package net.corda.nodeapi.internal.crypto;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.attribute.FileAttribute;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import kotlin.Metadata;
import kotlin.Unit;
import kotlin.io.CloseableKt;
import kotlin.jvm.JvmName;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.SourceDebugExtension;
import net.corda.core.crypto.Crypto;
import net.corda.core.internal.PathUtilsKt;
import org.apache.commons.dbcp2.Constants;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* compiled from: KeyStoreUtilities.kt */
@Metadata(mv = {1, 9, 0}, k = 2, xi = 48, d1 = {"��^\n��\n\u0002\u0010\u000e\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n��\n\u0002\u0010\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0010\u0019\n��\n\u0002\u0010\u0011\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\u001a\u0016\u0010\u0002\u001a\u00020\u00032\u0006\u0010\u0004\u001a\u00020\u00052\u0006\u0010\u0006\u001a\u00020\u0001\u001a\u0016\u0010\u0002\u001a\u00020\u00032\u0006\u0010\u0007\u001a\u00020\b2\u0006\u0010\u0006\u001a\u00020\u0001\u001a,\u0010\t\u001a\u00020\u00032\u0006\u0010\u0007\u001a\u00020\b2\u0006\u0010\u0006\u001a\u00020\u00012\b\b\u0002\u0010\n\u001a\u00020\u00012\n\b\u0002\u0010\u000b\u001a\u0004\u0018\u00010\f\u001a\u001a\u0010\r\u001a\u00020\u000e*\u00020\u00032\u0006\u0010\u000f\u001a\u00020\u00012\u0006\u0010\u0010\u001a\u00020\u0011\u001a7\u0010\u0012\u001a\u00020\u000e*\u00020\u00032\u0006\u0010\u000f\u001a\u00020\u00012\u0006\u0010\u0013\u001a\u00020\u00142\u0006\u0010\u0015\u001a\u00020\u00162\u000e\u0010\u0017\u001a\n\u0012\u0006\b\u0001\u0012\u00020\u00110\u0018¢\u0006\u0002\u0010\u0019\u001a\u001a\u0010\u001a\u001a\u00020\u001b*\u00020\u00032\u0006\u0010\u000f\u001a\u00020\u00012\u0006\u0010\u001c\u001a\u00020\u0001\u001a\u001a\u0010\u001d\u001a\u00020\u001e*\u00020\u00032\u0006\u0010\u000f\u001a\u00020\u00012\u0006\u0010\u001c\u001a\u00020\u0001\u001a\u0012\u0010\u001f\u001a\u00020 *\u00020\u00032\u0006\u0010\u000f\u001a\u00020\u0001\u001a\u001a\u0010!\u001a\u00020\u000e*\u00020\u00032\u0006\u0010\u0007\u001a\u00020\b2\u0006\u0010\u0006\u001a\u00020\u0001\"\u000e\u0010��\u001a\u00020\u0001X\u0086T¢\u0006\u0002\n��¨\u0006\""}, d2 = {"KEYSTORE_TYPE", "", "loadKeyStore", "Ljava/security/KeyStore;", "input", "Ljava/io/InputStream;", "storePassword", "keyStoreFilePath", "Ljava/nio/file/Path;", "loadOrCreateKeyStore", "keystoreType", "provider", "Ljava/security/Provider;", "addOrReplaceCertificate", "", "alias", "cert", "Ljava/security/cert/Certificate;", "addOrReplaceKey", "key", "Ljava/security/Key;", Constants.KEY_PASSWORD, "", "chain", "", "(Ljava/security/KeyStore;Ljava/lang/String;Ljava/security/Key;[C[Ljava/security/cert/Certificate;)V", "getCertificateAndKeyPair", "Lnet/corda/nodeapi/internal/crypto/CertificateAndKeyPair;", "keyPassword", "getSupportedKey", "Ljava/security/PrivateKey;", "getX509Certificate", "Ljava/security/cert/X509Certificate;", "save", "node-api"})
@JvmName(name = "KeyStoreUtilities")
@SourceDebugExtension({"SMAP\nKeyStoreUtilities.kt\nKotlin\n*S Kotlin\n*F\n+ 1 KeyStoreUtilities.kt\nnet/corda/nodeapi/internal/crypto/KeyStoreUtilities\n+ 2 PathUtils.kt\nnet/corda/core/internal/PathUtilsKt\n+ 3 ArrayIntrinsics.kt\nkotlin/ArrayIntrinsicsKt\n+ 4 fake.kt\nkotlin/jvm/internal/FakeKt\n*L\n1#1,166:1\n70#2:167\n77#2:168\n78#2,5:170\n70#2:175\n77#2:176\n78#2,5:178\n26#3:169\n26#3:177\n1#4:183\n*S KotlinDebug\n*F\n+ 1 KeyStoreUtilities.kt\nnet/corda/nodeapi/internal/crypto/KeyStoreUtilities\n*L\n43#1:167\n47#1:168\n47#1:170,5\n63#1:175\n119#1:176\n119#1:178,5\n47#1:169\n119#1:177\n*E\n"})
/* loaded from: input_file:corda-node-api-4.12.1.jar:net/corda/nodeapi/internal/crypto/KeyStoreUtilities.class */
public final class KeyStoreUtilities {

    @NotNull
    public static final String KEYSTORE_TYPE = "JKS";

    @NotNull
    public static final KeyStore loadOrCreateKeyStore(@NotNull Path keyStoreFilePath, @NotNull String storePassword, @NotNull String keystoreType, @Nullable Provider provider) {
        OutputStream outputStream;
        Throwable th;
        Intrinsics.checkNotNullParameter(keyStoreFilePath, "keyStoreFilePath");
        Intrinsics.checkNotNullParameter(storePassword, "storePassword");
        Intrinsics.checkNotNullParameter(keystoreType, "keystoreType");
        char[] charArray = storePassword.toCharArray();
        Intrinsics.checkNotNullExpressionValue(charArray, "toCharArray(...)");
        KeyStore keyStore = provider != null ? KeyStore.getInstance(keystoreType, provider) : KeyStore.getInstance(keystoreType);
        LinkOption[] linkOptionArr = new LinkOption[0];
        if (Files.exists(keyStoreFilePath, (LinkOption[]) Arrays.copyOf(linkOptionArr, linkOptionArr.length))) {
            OpenOption[] openOptionArr = new OpenOption[0];
            OpenOption[] openOptionArr2 = (OpenOption[]) Arrays.copyOf(openOptionArr, openOptionArr.length);
            InputStream newInputStream = Files.newInputStream(keyStoreFilePath, (OpenOption[]) Arrays.copyOf(openOptionArr2, openOptionArr2.length));
            Intrinsics.checkNotNullExpressionValue(newInputStream, "newInputStream(...)");
            InputStream inputStream = newInputStream;
            try {
                keyStore.load(inputStream, charArray);
                Unit unit = Unit.INSTANCE;
                CloseableKt.closeFinally(inputStream, null);
            } catch (Throwable th2) {
                CloseableKt.closeFinally(inputStream, null);
                throw th2;
            }
        } else {
            keyStore.load(null, charArray);
            Path parent = keyStoreFilePath.toAbsolutePath().getParent();
            try {
                try {
                    if (parent != null) {
                        Path safeSymbolicRead = PathUtilsKt.safeSymbolicRead(parent);
                        if (safeSymbolicRead != null) {
                            FileAttribute[] fileAttributeArr = new FileAttribute[0];
                            Intrinsics.checkNotNullExpressionValue(Files.createDirectories(safeSymbolicRead, (FileAttribute[]) Arrays.copyOf(fileAttributeArr, fileAttributeArr.length)), "createDirectories(...)");
                            OpenOption[] openOptionArr3 = new OpenOption[0];
                            OpenOption[] openOptionArr4 = (OpenOption[]) Arrays.copyOf(openOptionArr3, openOptionArr3.length);
                            OutputStream newOutputStream = Files.newOutputStream(keyStoreFilePath, (OpenOption[]) Arrays.copyOf(openOptionArr4, openOptionArr4.length));
                            Intrinsics.checkNotNullExpressionValue(newOutputStream, "newOutputStream(...)");
                            outputStream = newOutputStream;
                            th = null;
                            keyStore.store(outputStream, charArray);
                            CloseableKt.closeFinally(outputStream, null);
                        }
                    }
                    keyStore.store(outputStream, charArray);
                    CloseableKt.closeFinally(outputStream, null);
                } finally {
                }
            } catch (Throwable th3) {
                CloseableKt.closeFinally(outputStream, th);
                throw th3;
            }
            OpenOption[] openOptionArr32 = new OpenOption[0];
            OpenOption[] openOptionArr42 = (OpenOption[]) Arrays.copyOf(openOptionArr32, openOptionArr32.length);
            OutputStream newOutputStream2 = Files.newOutputStream(keyStoreFilePath, (OpenOption[]) Arrays.copyOf(openOptionArr42, openOptionArr42.length));
            Intrinsics.checkNotNullExpressionValue(newOutputStream2, "newOutputStream(...)");
            outputStream = newOutputStream2;
            th = null;
        }
        Intrinsics.checkNotNull(keyStore);
        return keyStore;
    }

    public static /* synthetic */ KeyStore loadOrCreateKeyStore$default(Path path, String str, String str2, Provider provider, int i, Object obj) {
        if ((i & 4) != 0) {
            str2 = "JKS";
        }
        if ((i & 8) != 0) {
            provider = null;
        }
        return loadOrCreateKeyStore(path, str, str2, provider);
    }

    @NotNull
    public static final KeyStore loadKeyStore(@NotNull Path keyStoreFilePath, @NotNull String storePassword) throws KeyStoreException, IOException {
        Intrinsics.checkNotNullParameter(keyStoreFilePath, "keyStoreFilePath");
        Intrinsics.checkNotNullParameter(storePassword, "storePassword");
        OpenOption[] openOptionArr = new OpenOption[0];
        OpenOption[] openOptionArr2 = (OpenOption[]) Arrays.copyOf(openOptionArr, openOptionArr.length);
        InputStream newInputStream = Files.newInputStream(keyStoreFilePath, (OpenOption[]) Arrays.copyOf(openOptionArr2, openOptionArr2.length));
        Intrinsics.checkNotNullExpressionValue(newInputStream, "newInputStream(...)");
        InputStream inputStream = newInputStream;
        try {
            KeyStore loadKeyStore = loadKeyStore(inputStream, storePassword);
            CloseableKt.closeFinally(inputStream, null);
            return loadKeyStore;
        } catch (Throwable th) {
            CloseableKt.closeFinally(inputStream, null);
            throw th;
        }
    }

    @NotNull
    public static final KeyStore loadKeyStore(@NotNull InputStream input, @NotNull String storePassword) throws KeyStoreException, IOException {
        Intrinsics.checkNotNullParameter(input, "input");
        Intrinsics.checkNotNullParameter(storePassword, "storePassword");
        char[] charArray = storePassword.toCharArray();
        Intrinsics.checkNotNullExpressionValue(charArray, "toCharArray(...)");
        KeyStore keyStore = KeyStore.getInstance("JKS");
        InputStream inputStream = input;
        try {
            InputStream inputStream2 = inputStream;
            keyStore.load(input, charArray);
            Unit unit = Unit.INSTANCE;
            CloseableKt.closeFinally(inputStream, null);
            Intrinsics.checkNotNull(keyStore);
            return keyStore;
        } catch (Throwable th) {
            CloseableKt.closeFinally(inputStream, null);
            throw th;
        }
    }

    public static final void addOrReplaceKey(@NotNull KeyStore keyStore, @NotNull String alias, @NotNull Key key, @NotNull char[] password, @NotNull Certificate[] chain) {
        Intrinsics.checkNotNullParameter(keyStore, "<this>");
        Intrinsics.checkNotNullParameter(alias, "alias");
        Intrinsics.checkNotNullParameter(key, "key");
        Intrinsics.checkNotNullParameter(password, "password");
        Intrinsics.checkNotNullParameter(chain, "chain");
        if (keyStore.containsAlias(alias)) {
            keyStore.deleteEntry(alias);
        }
        keyStore.setKeyEntry(alias, key, password, chain);
    }

    public static final void addOrReplaceCertificate(@NotNull KeyStore keyStore, @NotNull String alias, @NotNull Certificate cert) {
        Intrinsics.checkNotNullParameter(keyStore, "<this>");
        Intrinsics.checkNotNullParameter(alias, "alias");
        Intrinsics.checkNotNullParameter(cert, "cert");
        if (keyStore.containsAlias(alias)) {
            keyStore.deleteEntry(alias);
        }
        keyStore.setCertificateEntry(alias, cert);
    }

    public static final void save(@NotNull KeyStore keyStore, @NotNull Path keyStoreFilePath, @NotNull String storePassword) {
        Intrinsics.checkNotNullParameter(keyStore, "<this>");
        Intrinsics.checkNotNullParameter(keyStoreFilePath, "keyStoreFilePath");
        Intrinsics.checkNotNullParameter(storePassword, "storePassword");
        OpenOption[] openOptionArr = new OpenOption[0];
        OpenOption[] openOptionArr2 = (OpenOption[]) Arrays.copyOf(openOptionArr, openOptionArr.length);
        OutputStream newOutputStream = Files.newOutputStream(keyStoreFilePath, (OpenOption[]) Arrays.copyOf(openOptionArr2, openOptionArr2.length));
        Intrinsics.checkNotNullExpressionValue(newOutputStream, "newOutputStream(...)");
        OutputStream outputStream = newOutputStream;
        Throwable th = null;
        try {
            try {
                char[] charArray = storePassword.toCharArray();
                Intrinsics.checkNotNullExpressionValue(charArray, "toCharArray(...)");
                keyStore.store(outputStream, charArray);
                CloseableKt.closeFinally(outputStream, null);
            } finally {
            }
        } catch (Throwable th2) {
            CloseableKt.closeFinally(outputStream, th);
            throw th2;
        }
    }

    @NotNull
    public static final CertificateAndKeyPair getCertificateAndKeyPair(@NotNull KeyStore keyStore, @NotNull String alias, @NotNull String keyPassword) {
        Intrinsics.checkNotNullParameter(keyStore, "<this>");
        Intrinsics.checkNotNullParameter(alias, "alias");
        Intrinsics.checkNotNullParameter(keyPassword, "keyPassword");
        X509Certificate x509Certificate = getX509Certificate(keyStore, alias);
        PublicKey publicKey = x509Certificate.getPublicKey();
        Intrinsics.checkNotNullExpressionValue(publicKey, "getPublicKey(...)");
        return new CertificateAndKeyPair(x509Certificate, new KeyPair(Crypto.toSupportedPublicKey(publicKey), getSupportedKey(keyStore, alias, keyPassword)));
    }

    @NotNull
    public static final X509Certificate getX509Certificate(@NotNull KeyStore keyStore, @NotNull String alias) {
        Intrinsics.checkNotNullParameter(keyStore, "<this>");
        Intrinsics.checkNotNullParameter(alias, "alias");
        Certificate certificate = keyStore.getCertificate(alias);
        if (certificate == null) {
            throw new IllegalArgumentException("No certificate under alias \"" + alias + "\".");
        }
        X509Certificate x509Certificate = certificate instanceof X509Certificate ? (X509Certificate) certificate : null;
        if (x509Certificate == null) {
            throw new IllegalStateException("Certificate under alias \"" + alias + "\" is not an X.509 certificate: " + certificate);
        }
        return x509Certificate;
    }

    @NotNull
    public static final PrivateKey getSupportedKey(@NotNull KeyStore keyStore, @NotNull String alias, @NotNull String keyPassword) {
        Intrinsics.checkNotNullParameter(keyStore, "<this>");
        Intrinsics.checkNotNullParameter(alias, "alias");
        Intrinsics.checkNotNullParameter(keyPassword, "keyPassword");
        char[] charArray = keyPassword.toCharArray();
        Intrinsics.checkNotNullExpressionValue(charArray, "toCharArray(...)");
        Key key = keyStore.getKey(alias, charArray);
        if (key == null) {
            throw new IllegalArgumentException(("Key for alias: '" + alias + "' cannot be found").toString());
        }
        Intrinsics.checkNotNull(key, "null cannot be cast to non-null type java.security.PrivateKey");
        return Crypto.toSupportedPrivateKey((PrivateKey) key);
    }
}
