package blended.security.ssl.internal;

import blended.security.ssl.CertificateHolder;
import blended.security.ssl.CertificateHolder$;
import blended.security.ssl.InconsistentKeystoreException;
import blended.util.logging.Logger;
import blended.util.logging.Logger$;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import scala.MatchError;
import scala.None$;
import scala.Option;
import scala.Option$;
import scala.Predef$;
import scala.Some;
import scala.Tuple2;
import scala.collection.IterableLike;
import scala.collection.Iterator;
import scala.collection.JavaConverters$;
import scala.collection.TraversableOnce;
import scala.collection.immutable.$colon;
import scala.collection.immutable.List;
import scala.collection.immutable.List$;
import scala.collection.immutable.Nil$;
import scala.collection.mutable.ArrayOps;
import scala.reflect.ClassTag$;
import scala.reflect.ScalaSignature;
import scala.runtime.BoxedUnit;
import scala.runtime.BoxesRunTime;
import scala.util.Try;
import scala.util.Try$;

/* compiled from: JavaKeystore.scala */
@ScalaSignature(bytes = "\u0006\u0001m4Aa\u0004\t\u00013!A\u0001\u0005\u0001B\u0001B\u0003%\u0011\u0005\u0003\u0005*\u0001\t\u0005\t\u0015!\u0003+\u0011!\u0001\u0004A!A!\u0002\u0013\t\u0004\"\u0002\u001b\u0001\t\u0003)\u0004bB\u001e\u0001\u0005\u0004%I\u0001\u0010\u0005\u0007\u000b\u0002\u0001\u000b\u0011B\u001f\t\u0011\u0019\u0003!\u0019!C\u0001%\u001dCaa\u0015\u0001!\u0002\u0013A\u0005\"\u0002+\u0001\t\u0003)\u0006\"\u00020\u0001\t\u0003y\u0006B\u00022\u0001\t\u0003\u00112\r\u0003\u0004k\u0001\u0011\u0005!c\u001b\u0005\u0007]\u0002!\tAE8\t\ra\u0004A\u0011\u0001\nz\u00051Q\u0015M^1LKf\u001cHo\u001c:f\u0015\t\t\"#\u0001\u0005j]R,'O\\1m\u0015\t\u0019B#A\u0002tg2T!!\u0006\f\u0002\u0011M,7-\u001e:jifT\u0011aF\u0001\bE2,g\u000eZ3e\u0007\u0001\u0019\"\u0001\u0001\u000e\u0011\u0005mqR\"\u0001\u000f\u000b\u0003u\tQa]2bY\u0006L!a\b\u000f\u0003\r\u0005s\u0017PU3g\u0003!YW-_:u_J,\u0007C\u0001\u0012(\u001b\u0005\u0019#B\u0001\u0013&\u0003\tIwNC\u0001'\u0003\u0011Q\u0017M^1\n\u0005!\u001a#\u0001\u0002$jY\u0016\f\u0011b\u001d;pe\u0016\u0004\u0018m]:\u0011\u0007mYS&\u0003\u0002-9\t)\u0011I\u001d:bsB\u00111DL\u0005\u0003_q\u0011Aa\u00115be\u000691.Z=qCN\u001c\bcA\u000e3U%\u00111\u0007\b\u0002\u0007\u001fB$\u0018n\u001c8\u0002\rqJg.\u001b;?)\u00111\u0004(\u000f\u001e\u0011\u0005]\u0002Q\"\u0001\t\t\u000b\u0001\"\u0001\u0019A\u0011\t\u000b%\"\u0001\u0019\u0001\u0016\t\u000bA\"\u0001\u0019A\u0019\u0002\u00071|w-F\u0001>!\tq4)D\u0001@\u0015\t\u0001\u0015)A\u0004m_\u001e<\u0017N\\4\u000b\u0005\t3\u0012\u0001B;uS2L!\u0001R \u0003\r1{wmZ3s\u0003\u0011awn\u001a\u0011\u0002\u0013M$xN]3usB,W#\u0001%\u0011\u0005%\u0003fB\u0001&O!\tYE$D\u0001M\u0015\ti\u0005$\u0001\u0004=e>|GOP\u0005\u0003\u001fr\ta\u0001\u0015:fI\u00164\u0017BA)S\u0005\u0019\u0019FO]5oO*\u0011q\nH\u0001\u000bgR|'/\u001a;za\u0016\u0004\u0013\u0001\u00047pC\u0012\\U-_*u_J,G#\u0001,\u0011\u0007]K6,D\u0001Y\u0015\t\u0011E$\u0003\u0002[1\n\u0019AK]=\u0011\u0005]b\u0016BA/\u0011\u00059iU-\\8ss.+\u0017p\u001d;pe\u0016\fAb]1wK.+\u0017p\u0015;pe\u0016$\"A\u00161\t\u000b\u0005T\u0001\u0019A.\u0002\u00055\u001c\u0018\u0001\u00067pC\u0012\\U-_*u_J,gI]8n\r&dW\rF\u0001e!\r9\u0016,\u001a\t\u0003M\"l\u0011a\u001a\u0006\u0003+\u0015J!![4\u0003\u0011-+\u0017p\u0015;pe\u0016\f!c]1wK.+\u0017p\u0015;pe\u0016$vNR5mKR\u0011A\r\u001c\u0005\u0006[2\u0001\r!Z\u0001\u0003WN\f!#\u001a=ue\u0006\u001cGoQ3si&4\u0017nY1uKR\u0019\u0001/\u001e<\u0011\u0007]K\u0016\u000f\u0005\u0002sg6\t!#\u0003\u0002u%\t\t2)\u001a:uS\u001aL7-\u0019;f\u0011>dG-\u001a:\t\u000b5l\u0001\u0019A3\t\u000b]l\u0001\u0019\u0001%\u0002\u000b\u0005d\u0017.Y:\u0002\u001d5,Wn\u001c:z\u0017\u0016L8\u000f^8sKR\u0011aK\u001f\u0005\u0006[:\u0001\r!\u001a")
/* loaded from: input_file:blended/security/ssl/internal/JavaKeystore.class */
public class JavaKeystore {
    private final File keystore;
    private final char[] storepass;
    private final Option<char[]> keypass;
    private final Logger log = Logger$.MODULE$.apply(ClassTag$.MODULE$.apply(JavaKeystore.class));
    private final String storetype;

    private Logger log() {
        return this.log;
    }

    public String storetype() {
        return this.storetype;
    }

    public Try<MemoryKeystore> loadKeyStore() {
        return memoryKeystore((KeyStore) loadKeyStoreFromFile().get());
    }

    public Try<MemoryKeystore> saveKeyStore(MemoryKeystore memoryKeystore) {
        return Try$.MODULE$.apply(() -> {
            KeyStore keyStore = (KeyStore) this.loadKeyStoreFromFile().get();
            ((IterableLike) memoryKeystore.certificates().filter(tuple2 -> {
                return BoxesRunTime.boxToBoolean($anonfun$saveKeyStore$2(tuple2));
            })).foreach(tuple22 -> {
                $anonfun$saveKeyStore$3(this, keyStore, tuple22);
                return BoxedUnit.UNIT;
            });
            this.saveKeyStoreToFile(keyStore).get();
            return new MemoryKeystore(memoryKeystore.certificates().mapValues(certificateHolder -> {
                return certificateHolder.copy(certificateHolder.copy$default$1(), certificateHolder.copy$default$2(), certificateHolder.copy$default$3(), false);
            }));
        });
    }

    public Try<KeyStore> loadKeyStoreFromFile() {
        return Try$.MODULE$.apply(() -> {
            this.log().info(() -> {
                return new StringBuilder(50).append("Initializing key store of type [").append(this.storetype()).append("] from file [").append(this.keystore.getAbsolutePath()).append("] ...").toString();
            });
            KeyStore keyStore = KeyStore.getInstance(this.storetype());
            if (this.keystore.exists()) {
                FileInputStream fileInputStream = new FileInputStream(this.keystore);
                try {
                    keyStore.load(fileInputStream, this.storepass);
                } finally {
                    fileInputStream.close();
                }
            } else {
                this.log().info(() -> {
                    return new StringBuilder(31).append("Creating empty key store [").append(this.keystore.getAbsolutePath()).append("] ...").toString();
                });
                keyStore.load(null, this.storepass);
            }
            return keyStore;
        });
    }

    public Try<KeyStore> saveKeyStoreToFile(KeyStore keyStore) {
        return Try$.MODULE$.apply(() -> {
            FileOutputStream fileOutputStream = new FileOutputStream(this.keystore);
            try {
                int size = ((TraversableOnce) JavaConverters$.MODULE$.enumerationAsScalaIteratorConverter(keyStore.aliases()).asScala()).size();
                this.log().info(() -> {
                    return new StringBuilder(29).append("Storing [").append(size).append("] certificates to [").append(this.keystore).append("]").toString();
                });
                keyStore.store(fileOutputStream, this.storepass);
                this.log().info(() -> {
                    return new StringBuilder(54).append("Successfully written key store to [").append(this.keystore).append("] with storePass [").append(new String(this.storepass)).append("]").toString();
                });
                return keyStore;
            } finally {
                fileOutputStream.close();
            }
        });
    }

    public Try<CertificateHolder> extractCertificate(KeyStore keyStore, String str) {
        return Try$.MODULE$.apply(() -> {
            $colon.colon colonVar;
            Some apply = Option$.MODULE$.apply(keyStore.getCertificateChain(str));
            if (None$.MODULE$.equals(apply)) {
                Some apply2 = Option$.MODULE$.apply(keyStore.getCertificate(str));
                if (None$.MODULE$.equals(apply2)) {
                    throw new Exception(new StringBuilder(35).append("Certificate for alias [").append(str).append("] not found.").toString());
                }
                if (!(apply2 instanceof Some)) {
                    throw new MatchError(apply2);
                }
                colonVar = new $colon.colon((X509Certificate) ((Certificate) apply2.value()), Nil$.MODULE$);
            } else {
                if (!(apply instanceof Some)) {
                    throw new MatchError(apply);
                }
                colonVar = (List) new ArrayOps.ofRef(Predef$.MODULE$.refArrayOps((Certificate[]) apply.value())).toList().map(certificate -> {
                    return (X509Certificate) certificate;
                }, List$.MODULE$.canBuildFrom());
            }
            $colon.colon colonVar2 = colonVar;
            return (CertificateHolder) CertificateHolder$.MODULE$.create(((Certificate) colonVar2.head()).getPublicKey(), this.keypass.map(cArr -> {
                return (PrivateKey) keyStore.getKey(str, cArr);
            }), colonVar2).get();
        });
    }

    public Try<MemoryKeystore> memoryKeystore(KeyStore keyStore) {
        return Try$.MODULE$.apply(() -> {
            MemoryKeystore memoryKeystore = new MemoryKeystore(((Iterator) JavaConverters$.MODULE$.enumerationAsScalaIteratorConverter(keyStore.aliases()).asScala()).map(str -> {
                return new Tuple2(str, this.extractCertificate(keyStore, str).get());
            }).toMap(Predef$.MODULE$.$conforms()));
            if (memoryKeystore.consistent()) {
                return memoryKeystore;
            }
            throw new InconsistentKeystoreException(new StringBuilder(28).append("KeyStore [").append(this.keystore.getAbsolutePath()).append("] is inconsistent.").toString());
        });
    }

    public static final /* synthetic */ boolean $anonfun$saveKeyStore$2(Tuple2 tuple2) {
        return ((CertificateHolder) tuple2._2()).changed();
    }

    public static final /* synthetic */ void $anonfun$saveKeyStore$3(JavaKeystore javaKeystore, KeyStore keyStore, Tuple2 tuple2) {
        if (tuple2 == null) {
            throw new MatchError(tuple2);
        }
        String str = (String) tuple2._1();
        CertificateHolder certificateHolder = (CertificateHolder) tuple2._2();
        Some some = javaKeystore.keypass;
        if (None$.MODULE$.equals(some)) {
            keyStore.setCertificateEntry(str, (Certificate) certificateHolder.chain().head());
            BoxedUnit boxedUnit = BoxedUnit.UNIT;
        } else {
            if (!(some instanceof Some)) {
                throw new MatchError(some);
            }
            char[] cArr = (char[]) some.value();
            Some privateKey = certificateHolder.privateKey();
            if (None$.MODULE$.equals(privateKey)) {
                throw new Exception(new StringBuilder(45).append("Certificate for [").append(certificateHolder.subjectPrincipal()).append("] is missing the private key").toString());
            }
            if (!(privateKey instanceof Some)) {
                throw new MatchError(privateKey);
            }
            keyStore.setKeyEntry(str, (PrivateKey) privateKey.value(), cArr, (Certificate[]) certificateHolder.chain().toArray(ClassTag$.MODULE$.apply(Certificate.class)));
            BoxedUnit boxedUnit2 = BoxedUnit.UNIT;
            BoxedUnit boxedUnit3 = BoxedUnit.UNIT;
        }
        BoxedUnit boxedUnit4 = BoxedUnit.UNIT;
    }

    public JavaKeystore(File file, char[] cArr, Option<char[]> option) {
        String str;
        this.keystore = file;
        this.storepass = cArr;
        this.keypass = option;
        if (None$.MODULE$.equals(option)) {
            str = KeyStore.getDefaultType();
        } else {
            if (!(option instanceof Some)) {
                throw new MatchError(option);
            }
            str = "PKCS12";
        }
        this.storetype = str;
    }
}
