package de.bos_bremen.commons.net.http.conf;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:de/bos_bremen/commons/net/http/conf/BaseSSLCertificateProvider.class */
public class BaseSSLCertificateProvider implements SSLCertificateProvider {
    private static final Log LOG = LogFactory.getLog(BaseSSLCertificateProvider.class);
    protected static final char[] DEFAULT_SSL_KEYSTORE_PASS = "123456".toCharArray();
    protected KeyStore sslTrustStore = null;
    protected char[] sslTrustStorePass = DEFAULT_SSL_KEYSTORE_PASS;
    protected KeyStore sslClientStore = null;
    protected List<SSLCertificateProviderListener> listeners = Collections.synchronizedList(new LinkedList());
    protected char[] sslClientStorePass = DEFAULT_SSL_KEYSTORE_PASS;

    public BaseSSLCertificateProvider() throws GeneralSecurityException, IOException {
        initKeyStores();
    }

    protected void initKeyStores() throws GeneralSecurityException, IOException {
        this.sslTrustStore = KeyStore.getInstance("JKS");
        this.sslClientStore = KeyStore.getInstance("JKS");
        this.sslTrustStore.load(null, this.sslTrustStorePass);
        this.sslClientStore.load(null, this.sslClientStorePass);
    }

    @Override // de.bos_bremen.commons.net.http.conf.SSLCertificateProvider
    public void addSSLServerCertificate(X509Certificate x509Certificate) throws GeneralSecurityException {
        if (x509Certificate == null) {
            throw new NullPointerException("Certificate may not be null");
        }
        String name = x509Certificate.getSubjectDN().getName();
        LOG.debug("Try adding SSL Server certificate: " + name);
        LOG.debug("Try adding trusted SSL server certifcate for " + name);
        if (x509Certificate.equals(this.sslTrustStore.getCertificate(name))) {
            LOG.debug("SSL Server certificate and trusted SSL server certificate for " + name + " already exist!");
            return;
        }
        this.sslTrustStore.setCertificateEntry(name, x509Certificate);
        LOG.debug("Added SSL Server certificate and trusted SSL server certificate for " + name);
        fireCertificatesChanged();
    }

    @Override // de.bos_bremen.commons.net.http.conf.SSLCertificateProvider
    public synchronized void addSSLServerCertificates(KeyStore keyStore) throws GeneralSecurityException {
        boolean z = false;
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isCertificateEntry(nextElement)) {
                Certificate certificate = keyStore.getCertificate(nextElement);
                if (certificate.equals(this.sslTrustStore.getCertificate(nextElement))) {
                    LOG.debug("Certificate for " + nextElement + " already exist!");
                    if (z) {
                        break;
                    }
                }
                LOG.debug("Adding Certificate with alias " + nextElement);
                this.sslTrustStore.setCertificateEntry(nextElement, certificate);
                z = true;
            } else {
                LOG.debug("No certificate entry: " + nextElement);
            }
        }
        if (z) {
            fireCertificatesChanged();
        }
    }

    @Override // de.bos_bremen.commons.net.http.conf.SSLCertificateProvider
    public KeyStore getSslTrustStore() {
        return this.sslTrustStore;
    }

    @Override // de.bos_bremen.commons.net.http.conf.SSLCertificateProvider
    public KeyStore getSslClientStore() {
        return this.sslClientStore;
    }

    @Override // de.bos_bremen.commons.net.http.conf.SSLCertificateProvider
    public char[] getSslClientStorePass() {
        return this.sslClientStorePass;
    }

    @Override // de.bos_bremen.commons.net.http.conf.SSLCertificateProvider
    public char[] getSslTrustStorePass() {
        return this.sslTrustStorePass;
    }

    @Override // de.bos_bremen.commons.net.http.conf.SSLCertificateProvider
    public char[] getSslClientKeyPass(String str) {
        return this.sslClientStorePass;
    }

    @Override // de.bos_bremen.commons.net.http.conf.SSLCertificateProvider
    public void addSSLClientKeys(KeyStore keyStore, char[] cArr) throws GeneralSecurityException {
        if (keyStore == null) {
            throw new NullPointerException("Truststore");
        }
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement)) {
                LOG.debug("Adding new Key for alias " + nextElement);
                try {
                    this.sslClientStore.setKeyEntry(nextElement, keyStore.getKey(nextElement, cArr), this.sslClientStorePass, keyStore.getCertificateChain(nextElement));
                } catch (GeneralSecurityException e) {
                    LOG.error("Cannot add SSL client key with alias " + nextElement, e);
                }
            } else if (keyStore.isCertificateEntry(nextElement)) {
                LOG.debug("Adding new Certificate for alias " + nextElement);
                this.sslClientStore.setCertificateEntry(nextElement, keyStore.getCertificate(nextElement));
            }
        }
        fireCertificatesChanged();
    }

    protected void fireCertificatesChanged() {
        synchronized (this.listeners) {
            Iterator<SSLCertificateProviderListener> it = this.listeners.iterator();
            while (it.hasNext()) {
                it.next().certificatesChanged();
            }
        }
    }

    @Override // de.bos_bremen.commons.net.http.conf.SSLCertificateProvider
    public void addListener(SSLCertificateProviderListener sSLCertificateProviderListener) {
        if (this.listeners.contains(sSLCertificateProviderListener)) {
            return;
        }
        this.listeners.add(sSLCertificateProviderListener);
    }

    @Override // de.bos_bremen.commons.net.http.conf.SSLCertificateProvider
    public void removeListener(SSLCertificateProviderListener sSLCertificateProviderListener) {
        this.listeners.remove(sSLCertificateProviderListener);
    }
}
