package pl.unizeto.android.cryptoapi.certificatestoremanager;

import iaik.asn1.CodingException;
import iaik.asn1.structures.GeneralName;
import iaik.asn1.structures.GeneralNames;
import iaik.asn1.structures.Name;
import iaik.cms.CertificateIdentifier;
import iaik.pkcs.pkcs11.provider.TokenKeyStore;
import iaik.x509.X509ExtensionInitException;
import iaik.x509.extensions.AuthorityKeyIdentifier;
import iaik.x509.extensions.SubjectKeyIdentifier;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.InvocationTargetException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;
import javax.security.auth.x500.X500Principal;
import org.apache.commons.io.IOUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import pl.unizeto.android.cryptoapi.certpolicies.CertPoliciesProcessor;
import pl.unizeto.android.cryptoapi.exception.PKIErrorCode;
import pl.unizeto.android.cryptoapi.exception.PKIException;
import pl.unizeto.android.cryptoapi.util.Digest;
import pl.unizeto.android.cryptoapi.util.cert.CertificateInfoUtil;
import pl.unizeto.android.cryptoapi.util.cert.CertificateUsage;
import pl.unizeto.android.cryptoapi.util.cert.CertificateUtils;
import pl.unizeto.android.cryptoapi.util.certpolicies.exceptions.CertPoliciesException;
import pl.unizeto.android.cryptoapi.util.key.KeyUtils;
import pl.unizeto.android.cryptoapi.util.principal.PrincipalUtils;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class UniCertificateStoreManagerImpl implements UniCertificateStoreManager {
    private static final Logger log = LoggerFactory.getLogger(UniCertificateStoreManagerImpl.class.getSimpleName());
    private Vector<X509Certificate> certificateCache = new Vector<>();
    private List<KeyStoreHandler> certificateStores = new ArrayList();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public static class KeyStoreHandler {
        private String alias;
        private KeyStore keyStore;
        private boolean qualified;

        public KeyStoreHandler(String str, KeyStore keyStore) {
            this(str, keyStore, false);
        }

        public KeyStoreHandler(String str, KeyStore keyStore, boolean z) {
            this.qualified = false;
            this.alias = str;
            this.keyStore = keyStore;
            this.qualified = z;
        }

        public String getAlias() {
            return this.alias;
        }

        public KeyStore getKeyStore() {
            return this.keyStore;
        }

        public boolean isQualified() {
            return this.qualified;
        }

        public void setKeyStore(KeyStore keyStore) {
            this.keyStore = keyStore;
        }

        public void setQualified(boolean z) {
            this.qualified = z;
        }
    }

    private void addCertificateToCollection(X509Certificate x509Certificate, Collection<X509Certificate> collection) throws CertificateEncodingException {
        if (x509Certificate == null || collection == null) {
            return;
        }
        synchronized (collection) {
            if (!findCertificateInCollection(x509Certificate, collection)) {
                collection.add(x509Certificate);
            }
        }
    }

    private boolean findCertificateInCollection(X509Certificate x509Certificate, Collection<X509Certificate> collection) throws CertificateEncodingException {
        boolean z = false;
        if (x509Certificate != null && collection != null) {
            synchronized (collection) {
                Iterator<X509Certificate> it = collection.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    if (Arrays.equals(x509Certificate.getEncoded(), it.next().getEncoded())) {
                        z = true;
                        break;
                    }
                }
            }
        }
        return z;
    }

    private boolean findCertificateInStore(X509Certificate x509Certificate, boolean z) throws PKIException, KeyStoreException, CertificateEncodingException {
        synchronized (this.certificateStores) {
            for (KeyStoreHandler keyStoreHandler : this.certificateStores) {
                log.debug("Przeszukiwanie magazynu o aliasie " + keyStoreHandler.getAlias());
                if (!z || keyStoreHandler.isQualified()) {
                    KeyStore keyStore = keyStoreHandler.getKeyStore();
                    Enumeration<String> aliases = keyStore.aliases();
                    while (aliases.hasMoreElements()) {
                        X509Certificate x509Certificate2 = (X509Certificate) keyStore.getCertificate(aliases.nextElement());
                        if (x509Certificate2 != null && Arrays.equals(x509Certificate.getEncoded(), x509Certificate2.getEncoded())) {
                            if (log.isDebugEnabled()) {
                                log.debug("Znaleziono poszukiwany certyfikat w magazynie");
                            }
                            return true;
                        }
                    }
                }
            }
            if (log.isDebugEnabled()) {
                log.debug("Nie znaleziono poszukiwanego certyfikatu w magazynie " + (z ? "kwalifikowanych" : "niekwalifikowanych") + " wystawców (" + CertificateInfoUtil.getSubjectAndSerialNumberString(x509Certificate) + ")");
            }
            return false;
        }
    }

    private KeyStoreHandler findCertificateStore(String str) {
        for (KeyStoreHandler keyStoreHandler : this.certificateStores) {
            if (keyStoreHandler.getAlias().equals(str)) {
                return keyStoreHandler;
            }
        }
        return null;
    }

    private Collection<X509Certificate> getAllCertificatesFromStore(String str) throws KeyStoreException {
        log.debug("Pobieranie wszystkich certyfikatów z magazynu '" + str + "'");
        if (str == null) {
            throw new IllegalArgumentException("Parameter alias is null");
        }
        Vector vector = new Vector();
        KeyStoreHandler findCertificateStore = findCertificateStore(str);
        if (findCertificateStore != null) {
            KeyStore keyStore = findCertificateStore.getKeyStore();
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(aliases.nextElement());
                if (x509Certificate != null) {
                    vector.add(x509Certificate);
                }
            }
        }
        log.debug("Zwracanie wszystkich certyfikatów z magazynu '" + str + "'");
        return vector;
    }

    private X509Certificate getCertificateByCertificateIdentifierFromCollection(CertificateIdentifier certificateIdentifier, Collection<X509Certificate> collection) throws CertificateException, KeyStoreException, CodingException {
        if (certificateIdentifier == null) {
            throw new IllegalArgumentException("Parameter certificateIdentifier is null");
        }
        if (collection == null) {
            throw new IllegalArgumentException("Parameter certificateCollection is null");
        }
        X509Certificate x509Certificate = null;
        synchronized (collection) {
            Iterator<X509Certificate> it = collection.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                X509Certificate next = it.next();
                if (certificateIdentifier.identifiesCert(new iaik.x509.X509Certificate(next.getEncoded()))) {
                    x509Certificate = next;
                    break;
                }
            }
        }
        return x509Certificate;
    }

    private X509Certificate getCertificateByCertificateIdentifierFromStore(CertificateIdentifier certificateIdentifier) throws CertificateException, KeyStoreException, CodingException, PKIException {
        if (certificateIdentifier == null) {
            throw new IllegalArgumentException("Parameter certificateIdentifier is null");
        }
        synchronized (this.certificateStores) {
            Iterator<KeyStoreHandler> it = this.certificateStores.iterator();
            while (it.hasNext()) {
                KeyStore keyStore = it.next().getKeyStore();
                Enumeration<String> aliases = keyStore.aliases();
                while (aliases.hasMoreElements()) {
                    X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(aliases.nextElement());
                    if (x509Certificate != null && certificateIdentifier.identifiesCert(new iaik.x509.X509Certificate(x509Certificate.getEncoded()))) {
                        addCertificateToCache(x509Certificate);
                        return x509Certificate;
                    }
                }
            }
            return null;
        }
    }

    private X509Certificate getCertificateByDigestFromCollection(byte[] bArr, Collection<X509Certificate> collection) throws CertificateException, NoSuchAlgorithmException, PKIException {
        if (bArr == null) {
            throw new IllegalArgumentException("Parameter digest is null");
        }
        if (collection == null) {
            throw new IllegalArgumentException("Parameter certificateCollection is null");
        }
        X509Certificate x509Certificate = null;
        synchronized (collection) {
            Iterator<X509Certificate> it = collection.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                X509Certificate next = it.next();
                try {
                    if (Arrays.equals(bArr, Digest.digest(next.getEncoded(), "SHA1"))) {
                        x509Certificate = next;
                        break;
                    }
                } catch (IOException e) {
                    throw new PKIException(e, PKIErrorCode.CODING_ERROR, "X509Certificate");
                }
            }
        }
        return x509Certificate;
    }

    private X509Certificate getCertificateByDigestFromStore(byte[] bArr) throws CertificateException, KeyStoreException, NoSuchAlgorithmException, CertificateEncodingException, PKIException {
        if (bArr == null) {
            throw new IllegalArgumentException("Parameter digest is null");
        }
        synchronized (this.certificateStores) {
            Iterator<KeyStoreHandler> it = this.certificateStores.iterator();
            while (it.hasNext()) {
                KeyStore keyStore = it.next().getKeyStore();
                Enumeration<String> aliases = keyStore.aliases();
                while (aliases.hasMoreElements()) {
                    X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(aliases.nextElement());
                    if (x509Certificate != null) {
                        try {
                            if (Arrays.equals(bArr, Digest.digest(x509Certificate.getEncoded(), "SHA1"))) {
                                addCertificateToCache(x509Certificate);
                                return x509Certificate;
                            }
                        } catch (IOException e) {
                            throw new PKIException(e, PKIErrorCode.CODING_ERROR, new String[0]);
                        }
                    }
                }
            }
            return null;
        }
    }

    private X509Certificate getCertificateByIssuerAndSerialFromCollection(Principal principal, BigInteger bigInteger, Collection<X509Certificate> collection) throws CodingException, PKIException, SecurityException, NoSuchMethodException, IllegalAccessException, InvocationTargetException {
        if (principal == null) {
            throw new IllegalArgumentException("Parameter issuer is null");
        }
        if (bigInteger == null) {
            throw new IllegalArgumentException("Parameter serialNo is null");
        }
        if (collection == null) {
            throw new IllegalArgumentException("certificateCollection is null");
        }
        if (!(principal instanceof Name)) {
            principal = new Name(((X500Principal) principal).getEncoded());
        }
        X509Certificate x509Certificate = null;
        synchronized (collection) {
            Iterator<X509Certificate> it = collection.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                X509Certificate next = it.next();
                if (PrincipalUtils.equals(next.getIssuerDN().getName(), principal.getName()) && bigInteger.equals(next.getSerialNumber())) {
                    x509Certificate = next;
                    break;
                }
            }
        }
        return x509Certificate;
    }

    private X509Certificate getCertificateByIssuerAndSerialFromStore(Principal principal, BigInteger bigInteger) throws CertificateException, KeyStoreException, CodingException, PKIException, SecurityException, NoSuchMethodException, IllegalAccessException, InvocationTargetException {
        if (principal == null) {
            throw new IllegalArgumentException("Parameter subject is null");
        }
        if (bigInteger == null) {
            throw new IllegalArgumentException("Parameter serialNo is null");
        }
        if (!(principal instanceof Name)) {
            principal = new Name(((X500Principal) principal).getEncoded());
        }
        synchronized (this.certificateStores) {
            Iterator<KeyStoreHandler> it = this.certificateStores.iterator();
            while (it.hasNext()) {
                KeyStore keyStore = it.next().getKeyStore();
                Enumeration<String> aliases = keyStore.aliases();
                while (aliases.hasMoreElements()) {
                    X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(aliases.nextElement());
                    if (x509Certificate != null) {
                        BigInteger serialNumber = x509Certificate.getSerialNumber();
                        if (PrincipalUtils.equals(x509Certificate.getIssuerDN().getName(), principal.getName()) && serialNumber.equals(bigInteger)) {
                            addCertificateToCache(x509Certificate);
                            return x509Certificate;
                        }
                    }
                }
            }
            return null;
        }
    }

    private X509Certificate getCertificateByKeyIdentifierFromCollection(byte[] bArr, Collection<X509Certificate> collection) throws CertificateException, UniCertificateStoreManagerException {
        if (bArr == null) {
            throw new IllegalArgumentException("Parameter keyIdentifier is null");
        }
        if (collection == null) {
            throw new IllegalArgumentException("Parameter certificateCollection is null");
        }
        X509Certificate x509Certificate = null;
        try {
            synchronized (collection) {
                Iterator<X509Certificate> it = collection.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    X509Certificate next = it.next();
                    SubjectKeyIdentifier subjectKeyIdentifier = (SubjectKeyIdentifier) new iaik.x509.X509Certificate(next.getEncoded()).getExtension(SubjectKeyIdentifier.oid);
                    if (subjectKeyIdentifier != null && Arrays.equals(bArr, subjectKeyIdentifier.get())) {
                        x509Certificate = next;
                        break;
                    }
                }
            }
            return x509Certificate;
        } catch (X509ExtensionInitException e) {
            throw new UniCertificateStoreManagerException(e, PKIErrorCode.UNI_CERTITICATE_STORE_MANAGER_CERTIFICATE_EXTENSION_INIT_ERROR, e.getMessage());
        }
    }

    private X509Certificate getCertificateByKeyIdentifierFromStore(byte[] bArr) throws KeyStoreException, CertificateException, UniCertificateStoreManagerException, PKIException {
        SubjectKeyIdentifier subjectKeyIdentifier;
        if (bArr == null) {
            throw new IllegalArgumentException("Parameter keyIdentifier is null");
        }
        synchronized (this.certificateStores) {
            Iterator<KeyStoreHandler> it = this.certificateStores.iterator();
            while (it.hasNext()) {
                KeyStore keyStore = it.next().getKeyStore();
                try {
                    Enumeration<String> aliases = keyStore.aliases();
                    while (aliases.hasMoreElements()) {
                        iaik.x509.X509Certificate x509Certificate = new iaik.x509.X509Certificate(keyStore.getCertificate(aliases.nextElement()).getEncoded());
                        if (x509Certificate != null && (subjectKeyIdentifier = (SubjectKeyIdentifier) x509Certificate.getExtension(SubjectKeyIdentifier.oid)) != null && Arrays.equals(bArr, subjectKeyIdentifier.get())) {
                            addCertificateToCache(x509Certificate);
                            return x509Certificate;
                        }
                    }
                } catch (X509ExtensionInitException e) {
                    throw new UniCertificateStoreManagerException(e, PKIErrorCode.UNI_CERTITICATE_STORE_MANAGER_CERTIFICATE_EXTENSION_INIT_ERROR, e.getMessage());
                }
            }
            return null;
        }
    }

    private X509Certificate getCertificateBySubjectAndSerialFromCollection(Principal principal, BigInteger bigInteger, Collection<X509Certificate> collection) throws CodingException, PKIException, SecurityException, NoSuchMethodException, IllegalAccessException, InvocationTargetException {
        if (principal == null) {
            throw new IllegalArgumentException("Parameter subject is null");
        }
        if (bigInteger == null) {
            throw new IllegalArgumentException("Parameter serialNo is null");
        }
        if (collection == null) {
            throw new IllegalArgumentException("Parameter certificateCollection is null");
        }
        if (!(principal instanceof Name)) {
            principal = new Name(((X500Principal) principal).getEncoded());
        }
        X509Certificate x509Certificate = null;
        synchronized (collection) {
            Iterator<X509Certificate> it = collection.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                X509Certificate next = it.next();
                if (next instanceof iaik.x509.X509Certificate) {
                    next = CertificateUtils.convert((iaik.x509.X509Certificate) next);
                }
                try {
                    if (PrincipalUtils.equals(new Name(next.getSubjectX500Principal().getEncoded()), (Name) principal) && bigInteger.equals(next.getSerialNumber())) {
                        x509Certificate = next;
                        break;
                    }
                } catch (Exception e) {
                    throw new PKIException(e, PKIErrorCode.CODING_ERROR, "X500Principal");
                }
            }
        }
        return x509Certificate;
    }

    private X509Certificate getCertificateBySubjectAndSerialFromStore(Principal principal, BigInteger bigInteger) throws CertificateException, KeyStoreException, CodingException, PKIException, SecurityException, NoSuchMethodException, IllegalAccessException, InvocationTargetException {
        if (principal == null) {
            throw new IllegalArgumentException("Parameter subject is null");
        }
        if (bigInteger == null) {
            throw new IllegalArgumentException("Parameter serialNo is null");
        }
        if (!(principal instanceof Name)) {
            principal = new Name(((X500Principal) principal).getEncoded());
        }
        synchronized (this.certificateStores) {
            Iterator<KeyStoreHandler> it = this.certificateStores.iterator();
            while (it.hasNext()) {
                KeyStore keyStore = it.next().getKeyStore();
                Enumeration<String> aliases = keyStore.aliases();
                while (aliases.hasMoreElements()) {
                    X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(aliases.nextElement());
                    if (x509Certificate instanceof iaik.x509.X509Certificate) {
                        x509Certificate = CertificateUtils.convert((iaik.x509.X509Certificate) x509Certificate);
                    }
                    if (x509Certificate != null) {
                        Name name = new Name(x509Certificate.getSubjectX500Principal().getEncoded());
                        BigInteger serialNumber = x509Certificate.getSerialNumber();
                        if (PrincipalUtils.equals(name, (Name) principal) && serialNumber.equals(bigInteger)) {
                            addCertificateToCache(x509Certificate);
                            return x509Certificate;
                        }
                    }
                }
            }
            return null;
        }
    }

    private Collection<X509Certificate> getCertificatesBySubjectFromCollection(Principal principal, Collection<X509Certificate> collection) throws CodingException, PKIException, SecurityException, NoSuchMethodException, IllegalAccessException, InvocationTargetException {
        if (principal == null) {
            throw new IllegalArgumentException("Parameter subject is null");
        }
        if (collection == null) {
            throw new IllegalArgumentException("Parameter certificateCollection is null");
        }
        if (!(principal instanceof Name)) {
            principal = new Name(((X500Principal) principal).getEncoded());
        }
        Vector vector = new Vector();
        synchronized (collection) {
            Iterator<X509Certificate> it = collection.iterator();
            while (it.hasNext()) {
                X509Certificate next = it.next();
                if (next instanceof iaik.x509.X509Certificate) {
                    next = CertificateUtils.convert((iaik.x509.X509Certificate) next);
                }
                if (PrincipalUtils.equals(new Name(next.getSubjectX500Principal().getEncoded()), (Name) principal)) {
                    vector.add(next);
                }
            }
        }
        return vector;
    }

    private Collection<X509Certificate> getCertificatesBySubjectFromStore(Principal principal) throws CertificateException, KeyStoreException, CodingException, PKIException, SecurityException, NoSuchMethodException, IllegalAccessException, InvocationTargetException {
        if (principal == null) {
            throw new IllegalArgumentException("Parameter subject is null");
        }
        if (!(principal instanceof Name)) {
            principal = new Name(((X500Principal) principal).getEncoded());
        }
        Vector vector = new Vector();
        synchronized (this.certificateStores) {
            Iterator<KeyStoreHandler> it = this.certificateStores.iterator();
            while (it.hasNext()) {
                KeyStore keyStore = it.next().getKeyStore();
                Enumeration<String> aliases = keyStore.aliases();
                while (aliases.hasMoreElements()) {
                    X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(aliases.nextElement());
                    if (x509Certificate instanceof iaik.x509.X509Certificate) {
                        x509Certificate = CertificateUtils.convert((iaik.x509.X509Certificate) x509Certificate);
                    }
                    if (x509Certificate != null && PrincipalUtils.equals(new Name(x509Certificate.getSubjectX500Principal().getEncoded()), (Name) principal)) {
                        vector.add(x509Certificate);
                        addCertificateToCache(x509Certificate);
                    }
                }
            }
        }
        return vector;
    }

    private X509Certificate getIssuerCertificateFromCollection(X509Certificate x509Certificate, Collection<X509Certificate> collection) throws InvalidKeyException, NoSuchProviderException, NoSuchAlgorithmException, CertificateException, CodingException, UniCertificateStoreManagerException, PKIException {
        if (x509Certificate == null) {
            throw new IllegalArgumentException("Parameter cert is null");
        }
        if (collection == null) {
            throw new IllegalArgumentException("Parameter certCollection is null");
        }
        synchronized (collection) {
            for (X509Certificate x509Certificate2 : collection) {
                if (CertificateUsage.isLegalIssuer(x509Certificate2, x509Certificate)) {
                    return x509Certificate2;
                }
            }
            return null;
        }
    }

    private X509Certificate getIssuerCertificateFromStore(X509Certificate x509Certificate) throws KeyStoreException, InvalidKeyException, NoSuchProviderException, NoSuchAlgorithmException, CertificateException, CodingException, UniCertificateStoreManagerException, PKIException {
        if (x509Certificate == null) {
            throw new IllegalArgumentException("Parameter cert is null");
        }
        synchronized (this.certificateStores) {
            Iterator<KeyStoreHandler> it = this.certificateStores.iterator();
            while (it.hasNext()) {
                KeyStore keyStore = it.next().getKeyStore();
                Enumeration<String> aliases = keyStore.aliases();
                while (aliases.hasMoreElements()) {
                    X509Certificate x509Certificate2 = (X509Certificate) keyStore.getCertificate(aliases.nextElement());
                    if (x509Certificate2 != null && CertificateUsage.isLegalIssuer(x509Certificate2, x509Certificate)) {
                        addCertificateToCache(x509Certificate2);
                        return x509Certificate2;
                    }
                }
            }
            return null;
        }
    }

    private KeyStore loadKeyStore(String str, char[] cArr) {
        InputStream inputStream = null;
        try {
            inputStream = getClass().getClassLoader().getResourceAsStream(str);
            KeyStore keyStore = KeyStore.getInstance("BKS");
            keyStore.load(inputStream, cArr);
            return keyStore;
        } catch (KeyStoreException e) {
            log.error("Nie udało sie wczytać magazynu certyfikatów", (Throwable) e);
            return null;
        } catch (CertificateException e2) {
            log.error("Nie udało sie wczytać magazynu certyfikatów", (Throwable) e2);
            return null;
        } catch (IOException e3) {
            log.error("Nie udało sie wczytać magazynu certyfikatów", (Throwable) e3);
            return null;
        } catch (FileNotFoundException e4) {
            log.error("Nie udało sie wczytać magazynu certyfikatów", (Throwable) e4);
            return null;
        } catch (NoSuchAlgorithmException e5) {
            log.error("Nie udało sie wczytać magazynu certyfikatów", (Throwable) e5);
            return null;
        } finally {
            IOUtils.closeQuietly(inputStream);
        }
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public void addCertificateStore(KeyStore keyStore, String str) throws UniCertificateStoreManagerException {
        addCertificateStore(keyStore, str, false);
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public void addCertificateStore(KeyStore keyStore, String str, boolean z) throws UniCertificateStoreManagerException {
        if (keyStore == null) {
            throw new IllegalArgumentException("Parameter keyStore is null");
        }
        if (str == null) {
            throw new IllegalArgumentException("Parameter alias is null");
        }
        log.debug("Dodawanie magazynu o aliasie " + str);
        synchronized (this.certificateStores) {
            if (findCertificateStore(str) != null) {
                throw new UniCertificateStoreManagerException(PKIErrorCode.UNI_CERTITICATE_STORE_MANAGER_ALIAS_ALREADY_EXISTS, "'" + str + "'");
            }
            this.certificateStores.add(new KeyStoreHandler(str, keyStore, z));
        }
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public void addCertificateToCache(X509Certificate x509Certificate) throws PKIException {
        if (x509Certificate == null) {
            throw new IllegalArgumentException("Parameter certificate is null");
        }
        try {
            synchronized (this.certificateCache) {
                if (findCertificateInCollection(x509Certificate, this.certificateCache)) {
                    return;
                }
                this.certificateCache.add(new iaik.x509.X509Certificate(x509Certificate.getEncoded()));
            }
        } catch (CertificateException e) {
            throw new PKIException(e, PKIErrorCode.EXTERNAL_EXCEPTION, e.getClass().getName());
        }
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public void clearCertificateCache() {
        synchronized (this.certificateCache) {
            this.certificateCache.clear();
        }
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public boolean findCertificate(X509Certificate x509Certificate) throws PKIException {
        return findCertificate(x509Certificate, false);
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public boolean findCertificate(X509Certificate x509Certificate, boolean z) throws PKIException {
        if (log.isDebugEnabled()) {
            log.debug("Wyszukiwanie w magazynach certyfikatu: " + CertificateInfoUtil.getSubjectAndSerialNumberString(x509Certificate));
        }
        if (x509Certificate == null) {
            throw new IllegalArgumentException("Parameter certificate is null");
        }
        try {
            return findCertificateInStore(x509Certificate, z);
        } catch (KeyStoreException e) {
            throw new PKIException(e, PKIErrorCode.EXTERNAL_EXCEPTION, e.getClass().getName());
        } catch (CertificateEncodingException e2) {
            throw new PKIException(e2, PKIErrorCode.EXTERNAL_EXCEPTION, e2.getClass().getName());
        }
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public X509Certificate getCertificate(CertificateIdentifier certificateIdentifier) throws UniCertificateStoreManagerException, PKIException {
        X509Certificate certificateByCertificateIdentifierFromCollection;
        try {
            synchronized (this.certificateCache) {
                certificateByCertificateIdentifierFromCollection = getCertificateByCertificateIdentifierFromCollection(certificateIdentifier, this.certificateCache);
            }
            return certificateByCertificateIdentifierFromCollection == null ? getCertificateByCertificateIdentifierFromStore(certificateIdentifier) : certificateByCertificateIdentifierFromCollection;
        } catch (CodingException e) {
            throw new PKIException(e, PKIErrorCode.CODING_ERROR, new String[0]);
        } catch (KeyStoreException e2) {
            throw new PKIException(e2, PKIErrorCode.EXTERNAL_EXCEPTION, e2.getClass().getName());
        } catch (CertificateEncodingException e3) {
            throw new PKIException(e3, PKIErrorCode.EXTERNAL_EXCEPTION, e3.getClass().getName());
        } catch (CertificateException e4) {
            throw new PKIException(e4, PKIErrorCode.EXTERNAL_EXCEPTION, e4.getClass().getName());
        }
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public X509Certificate getCertificate(AuthorityKeyIdentifier authorityKeyIdentifier) throws PKIException {
        Enumeration names;
        if (authorityKeyIdentifier == null) {
            throw new IllegalArgumentException("Parameter authorityKeyIdentifier is null");
        }
        X509Certificate x509Certificate = null;
        try {
            byte[] keyIdentifier = authorityKeyIdentifier.getKeyIdentifier();
            if (keyIdentifier != null) {
                synchronized (this.certificateCache) {
                    x509Certificate = getCertificateByKeyIdentifierFromCollection(keyIdentifier, this.certificateCache);
                }
                if (x509Certificate == null || !CertificateUsage.isCaCert(x509Certificate)) {
                    x509Certificate = getCertificateByKeyIdentifierFromStore(keyIdentifier);
                }
            }
            if (x509Certificate == null || !CertificateUsage.isCaCert(x509Certificate)) {
                Name name = null;
                GeneralNames authorityCertIssuer = authorityKeyIdentifier.getAuthorityCertIssuer();
                if (authorityCertIssuer != null && (names = authorityCertIssuer.getNames()) != null) {
                    while (names.hasMoreElements()) {
                        GeneralName generalName = (GeneralName) names.nextElement();
                        if (generalName.getType() == 4) {
                            name = (Name) generalName.getName();
                        }
                    }
                }
                BigInteger authorityCertSerialNumber = authorityKeyIdentifier.getAuthorityCertSerialNumber();
                if (name != null && authorityCertSerialNumber != null) {
                    synchronized (this.certificateCache) {
                        x509Certificate = getCertificateBySubjectAndSerialFromCollection(name, authorityCertSerialNumber, this.certificateCache);
                    }
                    if (x509Certificate == null || !CertificateUsage.isCaCert(x509Certificate)) {
                        x509Certificate = getCertificateBySubjectAndSerialFromStore(name, authorityCertSerialNumber);
                    }
                }
            }
            if (x509Certificate == null || CertificateUsage.isCaCert(x509Certificate)) {
                return x509Certificate;
            }
            return null;
        } catch (CodingException e) {
            throw new PKIException(e, PKIErrorCode.CODING_ERROR, new String[0]);
        } catch (IllegalAccessException e2) {
            throw new PKIException(e2, PKIErrorCode.EXTERNAL_EXCEPTION, e2.getClass().getName());
        } catch (NoSuchMethodException e3) {
            throw new PKIException(e3, PKIErrorCode.EXTERNAL_EXCEPTION, e3.getClass().getName());
        } catch (SecurityException e4) {
            throw new PKIException(e4, PKIErrorCode.EXTERNAL_EXCEPTION, e4.getClass().getName());
        } catch (InvocationTargetException e5) {
            throw new PKIException(e5, PKIErrorCode.EXTERNAL_EXCEPTION, e5.getClass().getName());
        } catch (KeyStoreException e6) {
            throw new PKIException(e6, PKIErrorCode.EXTERNAL_EXCEPTION, e6.getClass().getName());
        } catch (CertificateEncodingException e7) {
            throw new PKIException(e7, PKIErrorCode.EXTERNAL_EXCEPTION, e7.getClass().getName());
        } catch (CertificateException e8) {
            throw new PKIException(e8, PKIErrorCode.EXTERNAL_EXCEPTION, e8.getClass().getName());
        }
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public X509Certificate getCertificate(Principal principal, BigInteger bigInteger) throws PKIException {
        X509Certificate certificateByIssuerAndSerialFromCollection;
        try {
            synchronized (this.certificateCache) {
                certificateByIssuerAndSerialFromCollection = getCertificateByIssuerAndSerialFromCollection(principal, bigInteger, this.certificateCache);
            }
            return certificateByIssuerAndSerialFromCollection == null ? getCertificateByIssuerAndSerialFromStore(principal, bigInteger) : certificateByIssuerAndSerialFromCollection;
        } catch (CodingException e) {
            throw new PKIException(e, PKIErrorCode.CODING_ERROR, new String[0]);
        } catch (IllegalAccessException e2) {
            throw new PKIException(e2, PKIErrorCode.EXTERNAL_EXCEPTION, e2.getClass().getName());
        } catch (NoSuchMethodException e3) {
            throw new PKIException(e3, PKIErrorCode.EXTERNAL_EXCEPTION, e3.getClass().getName());
        } catch (SecurityException e4) {
            throw new PKIException(e4, PKIErrorCode.EXTERNAL_EXCEPTION, e4.getClass().getName());
        } catch (InvocationTargetException e5) {
            throw new PKIException(e5, PKIErrorCode.EXTERNAL_EXCEPTION, e5.getClass().getName());
        } catch (KeyStoreException e6) {
            throw new PKIException(e6, PKIErrorCode.EXTERNAL_EXCEPTION, e6.getClass().getName());
        } catch (CertificateEncodingException e7) {
            throw new PKIException(e7, PKIErrorCode.EXTERNAL_EXCEPTION, e7.getClass().getName());
        } catch (CertificateException e8) {
            throw new PKIException(e8, PKIErrorCode.EXTERNAL_EXCEPTION, e8.getClass().getName());
        }
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public X509Certificate getCertificate(Collection<X509Certificate> collection, CertificateIdentifier certificateIdentifier) throws UniCertificateStoreManagerException, PKIException {
        X509Certificate certificateByCertificateIdentifierFromCollection;
        try {
            X509Certificate certificateByCertificateIdentifierFromCollection2 = getCertificateByCertificateIdentifierFromCollection(certificateIdentifier, collection);
            if (certificateByCertificateIdentifierFromCollection2 != null) {
                addCertificateToCache(certificateByCertificateIdentifierFromCollection2);
                return certificateByCertificateIdentifierFromCollection2;
            }
            synchronized (this.certificateCache) {
                certificateByCertificateIdentifierFromCollection = getCertificateByCertificateIdentifierFromCollection(certificateIdentifier, this.certificateCache);
            }
            return certificateByCertificateIdentifierFromCollection == null ? getCertificateByCertificateIdentifierFromStore(certificateIdentifier) : certificateByCertificateIdentifierFromCollection;
        } catch (CodingException e) {
            throw new PKIException(e, PKIErrorCode.CODING_ERROR, new String[0]);
        } catch (KeyStoreException e2) {
            throw new PKIException(e2, PKIErrorCode.EXTERNAL_EXCEPTION, e2.getClass().getName());
        } catch (CertificateEncodingException e3) {
            throw new PKIException(e3, PKIErrorCode.EXTERNAL_EXCEPTION, e3.getClass().getName());
        } catch (CertificateException e4) {
            throw new PKIException(e4, PKIErrorCode.EXTERNAL_EXCEPTION, e4.getClass().getName());
        }
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public X509Certificate getCertificate(Collection<X509Certificate> collection, AuthorityKeyIdentifier authorityKeyIdentifier) throws UniCertificateStoreManagerException, PKIException {
        Enumeration names;
        if (authorityKeyIdentifier == null) {
            throw new IllegalArgumentException("Parameter authorityKeyIdentifier is null");
        }
        X509Certificate x509Certificate = null;
        try {
            byte[] keyIdentifier = authorityKeyIdentifier.getKeyIdentifier();
            if (keyIdentifier != null) {
                x509Certificate = getCertificateByKeyIdentifierFromCollection(keyIdentifier, collection);
                if (x509Certificate == null || !CertificateUsage.isCaCert(x509Certificate)) {
                    synchronized (this.certificateCache) {
                        x509Certificate = getCertificateByKeyIdentifierFromCollection(keyIdentifier, this.certificateCache);
                    }
                    if (x509Certificate == null || !CertificateUsage.isCaCert(x509Certificate)) {
                        x509Certificate = getCertificateByKeyIdentifierFromStore(keyIdentifier);
                    }
                } else {
                    addCertificateToCache(x509Certificate);
                }
            }
            if (x509Certificate == null || !CertificateUsage.isCaCert(x509Certificate)) {
                Name name = null;
                if (authorityKeyIdentifier.getAuthorityCertIssuer() != null && (names = authorityKeyIdentifier.getAuthorityCertIssuer().getNames()) != null) {
                    while (names.hasMoreElements()) {
                        GeneralName generalName = (GeneralName) names.nextElement();
                        if (generalName.getType() == 4) {
                            name = (Name) generalName.getName();
                        }
                    }
                }
                BigInteger authorityCertSerialNumber = authorityKeyIdentifier.getAuthorityCertSerialNumber();
                if (name != null && authorityCertSerialNumber != null) {
                    x509Certificate = getCertificateBySubjectAndSerialFromCollection(name, authorityCertSerialNumber, collection);
                    if (x509Certificate == null || !CertificateUsage.isCaCert(x509Certificate)) {
                        synchronized (this.certificateCache) {
                            x509Certificate = getCertificateBySubjectAndSerialFromCollection(name, authorityCertSerialNumber, this.certificateCache);
                        }
                        if (x509Certificate == null || !CertificateUsage.isCaCert(x509Certificate)) {
                            x509Certificate = getCertificateBySubjectAndSerialFromStore(name, authorityCertSerialNumber);
                        }
                    } else {
                        addCertificateToCache(x509Certificate);
                    }
                }
            }
            if (x509Certificate == null || CertificateUsage.isCaCert(x509Certificate)) {
                return x509Certificate;
            }
            return null;
        } catch (CodingException e) {
            throw new PKIException(e, PKIErrorCode.CODING_ERROR, new String[0]);
        } catch (IllegalAccessException e2) {
            throw new PKIException(e2, PKIErrorCode.EXTERNAL_EXCEPTION, e2.getClass().getName());
        } catch (NoSuchMethodException e3) {
            throw new PKIException(e3, PKIErrorCode.EXTERNAL_EXCEPTION, e3.getClass().getName());
        } catch (SecurityException e4) {
            throw new PKIException(e4, PKIErrorCode.EXTERNAL_EXCEPTION, e4.getClass().getName());
        } catch (InvocationTargetException e5) {
            throw new PKIException(e5, PKIErrorCode.EXTERNAL_EXCEPTION, e5.getClass().getName());
        } catch (KeyStoreException e6) {
            throw new PKIException(e6, PKIErrorCode.EXTERNAL_EXCEPTION, e6.getClass().getName());
        } catch (CertificateEncodingException e7) {
            throw new PKIException(e7, PKIErrorCode.EXTERNAL_EXCEPTION, e7.getClass().getName());
        } catch (CertificateException e8) {
            throw new PKIException(e8, PKIErrorCode.EXTERNAL_EXCEPTION, e8.getClass().getName());
        }
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public X509Certificate getCertificate(Collection<X509Certificate> collection, Principal principal, BigInteger bigInteger) throws PKIException {
        X509Certificate certificateByIssuerAndSerialFromCollection;
        try {
            X509Certificate certificateByIssuerAndSerialFromCollection2 = getCertificateByIssuerAndSerialFromCollection(principal, bigInteger, collection);
            if (certificateByIssuerAndSerialFromCollection2 != null) {
                addCertificateToCache(certificateByIssuerAndSerialFromCollection2);
                return certificateByIssuerAndSerialFromCollection2;
            }
            synchronized (this.certificateCache) {
                certificateByIssuerAndSerialFromCollection = getCertificateByIssuerAndSerialFromCollection(principal, bigInteger, this.certificateCache);
            }
            return certificateByIssuerAndSerialFromCollection == null ? getCertificateByIssuerAndSerialFromStore(principal, bigInteger) : certificateByIssuerAndSerialFromCollection;
        } catch (CodingException e) {
            throw new PKIException(e, PKIErrorCode.CODING_ERROR, new String[0]);
        } catch (IllegalAccessException e2) {
            throw new PKIException(e2, PKIErrorCode.EXTERNAL_EXCEPTION, e2.getClass().getName());
        } catch (NoSuchMethodException e3) {
            throw new PKIException(e3, PKIErrorCode.EXTERNAL_EXCEPTION, e3.getClass().getName());
        } catch (SecurityException e4) {
            throw new PKIException(e4, PKIErrorCode.EXTERNAL_EXCEPTION, e4.getClass().getName());
        } catch (InvocationTargetException e5) {
            throw new PKIException(e5, PKIErrorCode.EXTERNAL_EXCEPTION, e5.getClass().getName());
        } catch (KeyStoreException e6) {
            throw new PKIException(e6, PKIErrorCode.EXTERNAL_EXCEPTION, e6.getClass().getName());
        } catch (CertificateEncodingException e7) {
            throw new PKIException(e7, PKIErrorCode.EXTERNAL_EXCEPTION, e7.getClass().getName());
        } catch (CertificateException e8) {
            throw new PKIException(e8, PKIErrorCode.EXTERNAL_EXCEPTION, e8.getClass().getName());
        }
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public X509Certificate getCertificate(Collection<X509Certificate> collection, byte[] bArr) throws PKIException {
        X509Certificate certificateByDigestFromCollection;
        try {
            X509Certificate certificateByDigestFromCollection2 = getCertificateByDigestFromCollection(bArr, collection);
            if (certificateByDigestFromCollection2 != null) {
                addCertificateToCache(certificateByDigestFromCollection2);
                return certificateByDigestFromCollection2;
            }
            synchronized (this.certificateCache) {
                certificateByDigestFromCollection = getCertificateByDigestFromCollection(bArr, this.certificateCache);
            }
            return certificateByDigestFromCollection == null ? getCertificateByDigestFromStore(bArr) : certificateByDigestFromCollection;
        } catch (KeyStoreException e) {
            throw new PKIException(e, PKIErrorCode.EXTERNAL_EXCEPTION, e.getClass().getName());
        } catch (NoSuchAlgorithmException e2) {
            throw new PKIException(e2, PKIErrorCode.EXTERNAL_EXCEPTION, e2.getClass().getName());
        } catch (CertificateEncodingException e3) {
            throw new PKIException(e3, PKIErrorCode.EXTERNAL_EXCEPTION, e3.getClass().getName());
        } catch (CertificateException e4) {
            throw new PKIException(e4, PKIErrorCode.EXTERNAL_EXCEPTION, e4.getClass().getName());
        }
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public X509Certificate getCertificate(byte[] bArr) throws PKIException {
        X509Certificate certificateByDigestFromCollection;
        try {
            synchronized (this.certificateCache) {
                certificateByDigestFromCollection = getCertificateByDigestFromCollection(bArr, this.certificateCache);
            }
            return certificateByDigestFromCollection == null ? getCertificateByDigestFromStore(bArr) : certificateByDigestFromCollection;
        } catch (KeyStoreException e) {
            throw new PKIException(e, PKIErrorCode.EXTERNAL_EXCEPTION, e.getClass().getName());
        } catch (NoSuchAlgorithmException e2) {
            throw new PKIException(e2, PKIErrorCode.EXTERNAL_EXCEPTION, e2.getClass().getName());
        } catch (CertificateEncodingException e3) {
            throw new PKIException(e3, PKIErrorCode.EXTERNAL_EXCEPTION, e3.getClass().getName());
        } catch (CertificateException e4) {
            throw new PKIException(e4, PKIErrorCode.EXTERNAL_EXCEPTION, e4.getClass().getName());
        }
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public KeyStore getCertificateStore(String str) {
        if (str == null) {
            throw new IllegalArgumentException("Parameter alias is null");
        }
        synchronized (this.certificateStores) {
            KeyStoreHandler findCertificateStore = findCertificateStore(str);
            if (findCertificateStore == null) {
                return null;
            }
            return findCertificateStore.getKeyStore();
        }
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public List<String> getCertificateStoreAliases() {
        ArrayList arrayList = new ArrayList(this.certificateStores.size());
        Iterator<KeyStoreHandler> it = this.certificateStores.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getAlias());
        }
        return arrayList;
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public Collection<X509Certificate> getCertificates(String str) throws PKIException {
        try {
            return getAllCertificatesFromStore(str);
        } catch (KeyStoreException e) {
            throw new PKIException(e, PKIErrorCode.EXTERNAL_EXCEPTION, e.getClass().getName());
        }
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public Collection<X509Certificate> getCertificates(Principal principal) throws PKIException {
        Collection<X509Certificate> certificatesBySubjectFromCollection;
        try {
            Vector vector = new Vector();
            synchronized (this.certificateCache) {
                certificatesBySubjectFromCollection = getCertificatesBySubjectFromCollection(principal, this.certificateCache);
            }
            Iterator<X509Certificate> it = certificatesBySubjectFromCollection.iterator();
            while (it.hasNext()) {
                addCertificateToCollection(it.next(), vector);
            }
            Iterator<X509Certificate> it2 = getCertificatesBySubjectFromStore(principal).iterator();
            while (it2.hasNext()) {
                addCertificateToCollection(it2.next(), vector);
            }
            return vector;
        } catch (CodingException e) {
            throw new PKIException(e, PKIErrorCode.CODING_ERROR, new String[0]);
        } catch (IllegalAccessException e2) {
            throw new PKIException(e2, PKIErrorCode.EXTERNAL_EXCEPTION, e2.getClass().getName());
        } catch (NoSuchMethodException e3) {
            throw new PKIException(e3, PKIErrorCode.EXTERNAL_EXCEPTION, e3.getClass().getName());
        } catch (SecurityException e4) {
            throw new PKIException(e4, PKIErrorCode.EXTERNAL_EXCEPTION, e4.getClass().getName());
        } catch (InvocationTargetException e5) {
            throw new PKIException(e5, PKIErrorCode.EXTERNAL_EXCEPTION, e5.getClass().getName());
        } catch (KeyStoreException e6) {
            throw new PKIException(e6, PKIErrorCode.EXTERNAL_EXCEPTION, e6.getClass().getName());
        } catch (CertificateEncodingException e7) {
            throw new PKIException(e7, PKIErrorCode.EXTERNAL_EXCEPTION, e7.getClass().getName());
        } catch (CertificateException e8) {
            throw new PKIException(e8, PKIErrorCode.EXTERNAL_EXCEPTION, e8.getClass().getName());
        }
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public Collection<X509Certificate> getCertificates(Collection<X509Certificate> collection, Principal principal) throws PKIException {
        Collection<X509Certificate> certificatesBySubjectFromCollection;
        try {
            Vector vector = new Vector();
            Iterator<X509Certificate> it = getCertificatesBySubjectFromCollection(principal, collection).iterator();
            while (it.hasNext()) {
                addCertificateToCollection(it.next(), vector);
            }
            synchronized (this.certificateCache) {
                certificatesBySubjectFromCollection = getCertificatesBySubjectFromCollection(principal, this.certificateCache);
            }
            Iterator<X509Certificate> it2 = certificatesBySubjectFromCollection.iterator();
            while (it2.hasNext()) {
                addCertificateToCollection(it2.next(), vector);
            }
            Iterator<X509Certificate> it3 = getCertificatesBySubjectFromStore(principal).iterator();
            while (it3.hasNext()) {
                addCertificateToCollection(it3.next(), vector);
            }
            return vector;
        } catch (CodingException e) {
            throw new PKIException(e, PKIErrorCode.CODING_ERROR, new String[0]);
        } catch (IllegalAccessException e2) {
            throw new PKIException(e2, PKIErrorCode.EXTERNAL_EXCEPTION, e2.getClass().getName());
        } catch (NoSuchMethodException e3) {
            throw new PKIException(e3, PKIErrorCode.EXTERNAL_EXCEPTION, e3.getClass().getName());
        } catch (SecurityException e4) {
            throw new PKIException(e4, PKIErrorCode.EXTERNAL_EXCEPTION, e4.getClass().getName());
        } catch (InvocationTargetException e5) {
            throw new PKIException(e5, PKIErrorCode.EXTERNAL_EXCEPTION, e5.getClass().getName());
        } catch (KeyStoreException e6) {
            throw new PKIException(e6, PKIErrorCode.EXTERNAL_EXCEPTION, e6.getClass().getName());
        } catch (CertificateEncodingException e7) {
            throw new PKIException(e7, PKIErrorCode.EXTERNAL_EXCEPTION, e7.getClass().getName());
        } catch (CertificateException e8) {
            throw new PKIException(e8, PKIErrorCode.EXTERNAL_EXCEPTION, e8.getClass().getName());
        }
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public CertificationPath getCertificationPath(X509Certificate x509Certificate) throws UniCertificateStoreManagerException, PKIException {
        if (x509Certificate == null) {
            throw new IllegalArgumentException("Parameter certificate is null");
        }
        log.debug("Tworzenie ścieżki certyfikacji certyfikatu: [" + x509Certificate.getSubjectDN().getName() + "]");
        X509Certificate x509Certificate2 = x509Certificate;
        CertificationPath certificationPath = new CertificationPath();
        while (true) {
            if (x509Certificate2 == null) {
                break;
            }
            try {
                if (CertificateUsage.isLegalIssuer(x509Certificate2, x509Certificate2)) {
                    log.debug("Certyfikat jest certyfikatem końcowym");
                    certificationPath.addRootCertificate(x509Certificate2, findCertificate(x509Certificate2, true));
                    break;
                }
                certificationPath.addCertificate(x509Certificate2);
                log.debug("Dodano do ścieżki certyfikat: " + x509Certificate2);
                x509Certificate2 = getIssuerCertificate(x509Certificate2);
            } catch (CodingException e) {
                throw new PKIException(e, PKIErrorCode.EXTERNAL_EXCEPTION, e.getClass().getName());
            } catch (InvalidKeyException e2) {
                throw new PKIException(e2, PKIErrorCode.EXTERNAL_EXCEPTION, e2.getClass().getName());
            } catch (NoSuchAlgorithmException e3) {
                throw new PKIException(e3, PKIErrorCode.EXTERNAL_EXCEPTION, e3.getClass().getName());
            } catch (NoSuchProviderException e4) {
                throw new PKIException(e4, PKIErrorCode.EXTERNAL_EXCEPTION, e4.getClass().getName());
            } catch (CertificateException e5) {
                throw new PKIException(e5, PKIErrorCode.EXTERNAL_EXCEPTION, e5.getClass().getName());
            }
        }
        CertificateUsage.checkPathLenConstraintObedience(certificationPath);
        if (!certificationPath.isComplete()) {
            throw new UniCertificateStoreManagerException(PKIErrorCode.UNI_CERTITICATE_STORE_MANAGER_CERTIFICATE_NOT_FOUND, certificationPath.getRootCertificate().toString());
        }
        try {
            new CertPoliciesProcessor().checkPoliciesInPath(certificationPath);
            log.debug("Ścieżka certyfikacji została poprawnie zbudowana");
            return certificationPath;
        } catch (CertificateException e6) {
            throw new PKIException(e6);
        } catch (CertPoliciesException e7) {
            throw new PKIException((PKIException) e7);
        }
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public CertificationPath getCertificationPath(Collection<X509Certificate> collection, X509Certificate x509Certificate) throws UniCertificateStoreManagerException, PKIException {
        if (x509Certificate == null) {
            throw new IllegalArgumentException("Parameter certificate is null");
        }
        if (collection == null) {
            throw new IllegalArgumentException("Parameter certificateCollection is null");
        }
        log.debug("Tworzenie ścieżki certyfikacji certyfikatu: [" + x509Certificate.getSubjectDN().getName() + "]");
        X509Certificate x509Certificate2 = x509Certificate;
        CertificationPath certificationPath = new CertificationPath();
        while (true) {
            if (x509Certificate2 == null) {
                break;
            }
            try {
                if (CertificateUsage.isLegalIssuer(x509Certificate2, x509Certificate2)) {
                    log.debug("Certyfikat jest certyfikatem końcowym");
                    certificationPath.addRootCertificate(x509Certificate2, findCertificate(x509Certificate2, true));
                    break;
                }
                certificationPath.addCertificate(x509Certificate2);
                log.debug("Dodano certyfikat do ścieżki");
                x509Certificate2 = getIssuerCertificate(collection, x509Certificate2);
            } catch (CodingException e) {
                throw new PKIException(e, PKIErrorCode.EXTERNAL_EXCEPTION, e.getClass().getName());
            } catch (InvalidKeyException e2) {
                throw new PKIException(e2, PKIErrorCode.EXTERNAL_EXCEPTION, e2.getClass().getName());
            } catch (NoSuchAlgorithmException e3) {
                throw new PKIException(e3, PKIErrorCode.EXTERNAL_EXCEPTION, e3.getClass().getName());
            } catch (NoSuchProviderException e4) {
                throw new PKIException(e4, PKIErrorCode.EXTERNAL_EXCEPTION, e4.getClass().getName());
            } catch (CertificateException e5) {
                throw new PKIException(e5, PKIErrorCode.EXTERNAL_EXCEPTION, e5.getClass().getName());
            }
        }
        CertificateUsage.checkPathLenConstraintObedience(certificationPath);
        if (!certificationPath.isComplete()) {
            log.error("Nie można zbudować pełnej ścieżki certyfikacji");
            throw new UniCertificateStoreManagerException(PKIErrorCode.UNI_CERTITICATE_STORE_MANAGER_CERTIFICATE_NOT_FOUND, certificationPath.getRootCertificate().getIssuerDN().getName());
        }
        try {
            new CertPoliciesProcessor().checkPoliciesInPath(certificationPath);
            log.debug("Ścieżka certyfikacji została poprawnie zbudowana");
            return certificationPath;
        } catch (Exception e6) {
            throw new PKIException(e6);
        }
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public CertificationPath getCertificationPathFromCollection(Collection<X509Certificate> collection) throws UniCertificateStoreManagerException, PKIException {
        if (collection == null) {
            throw new IllegalArgumentException("Parameter certificateCollection is null");
        }
        log.debug("Tworzenie ścieżki certyfikacji z podanych certyfikatów");
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(collection);
        CertificationPath certificationPath = new CertificationPath();
        while (true) {
            try {
                if (arrayList.size() <= 0) {
                    break;
                }
                log.debug("Przeglądanie listy certyfikatów (" + arrayList.size() + " certyfikatów)");
                boolean z = false;
                Iterator it = arrayList.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    X509Certificate x509Certificate = (X509Certificate) it.next();
                    if (certificationPath.isEmpty()) {
                        log.debug("Ścieżka certyfikacji jest pusta");
                        log.debug("Dodawanie pierwszego certyfikatu do ścieżki");
                        log.debug("Sprawdzenie czy certyfikat jest certyfikatem wystawcy końcowego");
                        if (CertificateUsage.isLegalIssuer(x509Certificate, x509Certificate)) {
                            log.debug("Certyfikat jest certyfikatem wystawcy końcowego");
                            log.debug("Dodanie certyfikatu wystawcy końcowego do budowanej ścieżki");
                            certificationPath.addRootCertificate(x509Certificate, findCertificate(x509Certificate, true));
                        } else {
                            log.debug("Certyfikat nie jest certyfikatem wystawcy końcowego");
                            log.debug("Dodanie certyfikatu do budowanej ścieżki");
                            certificationPath.addCertificate(x509Certificate);
                        }
                        arrayList.remove(x509Certificate);
                        z = true;
                    } else {
                        if (certificationPath.isComplete()) {
                            log.debug("Ścieżka certyfikacji zawiera certyfikat wystawcy końcowego");
                        } else {
                            log.debug("Ścieżka certyfikacji nie zawiera certyfikatu wystawcy końcowego");
                            if (CertificateUsage.isLegalIssuer(x509Certificate, certificationPath.getRootCertificate())) {
                                log.debug("Dodawanie do ścieżki certyfikatu wystawcy pierwszego certyfikatu w ścieżce");
                                log.debug("Sprawdzenie czy certyfikat jest certyfikatem wystawcy końcowego");
                                if (CertificateUsage.isLegalIssuer(x509Certificate, x509Certificate)) {
                                    log.debug("Certyfikat jest certyfikatem wystawcy końcowego");
                                    log.debug("Dodanie certyfikatu wystawcy końcowego do budowanej ścieżki");
                                    certificationPath.addRootCertificate(x509Certificate, findCertificate(x509Certificate, true));
                                } else {
                                    log.debug("Certyfikat nie jest certyfikatem wystawcy końcowego");
                                    log.debug("Dodanie certyfikatu do budowanej ścieżki");
                                    certificationPath.addCertificate(x509Certificate);
                                }
                                arrayList.remove(x509Certificate);
                                z = true;
                            }
                        }
                        if (CertificateUsage.isLegalIssuer(certificationPath.getTargetCertificate(), x509Certificate)) {
                            log.debug("Dodawanie do ścieżki certyfikatu wystawionego przez właściciela ostatniego certyfikatu w ścieżce");
                            certificationPath.addTargetCertificate(x509Certificate);
                            arrayList.remove(x509Certificate);
                            z = true;
                            break;
                        }
                    }
                }
                if (!z) {
                    log.debug("Nie dodano żadnego certyfikatu. Koniec budowania ścieżki");
                    break;
                }
            } catch (CodingException e) {
                throw new PKIException(e, PKIErrorCode.EXTERNAL_EXCEPTION, e.getClass().getName());
            } catch (InvalidKeyException e2) {
                throw new PKIException(e2, PKIErrorCode.EXTERNAL_EXCEPTION, e2.getClass().getName());
            } catch (NoSuchAlgorithmException e3) {
                throw new PKIException(e3, PKIErrorCode.EXTERNAL_EXCEPTION, e3.getClass().getName());
            } catch (NoSuchProviderException e4) {
                throw new PKIException(e4, PKIErrorCode.EXTERNAL_EXCEPTION, e4.getClass().getName());
            } catch (CertificateException e5) {
                throw new PKIException(e5, PKIErrorCode.EXTERNAL_EXCEPTION, e5.getClass().getName());
            }
        }
        if (!certificationPath.isComplete()) {
            log.error("Nie można zbudować pełnej ścieżki certyfikacji");
            throw new UniCertificateStoreManagerException(PKIErrorCode.UNI_CERTITICATE_STORE_MANAGER_CERTIFICATE_NOT_FOUND, certificationPath.getRootCertificate().getIssuerDN().getName());
        }
        if (!certificationPath.isQualified()) {
            log.debug("Certyfikat wystawcy końcowego ścieżki nie jest kwalifikowany");
            log.debug("Sprawdzanie czy certyfikat wystawcy końcowego ścieżki jest zaufany (występuje w magazynach)");
            if (!findCertificate(certificationPath.getRootCertificate())) {
                log.error("Certyfikat wystawcy końcowego ścieżki nie jest zaufany");
                throw new UniCertificateStoreManagerException(PKIErrorCode.UNI_CERTITICATE_STORE_MANAGER_ROOT_CERTIFICATE_IS_NOT_TRUSTED, certificationPath.getRootCertificate().getIssuerDN().getName());
            }
            log.debug("Certyfikat wystawcy końcowego ścieżki jest zaufany");
        }
        CertificateUsage.checkPathLenConstraintObedience(certificationPath);
        log.debug("Ścieżka certyfikacji została poprawnie zbudowana");
        return certificationPath;
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public CertificationPath getCertificationPathFromCollection(Collection<X509Certificate> collection, X509Certificate x509Certificate) throws UniCertificateStoreManagerException, PKIException {
        if (x509Certificate == null) {
            throw new IllegalArgumentException("Parameter certificate is null");
        }
        if (collection == null) {
            throw new IllegalArgumentException("Parameter certificateCollection is null");
        }
        log.debug("Tworzenie ścieżki certyfikacji certyfikatu: [" + x509Certificate.getSubjectDN().getName() + "]");
        X509Certificate x509Certificate2 = x509Certificate;
        CertificationPath certificationPath = new CertificationPath();
        while (true) {
            if (x509Certificate2 == null) {
                break;
            }
            try {
                if (CertificateUsage.isLegalIssuer(x509Certificate2, x509Certificate2)) {
                    log.debug("Certyfikat jest certyfikatem końcowym");
                    certificationPath.addRootCertificate(x509Certificate2, false);
                    break;
                }
                certificationPath.addCertificate(x509Certificate2);
                log.debug("Dodano certyfikat do ścieżki");
                x509Certificate2 = getIssuerCertificateFromCollection(x509Certificate2, collection);
            } catch (CodingException e) {
                throw new PKIException(e, PKIErrorCode.EXTERNAL_EXCEPTION, e.getClass().getName());
            } catch (InvalidKeyException e2) {
                throw new PKIException(e2, PKIErrorCode.EXTERNAL_EXCEPTION, e2.getClass().getName());
            } catch (NoSuchAlgorithmException e3) {
                throw new PKIException(e3, PKIErrorCode.EXTERNAL_EXCEPTION, e3.getClass().getName());
            } catch (NoSuchProviderException e4) {
                throw new PKIException(e4, PKIErrorCode.EXTERNAL_EXCEPTION, e4.getClass().getName());
            } catch (CertificateException e5) {
                throw new PKIException(e5, PKIErrorCode.EXTERNAL_EXCEPTION, e5.getClass().getName());
            }
        }
        CertificateUsage.checkPathLenConstraintObedience(certificationPath);
        if (!certificationPath.isComplete()) {
            log.error("Nie można zbudować pełnej ścieżki certyfikacji");
            throw new UniCertificateStoreManagerException(PKIErrorCode.UNI_CERTITICATE_STORE_MANAGER_CERTIFICATE_NOT_FOUND, certificationPath.getRootCertificate().getIssuerDN().getName());
        }
        try {
            new CertPoliciesProcessor().checkPoliciesInPath(certificationPath);
            log.debug("Ścieżka certyfikacji została poprawnie zbudowana");
            return certificationPath;
        } catch (Exception e6) {
            throw new PKIException(e6);
        }
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public X509Certificate getIssuerCertificate(X509Certificate x509Certificate) throws UniCertificateStoreManagerException, PKIException {
        if (x509Certificate == null) {
            throw new IllegalArgumentException("Parameter certificate is null");
        }
        try {
            X509Certificate issuerCertificateFromCollection = getIssuerCertificateFromCollection(x509Certificate, this.certificateCache);
            return issuerCertificateFromCollection == null ? getIssuerCertificateFromStore(x509Certificate) : issuerCertificateFromCollection;
        } catch (CodingException e) {
            throw new PKIException(e, PKIErrorCode.EXTERNAL_EXCEPTION, e.getClass().getName());
        } catch (InvalidKeyException e2) {
            throw new PKIException(e2, PKIErrorCode.EXTERNAL_EXCEPTION, e2.getClass().getName());
        } catch (KeyStoreException e3) {
            throw new PKIException(e3, PKIErrorCode.EXTERNAL_EXCEPTION, e3.getClass().getName());
        } catch (NoSuchAlgorithmException e4) {
            throw new PKIException(e4, PKIErrorCode.EXTERNAL_EXCEPTION, e4.getClass().getName());
        } catch (NoSuchProviderException e5) {
            throw new PKIException(e5, PKIErrorCode.EXTERNAL_EXCEPTION, e5.getClass().getName());
        } catch (CertificateException e6) {
            throw new PKIException(e6, PKIErrorCode.EXTERNAL_EXCEPTION, e6.getClass().getName());
        }
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public X509Certificate getIssuerCertificate(Collection<X509Certificate> collection, X509Certificate x509Certificate) throws UniCertificateStoreManagerException, PKIException {
        if (collection == null) {
            throw new IllegalArgumentException("Parameter certificateCollection is null");
        }
        if (x509Certificate == null) {
            throw new IllegalArgumentException("Parameter certificate is null");
        }
        try {
            X509Certificate issuerCertificateFromCollection = getIssuerCertificateFromCollection(x509Certificate, collection);
            if (issuerCertificateFromCollection != null) {
                return issuerCertificateFromCollection;
            }
            X509Certificate issuerCertificateFromCollection2 = getIssuerCertificateFromCollection(x509Certificate, this.certificateCache);
            return issuerCertificateFromCollection2 == null ? getIssuerCertificateFromStore(x509Certificate) : issuerCertificateFromCollection2;
        } catch (CodingException e) {
            throw new PKIException(e, PKIErrorCode.EXTERNAL_EXCEPTION, e.getClass().getName());
        } catch (InvalidKeyException e2) {
            throw new PKIException(e2, PKIErrorCode.EXTERNAL_EXCEPTION, e2.getClass().getName());
        } catch (KeyStoreException e3) {
            throw new PKIException(e3, PKIErrorCode.EXTERNAL_EXCEPTION, e3.getClass().getName());
        } catch (NoSuchAlgorithmException e4) {
            throw new PKIException(e4, PKIErrorCode.EXTERNAL_EXCEPTION, e4.getClass().getName());
        } catch (NoSuchProviderException e5) {
            throw new PKIException(e5, PKIErrorCode.EXTERNAL_EXCEPTION, e5.getClass().getName());
        } catch (CertificateException e6) {
            throw new PKIException(e6, PKIErrorCode.EXTERNAL_EXCEPTION, e6.getClass().getName());
        }
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public PrivateKey getPrivateKey(X509Certificate x509Certificate, char[] cArr) throws PKIException {
        if (log.isDebugEnabled()) {
            log.debug("Przeszukiwanie magazynów w poszukiwaniu klucza prywatnego (" + CertificateInfoUtil.getSubjectAndSerialNumberString(x509Certificate) + ")");
        }
        if (x509Certificate == null) {
            throw new IllegalArgumentException("Parameter certificate is null");
        }
        PrivateKey privateKey = null;
        try {
            synchronized (this.certificateStores) {
                for (KeyStoreHandler keyStoreHandler : this.certificateStores) {
                    KeyStore keyStore = keyStoreHandler.getKeyStore();
                    log.debug("Przeszkiwanie magazynu o aliasie " + keyStoreHandler.getAlias());
                    log.debug("Szukanie aliasu obiektu zawierającego podany certyfikat");
                    String certificateAlias = keyStore.getCertificateAlias(x509Certificate);
                    if (certificateAlias == null) {
                        log.debug("Żaden obiekt magazynu certyfikatów nie zawiera podanego certyfikatu");
                    } else {
                        log.debug("Znaleziony obiekt (alias: " + certificateAlias + ") zawierający podany certyfikat");
                        if (keyStore.isKeyEntry(certificateAlias)) {
                            Key key = keyStore.getKey(certificateAlias, cArr);
                            if (key != null) {
                                log.debug("Znaleziony obiekt zawiera klucz");
                                if (key instanceof PrivateKey) {
                                    log.debug("Klucz jest prywatny");
                                    if (KeyUtils.isKeyPair(key, x509Certificate.getPublicKey(), false)) {
                                        log.debug("Klucze stanowią parę");
                                        privateKey = (PrivateKey) key;
                                    } else {
                                        log.debug("Klucze nie stanowią pary");
                                    }
                                } else {
                                    log.debug("Klucz nie jest prywatny");
                                }
                            } else {
                                log.debug("Znaleziony obiekt nie zawiera klucza");
                            }
                        } else {
                            log.debug("Znaleziony alias " + certificateAlias + " nie jest aliasem klucza");
                        }
                    }
                    if (privateKey == null) {
                        log.debug("Szukanie klucza prywatnego stanowiącego parę z kluczem publicznym podanego certyfikatu.");
                        Enumeration<String> aliases = keyStore.aliases();
                        while (aliases.hasMoreElements()) {
                            String nextElement = aliases.nextElement();
                            log.debug("Znaleziono alias: " + nextElement);
                            if (keyStore.isKeyEntry(nextElement)) {
                                Key key2 = keyStore.getKey(nextElement, cArr);
                                if (key2 != null) {
                                    log.debug("Alias " + nextElement + " zawiera klucz");
                                    if (key2 instanceof PrivateKey) {
                                        log.debug("Klucz jest prywatny");
                                        if (KeyUtils.isKeyPair(key2, x509Certificate.getPublicKey(), false)) {
                                            log.debug("Klucze stanowią parę");
                                            privateKey = (PrivateKey) key2;
                                        } else {
                                            log.debug("Klucze nie stanowią pary");
                                        }
                                    } else {
                                        log.debug("Klucz nie jest prywatny");
                                    }
                                } else {
                                    log.debug("Alias " + nextElement + " nie zawiera klucza");
                                }
                            } else {
                                log.debug("Znaleziony alias " + nextElement + " nie jest aliasem klucza");
                            }
                        }
                    }
                    if (privateKey == null && (keyStore instanceof TokenKeyStore)) {
                        log.debug("Szukanie klucza prywatnego stanowiącego parę z kluczem publicznym podanego certyfikatu.");
                        HashMap hashMap = new HashMap();
                        Enumeration<String> aliases2 = keyStore.aliases();
                        while (aliases2.hasMoreElements()) {
                            String nextElement2 = aliases2.nextElement();
                            Certificate certificate = keyStore.getCertificate(nextElement2);
                            if (certificate != null) {
                                hashMap.put((X509Certificate) certificate, nextElement2);
                            }
                        }
                        String str = (String) hashMap.get(x509Certificate);
                        Key key3 = keyStore.getKey(str, cArr);
                        if (key3 != null) {
                            log.debug("Alias " + str + " zawiera klucz");
                            if (key3 instanceof PrivateKey) {
                                log.debug("Klucz jest prywatny");
                                if (KeyUtils.isKeyPair(key3, x509Certificate.getPublicKey(), false)) {
                                    log.debug("Klucze stanowią parę");
                                    privateKey = (PrivateKey) key3;
                                } else {
                                    log.debug("Klucze nie stanowią pary");
                                }
                            } else {
                                log.debug("Klucz nie jest prywatny");
                            }
                        } else {
                            log.debug("Alias " + str + " nie zawiera klucza");
                        }
                    }
                    if (privateKey != null) {
                        log.debug("W magazynie certyfikatów o aliasie " + keyStoreHandler.getAlias() + " znaleziono poszukiwany klucz");
                        return privateKey;
                    }
                    log.debug("W magazynie certyfikatów o aliasie " + keyStoreHandler.getAlias() + " nie znaleziono poszukiwanego klucza");
                }
                log.debug("W magazynie certyfikatów nie znaleziono poszukiwanego klucza");
                return null;
            }
        } catch (KeyStoreException e) {
            throw new PKIException(e, PKIErrorCode.EXTERNAL_EXCEPTION, e.getClass().getName());
        } catch (NoSuchAlgorithmException e2) {
            throw new PKIException(e2, PKIErrorCode.EXTERNAL_EXCEPTION, e2.getClass().getName());
        } catch (UnrecoverableKeyException e3) {
            throw new PKIException(e3, PKIErrorCode.EXTERNAL_EXCEPTION, e3.getClass().getName());
        }
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public void removeCertificateStore(String str) {
        if (str == null) {
            throw new IllegalArgumentException("Parameter alias is null");
        }
        synchronized (this.certificateStores) {
            KeyStoreHandler findCertificateStore = findCertificateStore(str);
            if (findCertificateStore != null) {
                this.certificateStores.remove(findCertificateStore);
            }
            clearCertificateCache();
        }
    }

    void removeCertificateStore(String str, boolean z) {
        synchronized (this.certificateStores) {
            KeyStoreHandler findCertificateStore = findCertificateStore(str);
            if (findCertificateStore != null) {
                this.certificateStores.remove(findCertificateStore);
            }
            if (z) {
                clearCertificateCache();
            }
        }
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public void removeCertificateStores() {
        synchronized (this.certificateStores) {
            this.certificateStores.clear();
            clearCertificateCache();
        }
    }

    void removeCertificateStores(boolean z) {
        synchronized (this.certificateStores) {
            this.certificateStores.clear();
            if (z) {
                clearCertificateCache();
            }
        }
    }

    @Override // pl.unizeto.android.cryptoapi.certificatestoremanager.UniCertificateStoreManager
    public void reset() throws PKIException {
        removeCertificateStores();
        KeyStore loadKeyStore = loadKeyStore("res/raw/root", "".toCharArray());
        if (loadKeyStore != null) {
            addCertificateStore(loadKeyStore, Logger.ROOT_LOGGER_NAME);
        }
        KeyStore loadKeyStore2 = loadKeyStore("res/raw/qroot", "".toCharArray());
        if (loadKeyStore2 != null) {
            addCertificateStore(loadKeyStore2, "QROOT", true);
        }
        KeyStore loadKeyStore3 = loadKeyStore("res/raw/ca", "".toCharArray());
        if (loadKeyStore3 != null) {
            addCertificateStore(loadKeyStore3, "CA");
        }
        KeyStore loadKeyStore4 = loadKeyStore("res/raw/qca", "".toCharArray());
        if (loadKeyStore4 != null) {
            addCertificateStore(loadKeyStore4, "QCA", true);
        }
        KeyStore loadKeyStore5 = loadKeyStore("res/raw/other", "".toCharArray());
        if (loadKeyStore5 != null) {
            addCertificateStore(loadKeyStore5, "OTHER");
        }
    }
}
