package net.netca.pki.encoding.asn1.pki;

import java.security.Key;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;

/* loaded from: classes3.dex */
public final class JCEKeyStore implements Iterable<X509CertificateAndPrivateKey> {
    private ArrayList<X509CertificateAndPrivateKey> list;

    public JCEKeyStore(KeyStore keyStore, String str) {
        this(keyStore, str.toCharArray());
    }

    public JCEKeyStore(KeyStore keyStore, char[] cArr) {
        this.list = new ArrayList<>();
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                add(keyStore, aliases.nextElement(), cArr);
            }
        } catch (Exception unused) {
        }
    }

    private void add(KeyStore keyStore, String str, char[] cArr) {
        X509Certificate x509Certificate;
        Extensions extensions;
        JCEPrivateKeyDecrypter jCEPrivateKeyDecrypter;
        JCESigner jCESigner;
        try {
            if (keyStore.isKeyEntry(str)) {
                Key key = keyStore.getKey(str, cArr);
                if (key instanceof PrivateKey) {
                    PrivateKey privateKey = (PrivateKey) key;
                    Certificate certificate = keyStore.getCertificate(str);
                    if (certificate == null || (extensions = (x509Certificate = new X509Certificate(certificate.getEncoded())).getExtensions()) == null) {
                        return;
                    }
                    Extension extension = extensions.get(Extension.KEYUSAGE_OID);
                    JCEPrivateKeyDecrypter jCEPrivateKeyDecrypter2 = null;
                    if (extension == null) {
                        jCESigner = x509Certificate.isInValidity() ? new JCESigner(privateKey) : null;
                        jCEPrivateKeyDecrypter = new JCEPrivateKeyDecrypter(privateKey);
                    } else {
                        NamedBitStringExtension namedBitStringExtension = (NamedBitStringExtension) extension.getExtensionObject();
                        JCESigner jCESigner2 = ((namedBitStringExtension.isSet(0) || namedBitStringExtension.isSet(1) || namedBitStringExtension.isSet(5) || namedBitStringExtension.isSet(6)) && x509Certificate.isInValidity()) ? new JCESigner(privateKey) : null;
                        if (!namedBitStringExtension.isSet(2)) {
                            if (namedBitStringExtension.isSet(3)) {
                            }
                            jCEPrivateKeyDecrypter = jCEPrivateKeyDecrypter2;
                            jCESigner = jCESigner2;
                        }
                        jCEPrivateKeyDecrypter2 = new JCEPrivateKeyDecrypter(privateKey);
                        jCEPrivateKeyDecrypter = jCEPrivateKeyDecrypter2;
                        jCESigner = jCESigner2;
                    }
                    if (jCESigner == null && jCEPrivateKeyDecrypter == null) {
                        return;
                    }
                    this.list.add(new X509CertificateAndPrivateKey(x509Certificate, jCESigner, jCEPrivateKeyDecrypter));
                }
            }
        } catch (Exception unused) {
        }
    }

    @Override // net.netca.pki.encoding.asn1.pki.Iterable
    public Iterator<X509CertificateAndPrivateKey> iterator() {
        return this.list.iterator();
    }
}
