package de.bitmarck.bms.secon.fs2;

import cats.Applicative$;
import cats.Monad;
import cats.Monad$;
import cats.data.OptionT$;
import cats.effect.kernel.Sync;
import cats.effect.std.Dispatcher;
import cats.kernel.Monoid;
import java.io.Serializable;
import java.security.Key;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Optional;
import scala.Function0;
import scala.Function1;
import scala.None$;
import scala.Option;
import scala.Option$;
import scala.Some$;
import scala.jdk.CollectionConverters$;
import scala.jdk.OptionConverters$;
import scala.jdk.OptionConverters$RichOption$;
import scala.runtime.ModuleSerializationProxy;

/* compiled from: IdentityLookup.scala */
/* loaded from: input_file:de/bitmarck/bms/secon/fs2/IdentityLookup$.class */
public final class IdentityLookup$ implements Serializable {
    public static final IdentityLookup$ MODULE$ = new IdentityLookup$();

    private IdentityLookup$() {
    }

    private Object writeReplace() {
        return new ModuleSerializationProxy(IdentityLookup$.class);
    }

    public <F> Monoid<IdentityLookup<F>> monoid(final Monad<F> monad) {
        return cats.package$.MODULE$.Monoid().instance(new IdentityLookup<F>(monad) { // from class: de.bitmarck.bms.secon.fs2.IdentityLookup$$anon$2
            private final Monad evidence$1$1;

            {
                this.evidence$1$1 = monad;
            }

            @Override // de.bitmarck.bms.secon.fs2.IdentityLookup
            public /* bridge */ /* synthetic */ Object identityByAliasUnsafe(String str) {
                Object identityByAliasUnsafe;
                identityByAliasUnsafe = identityByAliasUnsafe(str);
                return identityByAliasUnsafe;
            }

            @Override // de.bitmarck.bms.secon.fs2.IdentityLookup
            public /* bridge */ /* synthetic */ Object identityBySelectorUnsafe(X509CertSelector x509CertSelector) {
                Object identityBySelectorUnsafe;
                identityBySelectorUnsafe = identityBySelectorUnsafe(x509CertSelector);
                return identityBySelectorUnsafe;
            }

            @Override // de.bitmarck.bms.secon.fs2.IdentityLookup
            public /* bridge */ /* synthetic */ IdentityLookup filterByAlias(Function1 function1) {
                IdentityLookup filterByAlias;
                filterByAlias = filterByAlias(function1);
                return filterByAlias;
            }

            @Override // de.bitmarck.bms.secon.fs2.IdentityLookup
            public Monad monadF() {
                return Monad$.MODULE$.apply(this.evidence$1$1);
            }

            @Override // de.bitmarck.bms.secon.fs2.IdentityLookup
            public Object identityByAlias(String str) {
                return Applicative$.MODULE$.apply(this.evidence$1$1).pure(None$.MODULE$);
            }

            @Override // de.bitmarck.bms.secon.fs2.IdentityLookup
            public Object identityBySelector(X509CertSelector x509CertSelector) {
                return Applicative$.MODULE$.apply(this.evidence$1$1).pure(None$.MODULE$);
            }
        }, (identityLookup, identityLookup2) -> {
            return new IdentityLookup<F>(monad, identityLookup, identityLookup2) { // from class: de.bitmarck.bms.secon.fs2.IdentityLookup$$anon$3
                private final Monad evidence$1$3;
                private final IdentityLookup a$1;
                private final IdentityLookup b$1;

                {
                    this.evidence$1$3 = monad;
                    this.a$1 = identityLookup;
                    this.b$1 = identityLookup2;
                }

                @Override // de.bitmarck.bms.secon.fs2.IdentityLookup
                public /* bridge */ /* synthetic */ Object identityByAliasUnsafe(String str) {
                    Object identityByAliasUnsafe;
                    identityByAliasUnsafe = identityByAliasUnsafe(str);
                    return identityByAliasUnsafe;
                }

                @Override // de.bitmarck.bms.secon.fs2.IdentityLookup
                public /* bridge */ /* synthetic */ Object identityBySelectorUnsafe(X509CertSelector x509CertSelector) {
                    Object identityBySelectorUnsafe;
                    identityBySelectorUnsafe = identityBySelectorUnsafe(x509CertSelector);
                    return identityBySelectorUnsafe;
                }

                @Override // de.bitmarck.bms.secon.fs2.IdentityLookup
                public /* bridge */ /* synthetic */ IdentityLookup filterByAlias(Function1 function1) {
                    IdentityLookup filterByAlias;
                    filterByAlias = filterByAlias(function1);
                    return filterByAlias;
                }

                @Override // de.bitmarck.bms.secon.fs2.IdentityLookup
                public Monad monadF() {
                    return Monad$.MODULE$.apply(this.evidence$1$3);
                }

                @Override // de.bitmarck.bms.secon.fs2.IdentityLookup
                public Object identityByAlias(String str) {
                    return OptionT$.MODULE$.apply(this.a$1.identityByAlias(str)).orElseF(() -> {
                        return r1.identityByAlias$$anonfun$1(r2);
                    }, this.evidence$1$3).value();
                }

                @Override // de.bitmarck.bms.secon.fs2.IdentityLookup
                public Object identityBySelector(X509CertSelector x509CertSelector) {
                    return OptionT$.MODULE$.apply(this.a$1.identityBySelector(x509CertSelector)).orElseF(() -> {
                        return r1.identityBySelector$$anonfun$1(r2);
                    }, this.evidence$1$3).value();
                }

                private final Object identityByAlias$$anonfun$1(String str) {
                    return this.b$1.identityByAlias(str);
                }

                private final Object identityBySelector$$anonfun$1(X509CertSelector x509CertSelector) {
                    return this.b$1.identityBySelector(x509CertSelector);
                }
            };
        });
    }

    public <F> de.tk.opensource.secon.Identity toSeconIdentity(final IdentityLookup<F> identityLookup, final Dispatcher<F> dispatcher) {
        return new de.tk.opensource.secon.Identity(identityLookup, dispatcher) { // from class: de.bitmarck.bms.secon.fs2.IdentityLookup$$anon$4
            private final IdentityLookup identityLookup$1;
            private final Dispatcher dispatcher$1;

            {
                this.identityLookup$1 = identityLookup;
                this.dispatcher$1 = dispatcher;
            }

            public PrivateKey privateKey() {
                throw new UnsupportedOperationException();
            }

            public X509Certificate certificate() {
                throw new UnsupportedOperationException();
            }

            public Optional privateKey(X509CertSelector x509CertSelector) {
                return OptionConverters$RichOption$.MODULE$.toJava$extension(OptionConverters$.MODULE$.RichOption(((Option) this.dispatcher$1.unsafeRunSync(this.identityLookup$1.identityBySelector(x509CertSelector))).map(IdentityLookup$::de$bitmarck$bms$secon$fs2$IdentityLookup$$anon$4$$_$privateKey$$anonfun$1)));
            }
        };
    }

    public <F> IdentityLookup<F> fromIdentity(final Identity identity, final Option<String> option, final Sync<F> sync) {
        return new IdentityLookup<F>(identity, option, sync) { // from class: de.bitmarck.bms.secon.fs2.IdentityLookup$$anon$5
            private final Identity identity$1;
            private final Option expectedAlias$1;
            private final Sync evidence$2$1;

            {
                this.identity$1 = identity;
                this.expectedAlias$1 = option;
                this.evidence$2$1 = sync;
            }

            @Override // de.bitmarck.bms.secon.fs2.IdentityLookup
            public /* bridge */ /* synthetic */ Object identityByAliasUnsafe(String str) {
                Object identityByAliasUnsafe;
                identityByAliasUnsafe = identityByAliasUnsafe(str);
                return identityByAliasUnsafe;
            }

            @Override // de.bitmarck.bms.secon.fs2.IdentityLookup
            public /* bridge */ /* synthetic */ Object identityBySelectorUnsafe(X509CertSelector x509CertSelector) {
                Object identityBySelectorUnsafe;
                identityBySelectorUnsafe = identityBySelectorUnsafe(x509CertSelector);
                return identityBySelectorUnsafe;
            }

            @Override // de.bitmarck.bms.secon.fs2.IdentityLookup
            public /* bridge */ /* synthetic */ IdentityLookup filterByAlias(Function1 function1) {
                IdentityLookup filterByAlias;
                filterByAlias = filterByAlias(function1);
                return filterByAlias;
            }

            @Override // de.bitmarck.bms.secon.fs2.IdentityLookup
            public Monad monadF() {
                return Monad$.MODULE$.apply(this.evidence$2$1);
            }

            @Override // de.bitmarck.bms.secon.fs2.IdentityLookup
            public Object identityByAlias(String str) {
                return cats.effect.package$.MODULE$.Sync().apply(this.evidence$2$1).delay(() -> {
                    return r1.identityByAlias$$anonfun$2(r2);
                });
            }

            @Override // de.bitmarck.bms.secon.fs2.IdentityLookup
            public Object identityBySelector(X509CertSelector x509CertSelector) {
                return cats.effect.package$.MODULE$.Sync().apply(this.evidence$2$1).delay(() -> {
                    return r1.identityBySelector$$anonfun$2(r2);
                });
            }

            private final Option identityByAlias$$anonfun$2(String str) {
                return this.expectedAlias$1.forall((v1) -> {
                    return IdentityLookup$.de$bitmarck$bms$secon$fs2$IdentityLookup$$anon$5$$_$identityByAlias$$anonfun$2$$anonfun$1(r1, v1);
                }) ? Some$.MODULE$.apply(this.identity$1) : None$.MODULE$;
            }

            private final Identity identityBySelector$$anonfun$2$$anonfun$1() {
                return this.identity$1;
            }

            private final Option identityBySelector$$anonfun$2(X509CertSelector x509CertSelector) {
                return Option$.MODULE$.when(x509CertSelector.match(this.identity$1.certificate()), this::identityBySelector$$anonfun$2$$anonfun$1);
            }
        };
    }

    public <F> Option<String> fromIdentity$default$2() {
        return None$.MODULE$;
    }

    public <F> IdentityLookup<F> fromKeyStore(final KeyStore keyStore, final Function0<char[]> function0, final Sync<F> sync) {
        return new IdentityLookup<F>(keyStore, function0, sync) { // from class: de.bitmarck.bms.secon.fs2.IdentityLookup$$anon$6
            private final KeyStore keyStore$1;
            private final Function0 password$1;
            private final Sync evidence$3$1;

            {
                this.keyStore$1 = keyStore;
                this.password$1 = function0;
                this.evidence$3$1 = sync;
            }

            @Override // de.bitmarck.bms.secon.fs2.IdentityLookup
            public /* bridge */ /* synthetic */ Object identityByAliasUnsafe(String str) {
                Object identityByAliasUnsafe;
                identityByAliasUnsafe = identityByAliasUnsafe(str);
                return identityByAliasUnsafe;
            }

            @Override // de.bitmarck.bms.secon.fs2.IdentityLookup
            public /* bridge */ /* synthetic */ Object identityBySelectorUnsafe(X509CertSelector x509CertSelector) {
                Object identityBySelectorUnsafe;
                identityBySelectorUnsafe = identityBySelectorUnsafe(x509CertSelector);
                return identityBySelectorUnsafe;
            }

            @Override // de.bitmarck.bms.secon.fs2.IdentityLookup
            public /* bridge */ /* synthetic */ IdentityLookup filterByAlias(Function1 function1) {
                IdentityLookup filterByAlias;
                filterByAlias = filterByAlias(function1);
                return filterByAlias;
            }

            @Override // de.bitmarck.bms.secon.fs2.IdentityLookup
            public Monad monadF() {
                return Monad$.MODULE$.apply(this.evidence$3$1);
            }

            @Override // de.bitmarck.bms.secon.fs2.IdentityLookup
            public Object identityByAlias(String str) {
                return cats.effect.package$.MODULE$.Sync().apply(this.evidence$3$1).delay(() -> {
                    return r1.identityByAlias$$anonfun$3(r2);
                });
            }

            @Override // de.bitmarck.bms.secon.fs2.IdentityLookup
            public Object identityBySelector(X509CertSelector x509CertSelector) {
                return cats.effect.package$.MODULE$.Sync().apply(this.evidence$3$1).delay(() -> {
                    return r1.identityBySelector$$anonfun$3(r2);
                });
            }

            private final Option identityByAlias$$anonfun$3(String str) {
                char[] cArr = (char[]) this.password$1.apply();
                try {
                    KeyStore.Entry entry = this.keyStore$1.getEntry(str, new KeyStore.PasswordProtection(cArr));
                    Arrays.fill(cArr, (char) 0);
                    if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                        return None$.MODULE$;
                    }
                    KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
                    Certificate certificate = privateKeyEntry.getCertificate();
                    if (!(certificate instanceof X509Certificate)) {
                        return None$.MODULE$;
                    }
                    return Some$.MODULE$.apply(Identity$.MODULE$.apply(privateKeyEntry.getPrivateKey(), (X509Certificate) certificate));
                } catch (Throwable th) {
                    Arrays.fill(cArr, (char) 0);
                    throw th;
                }
            }

            private final Option identityBySelector$$anonfun$3(X509CertSelector x509CertSelector) {
                return CollectionConverters$.MODULE$.EnumerationHasAsScala(this.keyStore$1.aliases()).asScala().flatMap(str -> {
                    Certificate certificate = this.keyStore$1.getCertificate(str);
                    if (certificate instanceof X509Certificate) {
                        X509Certificate x509Certificate = (X509Certificate) certificate;
                        if (x509CertSelector.match(x509Certificate)) {
                            char[] cArr = (char[]) this.password$1.apply();
                            try {
                                Key key = this.keyStore$1.getKey(str, cArr);
                                Arrays.fill(cArr, (char) 0);
                                if (!(key instanceof PrivateKey)) {
                                    return None$.MODULE$;
                                }
                                return Some$.MODULE$.apply(Identity$.MODULE$.apply((PrivateKey) key, x509Certificate));
                            } catch (Throwable th) {
                                Arrays.fill(cArr, (char) 0);
                                throw th;
                            }
                        }
                    }
                    return None$.MODULE$;
                }).nextOption();
            }
        };
    }

    public static final /* synthetic */ PrivateKey de$bitmarck$bms$secon$fs2$IdentityLookup$$anon$4$$_$privateKey$$anonfun$1(Identity identity) {
        return identity.privateKey();
    }

    public static final /* synthetic */ boolean de$bitmarck$bms$secon$fs2$IdentityLookup$$anon$5$$_$identityByAlias$$anonfun$2$$anonfun$1(String str, String str2) {
        return str2 != null ? str2.equals(str) : str == null;
    }
}
