package org.eclipse.osgi.internal.signedcontent;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.util.Date;
import java.util.Enumeration;
import org.eclipse.osgi.baseadaptor.bundlefile.BundleEntry;
import org.eclipse.osgi.baseadaptor.bundlefile.BundleFile;
import org.eclipse.osgi.service.security.TrustEngine;
import org.eclipse.osgi.signedcontent.SignedContent;
import org.eclipse.osgi.signedcontent.SignedContentEntry;
import org.eclipse.osgi.signedcontent.SignerInfo;
import org.eclipse.osgi.util.NLS;

/* JADX WARN: Classes with same name are omitted:
  input_file:lib/org.eclipse.osgi-3.14.0.jar:org/eclipse/osgi/internal/signedcontent/SignedBundleFile.class
 */
/* loaded from: input_file:lib/org.eclipse.osgi-3.9.1.v20130814-1242.jar:org/eclipse/osgi/internal/signedcontent/SignedBundleFile.class */
public class SignedBundleFile extends BundleFile implements SignedContentConstants, SignedContent {
    private BundleFile wrappedBundleFile;
    SignedContentImpl signedContent;
    private final int supportFlags;

    /* JADX WARN: Classes with same name are omitted:
      input_file:lib/org.eclipse.osgi-3.14.0.jar:org/eclipse/osgi/internal/signedcontent/SignedBundleFile$SignedBundleEntry.class
     */
    /* loaded from: input_file:lib/org.eclipse.osgi-3.9.1.v20130814-1242.jar:org/eclipse/osgi/internal/signedcontent/SignedBundleFile$SignedBundleEntry.class */
    class SignedBundleEntry extends BundleEntry {
        BundleEntry nestedEntry;

        SignedBundleEntry(BundleEntry bundleEntry) {
            this.nestedEntry = bundleEntry;
        }

        @Override // org.eclipse.osgi.baseadaptor.bundlefile.BundleEntry
        public InputStream getInputStream() throws IOException {
            InputStream digestInputStream = SignedBundleFile.this.signedContent.getDigestInputStream(this.nestedEntry);
            if (digestInputStream == null) {
                throw new SecurityException("Corrupted file: the digest does not exist for the file " + this.nestedEntry.getName());
            }
            return digestInputStream;
        }

        @Override // org.eclipse.osgi.baseadaptor.bundlefile.BundleEntry
        public long getSize() {
            return this.nestedEntry.getSize();
        }

        @Override // org.eclipse.osgi.baseadaptor.bundlefile.BundleEntry
        public String getName() {
            return this.nestedEntry.getName();
        }

        @Override // org.eclipse.osgi.baseadaptor.bundlefile.BundleEntry
        public long getTime() {
            return this.nestedEntry.getTime();
        }

        @Override // org.eclipse.osgi.baseadaptor.bundlefile.BundleEntry
        public URL getLocalURL() {
            return this.nestedEntry.getLocalURL();
        }

        @Override // org.eclipse.osgi.baseadaptor.bundlefile.BundleEntry
        public URL getFileURL() {
            return this.nestedEntry.getFileURL();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SignedBundleFile(SignedContentImpl signedContentImpl, int i) {
        this.signedContent = signedContentImpl;
        this.supportFlags = i;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setBundleFile(BundleFile bundleFile) throws IOException, InvalidKeyException, SignatureException, CertificateException, NoSuchAlgorithmException, NoSuchProviderException {
        this.wrappedBundleFile = bundleFile;
        if (this.signedContent == null) {
            this.signedContent = new SignatureBlockProcessor(this, this.supportFlags).process();
            if (this.signedContent != null) {
                determineTrust(this.signedContent, this.supportFlags);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void determineTrust(SignedContentImpl signedContentImpl, int i) {
        TrustEngine[] trustEngineArr = null;
        SignerInfo[] signerInfos = signedContentImpl.getSignerInfos();
        for (int i2 = 0; i2 < signerInfos.length; i2++) {
            if (signerInfos[i2].getTrustAnchor() == null) {
                if (trustEngineArr == null) {
                    trustEngineArr = SignedBundleHook.getTrustEngines();
                }
                ((SignerInfoImpl) signerInfos[i2]).setTrustAnchor(findTrustAnchor(signerInfos[i2].getCertificateChain(), trustEngineArr, i));
                SignerInfo tSASignerInfo = signedContentImpl.getTSASignerInfo(signerInfos[i2]);
                if (tSASignerInfo != null) {
                    ((SignerInfoImpl) tSASignerInfo).setTrustAnchor(findTrustAnchor(tSASignerInfo.getCertificateChain(), trustEngineArr, i));
                }
            }
        }
    }

    private static Certificate findTrustAnchor(Certificate[] certificateArr, TrustEngine[] trustEngineArr, int i) {
        Certificate findTrustAnchor;
        if ((i & 2) == 0) {
            if (certificateArr == null || certificateArr.length <= 0) {
                return null;
            }
            return certificateArr[certificateArr.length - 1];
        }
        for (int i2 = 0; i2 < trustEngineArr.length; i2++) {
            try {
                findTrustAnchor = trustEngineArr[i2].findTrustAnchor(certificateArr);
            } catch (IOException e) {
                SignedBundleHook.log("TrustEngine failure: " + trustEngineArr[i2].getName(), 2, e);
            }
            if (findTrustAnchor != null) {
                return findTrustAnchor;
            }
        }
        return null;
    }

    @Override // org.eclipse.osgi.baseadaptor.bundlefile.BundleFile
    public File getFile(String str, boolean z) {
        return this.wrappedBundleFile.getFile(str, z);
    }

    @Override // org.eclipse.osgi.baseadaptor.bundlefile.BundleFile
    public BundleEntry getEntry(String str) {
        if (str.length() > 0 && str.charAt(0) == '/') {
            str = str.substring(1);
        }
        BundleEntry entry = this.wrappedBundleFile.getEntry(str);
        if ((this.supportFlags & 4) == 0 || this.signedContent == null) {
            return entry;
        }
        if (str.startsWith(SignedContentConstants.META_INF) && str.lastIndexOf(47) == SignedContentConstants.META_INF.length() - 1) {
            if (str.equals("META-INF/MANIFEST.MF") || str.endsWith(SignedContentConstants.DOT_DSA) || str.endsWith(SignedContentConstants.DOT_RSA) || str.endsWith(SignedContentConstants.DOT_SF) || str.indexOf(SignedContentConstants.SIG_DASH) == SignedContentConstants.META_INF.length()) {
                return entry;
            }
            if (this.signedContent.getSignedEntry(str) == null) {
                return entry;
            }
        }
        if (entry != null) {
            return new SignedBundleEntry(entry);
        }
        if (this.signedContent.getSignedEntry(str) != null) {
            throw new SecurityException(NLS.bind(SignedContentMessages.file_is_removed_from_jar, str, getBaseFile().toString()));
        }
        return null;
    }

    @Override // org.eclipse.osgi.baseadaptor.bundlefile.BundleFile
    public Enumeration<String> getEntryPaths(String str) {
        return this.wrappedBundleFile.getEntryPaths(str);
    }

    @Override // org.eclipse.osgi.baseadaptor.bundlefile.BundleFile
    public void close() throws IOException {
        this.wrappedBundleFile.close();
    }

    @Override // org.eclipse.osgi.baseadaptor.bundlefile.BundleFile
    public void open() throws IOException {
        this.wrappedBundleFile.open();
    }

    @Override // org.eclipse.osgi.baseadaptor.bundlefile.BundleFile
    public boolean containsDir(String str) {
        return this.wrappedBundleFile.containsDir(str);
    }

    @Override // org.eclipse.osgi.baseadaptor.bundlefile.BundleFile
    public File getBaseFile() {
        return this.wrappedBundleFile.getBaseFile();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public BundleFile getWrappedBundleFile() {
        return this.wrappedBundleFile;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SignedContentImpl getSignedContent() {
        return this.signedContent;
    }

    @Override // org.eclipse.osgi.signedcontent.SignedContent
    public SignedContentEntry[] getSignedEntries() {
        if (this.signedContent == null) {
            return null;
        }
        return this.signedContent.getSignedEntries();
    }

    @Override // org.eclipse.osgi.signedcontent.SignedContent
    public SignedContentEntry getSignedEntry(String str) {
        if (this.signedContent == null) {
            return null;
        }
        return this.signedContent.getSignedEntry(str);
    }

    @Override // org.eclipse.osgi.signedcontent.SignedContent
    public SignerInfo[] getSignerInfos() {
        if (this.signedContent == null) {
            return null;
        }
        return this.signedContent.getSignerInfos();
    }

    @Override // org.eclipse.osgi.signedcontent.SignedContent
    public Date getSigningTime(SignerInfo signerInfo) {
        if (this.signedContent == null) {
            return null;
        }
        return this.signedContent.getSigningTime(signerInfo);
    }

    @Override // org.eclipse.osgi.signedcontent.SignedContent
    public SignerInfo getTSASignerInfo(SignerInfo signerInfo) {
        if (this.signedContent == null) {
            return null;
        }
        return this.signedContent.getTSASignerInfo(signerInfo);
    }

    @Override // org.eclipse.osgi.signedcontent.SignedContent
    public boolean isSigned() {
        if (this.signedContent == null) {
            return false;
        }
        return this.signedContent.isSigned();
    }

    @Override // org.eclipse.osgi.signedcontent.SignedContent
    public void checkValidity(SignerInfo signerInfo) throws CertificateExpiredException, CertificateNotYetValidException {
        if (this.signedContent != null) {
            this.signedContent.checkValidity(signerInfo);
        }
    }
}
