package net.netca.pki.encoding.json.jose.impl.jce;

import java.security.Key;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import net.netca.pki.encoding.asn1.pki.Extension;
import net.netca.pki.encoding.asn1.pki.Extensions;
import net.netca.pki.encoding.asn1.pki.Iterable;
import net.netca.pki.encoding.asn1.pki.NamedBitStringExtension;
import net.netca.pki.encoding.asn1.pki.X509Certificate;
import net.netca.pki.encoding.json.jose.JWEX509CertificateAndPrivateKey;

/* loaded from: classes3.dex */
public class JCEKeyStore implements Iterable<JWEX509CertificateAndPrivateKey> {
    private ArrayList<JWEX509CertificateAndPrivateKey> list;

    public JCEKeyStore(KeyStore keyStore, String str) {
        this(keyStore, str.toCharArray());
    }

    public JCEKeyStore(KeyStore keyStore, char[] cArr) {
        this.list = new ArrayList<>();
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                add(keyStore, aliases.nextElement(), cArr);
            }
        } catch (Exception unused) {
        }
    }

    private void add(KeyStore keyStore, String str, char[] cArr) {
        X509Certificate x509Certificate;
        Extensions extensions;
        ArrayList<JWEX509CertificateAndPrivateKey> arrayList;
        JWEX509CertificateAndPrivateKey jWEX509CertificateAndPrivateKey;
        try {
            if (keyStore.isKeyEntry(str)) {
                Key key = keyStore.getKey(str, cArr);
                if (key instanceof PrivateKey) {
                    PrivateKey privateKey = (PrivateKey) key;
                    Certificate certificate = keyStore.getCertificate(str);
                    if (certificate == null || (extensions = (x509Certificate = new X509Certificate(certificate.getEncoded())).getExtensions()) == null) {
                        return;
                    }
                    Extension extension = extensions.get(Extension.KEYUSAGE_OID);
                    if (extension == null) {
                        this.list.add(new JWEX509CertificateAndPrivateKey(x509Certificate, new JCEJWEPrivateKeyDecrypter(privateKey)));
                        JCEJWEKeyAgreement jCEJWEKeyAgreement = new JCEJWEKeyAgreement(privateKey);
                        arrayList = this.list;
                        jWEX509CertificateAndPrivateKey = new JWEX509CertificateAndPrivateKey(x509Certificate, jCEJWEKeyAgreement);
                    } else {
                        NamedBitStringExtension namedBitStringExtension = (NamedBitStringExtension) extension.getExtensionObject();
                        if (namedBitStringExtension.isSet(2)) {
                            this.list.add(new JWEX509CertificateAndPrivateKey(x509Certificate, new JCEJWEPrivateKeyDecrypter(privateKey)));
                        }
                        if (!namedBitStringExtension.isSet(4)) {
                            return;
                        }
                        JCEJWEKeyAgreement jCEJWEKeyAgreement2 = new JCEJWEKeyAgreement(privateKey);
                        arrayList = this.list;
                        jWEX509CertificateAndPrivateKey = new JWEX509CertificateAndPrivateKey(x509Certificate, jCEJWEKeyAgreement2);
                    }
                    arrayList.add(jWEX509CertificateAndPrivateKey);
                }
            }
        } catch (Exception unused) {
        }
    }

    public ArrayList<JWEX509CertificateAndPrivateKey> getList() {
        return this.list;
    }

    @Override // net.netca.pki.encoding.asn1.pki.Iterable
    public Iterator<JWEX509CertificateAndPrivateKey> iterator() {
        return this.list.iterator();
    }
}
