package org.jscep.client.inspect;

import java.security.cert.CertStore;
import java.security.cert.CertStoreException;
import java.security.cert.Certificate;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Iterator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes3.dex */
public abstract class AbstractCertStoreInspector implements CertStoreInspector {
    static final Logger LOGGER = LoggerFactory.getLogger(AbstractCertStoreInspector.class);
    protected X509Certificate issuer;
    protected X509Certificate recipient;
    protected X509Certificate signer;
    protected final CertStore store;

    public AbstractCertStoreInspector(CertStore certStore) {
        this.store = certStore;
        try {
            inspect();
        } catch (CertStoreException e) {
            throw new RuntimeException(e);
        }
    }

    private void inspect() throws CertStoreException {
        Collection<? extends Certificate> certificates = this.store.getCertificates(null);
        LOGGER.debug("CertStore contains {} certificate(s):", Integer.valueOf(certificates.size()));
        Iterator<? extends Certificate> it = certificates.iterator();
        int i = 0;
        while (it.hasNext()) {
            X509Certificate x509Certificate = (X509Certificate) it.next();
            i++;
            LOGGER.debug("{}. '[dn={}; serial={}]'", Integer.valueOf(i), x509Certificate.getSubjectDN(), x509Certificate.getSerialNumber());
        }
        LOGGER.debug("Looking for recipient entity");
        this.recipient = selectCertificate(this.store, getRecipientSelectors());
        LOGGER.debug("Using [dn={}; serial={}] for recipient entity", this.recipient.getSubjectDN(), this.recipient.getSerialNumber());
        LOGGER.debug("Looking for message signing entity");
        this.signer = selectCertificate(this.store, getSignerSelectors());
        LOGGER.debug("Using [dn={}; serial={}] for message signing entity", this.signer.getSubjectDN(), this.signer.getSerialNumber());
        LOGGER.debug("Looking for issuing entity");
        this.issuer = selectCertificate(this.store, getIssuerSelectors(this.recipient.getIssuerX500Principal().getEncoded()));
        LOGGER.debug("Using [dn={}; serial={}] for issuing entity", this.issuer.getSubjectDN(), this.issuer.getSerialNumber());
    }

    @Override // org.jscep.client.inspect.CertStoreInspector
    public final X509Certificate getIssuer() {
        return this.issuer;
    }

    protected abstract Collection<X509CertSelector> getIssuerSelectors(byte[] bArr);

    @Override // org.jscep.client.inspect.CertStoreInspector
    public final X509Certificate getRecipient() {
        return this.recipient;
    }

    protected abstract Collection<X509CertSelector> getRecipientSelectors();

    @Override // org.jscep.client.inspect.CertStoreInspector
    public final X509Certificate getSigner() {
        return this.signer;
    }

    protected abstract Collection<X509CertSelector> getSignerSelectors();

    X509Certificate selectCertificate(CertStore certStore, Collection<X509CertSelector> collection) throws CertStoreException {
        Iterator<X509CertSelector> it = collection.iterator();
        while (it.hasNext()) {
            Collection<? extends Certificate> certificates = certStore.getCertificates(it.next());
            if (certificates.size() > 0) {
                return (X509Certificate) certificates.iterator().next();
            }
            LOGGER.debug("No certificates selected");
        }
        return (X509Certificate) certStore.getCertificates(null).iterator().next();
    }
}
