package com.android.apksigner;

import com.android.apksig.SigningCertificateLineage;
import java.io.FileInputStream;
import java.io.IOException;
import java.nio.charset.Charset;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;

/* loaded from: classes2.dex */
public class SignerParams {
    private String certFile;
    private List<X509Certificate> certs;
    private String keyFile;
    private String keyPasswordSpec;
    private String keystoreFile;
    private String keystoreKeyAlias;
    private String keystorePasswordSpec;
    private String keystoreProviderArg;
    private String keystoreProviderClass;
    private String keystoreProviderName;
    private String keystoreType;
    private String name;
    private Charset passwordCharset;
    private PrivateKey privateKey;
    private final SigningCertificateLineage.SignerCapabilities.Builder signerCapabilitiesBuilder = new SigningCertificateLineage.SignerCapabilities.Builder();
    private String v1SigFileBasename;

    private static Key getKeyStoreKey(KeyStore keyStore, String str, List<char[]> list) throws UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException {
        Iterator<char[]> it2 = list.iterator();
        UnrecoverableKeyException e10 = null;
        while (it2.hasNext()) {
            try {
                return keyStore.getKey(str, it2.next());
            } catch (UnrecoverableKeyException e11) {
                e10 = e11;
            }
        }
        if (e10 == null) {
            throw new RuntimeException("No key passwords");
        }
        throw e10;
    }

    private static void loadKeyStoreFromFile(KeyStore keyStore, String str, List<char[]> list) throws Exception {
        Exception e10 = null;
        for (char[] cArr : list) {
            if (str == null) {
                keyStore.load(null, cArr);
                return;
            }
            try {
                FileInputStream fileInputStream = new FileInputStream(str);
                try {
                    keyStore.load(fileInputStream, cArr);
                    fileInputStream.close();
                    return;
                } catch (Throwable th) {
                    try {
                        fileInputStream.close();
                    } catch (Throwable unused) {
                    }
                    throw th;
                }
            } catch (Exception e11) {
                e10 = e11;
            }
        }
        if (e10 != null) {
            throw e10;
        }
        throw new RuntimeException("No keystore passwords");
    }

    public List<X509Certificate> getCerts() {
        return this.certs;
    }

    public String getKeyFile() {
        return this.keyFile;
    }

    public String getKeystoreKeyAlias() {
        return this.keystoreKeyAlias;
    }

    public String getName() {
        return this.name;
    }

    public PrivateKey getPrivateKey() {
        return this.privateKey;
    }

    public SigningCertificateLineage.SignerCapabilities.Builder getSignerCapabilitiesBuilder() {
        return this.signerCapabilitiesBuilder;
    }

    public String getV1SigFileBasename() {
        return this.v1SigFileBasename;
    }

    public boolean isEmpty() {
        return this.name == null && this.keystoreFile == null && this.keystoreKeyAlias == null && this.keystorePasswordSpec == null && this.keyPasswordSpec == null && this.passwordCharset == null && this.keystoreType == null && this.keystoreProviderName == null && this.keystoreProviderClass == null && this.keystoreProviderArg == null && this.keyFile == null && this.certFile == null && this.v1SigFileBasename == null && this.privateKey == null && this.certs == null;
    }

    public void loadPrivateKeyAndCertsFromKeyStore(PasswordRetriever passwordRetriever) throws Exception {
        KeyStore keyStore;
        if (this.keystoreFile == null) {
            throw new ParameterException("KeyStore (--ks) must be specified");
        }
        String str = this.keystoreType;
        if (str == null) {
            str = KeyStore.getDefaultType();
        }
        String str2 = this.keystoreProviderName;
        if (str2 != null) {
            keyStore = KeyStore.getInstance(str, str2);
        } else {
            String str3 = this.keystoreProviderClass;
            if (str3 != null) {
                Class<?> cls = Class.forName(str3);
                if (!Provider.class.isAssignableFrom(cls)) {
                    throw new ParameterException("Keystore Provider class " + this.keystoreProviderClass + " not subclass of " + Provider.class.getName());
                }
                keyStore = KeyStore.getInstance(str, this.keystoreProviderArg != null ? (Provider) cls.getConstructor(String.class).newInstance(this.keystoreProviderArg) : (Provider) cls.getConstructor(new Class[0]).newInstance(new Object[0]));
            } else {
                keyStore = KeyStore.getInstance(str);
            }
        }
        Charset charset = this.passwordCharset;
        Charset[] charsetArr = charset != null ? new Charset[]{charset} : new Charset[0];
        loadKeyStoreFromFile(keyStore, "NONE".equals(this.keystoreFile) ? null : this.keystoreFile, passwordRetriever.getPasswords(this.keyPasswordSpec, charsetArr));
        String str4 = this.keystoreKeyAlias;
        try {
            if (!keyStore.isKeyEntry(str4)) {
                throw new ParameterException(this.keystoreFile + " entry \"" + str4 + "\" does not contain a key");
            }
            Key keyStoreKey = getKeyStoreKey(keyStore, str4, passwordRetriever.getPasswords(this.keyPasswordSpec, charsetArr));
            if (keyStoreKey == null) {
                throw new ParameterException(this.keystoreFile + " entry \"" + str4 + "\" does not contain a key");
            }
            if (!(keyStoreKey instanceof PrivateKey)) {
                throw new ParameterException(this.keystoreFile + " entry \"" + str4 + "\" does not contain a private key. It contains a key of algorithm: " + keyStoreKey.getAlgorithm());
            }
            this.privateKey = (PrivateKey) keyStoreKey;
            Certificate[] certificateChain = keyStore.getCertificateChain(str4);
            if (certificateChain == null || certificateChain.length == 0) {
                throw new ParameterException(this.keystoreFile + " entry \"" + str4 + "\" does not contain certificates");
            }
            this.certs = new ArrayList(certificateChain.length);
            for (Certificate certificate : certificateChain) {
                this.certs.add((X509Certificate) certificate);
            }
        } catch (UnrecoverableKeyException e10) {
            throw new IOException("Failed to obtain key with alias \"" + str4 + "\" from " + this.keystoreFile + ". Wrong password?", e10);
        }
    }

    public void setCertFile(String str) {
        this.certFile = str;
    }

    public void setKeyFile(String str) {
        this.keyFile = str;
    }

    public void setKeyPasswordSpec(String str) {
        this.keyPasswordSpec = str;
    }

    public void setKeystoreFile(String str) {
        this.keystoreFile = str;
    }

    public void setKeystoreKeyAlias(String str) {
        this.keystoreKeyAlias = str;
    }

    public void setKeystorePasswordSpec(String str) {
        this.keystorePasswordSpec = str;
    }

    public void setKeystoreProviderArg(String str) {
        this.keystoreProviderArg = str;
    }

    public void setKeystoreProviderClass(String str) {
        this.keystoreProviderClass = str;
    }

    public void setKeystoreProviderName(String str) {
        this.keystoreProviderName = str;
    }

    public void setKeystoreType(String str) {
        this.keystoreType = str;
    }

    public void setName(String str) {
        this.name = str;
    }

    public void setPasswordCharset(Charset charset) {
        this.passwordCharset = charset;
    }

    public void setV1SigFileBasename(String str) {
        this.v1SigFileBasename = str;
    }
}
