package eu.europa.ec.markt.dss.signature.token;

import eu.europa.ec.markt.dss.DSSUtils;
import eu.europa.ec.markt.dss.DigestAlgorithm;
import eu.europa.ec.markt.dss.exception.BadPasswordException;
import eu.europa.ec.markt.dss.exception.DSSException;
import java.io.InputStream;
import java.net.URL;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import org.bouncycastle.asn1.x509.DigestInfo;

/* loaded from: input_file:applet/signature-client.jar:eu/europa/ec/markt/dss/signature/token/JKSSignatureToken.class */
public class JKSSignatureToken extends AsyncSignatureTokenConnection {
    private char[] password;
    protected KeyStore keyStore;

    public JKSSignatureToken(String str, String str2) {
        this.keyStore = null;
        InputStream inputStream = null;
        try {
            try {
                URL url = new URL(str);
                this.keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                inputStream = url.openStream();
                this.keyStore.load(inputStream, str2 == null ? null : str2.toCharArray());
                DSSUtils.closeQuietly(inputStream);
            } catch (Exception e) {
                throw new DSSException("Can not access Java KeyStore. Reason: " + getCauseMessage(e), e);
            }
        } catch (Throwable th) {
            DSSUtils.closeQuietly(inputStream);
            throw th;
        }
    }

    @Override // eu.europa.ec.markt.dss.signature.token.SignatureTokenConnection
    public void close() {
    }

    @Override // eu.europa.ec.markt.dss.signature.token.AsyncSignatureTokenConnection
    public byte[] encryptDigest(byte[] bArr, DigestAlgorithm digestAlgorithm, DSSPrivateKeyEntry dSSPrivateKeyEntry) throws NoSuchAlgorithmException {
        try {
            DigestInfo digestInfo = new DigestInfo(digestAlgorithm.getAlgorithmIdentifier(), bArr);
            Cipher cipher = Cipher.getInstance(dSSPrivateKeyEntry.getEncryptionAlgorithm().getPadding());
            cipher.init(1, ((KSPrivateKeyEntry) dSSPrivateKeyEntry).getPrivateKey());
            return cipher.doFinal(digestInfo.getDEREncoded());
        } catch (BadPaddingException e) {
            throw new BadPasswordException(BadPasswordException.MSG.JAVA_KEYSTORE_BAD_PASSWORD, e);
        } catch (Exception e2) {
            throw new DSSException(e2);
        }
    }

    @Override // eu.europa.ec.markt.dss.signature.token.SignatureTokenConnection
    public List<DSSPrivateKeyEntry> getKeys() throws KeyStoreException {
        ArrayList arrayList = new ArrayList();
        try {
            KeyStore.PasswordProtection passwordProtection = new KeyStore.PasswordProtection(this.password);
            Enumeration<String> aliases = this.keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (this.keyStore.isKeyEntry(nextElement)) {
                    arrayList.add(new KSPrivateKeyEntry((KeyStore.PrivateKeyEntry) this.keyStore.getEntry(nextElement, passwordProtection)));
                }
            }
            return arrayList;
        } catch (Exception e) {
            throw new KeyStoreException("Can't get private keys. Reason: " + getCauseMessage(e), e);
        }
    }
}
