package com.ibm.gsk.ikeyman.certrequest.cmscertrequest;

import com.ibm.gsk.ikeyman.certrequest.AbstractCertificateRequestStore;
import com.ibm.gsk.ikeyman.command.CommandParameters;
import com.ibm.gsk.ikeyman.command.Constants;
import com.ibm.gsk.ikeyman.error.InternalKeyManagerException;
import com.ibm.gsk.ikeyman.error.KeyManagerException;
import com.ibm.gsk.ikeyman.io.FileModificationTracker;
import com.ibm.gsk.ikeyman.io.LockedFileOutputStream;
import com.ibm.gsk.ikeyman.keystore.entry.CertificateRequestKeyItem;
import com.ibm.gsk.ikeyman.keystore.entry.Entry;
import com.ibm.gsk.ikeyman.keystore.entry.EntryFactory;
import com.ibm.gsk.ikeyman.sequence.Sequence;
import com.ibm.gsk.ikeyman.sequence.SequenceFactory;
import com.ibm.gsk.ikeyman.sequence.bytes.ByteSequence;
import com.ibm.gsk.ikeyman.sequence.bytes.ByteSequenceFactory;
import com.ibm.gsk.ikeyman.sequence.bytes.ByteSequenceIterator;
import com.ibm.gsk.ikeyman.util.Debug;
import com.ibm.gsk.ikeyman.util.FileName;
import com.ibm.gsk.ikeyman.util.FilePermissions;
import com.ibm.security.pkcs10.CertificationRequest;
import com.ibm.security.pkcsutil.PKCSException;
import java.io.BufferedOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.NoSuchElementException;

/* loaded from: input_file:com/ibm/gsk/ikeyman/certrequest/cmscertrequest/CMSCertificateRequestFile.class */
public class CMSCertificateRequestFile extends AbstractCertificateRequestStore {
    private static final IntableByteSequence ZERO = IntableByteSequenceFactory.newIntableByteSequence(ByteSequenceFactory.newConstantByteSequence((byte) 0, 4));
    private static final IntableByteSequence ZERO_MD5_HASH = IntableByteSequenceFactory.newIntableByteSequence(ByteSequenceFactory.newConstantByteSequence((byte) 0, 16));
    private static final int FIXED_RECORD_LENGTH = 5000;
    private static final IntableByteSequence FIXED_RECORD_LENGTH_SEQUENCE = IntableByteSequenceFactory.newIntableByteSequence(FIXED_RECORD_LENGTH);
    private static final ByteSequence UNUSED_FILE_LABEL = ByteSequenceFactory.newConstantByteSequence((byte) 0, 24);
    public static final String EXTENSION = ".rdb";
    private final File file;
    private QueryableRequestDatabase requestDatabase;
    private String storePassword;
    private List aliases;
    private final FileModificationTracker tracker;

    protected CMSCertificateRequestFile(File file, String str) throws KeyManagerException {
        this.file = file;
        this.storePassword = str;
        this.tracker = new FileModificationTracker(file.getAbsolutePath());
        load();
    }

    protected CMSCertificateRequestFile(File file, String str, QueryableRequestDatabase queryableRequestDatabase) throws KeyManagerException {
        this.file = file;
        this.storePassword = str;
        this.tracker = new FileModificationTracker(file.getAbsolutePath());
        this.requestDatabase = queryableRequestDatabase;
        rebuildAliasesList();
    }

    private void load() throws KeyManagerException {
        this.tracker.loaded();
        try {
            FileInputStream fileInputStream = new FileInputStream(this.file);
            try {
                this.requestDatabase = QueryableRequestDatabaseFactory.newQueryableRequestDatabase(RequestDatabaseFactory.newRequestDatabase(fileInputStream));
                fileInputStream.close();
                rebuildAliasesList();
            } catch (BadFileTypeException e) {
                throw new KeyManagerException(KeyManagerException.ExceptionReason.INVALID_REQUEST_FILE, e, new String[]{"Bad File Type"});
            } catch (BadMagicNumberException e2) {
                throw new KeyManagerException(KeyManagerException.ExceptionReason.INVALID_REQUEST_FILE, e2, new String[]{"Bad Magic Number"});
            } catch (BadRecordFlagException e3) {
                throw new KeyManagerException(KeyManagerException.ExceptionReason.INVALID_REQUEST_FILE, e3, new String[]{"Bad Record Flag"});
            } catch (BadVersionNumberException e4) {
                throw new KeyManagerException(KeyManagerException.ExceptionReason.INVALID_REQUEST_FILE, e4, new String[]{"Bad Version Number"});
            } catch (IOException e5) {
                throw new KeyManagerException(KeyManagerException.ExceptionReason.IO_ERROR, e5);
            } catch (NullPointerException e6) {
                throw new InternalKeyManagerException(KeyManagerException.ExceptionReason.NULL_POINTER, e6);
            }
        } catch (FileNotFoundException e7) {
            this.aliases = new ArrayList();
        }
    }

    private void rebuildAliasesList() throws KeyManagerException {
        if (this.requestDatabase == null) {
            throw new InternalKeyManagerException(KeyManagerException.ExceptionReason.RDB_UNINITIALISED, new String[0]);
        }
        try {
            this.aliases = new ArrayList();
            Iterator it = this.requestDatabase.getRecords().iterator();
            while (it.hasNext()) {
                Buffer label = ((RequestRecord) it.next()).getLabel();
                byte[] bArr = new byte[label.getHeader().toInt()];
                label.getContent().getInputStream().read(bArr);
                this.aliases.add(new String(bArr, "UTF-8"));
            }
        } catch (IOException e) {
            throw new KeyManagerException(KeyManagerException.ExceptionReason.IO_ERROR, e);
        }
    }

    @Override // com.ibm.gsk.ikeyman.certrequest.AbstractCertificateRequestStore, com.ibm.gsk.ikeyman.keystore.EntryContainerFactory.EntryContainer
    public List getItems() throws KeyManagerException {
        ArrayList arrayList = new ArrayList();
        Iterator it = this.aliases.iterator();
        while (it.hasNext()) {
            arrayList.add(getItem((String) it.next()));
        }
        return arrayList;
    }

    @Override // com.ibm.gsk.ikeyman.keystore.EntryContainerFactory.EntryContainer
    public CertificateRequestKeyItem getItem(String str) throws KeyManagerException {
        if (contains(str)) {
            return getCertRequest(str, this.requestDatabase.getRecordByLabel(str), this.storePassword);
        }
        throw new KeyManagerException(KeyManagerException.ExceptionReason.NO_REQUEST_FOR_LABEL, new String[]{str});
    }

    @Override // com.ibm.gsk.ikeyman.keystore.EntryBagFactory.EntryBag
    public void delete(String str) throws KeyManagerException {
        if (!contains(str)) {
            throw new KeyManagerException(KeyManagerException.ExceptionReason.NO_REQUEST_FOR_LABEL, new String[]{str});
        }
        RequestRecord recordByLabel = this.requestDatabase.getRecordByLabel(str);
        Sequence records = this.requestDatabase.getRecords();
        int indexOf = records.indexOf(recordByLabel);
        try {
            Sequence append = records.getSubSequence(0, indexOf).append(records.getSubSequence(indexOf + 1, records.length()));
            ByteSequence append2 = MagicNumberValidatorFactory.MAGIC_NUMBER.append(this.requestDatabase.getHeader().getMajorVersionNumber()).append(this.requestDatabase.getHeader().getMinorVersionNumber()).append(ZERO).append(FileType.X509KYP).append(FIXED_RECORD_LENGTH_SEQUENCE).append(IntableByteSequenceFactory.newIntableByteSequence(append.length())).append(UNUSED_FILE_LABEL).append(this.requestDatabase.getHeader().getPasswordHeaderHash()).append(this.requestDatabase.getHeader().getPasswordDatabaseHash());
            Iterator it = append.iterator();
            while (it.hasNext()) {
                append2 = append2.append((RequestRecord) it.next());
            }
            try {
                this.requestDatabase = QueryableRequestDatabaseFactory.newQueryableRequestDatabase(RequestDatabaseFactory.newRequestDatabase(append2.getInputStream()));
                updateHeaderHashes();
                rebuildAliasesList();
            } catch (BadFileTypeException e) {
                throw new KeyManagerException(KeyManagerException.ExceptionReason.INVALID_REQUEST_FILE, e, new String[]{"Bad File Type"});
            } catch (BadMagicNumberException e2) {
                throw new KeyManagerException(KeyManagerException.ExceptionReason.INVALID_REQUEST_FILE, e2, new String[]{"Bad Magic Number"});
            } catch (BadRecordFlagException e3) {
                throw new KeyManagerException(KeyManagerException.ExceptionReason.INVALID_REQUEST_FILE, e3, new String[]{"Bad Record Flag"});
            } catch (BadVersionNumberException e4) {
                throw new KeyManagerException(KeyManagerException.ExceptionReason.INVALID_REQUEST_FILE, e4, new String[]{"Bad Version Number"});
            } catch (IOException e5) {
                throw new KeyManagerException(KeyManagerException.ExceptionReason.IO_ERROR, e5);
            } catch (NullPointerException e6) {
                throw new InternalKeyManagerException(KeyManagerException.ExceptionReason.NULL_POINTER, e6);
            } catch (NoSuchAlgorithmException e7) {
                throw new KeyManagerException(KeyManagerException.ExceptionReason.NO_SUCH_ALGORITHM, e7, new String[]{e7.getMessage()});
            }
        } catch (NullPointerException e8) {
            throw new InternalKeyManagerException(KeyManagerException.ExceptionReason.NULL_POINTER, e8);
        }
    }

    private static CertificateRequestKeyItem getCertRequest(String str, RequestRecord requestRecord, String str2) throws KeyManagerException {
        try {
            RequestRecordEncoding encoding = requestRecord.getEncoding();
            return EntryFactory.loadCertificateRequestItem(str, encoding.getCertificationRequest(), encoding.getPrivateKey(str2.toCharArray()));
        } catch (Exception e) {
            Debug.throwing(e);
            return EntryFactory.newUnloadableCertificateRequestItem(str);
        }
    }

    @Override // com.ibm.gsk.ikeyman.keystore.EntryInterfaceFactory.EntryInterface
    public void save() throws KeyManagerException {
        try {
            boolean exists = this.file.exists();
            BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(new LockedFileOutputStream(this.file));
            ByteSequenceIterator iterator = this.requestDatabase.getIterator();
            while (iterator.hasNextByte()) {
                bufferedOutputStream.write(iterator.getNextByte());
            }
            if (!exists) {
                FilePermissions.setFilePermissions(this.file);
            }
            bufferedOutputStream.close();
        } catch (FileNotFoundException e) {
            throw new KeyManagerException(KeyManagerException.ExceptionReason.OUTPUT_FILE_CREATION_ERROR, e, new String[]{this.file.getAbsolutePath()});
        } catch (IOException e2) {
            throw new KeyManagerException(KeyManagerException.ExceptionReason.OUTPUT_STREAM_WRITE_ERROR, e2, new String[]{this.file.getAbsolutePath()});
        } catch (NoSuchElementException e3) {
            throw new RuntimeException("ByteSequenceIterator.getNextByte() threw invalid exception.", e3);
        }
    }

    public void add(CertificateRequestKeyItem certificateRequestKeyItem) throws KeyManagerException {
        try {
            int nextRecordID = this.requestDatabase.getNextRecordID();
            CertificationRequest request = certificateRequestKeyItem.getRequest();
            String label = certificateRequestKeyItem.getLabel();
            PrivateKey privateKey = certificateRequestKeyItem.getPrivateKey();
            RequestRecordDataHashGenerator newRequestRecordDataHashGenerator = RequestRecordDataHashGeneratorFactory.newRequestRecordDataHashGenerator();
            ByteSequence append = IntableByteSequenceFactory.newIntableByteSequence(label.length()).append(ByteSequenceFactory.newByteSequence(label.getBytes("UTF-8")));
            ArrayList arrayList = new ArrayList(1);
            arrayList.add(RequestRecordFactory.newRequestRecord(RecordFlag.CREATED.append(IntableByteSequenceFactory.newIntableByteSequence(nextRecordID)).append(RequestRecordEncodingFactory.newRequestRecordEncoding(nextRecordID, request, privateKey, this.storePassword.toCharArray(), label)).append(BufferFactory.newBuffer(append.getInputStream())).append(newRequestRecordDataHashGenerator.generateSubjectPublicKeyInfoHash(request)).getInputStream(), FIXED_RECORD_LENGTH));
            Sequence append2 = this.requestDatabase.getRecords().append(SequenceFactory.newSequence(arrayList));
            ByteSequence append3 = MagicNumberValidatorFactory.MAGIC_NUMBER.append(this.requestDatabase.getHeader().getMajorVersionNumber()).append(this.requestDatabase.getHeader().getMinorVersionNumber()).append(ZERO).append(FileType.X509KYP).append(FIXED_RECORD_LENGTH_SEQUENCE).append(IntableByteSequenceFactory.newIntableByteSequence(append2.length())).append(UNUSED_FILE_LABEL).append(this.requestDatabase.getHeader().getPasswordHeaderHash()).append(this.requestDatabase.getHeader().getPasswordDatabaseHash());
            Iterator it = append2.iterator();
            while (it.hasNext()) {
                append3 = append3.append((RequestRecord) it.next());
            }
            this.requestDatabase = QueryableRequestDatabaseFactory.newQueryableRequestDatabase(RequestDatabaseFactory.newRequestDatabase(append3.getInputStream()));
            updateHeaderHashes();
            rebuildAliasesList();
        } catch (PKCSException e) {
            throw new KeyManagerException(KeyManagerException.ExceptionReason.PRIVATE_KEY_ENCRYPTION_ERROR, e, new String[]{certificateRequestKeyItem.getLabel()});
        } catch (UnsupportedEncodingException e2) {
            throw new InternalKeyManagerException(KeyManagerException.ExceptionReason.UNSUPPORTED_ENCODING, e2);
        } catch (IOException e3) {
            throw new KeyManagerException(KeyManagerException.ExceptionReason.IO_ERROR, e3);
        } catch (NullPointerException e4) {
            throw new InternalKeyManagerException(KeyManagerException.ExceptionReason.NULL_POINTER, e4);
        } catch (InvalidKeyException e5) {
            throw new KeyManagerException(KeyManagerException.ExceptionReason.PUBLIC_KEY_COPY_ERROR, e5);
        } catch (NoSuchAlgorithmException e6) {
            throw new KeyManagerException(KeyManagerException.ExceptionReason.NO_SUCH_ALGORITHM, e6, new String[]{e6.getMessage()});
        }
    }

    private void updateHeaderHashes() throws NoSuchAlgorithmException, IOException {
        FileHeader header = this.requestDatabase.getHeader();
        ByteSequence append = header.getSubSequence(0, header.length() - (2 * header.getPasswordHeaderHash().length())).append(FileHeaderHashGeneratorFactory.newFileHeaderHashGenerator(header).generateHash(header, this.storePassword)).append(header.getPasswordDatabaseHash());
        Iterator it = this.requestDatabase.getRecords().iterator();
        while (it.hasNext()) {
            append = append.append((RequestRecord) it.next());
        }
        RequestDatabase newRequestDatabase = RequestDatabaseFactory.newRequestDatabase(append.getInputStream());
        ByteSequence generateHash = RequestDatabaseHashGeneratorFactory.newRequestDatabaseHashGenerator(header).generateHash(newRequestDatabase, this.storePassword);
        FileHeader header2 = newRequestDatabase.getHeader();
        ByteSequence append2 = header2.getSubSequence(0, header2.length() - header2.getPasswordDatabaseHash().length()).append(generateHash);
        Iterator it2 = newRequestDatabase.getRecords().iterator();
        while (it2.hasNext()) {
            append2 = append2.append((RequestRecord) it2.next());
        }
        this.requestDatabase = QueryableRequestDatabaseFactory.newQueryableRequestDatabase(RequestDatabaseFactory.newRequestDatabase(append2.getInputStream()));
    }

    public static CMSCertificateRequestFile loadRequestFile(FileName fileName, String str) throws KeyManagerException {
        File file = new File(fileName.changeExtension(EXTENSION).toString());
        return !file.exists() ? createRequestFile(fileName, str) : new CMSCertificateRequestFile(file, str);
    }

    public static CMSCertificateRequestFile createRequestFile(FileName fileName, String str) throws KeyManagerException {
        try {
            File file = new File(fileName.changeExtension(EXTENSION).toString());
            ByteSequence append = MagicNumberValidatorFactory.MAGIC_NUMBER.append(VersionNumber.THREE).append(VersionNumber.ONE).append(ZERO).append(FileType.X509KYP).append(FIXED_RECORD_LENGTH_SEQUENCE).append(IntableByteSequenceFactory.newIntableByteSequence(0)).append(UNUSED_FILE_LABEL).append(ZERO_MD5_HASH).append(ZERO_MD5_HASH);
            FileHeader newFileHeader = FileHeaderFactory.newFileHeader(append.getInputStream());
            ByteSequence append2 = append.getSubSequence(0, append.length() - (2 * ZERO_MD5_HASH.length())).append(FileHeaderHashGeneratorFactory.newFileHeaderHashGenerator(newFileHeader).generateHash(newFileHeader, str)).append(ZERO_MD5_HASH);
            return new CMSCertificateRequestFile(file, str, QueryableRequestDatabaseFactory.newQueryableRequestDatabase(RequestDatabaseFactory.newRequestDatabase(append2.getSubSequence(0, append2.length() - ZERO_MD5_HASH.length()).append(RequestDatabaseHashGeneratorFactory.newRequestDatabaseHashGenerator(newFileHeader).generateHash(RequestDatabaseFactory.newRequestDatabase(append2.getInputStream()), str)).getInputStream())));
        } catch (BadFileTypeException e) {
            throw new KeyManagerException(KeyManagerException.ExceptionReason.INVALID_REQUEST_FILE, e, new String[]{"Bad File Type"});
        } catch (BadMagicNumberException e2) {
            throw new KeyManagerException(KeyManagerException.ExceptionReason.INVALID_REQUEST_FILE, e2, new String[]{"Bad Magic Number"});
        } catch (BadRecordFlagException e3) {
            throw new KeyManagerException(KeyManagerException.ExceptionReason.INVALID_REQUEST_FILE, e3, new String[]{"Bad Record Flag"});
        } catch (BadVersionNumberException e4) {
            throw new KeyManagerException(KeyManagerException.ExceptionReason.INVALID_REQUEST_FILE, e4, new String[]{"Bad Version Number"});
        } catch (IOException e5) {
            throw new KeyManagerException(KeyManagerException.ExceptionReason.IO_ERROR, e5);
        } catch (NullPointerException e6) {
            throw new InternalKeyManagerException(KeyManagerException.ExceptionReason.NULL_POINTER, e6);
        } catch (NoSuchAlgorithmException e7) {
            throw new KeyManagerException(KeyManagerException.ExceptionReason.NO_SUCH_ALGORITHM, e7, new String[]{e7.getMessage()});
        }
    }

    @Override // com.ibm.gsk.ikeyman.keystore.EntryInterfaceFactory.EntryInterface
    public void delete() throws KeyManagerException {
        if (this.file.exists() && !this.file.delete()) {
            throw new KeyManagerException(KeyManagerException.ExceptionReason.FILE_DELETION_FAILED, new String[]{this.file.getAbsolutePath()});
        }
    }

    @Override // com.ibm.gsk.ikeyman.certrequest.AbstractCertificateRequestStore, com.ibm.gsk.ikeyman.keystore.EntryContainerFactory.EntryContainer
    public List getAliases() {
        return this.aliases;
    }

    @Override // com.ibm.gsk.ikeyman.keystore.EntryBagFactory.EntryBag
    public void changePassword(CommandParameters commandParameters) throws KeyManagerException {
        if (commandParameters.isParameterPresent(Constants.Parameter.NewPassword)) {
            String newPassword = commandParameters.getNewPassword();
            if (this.storePassword.equals(newPassword)) {
                return;
            }
            try {
                updateEncryptedRecords(this.storePassword.toCharArray(), newPassword.toCharArray());
                this.storePassword = newPassword;
                updateHeaderHashes();
            } catch (Exception e) {
                throw new KeyManagerException(KeyManagerException.ExceptionReason.RDB_PASSWORD_CHANGE_ERROR, e);
            }
        }
    }

    @Override // com.ibm.gsk.ikeyman.keystore.EntryBagFactory.EntryBag
    public void addAllMissingSigners(CommandParameters commandParameters) throws KeyManagerException {
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v28, types: [com.ibm.gsk.ikeyman.sequence.bytes.ByteSequence] */
    private void updateEncryptedRecords(char[] cArr, char[] cArr2) throws IOException, PKCSException, CertificateEncodingException, CertificateException, NoSuchAlgorithmException {
        Sequence<RequestRecord> records = this.requestDatabase.getRecords();
        HashMap hashMap = new HashMap(records.length());
        for (RequestRecord requestRecord : records) {
            Buffer label = requestRecord.getLabel();
            byte[] bArr = new byte[label.getHeader().toInt()];
            label.getContent().getInputStream().read(bArr);
            String str = new String(bArr, "UTF-8");
            RequestRecordEncoding encoding = requestRecord.getEncoding();
            hashMap.put(Integer.valueOf(requestRecord.getRecordId().toInt()), RequestRecordFactory.newRequestRecord(requestRecord.getRecordFlag().append(requestRecord.getRecordId()).append(RequestRecordEncodingFactory.newRequestRecordEncoding(requestRecord.getRecordId().toInt(), encoding.getCertificationRequest(), encoding.getPrivateKey(cArr), cArr2, str)).append(requestRecord.getLabel()).append(ZERO).append(requestRecord.getSubjectPublicKeyInfoHash()).getInputStream(), FIXED_RECORD_LENGTH));
        }
        FileHeader header = this.requestDatabase.getHeader();
        for (RequestRecord requestRecord2 : this.requestDatabase.getRecords()) {
            RequestRecord requestRecord3 = (RequestRecord) hashMap.get(Integer.valueOf(requestRecord2.getRecordId().toInt()));
            header = requestRecord3 != null ? header.append(requestRecord3) : header.append(requestRecord2);
        }
        this.requestDatabase = QueryableRequestDatabaseFactory.newQueryableRequestDatabase(RequestDatabaseFactory.newRequestDatabase(header.getInputStream()));
    }

    @Override // com.ibm.gsk.ikeyman.keystore.EntryBagFactory.EntryBag
    public void refresh() throws KeyManagerException {
        load();
    }

    @Override // com.ibm.gsk.ikeyman.keystore.EntryContainerFactory.EntryContainer
    public boolean needsRefresh() {
        return this.tracker.needsRefresh();
    }

    @Override // com.ibm.gsk.ikeyman.certrequest.AbstractCertificateRequestStore, com.ibm.gsk.ikeyman.keystore.EntryContainerFactory.EntryContainer
    public Collection getItems() throws KeyManagerException {
        return getItems();
    }

    @Override // com.ibm.gsk.ikeyman.keystore.EntryBagFactory.EntryBag
    public void add(Entry entry) throws KeyManagerException {
        add((CertificateRequestKeyItem) entry);
    }

    @Override // com.ibm.gsk.ikeyman.certrequest.AbstractCertificateRequestStore, com.ibm.gsk.ikeyman.keystore.EntryContainerFactory.EntryContainer
    public Collection getAliases() {
        return getAliases();
    }

    @Override // com.ibm.gsk.ikeyman.keystore.EntryContainerFactory.EntryContainer
    public Entry getItem(String str) throws KeyManagerException {
        return getItem(str);
    }
}
