package sernet.gs.ui.rcp.main.security;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.PrintWriter;
import java.security.InvalidAlgorithmParameterException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Date;
import java.util.Enumeration;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.KeyManagerFactorySpi;
import javax.net.ssl.ManagerFactoryParameters;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.TrustManagerFactorySpi;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.commons.io.IOUtils;
import org.apache.log4j.Logger;
import org.eclipse.core.runtime.Preferences;
import org.eclipse.swt.widgets.Display;
import sernet.gs.ui.rcp.main.preferences.PreferenceConstants;
import sernet.gs.ui.rcp.main.security.DelegatingKeyStore;
import sernet.gs.ui.rcp.main.security.PasswordDialog;
import sun.security.pkcs11.SunPKCS11;

/* loaded from: input_file:sernet/gs/ui/rcp/main/security/VeriniceSecurityProvider.class */
public final class VeriniceSecurityProvider extends Provider {
    private static final Logger LOG = Logger.getLogger(VeriniceSecurityProvider.class);
    public static final String NAME = "VeriniceSecurityProvider";
    public static final double VERSION = 1.0d;
    private Preferences prefs;
    private PasswordHolder holder;
    private static VeriniceSecurityProvider instance;
    private static final String PRODUCTNAME = "verinice";
    private static final String VERINICE_KEYSTORE = "verinice-ks";
    private static final String VERINICE_TRUSTSTORE = "verinice-ts";

    /* loaded from: input_file:sernet/gs/ui/rcp/main/security/VeriniceSecurityProvider$DelegatingKeyManagerFactory.class */
    public static class DelegatingKeyManagerFactory extends KeyManagerFactorySpi {
        private KeyManager[] keyManagers;

        @Override // javax.net.ssl.KeyManagerFactorySpi
        protected KeyManager[] engineGetKeyManagers() {
            return this.keyManagers;
        }

        @Override // javax.net.ssl.KeyManagerFactorySpi
        protected void engineInit(ManagerFactoryParameters managerFactoryParameters) throws InvalidAlgorithmParameterException {
            throw new IllegalStateException("Not implemented");
        }

        @Override // javax.net.ssl.KeyManagerFactorySpi
        protected void engineInit(KeyStore keyStore, char[] cArr) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
            try {
                char[] initKeyStore = VeriniceSecurityProvider.instance.initKeyStore(keyStore, cArr);
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
                keyManagerFactory.init(keyStore, initKeyStore);
                this.keyManagers = keyManagerFactory.getKeyManagers();
            } catch (IOException e) {
                throw new KeyStoreException(e);
            } catch (CertificateException e2) {
                throw new KeyStoreException(e2);
            }
        }
    }

    /* loaded from: input_file:sernet/gs/ui/rcp/main/security/VeriniceSecurityProvider$DelegatingTrustManagerFactory.class */
    public static class DelegatingTrustManagerFactory extends TrustManagerFactorySpi {
        private TrustManager[] trustManagers;

        @Override // javax.net.ssl.TrustManagerFactorySpi
        protected TrustManager[] engineGetTrustManagers() {
            return this.trustManagers;
        }

        @Override // javax.net.ssl.TrustManagerFactorySpi
        protected void engineInit(ManagerFactoryParameters managerFactoryParameters) throws InvalidAlgorithmParameterException {
            throw new IllegalStateException("Not implemented");
        }

        @Override // javax.net.ssl.TrustManagerFactorySpi
        protected void engineInit(KeyStore keyStore) throws KeyStoreException {
            try {
                VeriniceSecurityProvider.instance.initTrustStore(keyStore);
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("PKIX");
                trustManagerFactory.init(keyStore);
                this.trustManagers = trustManagerFactory.getTrustManagers();
            } catch (IOException e) {
                throw new KeyStoreException(e);
            } catch (NoSuchAlgorithmException e2) {
                throw new KeyStoreException(e2);
            } catch (UnrecoverableKeyException e3) {
                throw new KeyStoreException(e3);
            } catch (CertificateException e4) {
                throw new KeyStoreException(e4);
            }
        }
    }

    /* loaded from: input_file:sernet/gs/ui/rcp/main/security/VeriniceSecurityProvider$Helper.class */
    static abstract class Helper implements CallbackHandler {
        Helper() {
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            for (int i = 0; i < callbackArr.length; i++) {
                if (callbackArr[i] instanceof PasswordCallback) {
                    handle((PasswordCallback) callbackArr[i]);
                }
            }
        }

        protected abstract void handle(PasswordCallback passwordCallback);
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:sernet/gs/ui/rcp/main/security/VeriniceSecurityProvider$PasswordHolder.class */
    public class PasswordHolder {
        private char[] keyStorePassword;
        private char[] tokenPIN;

        private PasswordHolder() {
            this.keyStorePassword = null;
            this.tokenPIN = null;
        }

        private void showDialog(final PasswordDialog.Type type) {
            final boolean useFileAsKeyStore = VeriniceSecurityProvider.this.useFileAsKeyStore();
            final boolean isPKCS11LibraryEnabled = VeriniceSecurityProvider.this.isPKCS11LibraryEnabled();
            Display.getDefault().syncExec(new Runnable() { // from class: sernet.gs.ui.rcp.main.security.VeriniceSecurityProvider.PasswordHolder.1
                @Override // java.lang.Runnable
                public void run() {
                    PasswordDialog passwordDialog = new PasswordDialog(Display.getCurrent().getActiveShell(), useFileAsKeyStore, isPKCS11LibraryEnabled);
                    passwordDialog.setFocus(type);
                    passwordDialog.open();
                    PasswordHolder.this.keyStorePassword = passwordDialog.getKeyStorePassword();
                    PasswordHolder.this.tokenPIN = passwordDialog.getTokenPIN();
                }
            });
        }

        char[] getKeyStorePassword(boolean z) {
            if (z || this.keyStorePassword == null) {
                showDialog(PasswordDialog.Type.KEY);
            }
            return this.keyStorePassword;
        }

        char[] getTokenPIN() {
            showDialog(PasswordDialog.Type.TOKEN);
            return this.tokenPIN;
        }

        void reset() {
            for (int i = 0; i < this.keyStorePassword.length; i++) {
                this.keyStorePassword[i] = 0;
            }
            for (int i2 = 0; i2 < this.tokenPIN.length; i2++) {
                this.tokenPIN[i2] = 0;
            }
            this.keyStorePassword = null;
            this.tokenPIN = null;
        }

        /* synthetic */ PasswordHolder(VeriniceSecurityProvider veriniceSecurityProvider, PasswordHolder passwordHolder) {
            this();
        }
    }

    /* loaded from: input_file:sernet/gs/ui/rcp/main/security/VeriniceSecurityProvider$VeriniceKeyStore.class */
    public static class VeriniceKeyStore extends DelegatingKeyStore {
        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore
        protected DelegatingKeyStore.Configuration init() {
            DelegatingKeyStore.Configuration configuration = new DelegatingKeyStore.Configuration();
            try {
                if (VeriniceSecurityProvider.instance.usePKCS11LibraryAsKeyStore()) {
                    configuration.keyStore = KeyStore.getInstance("PKCS11", "SunPKCS11-verinice");
                } else {
                    if (VeriniceSecurityProvider.LOG.isDebugEnabled()) {
                        VeriniceSecurityProvider.LOG.debug("Using jks key store");
                    }
                    configuration.maxAttempts = 3;
                    configuration.passwordHandler = new DelegatingKeyStore.PasswordHandler() { // from class: sernet.gs.ui.rcp.main.security.VeriniceSecurityProvider.VeriniceKeyStore.1
                        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore.PasswordHandler
                        public void handle(DelegatingKeyStore.PasswordSession passwordSession) {
                            passwordSession.setPassword(VeriniceSecurityProvider.instance.getKeyStorePassword(passwordSession.wasWrong()));
                        }
                    };
                    configuration.keyStore = KeyStore.getInstance("jks");
                }
                return configuration;
            } catch (KeyStoreException e) {
                throw new RuntimeException(e);
            } catch (NoSuchProviderException e2) {
                throw new RuntimeException(e2);
            }
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineLoad(inputStream, cArr);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineStore(outputStream, cArr);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate engineGetCertificate(String str) {
            return super.engineGetCertificate(str);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
            return super.engineGetKey(str, cArr);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, key, cArr, certificateArr);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, bArr, certificateArr);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate[] engineGetCertificateChain(String str) {
            return super.engineGetCertificateChain(str);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsKeyEntry(String str) {
            return super.engineIsKeyEntry(str);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineContainsAlias(String str) {
            return super.engineContainsAlias(str);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineDeleteEntry(String str) throws KeyStoreException {
            super.engineDeleteEntry(str);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ String engineGetCertificateAlias(Certificate certificate) {
            return super.engineGetCertificateAlias(certificate);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ int engineSize() {
            return super.engineSize();
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsCertificateEntry(String str) {
            return super.engineIsCertificateEntry(str);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
            super.engineSetCertificateEntry(str, certificate);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Enumeration engineAliases() {
            return super.engineAliases();
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Date engineGetCreationDate(String str) {
            return super.engineGetCreationDate(str);
        }
    }

    /* loaded from: input_file:sernet/gs/ui/rcp/main/security/VeriniceSecurityProvider$VeriniceTrustStore.class */
    public static class VeriniceTrustStore extends DelegatingKeyStore {
        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore
        protected DelegatingKeyStore.Configuration init() {
            DelegatingKeyStore.Configuration configuration = new DelegatingKeyStore.Configuration();
            try {
                if (VeriniceSecurityProvider.instance.usePKCS11LibraryAsTrustStore()) {
                    configuration.keyStore = KeyStore.getInstance("PKCS11", "SunPKCS11-verinice");
                } else {
                    configuration.passwordHandler = null;
                    configuration.keyStore = KeyStore.getInstance("jks");
                }
                return configuration;
            } catch (KeyStoreException e) {
                throw new RuntimeException(e);
            } catch (NoSuchProviderException e2) {
                throw new RuntimeException(e2);
            }
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineLoad(inputStream, cArr);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineStore(outputStream, cArr);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate engineGetCertificate(String str) {
            return super.engineGetCertificate(str);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
            return super.engineGetKey(str, cArr);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, key, cArr, certificateArr);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, bArr, certificateArr);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate[] engineGetCertificateChain(String str) {
            return super.engineGetCertificateChain(str);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsKeyEntry(String str) {
            return super.engineIsKeyEntry(str);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineContainsAlias(String str) {
            return super.engineContainsAlias(str);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineDeleteEntry(String str) throws KeyStoreException {
            super.engineDeleteEntry(str);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ String engineGetCertificateAlias(Certificate certificate) {
            return super.engineGetCertificateAlias(certificate);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ int engineSize() {
            return super.engineSize();
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsCertificateEntry(String str) {
            return super.engineIsCertificateEntry(str);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
            super.engineSetCertificateEntry(str, certificate);
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Enumeration engineAliases() {
            return super.engineAliases();
        }

        @Override // sernet.gs.ui.rcp.main.security.DelegatingKeyStore, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Date engineGetCreationDate(String str) {
            return super.engineGetCreationDate(str);
        }
    }

    public static void register(Preferences preferences) {
        if (LOG.isInfoEnabled()) {
            logProperties(preferences);
        }
        if (!preferences.getBoolean(PreferenceConstants.CRYPTO_VERINICE_SSL_SECURITY_ENABLED) || Security.getProvider(NAME) != null) {
            if (preferences.getBoolean(PreferenceConstants.CRYPTO_PKCS11_LIBRARY_ENABLED)) {
                new VeriniceSecurityProvider(preferences).setupSunPKCS11Provider();
                return;
            }
            return;
        }
        VeriniceSecurityProvider veriniceSecurityProvider = new VeriniceSecurityProvider(preferences);
        Security.addProvider(veriniceSecurityProvider);
        veriniceSecurityProvider.init();
        Security.setProperty("ssl.KeyManagerFactory.algorithm", PRODUCTNAME);
        Security.setProperty("ssl.TrustManagerFactory.algorithm", PRODUCTNAME);
        System.setProperty("javax.net.ssl.trustStoreType", VERINICE_TRUSTSTORE);
        System.setProperty("javax.net.ssl.keyStoreType", VERINICE_KEYSTORE);
    }

    public VeriniceSecurityProvider(Preferences preferences) {
        super(NAME, 1.0d, "Verinice' Security Provider");
        this.holder = new PasswordHolder(this, null);
        this.prefs = preferences;
        instance = this;
    }

    private void init() {
        putService(new Provider.Service(this, "KeyManagerFactory", PRODUCTNAME, DelegatingKeyManagerFactory.class.getName(), null, null));
        putService(new Provider.Service(this, "TrustManagerFactory", PRODUCTNAME, DelegatingTrustManagerFactory.class.getName(), null, null));
        putService(new Provider.Service(this, "KeyStore", VERINICE_KEYSTORE, VeriniceKeyStore.class.getName(), null, null));
        putService(new Provider.Service(this, "KeyStore", VERINICE_TRUSTSTORE, VeriniceTrustStore.class.getName(), null, null));
        if (isPKCS11LibraryEnabled()) {
            if (LOG.isInfoEnabled()) {
                LOG.info("PKCS11 library is enabled");
            }
            setupSunPKCS11Provider();
        } else if (LOG.isDebugEnabled()) {
            LOG.debug("PKCS11 library is disabled");
        }
    }

    private void setupSunPKCS11Provider() {
        String createPKCS11ConfigFile;
        if (Security.getProvider("SunPKCS11-verinice") == null && (createPKCS11ConfigFile = createPKCS11ConfigFile()) != null) {
            if (LOG.isDebugEnabled()) {
                LOG.debug("Setup SunPKCS11 AuthProvider with config file: " + createPKCS11ConfigFile);
            }
            SunPKCS11 sunPKCS11 = new SunPKCS11(createPKCS11ConfigFile);
            sunPKCS11.setCallbackHandler(new Helper() { // from class: sernet.gs.ui.rcp.main.security.VeriniceSecurityProvider.1
                @Override // sernet.gs.ui.rcp.main.security.VeriniceSecurityProvider.Helper
                protected void handle(PasswordCallback passwordCallback) {
                    passwordCallback.setPassword(VeriniceSecurityProvider.this.getTokenPIN());
                }
            });
            Security.addProvider(sunPKCS11);
        }
    }

    char[] initKeyStore(KeyStore keyStore, char[] cArr) throws NoSuchAlgorithmException, CertificateException, IOException, UnrecoverableKeyException, KeyStoreException {
        if (!useFileAsKeyStore()) {
            return null;
        }
        String keyStoreFile = getKeyStoreFile();
        if (keyStoreFile != null && !keyStoreFile.isEmpty()) {
            if (LOG.isInfoEnabled()) {
                LOG.info("Loading keystore: " + keyStoreFile);
            }
            loadKeystore(keyStore, keyStoreFile, cArr);
        }
        return cArr;
    }

    void initTrustStore(KeyStore keyStore) throws NoSuchAlgorithmException, CertificateException, IOException, UnrecoverableKeyException, KeyStoreException {
        if (useFileAsTrustStore()) {
            loadKeystore(keyStore, getTrustStoreFile(), null);
        }
    }

    char[] getKeyStorePassword(boolean z) {
        return this.holder.getKeyStorePassword(z);
    }

    char[] getTokenPIN() {
        return this.holder.getTokenPIN();
    }

    private void loadKeystore(KeyStore keyStore, String str, char[] cArr) throws NoSuchAlgorithmException, CertificateException, IOException {
        FileInputStream fileInputStream = null;
        try {
            fileInputStream = new FileInputStream(str);
            keyStore.load(fileInputStream, cArr);
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException e) {
                }
            }
        } catch (Throwable th) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException e2) {
                }
            }
            throw th;
        }
    }

    private boolean useFileAsTrustStore() {
        return "file".equals(this.prefs.getString(PreferenceConstants.CRYPTO_TRUSTSTORE_SOURCE));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean useFileAsKeyStore() {
        return "file".equals(this.prefs.getString(PreferenceConstants.CRYPTO_KEYSTORE_SOURCE));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean isPKCS11LibraryEnabled() {
        return this.prefs.getBoolean(PreferenceConstants.CRYPTO_PKCS11_LIBRARY_ENABLED) || usePKCS11LibraryAsKeyStore() || usePKCS11LibraryAsTrustStore();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean usePKCS11LibraryAsTrustStore() {
        return "pkcs11".equals(this.prefs.getString(PreferenceConstants.CRYPTO_TRUSTSTORE_SOURCE));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean usePKCS11LibraryAsKeyStore() {
        return "pkcs11".equals(this.prefs.getString(PreferenceConstants.CRYPTO_KEYSTORE_SOURCE));
    }

    private String getTrustStoreFile() {
        return this.prefs.getString(PreferenceConstants.CRYPTO_TRUSTSTORE_FILE);
    }

    private String getKeyStoreFile() {
        return this.prefs.getString(PreferenceConstants.CRYPTO_KEYSTORE_FILE);
    }

    private String createPKCS11ConfigFile() {
        PrintWriter printWriter = null;
        try {
            File createTempFile = File.createTempFile("pkcs11", ".cfg");
            createTempFile.deleteOnExit();
            printWriter = new PrintWriter(new FileOutputStream(createTempFile));
            printWriter.println("name = verinice");
            printWriter.println("description = verinice PKCS#11 configuration");
            printWriter.println("library = " + this.prefs.getString(PreferenceConstants.CRYPTO_PKCS11_LIBRARY_PATH));
            printWriter.close();
            if (LOG.isInfoEnabled()) {
                LOG.info("PKCS11 library path: " + this.prefs.getString(PreferenceConstants.CRYPTO_PKCS11_LIBRARY_PATH));
            }
            if (printWriter != null) {
                IOUtils.closeQuietly(printWriter);
            }
            return createTempFile.getAbsolutePath();
        } catch (IOException e) {
            if (printWriter == null) {
                return null;
            }
            IOUtils.closeQuietly(printWriter);
            return null;
        } catch (Throwable th) {
            if (printWriter != null) {
                IOUtils.closeQuietly(printWriter);
            }
            throw th;
        }
    }

    private static void logProperties(Preferences preferences) {
        LOG.info(logProperty(preferences, PreferenceConstants.CRYPTO_KEYSTORE_FILE));
        LOG.info(logProperty(preferences, PreferenceConstants.CRYPTO_KEYSTORE_SOURCE));
        LOG.info(logProperty(preferences, PreferenceConstants.CRYPTO_PKCS11_CERTIFICATE_ALIAS));
        LOG.info(logProperty(preferences, PreferenceConstants.CRYPTO_PKCS11_LIBRARY_ENABLED));
        LOG.info(logProperty(preferences, PreferenceConstants.CRYPTO_PKCS11_LIBRARY_PATH));
        LOG.info(logProperty(preferences, PreferenceConstants.CRYPTO_SERVER_AUTHENTICATION_VIA_CERTIFICATE_ENABLED));
        LOG.info(logProperty(preferences, PreferenceConstants.CRYPTO_VERINICE_SSL_SECURITY_ENABLED));
    }

    private static String logProperty(Preferences preferences, String str) {
        return String.valueOf(str) + ": " + preferences.getString(str);
    }
}
