package de.captaingoldfish.scim.sdk.client.keys;

import de.captaingoldfish.scim.sdk.client.exceptions.KeyStoreCreationFailedException;
import de.captaingoldfish.scim.sdk.client.exceptions.KeyStoreEntryException;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Locale;
import java.util.Optional;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.exception.ExceptionUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:de/captaingoldfish/scim/sdk/client/keys/KeyStoreSupporter.class */
public final class KeyStoreSupporter {
    private static final Logger log = LoggerFactory.getLogger(KeyStoreSupporter.class);
    private static final String SUN_PROVIDER = "SUN";
    private static final String SUN_JCE_PROVIDER = "SunJCE";

    /* loaded from: input_file:de/captaingoldfish/scim/sdk/client/keys/KeyStoreSupporter$KeyStoreType.class */
    public enum KeyStoreType {
        JKS("jks"),
        JCEKS("jceks"),
        PKCS12("p12");

        private String fileExtension;

        KeyStoreType(String str) {
            this.fileExtension = str;
        }

        public static Optional<KeyStoreType> byFileExtension(String str) {
            if (StringUtils.isBlank(str)) {
                return Optional.empty();
            }
            for (KeyStoreType keyStoreType : values()) {
                if (str.toLowerCase(Locale.ENGLISH).endsWith(keyStoreType.getFileExtension())) {
                    return Optional.of(keyStoreType);
                }
            }
            return str.toLowerCase(Locale.ENGLISH).endsWith("pfx") ? Optional.of(PKCS12) : Optional.empty();
        }

        public String getFileExtension() {
            return this.fileExtension;
        }
    }

    public static Provider selectProvider(KeyStoreType keyStoreType) {
        return keyStoreType.equals(KeyStoreType.PKCS12) ? SecurityProvider.BOUNCY_CASTLE_PROVIDER : keyStoreType.equals(KeyStoreType.JKS) ? Security.getProvider(SUN_PROVIDER) : Security.getProvider(SUN_JCE_PROVIDER);
    }

    public static KeyStore toKeyStore(PrivateKey privateKey, Certificate certificate, String str, String str2, KeyStoreType keyStoreType) {
        log.trace("putting private key and certificate into a keystore of type '{}'", keyStoreType.name());
        if (privateKey == null) {
            throw new KeyStoreEntryException("private key is null and cannot be added into a keystore!");
        }
        if (certificate == null) {
            throw new KeyStoreEntryException("certificate is null and thus the given private key cannot be added to the keystore!");
        }
        KeyStore createEmptyKeyStore = createEmptyKeyStore(keyStoreType, str2);
        addCertificateEntryToKeyStore(createEmptyKeyStore, certificate, str);
        log.trace("adding the private key to the keystore with alias '{}'", str);
        createEmptyKeyStore.setEntry(str, new KeyStore.PrivateKeyEntry(privateKey, new Certificate[]{certificate}), new KeyStore.PasswordProtection(str2.toCharArray()));
        return createEmptyKeyStore;
    }

    public static KeyStore toKeyStore(Certificate certificate, String str, String str2, KeyStoreType keyStoreType) {
        log.trace("putting private key and certificate into a keystore of type '{}'", keyStoreType.name());
        if (certificate == null) {
            throw new KeyStoreEntryException("certificate is null and thus the given private key cannot be added to the keystore!");
        }
        KeyStore createEmptyKeyStore = createEmptyKeyStore(keyStoreType, str2);
        addCertificateEntryToKeyStore(createEmptyKeyStore, certificate, str);
        return createEmptyKeyStore;
    }

    public static KeyStore toKeyStore(byte[] bArr, byte[] bArr2, String str, String str2, KeyStoreType keyStoreType) {
        return toKeyStore(KeyReader.readPrivateRSAKey(bArr), KeyReader.readX509Certificate(bArr2), str, str2, keyStoreType);
    }

    public static byte[] getBytes(KeyStore keyStore, String str) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            keyStore.store(byteArrayOutputStream, str.toCharArray());
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            byteArrayOutputStream.close();
            return byteArray;
        } finally {
        }
    }

    public static KeyStore createEmptyKeyStore(KeyStoreType keyStoreType, String str) {
        Provider selectProvider = selectProvider(keyStoreType);
        log.trace("creating a {} keystore with '{}' Provider", keyStoreType, selectProvider.getName());
        KeyStore keyStore = KeyStore.getInstance(keyStoreType.name(), selectProvider);
        keyStore.load(null, str == null ? null : str.toCharArray());
        return keyStore;
    }

    public static KeyStore addCertificateEntryToKeyStore(KeyStore keyStore, Certificate certificate, String str) {
        if (getCertificate(keyStore, str).isPresent()) {
            throw new IllegalArgumentException(String.format("certificate entry for alias '%s' does already exist", str));
        }
        addCertificateEntry(keyStore, str, certificate);
        return keyStore;
    }

    public static KeyStore addCertificateEntry(KeyStore keyStore, String str, Certificate certificate) {
        keyStore.setCertificateEntry(str, certificate);
        log.trace("successfully added certificate entry under alias '{}' to keystore '{}'", str, keyStore);
        return keyStore;
    }

    public static KeyStore addEntryToKeystore(KeyStore keyStore, String str, Key key, Certificate[] certificateArr, String str2) {
        if (getKeyEntry(keyStore, str, str2).isPresent()) {
            throw new IllegalArgumentException(String.format("key entry for alias '%s' does already exist", str));
        }
        addEntryToKeystore(keyStore, str, key, str2, certificateArr);
        return keyStore;
    }

    private static KeyStore addEntryToKeystore(KeyStore keyStore, String str, Key key, String str2, Certificate... certificateArr) {
        if (key != null) {
            keyStore.setKeyEntry(str, key, str2.toCharArray(), certificateArr);
        } else {
            if (certificateArr == null) {
                throw new IllegalArgumentException("missing certificate");
            }
            if (certificateArr.length > 1) {
                throw new IllegalArgumentException("only a single certificate can be added as certificate entry");
            }
            keyStore.setCertificateEntry(str, certificateArr[0]);
        }
        log.trace("successfully added key-entry under alias '{}' to keystore '{}'", str, keyStore);
        return keyStore;
    }

    public static KeyStore convertKeyStore(KeyStore keyStore, String str, KeyStoreType keyStoreType) {
        if (keyStore.getType().equals(keyStoreType.name())) {
            log.warn("you tried to convert type '{}' to type '{}', this is unnecessary and the original keystore will be returned.", keyStore.getType(), keyStoreType.name());
            return keyStore;
        }
        log.trace("converting '{}'-keystore to '{}'-type", keyStore.getType(), keyStoreType.name());
        Enumeration<String> aliases = getAliases(keyStore);
        KeyStore createEmptyKeyStore = createEmptyKeyStore(keyStoreType, str);
        while (aliases.hasMoreElements()) {
            tryCopyEntry(keyStore, str, str, keyStoreType, createEmptyKeyStore, aliases.nextElement());
        }
        return createEmptyKeyStore;
    }

    public static void tryCopyEntry(KeyStore keyStore, String str, String str2, KeyStoreType keyStoreType, KeyStore keyStore2, String str3) {
        log.trace("adding key-entry of alias '{}' to new keystore of type '{}'", str3, keyStoreType.name());
        Optional<Certificate[]> certificateChain = getCertificateChain(keyStore, str3);
        Optional<Certificate> certificate = getCertificate(keyStore, str3);
        Optional<Key> keyEntry = getKeyEntry(keyStore, str3, str2);
        if (keyEntry.isPresent() && certificateChain.isPresent()) {
            addEntryToKeystore(keyStore2, str3, keyEntry.get(), str, certificateChain.get());
        } else if (certificate.isPresent()) {
            addCertificateEntryToKeyStore(keyStore2, certificate.get(), str3);
        } else {
            log.warn("could not find any entries to copy under the alias '{}'", str3);
        }
    }

    public static void keyStoreToFile(File file, KeyStore keyStore, String str) {
        log.trace("creating file '{}' for keystore of type '{}'.", file.getAbsolutePath(), keyStore.getType());
        FileOutputStream fileOutputStream = new FileOutputStream(file);
        try {
            keyStore.store(fileOutputStream, str.toCharArray());
            log.trace("keystore was successfully saved in file '{}'", file.getAbsolutePath());
            fileOutputStream.close();
        } finally {
        }
    }

    public static void keyStoreToFile(File file, String str, KeyStore keyStore, String str2) {
        log.trace("creating file '{}/{}.{}' for keystore of type '{}'.", new Object[]{file.getAbsolutePath(), str, KeyStoreType.valueOf(keyStore.getType()).getFileExtension(), keyStore.getType()});
        keyStoreToFile(new File(file.getAbsolutePath() + File.separator + str + "." + KeyStoreType.valueOf(keyStore.getType()).getFileExtension()), keyStore, str2);
    }

    public static KeyStore readKeyStore(File file, String str) {
        if (!file.exists()) {
            throw new KeyStoreCreationFailedException("The file '" + file.getAbsolutePath() + "' does not exist!");
        }
        String[] split = file.getName().split("\\.");
        return getKeyStoreFromFile(file, str, KeyStoreType.byFileExtension(split[split.length - 1]).orElseThrow(() -> {
            return new KeyStoreCreationFailedException("could not determine the type of the keystore. A specific file extension like jks, jceks, p12 or pfx is needed.");
        }));
    }

    private static KeyStore getKeyStoreFromFile(File file, String str, KeyStoreType keyStoreType) {
        FileInputStream fileInputStream = new FileInputStream(file);
        try {
            KeyStore keyStore = KeyStore.getInstance(keyStoreType.name(), selectProvider(keyStoreType));
            keyStore.load(fileInputStream, str.toCharArray());
            fileInputStream.close();
            return keyStore;
        } finally {
        }
    }

    public static KeyStore readKeyStore(byte[] bArr, KeyStoreType keyStoreType, String str) {
        if (bArr == null || keyStoreType == null || str == null) {
            throw new KeyStoreCreationFailedException("Cannot create a keystore if null values are given...");
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        try {
            KeyStore keyStore = KeyStore.getInstance(keyStoreType.name(), selectProvider(keyStoreType));
            keyStore.load(byteArrayInputStream, str.toCharArray());
            byteArrayInputStream.close();
            return keyStore;
        } finally {
        }
    }

    public static KeyStore readKeyStore(InputStream inputStream, KeyStoreType keyStoreType, String str) {
        if (inputStream == null || keyStoreType == null || str == null) {
            throw new KeyStoreCreationFailedException("Cannot create a keystore if null values are given...");
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(keyStoreType.name(), selectProvider(keyStoreType));
            keyStore.load(inputStream, str.toCharArray());
            if (inputStream != null) {
                inputStream.close();
            }
            return keyStore;
        } finally {
        }
    }

    public static KeyStore readTruststore(byte[] bArr, KeyStoreType keyStoreType) {
        if (bArr == null) {
            throw new KeyStoreCreationFailedException("Cannot create a truststore if truststoreBytes is null");
        }
        return readTruststore(new ByteArrayInputStream(bArr), keyStoreType, (String) null);
    }

    public static KeyStore readTruststore(byte[] bArr, KeyStoreType keyStoreType, String str) {
        if (bArr == null) {
            throw new KeyStoreCreationFailedException("Cannot create a truststore if truststoreBytes is null");
        }
        return readTruststore(new ByteArrayInputStream(bArr), keyStoreType, str);
    }

    public static KeyStore readTruststore(InputStream inputStream, KeyStoreType keyStoreType) {
        return readTruststore(inputStream, keyStoreType, (String) null);
    }

    public static KeyStore readTruststore(InputStream inputStream, KeyStoreType keyStoreType, String str) {
        if (inputStream == null) {
            throw new KeyStoreCreationFailedException("Cannot create a truststore if truststore is null");
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(keyStoreType.name(), selectProvider(keyStoreType));
            String str2 = str;
            if (KeyStoreType.PKCS12.equals(keyStoreType) && str == null) {
                str2 = "";
            }
            keyStore.load(inputStream, str2 == null ? null : str2.toCharArray());
            if (inputStream != null) {
                inputStream.close();
            }
            return keyStore;
        } finally {
        }
    }

    public static KeyStore mergeKeyStores(KeyStore keyStore, String str, KeyStore keyStore2, String str2, KeyStoreType keyStoreType, String str3) {
        log.trace("trying to merge the following keystores {}-{} and {}-{}", new Object[]{keyStore.getType(), keyStore, keyStore2.getType(), keyStore2});
        KeyStore createEmptyKeyStore = createEmptyKeyStore(keyStoreType, null);
        ArrayList arrayList = new ArrayList();
        Enumeration<String> aliases = getAliases(keyStore);
        log.trace("adding the entries of keystore1 '{}'", keyStore);
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            arrayList.add(nextElement);
            tryCopyEntry(keyStore, str3, str, keyStoreType, createEmptyKeyStore, nextElement);
        }
        Enumeration<String> aliases2 = getAliases(keyStore2);
        log.trace("adding the entries of keystore2 '{}'", keyStore2);
        while (aliases2.hasMoreElements()) {
            String nextElement2 = aliases2.nextElement();
            Optional<Key> keyEntry = getKeyEntry(keyStore2, nextElement2, str2);
            if (keyEntry.isPresent()) {
                getCertificateChain(keyStore2, nextElement2).ifPresent(certificateArr -> {
                    addEntryToKeystore(createEmptyKeyStore, nextElement2, (Key) keyEntry.get(), certificateArr, str2);
                });
            } else {
                getCertificate(keyStore2, nextElement2).ifPresent(certificate -> {
                    addCertificateEntryToKeyStore(createEmptyKeyStore, certificate, nextElement2);
                });
            }
        }
        return createEmptyKeyStore;
    }

    public static KeyPair readFirstKeyPairEntryFromKeyStore(KeyStore keyStore, String str) {
        Enumeration<String> aliases = getAliases(keyStore);
        KeyPair keyPair = null;
        if (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            keyPair = new KeyPair(keyStore.getCertificate(nextElement).getPublicKey(), (PrivateKey) keyStore.getKey(nextElement, str.toCharArray()));
        }
        return keyPair;
    }

    public static Enumeration<String> getAliases(KeyStore keyStore) {
        return keyStore.aliases();
    }

    public static Optional<Key> getKeyEntry(KeyStore keyStore, String str, String str2) {
        try {
            return Optional.ofNullable(keyStore.getKey(str, (char[]) Optional.ofNullable(str2).map((v0) -> {
                return v0.toCharArray();
            }).orElse(null)));
        } catch (UnrecoverableKeyException e) {
            Throwable rootCause = ExceptionUtils.getRootCause(e);
            log.debug("could not recover key: {}", rootCause == null ? e.getMessage() : rootCause.getMessage());
            return Optional.empty();
        }
    }

    public static Optional<Certificate[]> getCertificateChain(KeyStore keyStore, String str) {
        return Optional.ofNullable(keyStore.getCertificateChain(str));
    }

    public static Optional<Certificate> getCertificate(KeyStore keyStore, String str) {
        return Optional.ofNullable(keyStore.getCertificate(str));
    }

    private KeyStoreSupporter() {
    }
}
