException e) {
            Exception exception = e.getException();
            if (exception instanceof IOException) {
                throw ((IOException) exception);
            }
            if (exception instanceof CertificateException) {
                throw ((CertificateException) exception);
            }
            if (exception instanceof KeyStoreException) {
                throw ((KeyStoreException) exception);
            }
            if (exception instanceof NoSuchAlgorithmException) {
                throw ((NoSuchAlgorithmException) exception);
            }
            Trace.securityPrintException(e);
        }
        Trace.msgSecurityPrintln("roothttpscertstore.cert.loaded", new Object[]{str});
        return keyStore;
    }

    @Override // com.sun.deploy.security.CertStore
    public void save() throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
        Trace.msgSecurityPrintln("roothttpscertstore.cert.saving", new Object[]{_filenameUser});
        try {
            AccessController.doPrivileged(new PrivilegedExceptionAction(this) { // from class: com.sun.deploy.security.SSLRootCertStore.2
                private final SSLRootCertStore this$0;

                {
                    this.this$0 = this;
                }

                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
                    File file = new File(SSLRootCertStore._filenameUser);
                    file.getParentFile().mkdirs();
                    FileOutputStream fileOutputStream = new FileOutputStream(file);
                    BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(fileOutputStream);
                    this.this$0._deploymentUserHttpsCACerts.store(bufferedOutputStream, new char[0]);
                    bufferedOutputStream.close();
                    fileOutputStream.close();
                    return null;
                }
            });
        } catch (PrivilegedActionException e) {
            Exception exception = e.getException();
            if (exception instanceof IOException) {
                throw ((IOException) exception);
            }
            if (exception instanceof CertificateException) {
                throw ((CertificateException) exception);
            }
            if (exception instanceof KeyStoreException) {
                throw ((KeyStoreException) exception);
            }
            if (exception instanceof NoSuchAlgorithmException) {
                throw ((NoSuchAlgorithmException) exception);
            }
            Trace.securityPrintException(e);
        }
        Trace.msgSecurityPrintln("roothttpscertstore.cert.saved", new Object[]{_filenameUser});
    }

    @Override // com.sun.deploy.security.CertStore
    public void add(Certificate certificate) throws KeyStoreException {
        String stringBuffer;
        Trace.msgSecurityPrintln("roothttpscertstore.cert.adding");
        if (this._deploymentUserHttpsCACerts.getCertificateAlias(certificate) == null) {
            Random random = new Random();
            boolean z = false;
            do {
                stringBuffer = new StringBuffer().append("userhttpscacert").append(random.nextLong()).toString();
                if (this._deploymentUserHttpsCACerts.getCertificate(stringBuffer) == null) {
                    z = true;
                }
            } while (!z);
            this._deploymentUserHttpsCACerts.setCertificateEntry(stringBuffer, certificate);
            Trace.msgSecurityPrintln("roothttpscertstore.cert.added", new Object[]{stringBuffer});
        }
    }

    @Override // com.sun.deploy.security.CertStore
    public boolean remove(Certificate certificate) throws IOException, KeyStoreException {
        Trace.msgSecurityPrintln("roothttpscertstore.cert.removing");
        String certificateAlias = this._deploymentUserHttpsCACerts.getCertificateAlias(certificate);
        if (certificateAlias != null) {
            this._deploymentUserHttpsCACerts.deleteEntry(certificateAlias);
        }
        Trace.msgSecurityPrintln("rrothttpscertstore.cert.removed", new Object[]{certificateAlias});
        return true;
    }

    @Override // com.sun.deploy.security.CertStore
    public boolean contains(Certificate certificate) throws KeyStoreException {
        Trace.msgSecurityPrintln("roothttpscertstore.cert.instore");
        return (this._deploymentSystemHttpsCACerts.getCertificateAlias(certificate) == null && this._deploymentUserHttpsCACerts.getCertificateAlias(certificate) == null) ? false : true;
    }

    @Override // com.sun.deploy.security.CertStore
    public boolean verify(Certificate certificate) throws KeyStoreException {
        Trace.msgSecurityPrintln("roothttpscertstore.cert.canverify");
        Trace.msgSecurityPrintln("roothttpscertstore.cert.tobeverified", new Object[]{certificate});
        new StringBuffer();
        Enumeration<String> aliases = this._deploymentSystemHttpsCACerts.aliases();
        Enumeration<String> aliases2 = this._deploymentUserHttpsCACerts.aliases();
        while (true) {
            if (!aliases.hasMoreElements() && !aliases2.hasMoreElements()) {
                Trace.msgSecurityPrintln("roothttpscertstore.cert.verify.fail");
                return false;
            }
            Certificate certificate2 = aliases.hasMoreElements() ? this._deploymentSystemHttpsCACerts.getCertificate(aliases.nextElement2()) : this._deploymentUserHttpsCACerts.getCertificate(aliases2.nextElement2());
            Trace.msgSecurityPrintln("roothttpscertstore.cert.tobecompared", new Object[]{certificate2});
            try {
                certificate.verify(certificate2.getPublicKey());
                Trace.msgSecurityPrintln("roothttpscertstore.cert.verify.ok");
                return true;
            } catch (GeneralSecurityException e) {
            }
        }
    }

    @Override // com.sun.deploy.security.CertStore
    public Iterator iterator(int i) throws KeyStoreException {
        Trace.msgSecurityPrintln("roothttpscertstore.cert.iterator");
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        KeyStore keyStore = getKeyStore(i);
        Enumeration<String> aliases = keyStore.aliases();
        TreeSet treeSet = new TreeSet();
        while (aliases.hasMoreElements()) {
            treeSet.add(aliases.nextElement2());
        }
        Iterator it = treeSet.iterator();
        while (it.hasNext()) {
            linkedHashSet.add(keyStore.getCertificate((String) it.next()));
        }
        return linkedHashSet.iterator();
    }

    private KeyStore getKeyStore(int i) {
        Trace.msgSecurityPrintln("roothttpscertstore.cert.getkeystore");
        return i == 0 ? this._deploymentUserHttpsCACerts : this._deploymentSystemHttpsCACerts;
    }

    static {
        _filenameUser = null;
        _filenameSys = null;
        _filenameUser = Config.getUserSSLRootCertificateFile();
        _filenameSys = Config.getSystemSSLRootCertificateFile();
        if (_filenameSys == null || !new File(_filenameSys).exists()) {
            _filenameSys = Config.getSystemRootCertificateFile();
        }
    }
}
