package software.xdev.bzst.dip.client.signing;

import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Objects;
import java.util.function.Supplier;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import software.xdev.bzst.dip.client.exception.SigningException;

/* loaded from: input_file:software/xdev/bzst/dip/client/signing/SigningProviderByJks.class */
public class SigningProviderByJks implements SigningProvider {
    private static final Logger LOGGER = LoggerFactory.getLogger(SigningProviderByJks.class);
    public static final String KEYSTORE_TYPE = "JKS";
    private final Supplier<InputStream> certificateKeystoreInputStream;
    private final String certificateKeystorePassword;
    private X509Certificate certificate;
    private PrivateKey privateKey;

    public SigningProviderByJks(String str, String str2) {
        this((Supplier<InputStream>) () -> {
            return ClassLoader.getSystemClassLoader().getResourceAsStream(str);
        }, str2);
        Objects.requireNonNull(str);
    }

    public SigningProviderByJks(Supplier<InputStream> supplier, String str) {
        this.certificateKeystoreInputStream = (Supplier) Objects.requireNonNull(supplier);
        this.certificateKeystorePassword = (String) Objects.requireNonNull(str);
    }

    @Override // software.xdev.bzst.dip.client.signing.SigningProvider
    public X509Certificate getCertificate() {
        if (this.certificate == null) {
            initKeys();
        }
        return this.certificate;
    }

    @Override // software.xdev.bzst.dip.client.signing.SigningProvider
    public PrivateKey getPrivateKey() {
        if (this.privateKey == null) {
            initKeys();
        }
        return this.privateKey;
    }

    private void initKeys() {
        try {
            InputStream inputStream = this.certificateKeystoreInputStream.get();
            try {
                KeyStore.PrivateKeyEntry privateKeyEntry = getPrivateKeyEntry(inputStream, this.certificateKeystorePassword, KEYSTORE_TYPE);
                this.certificate = (X509Certificate) privateKeyEntry.getCertificate();
                this.privateKey = privateKeyEntry.getPrivateKey();
                if (inputStream != null) {
                    inputStream.close();
                }
            } finally {
            }
        } catch (IOException e) {
            throw new SigningException("Could not read keystore.", e);
        }
    }

    private KeyStore.PrivateKeyEntry getPrivateKeyEntry(InputStream inputStream, String str, String str2) {
        try {
            LOGGER.debug("Loading keystore file...");
            KeyStore keyStore = KeyStore.getInstance(str2);
            keyStore.load(inputStream, str.toCharArray());
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry("certificate", new KeyStore.PasswordProtection(str.toCharArray()));
            if (privateKeyEntry == null) {
                throw new SigningException("The private key entry in the keystore is null.");
            }
            return privateKeyEntry;
        } catch (Exception e) {
            throw new SigningException("Something wrong happened while getting the private key entry from the keystore.", e);
        }
    }
}
