package com.sun.deploy.security;

import com.sun.deploy.trace.Trace;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.lang.reflect.Method;
import java.security.GeneralSecurityException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;

/* loaded from: input_file:com/sun/deploy/security/MozillaCertStore.class */
abstract class MozillaCertStore implements CertStore {
    protected static final int VALID_PEER = 1;
    protected static final int TRUSTED_PEER = 2;
    protected static final int VALID_CA = 8;
    protected static final int TRUSTED_CA = 16;
    protected static final int USER = 64;
    protected static final int TRUSTED_CLIENT_CA = 128;
    private Collection certs = new ArrayList();

    @Override // com.sun.deploy.security.CertStore
    public void load() throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
        load(false);
    }

    @Override // com.sun.deploy.security.CertStore
    public void load(boolean z) throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
        int i;
        Trace.msgSecurityPrintln("mozilla.cert.loading", new Object[]{getName()});
        this.certs.clear();
        try {
            Class<?> cls = Class.forName("org.mozilla.jss.CryptoManager", true, ClassLoader.getSystemClassLoader());
            Object jSSCryptoManager = BrowserKeystore.getJSSCryptoManager();
            Object[] objArr = (Object[]) cls.getMethod("getCACerts", null).invoke(jSSCryptoManager, null);
            for (0; i < objArr.length; i + 1) {
                Class<?> cls2 = Class.forName("org.mozilla.jss.crypto.X509Certificate", true, ClassLoader.getSystemClassLoader());
                String str = (String) cls2.getMethod("getNickname", null).invoke(objArr[i], null);
                Class<?> cls3 = Class.forName("org.mozilla.jss.CryptoManager$CertUsage", true, ClassLoader.getSystemClassLoader());
                Method method = cls.getMethod("isCertValid", String.class, Boolean.TYPE, cls3);
                if (isTrustedSigningCACertStore()) {
                    Object[] objArr2 = {str, Boolean.FALSE, cls3.getField("ObjectSigner").get(objArr[i])};
                    Boolean bool = (Boolean) method.invoke(jSSCryptoManager, objArr2);
                    objArr2[2] = cls3.getField("EmailSigner").get(objArr[i]);
                    i = (bool.booleanValue() || ((Boolean) method.invoke(jSSCryptoManager, objArr2)).booleanValue()) ? 0 : i + 1;
                }
                if (!isTrustedSSLCACertStore() || ((Boolean) method.invoke(jSSCryptoManager, str, Boolean.FALSE, cls3.getField("SSLCA").get(objArr[i]))).booleanValue()) {
                    generateCertificate((byte[]) cls2.getMethod("getEncoded", null).invoke(objArr[i], null), this.certs);
                }
            }
        } catch (Throwable th) {
            th.printStackTrace();
        }
        Trace.msgSecurityPrintln("mozilla.cert.loaded", new Object[]{getName()});
    }

    @Override // com.sun.deploy.security.CertStore
    public void save() throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
        throw new KeyStoreException("Cannot store certificate in Mozilla \"" + getName() + "\" certificate store.");
    }

    @Override // com.sun.deploy.security.CertStore
    public boolean add(Certificate certificate) throws KeyStoreException {
        return add(certificate, null, false);
    }

    @Override // com.sun.deploy.security.CertStore
    public boolean add(Certificate certificate, String str, boolean z) throws KeyStoreException {
        throw new KeyStoreException("Cannot add certificate in Mozilla \"" + getName() + "\" certificate store.");
    }

    @Override // com.sun.deploy.security.CertStore
    public boolean remove(Certificate certificate) throws IOException, KeyStoreException {
        throw new KeyStoreException("Cannot remove certificate from Mozilla \"" + getName() + "\" certificate store.");
    }

    @Override // com.sun.deploy.security.CertStore
    public boolean contains(Certificate certificate) throws KeyStoreException {
        return contains(certificate, null, false);
    }

    @Override // com.sun.deploy.security.CertStore
    public boolean contains(Certificate certificate, String str, boolean z) throws KeyStoreException {
        Trace.msgSecurityPrintln("mozilla.cert.instore", new Object[]{getName()});
        return this.certs.contains(certificate);
    }

    @Override // com.sun.deploy.security.CertStore
    public boolean verify(Certificate certificate) {
        Trace.msgSecurityPrintln("mozilla.cert.canverify", new Object[]{getName()});
        Trace.msgSecurityPrintln("mozilla.cert.tobeverified", new Object[]{certificate});
        for (X509Certificate x509Certificate : getCertificates()) {
            Trace.msgSecurityPrintln("mozilla.cert.tobecompared", new Object[]{getName(), x509Certificate});
            try {
                certificate.verify(x509Certificate.getPublicKey());
                Trace.msgSecurityPrintln("mozilla.cert.verify.ok", new Object[]{getName()});
                return true;
            } catch (GeneralSecurityException e) {
            }
        }
        Trace.msgSecurityPrintln("mozilla.cert.verify.fail", new Object[]{getName()});
        return false;
    }

    @Override // com.sun.deploy.security.CertStore
    public Collection getCertificates() {
        ArrayList arrayList = new ArrayList();
        Iterator it = this.certs.iterator();
        while (it.hasNext()) {
            arrayList.add((Certificate) it.next());
        }
        return arrayList;
    }

    private void generateCertificate(byte[] bArr, Collection collection) {
        try {
            Iterator<? extends Certificate> it = CertificateFactory.getInstance("X.509").generateCertificates(new ByteArrayInputStream(bArr)).iterator();
            while (it.hasNext()) {
                collection.add((X509Certificate) it.next());
            }
        } catch (CertificateException e) {
            e.printStackTrace();
        } catch (Throwable th) {
            th.printStackTrace();
        }
    }

    protected abstract String getName();

    protected abstract boolean isTrustedSigningCACertStore();

    protected abstract boolean isTrustedSSLCACertStore();
}
