package blended.security.ssl.internal;

import blended.security.ssl.CertificateChange$Unchanged$;
import blended.security.ssl.CertificateHolder;
import blended.security.ssl.CertificateHolder$;
import blended.security.ssl.InconsistentKeystoreException;
import blended.security.ssl.MemoryKeystore;
import blended.util.logging.Logger;
import blended.util.logging.Logger$;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import scala.$less$colon$less$;
import scala.MatchError;
import scala.None$;
import scala.Option;
import scala.Option$;
import scala.Predef$;
import scala.Some;
import scala.Tuple2;
import scala.collection.IterableOnceOps;
import scala.collection.immutable.$colon;
import scala.collection.immutable.List;
import scala.collection.immutable.Nil$;
import scala.jdk.CollectionConverters$;
import scala.reflect.ClassTag$;
import scala.reflect.ScalaSignature;
import scala.runtime.BoxedUnit;
import scala.runtime.BoxesRunTime;
import scala.util.Try;
import scala.util.Try$;

/* compiled from: JavaKeystore.scala */
@ScalaSignature(bytes = "\u0006\u0005y4A\u0001E\t\u00015!A\u0011\u0005\u0001B\u0001B\u0003%!\u0005\u0003\u0005+\u0001\t\u0005\t\u0015!\u0003,\u0011!\t\u0004A!A!\u0002\u0013\u0011\u0004\"B\u001b\u0001\t\u00031\u0004\"\u0002\u001f\u0001\t\u0003i\u0004b\u0002 \u0001\u0005\u0004%Ia\u0010\u0005\u0007\u0011\u0002\u0001\u000b\u0011\u0002!\t\u0011%\u0003!\u0019!C\u0001')CaA\u0016\u0001!\u0002\u0013Y\u0005\"B,\u0001\t\u0003A\u0006\"\u00022\u0001\t\u0003\u0019\u0007B\u00024\u0001\t\u0003\u0019r\r\u0003\u0004o\u0001\u0011\u00051c\u001c\u0005\u0007e\u0002!\taE:\t\rm\u0004A\u0011A\n}\u00051Q\u0015M^1LKf\u001cHo\u001c:f\u0015\t\u00112#\u0001\u0005j]R,'O\\1m\u0015\t!R#A\u0002tg2T!AF\f\u0002\u0011M,7-\u001e:jifT\u0011\u0001G\u0001\bE2,g\u000eZ3e\u0007\u0001\u0019\"\u0001A\u000e\u0011\u0005qyR\"A\u000f\u000b\u0003y\tQa]2bY\u0006L!\u0001I\u000f\u0003\r\u0005s\u0017PU3g\u0003\u0015\u0019Ho\u001c:f!\t\u0019\u0003&D\u0001%\u0015\t)c%\u0001\u0002j_*\tq%\u0001\u0003kCZ\f\u0017BA\u0015%\u0005\u00111\u0015\u000e\\3\u0002\u0013M$xN]3qCN\u001c\bc\u0001\u000f-]%\u0011Q&\b\u0002\u0006\u0003J\u0014\u0018-\u001f\t\u00039=J!\u0001M\u000f\u0003\t\rC\u0017M]\u0001\bW\u0016L\b/Y:t!\ra2gK\u0005\u0003iu\u0011aa\u00149uS>t\u0017A\u0002\u001fj]&$h\b\u0006\u00038siZ\u0004C\u0001\u001d\u0001\u001b\u0005\t\u0002\"B\u0011\u0005\u0001\u0004\u0011\u0003\"\u0002\u0016\u0005\u0001\u0004Y\u0003\"B\u0019\u0005\u0001\u0004\u0011\u0014\u0001C6fsN$xN]3\u0016\u0003\t\n1\u0001\\8h+\u0005\u0001\u0005CA!G\u001b\u0005\u0011%BA\"E\u0003\u001dawnZ4j]\u001eT!!R\f\u0002\tU$\u0018\u000e\\\u0005\u0003\u000f\n\u0013a\u0001T8hO\u0016\u0014\u0018\u0001\u00027pO\u0002\n\u0011b\u001d;pe\u0016$\u0018\u0010]3\u0016\u0003-\u0003\"\u0001T*\u000f\u00055\u000b\u0006C\u0001(\u001e\u001b\u0005y%B\u0001)\u001a\u0003\u0019a$o\\8u}%\u0011!+H\u0001\u0007!J,G-\u001a4\n\u0005Q+&AB*ue&twM\u0003\u0002S;\u0005Q1\u000f^8sKRL\b/\u001a\u0011\u0002\u00191|\u0017\rZ&fsN#xN]3\u0015\u0003e\u00032A\u0017/_\u001b\u0005Y&BA#\u001e\u0013\ti6LA\u0002Uef\u0004\"a\u00181\u000e\u0003MI!!Y\n\u0003\u001d5+Wn\u001c:z\u0017\u0016L8\u000f^8sK\u0006a1/\u0019<f\u0017\u0016L8\u000b^8sKR\u0011\u0011\f\u001a\u0005\u0006K.\u0001\rAX\u0001\u0003[N\fA\u0003\\8bI.+\u0017p\u0015;pe\u00164%o\\7GS2,G#\u00015\u0011\u0007ic\u0016\u000e\u0005\u0002kY6\t1N\u0003\u0002\u0017M%\u0011Qn\u001b\u0002\t\u0017\u0016L8\u000b^8sK\u0006\u00112/\u0019<f\u0017\u0016L8\u000b^8sKR{g)\u001b7f)\tA\u0007\u000fC\u0003r\u001b\u0001\u0007\u0011.\u0001\u0002lg\u0006\u0011R\r\u001f;sC\u000e$8)\u001a:uS\u001aL7-\u0019;f)\r!\b0\u001f\t\u00045r+\bCA0w\u0013\t98CA\tDKJ$\u0018NZ5dCR,\u0007j\u001c7eKJDQ!\u001d\bA\u0002%DQA\u001f\bA\u0002-\u000bQ!\u00197jCN\fa\"\\3n_JL8*Z=ti>\u0014X\r\u0006\u0002Z{\")\u0011o\u0004a\u0001S\u0002")
/* loaded from: input_file:blended/security/ssl/internal/JavaKeystore.class */
public class JavaKeystore {
    private final File store;
    private final char[] storepass;
    private final Option<char[]> keypass;
    private final Logger log = Logger$.MODULE$.apply(ClassTag$.MODULE$.apply(JavaKeystore.class));
    private final String storetype;

    public File keystore() {
        return this.store;
    }

    private Logger log() {
        return this.log;
    }

    public String storetype() {
        return this.storetype;
    }

    public Try<MemoryKeystore> loadKeyStore() {
        return memoryKeystore((KeyStore) loadKeyStoreFromFile().get());
    }

    public Try<MemoryKeystore> saveKeyStore(MemoryKeystore memoryKeystore) {
        return Try$.MODULE$.apply(() -> {
            KeyStore keyStore = (KeyStore) this.loadKeyStoreFromFile().get();
            ((IterableOnceOps) memoryKeystore.certificates().filter(tuple2 -> {
                return BoxesRunTime.boxToBoolean($anonfun$saveKeyStore$2(tuple2));
            })).foreach(tuple22 -> {
                $anonfun$saveKeyStore$3(this, keyStore, tuple22);
                return BoxedUnit.UNIT;
            });
            this.saveKeyStoreToFile(keyStore).get();
            return new MemoryKeystore(memoryKeystore.certificates().view().mapValues(certificateHolder -> {
                return certificateHolder.copy(certificateHolder.copy$default$1(), certificateHolder.copy$default$2(), certificateHolder.copy$default$3(), CertificateChange$Unchanged$.MODULE$);
            }).toMap($less$colon$less$.MODULE$.refl()));
        });
    }

    public Try<KeyStore> loadKeyStoreFromFile() {
        return Try$.MODULE$.apply(() -> {
            this.log().info(() -> {
                return new StringBuilder(50).append("Initializing key store of type [").append(this.storetype()).append("] from file [").append(this.keystore().getAbsolutePath()).append("] ...").toString();
            });
            KeyStore keyStore = KeyStore.getInstance(this.storetype());
            if (this.keystore().exists()) {
                FileInputStream fileInputStream = new FileInputStream(this.keystore());
                try {
                    keyStore.load(fileInputStream, this.storepass);
                } finally {
                    fileInputStream.close();
                }
            } else {
                this.log().info(() -> {
                    return new StringBuilder(30).append("Loading empty key store [").append(this.keystore().getAbsolutePath()).append("] ...").toString();
                });
                keyStore.load(null, this.storepass);
            }
            return keyStore;
        });
    }

    public Try<KeyStore> saveKeyStoreToFile(KeyStore keyStore) {
        return Try$.MODULE$.apply(() -> {
            FileOutputStream fileOutputStream = new FileOutputStream(this.keystore());
            try {
                int size = CollectionConverters$.MODULE$.EnumerationHasAsScala(keyStore.aliases()).asScala().size();
                this.log().info(() -> {
                    return new StringBuilder(29).append("Storing [").append(size).append("] certificates to [").append(this.keystore()).append("]").toString();
                });
                keyStore.store(fileOutputStream, this.storepass);
                this.log().info(() -> {
                    return new StringBuilder(54).append("Successfully written key store to [").append(this.keystore()).append("] with storePass [").append(new String(this.storepass)).append("]").toString();
                });
                return keyStore;
            } finally {
                fileOutputStream.close();
            }
        });
    }

    public Try<CertificateHolder> extractCertificate(KeyStore keyStore, String str) {
        return Try$.MODULE$.apply(() -> {
            List<Certificate> map;
            Some apply = Option$.MODULE$.apply(keyStore.getCertificateChain(str));
            if (None$.MODULE$.equals(apply)) {
                Some apply2 = Option$.MODULE$.apply(keyStore.getCertificate(str));
                if (None$.MODULE$.equals(apply2)) {
                    throw new Exception(new StringBuilder(35).append("Certificate for alias [").append(str).append("] not found.").toString());
                }
                if (!(apply2 instanceof Some)) {
                    throw new MatchError(apply2);
                }
                map = (List) new $colon.colon((X509Certificate) ((Certificate) apply2.value()), Nil$.MODULE$);
            } else {
                if (!(apply instanceof Some)) {
                    throw new MatchError(apply);
                }
                map = Predef$.MODULE$.wrapRefArray((Certificate[]) apply.value()).toList().map(certificate -> {
                    return (X509Certificate) certificate;
                });
            }
            List<Certificate> list = map;
            return (CertificateHolder) CertificateHolder$.MODULE$.create(((Certificate) list.head()).getPublicKey(), this.keypass.map(cArr -> {
                return (PrivateKey) keyStore.getKey(str, cArr);
            }), list).get();
        });
    }

    public Try<MemoryKeystore> memoryKeystore(KeyStore keyStore) {
        return Try$.MODULE$.apply(() -> {
            MemoryKeystore memoryKeystore = new MemoryKeystore(CollectionConverters$.MODULE$.EnumerationHasAsScala(keyStore.aliases()).asScala().map(str -> {
                return new Tuple2(str, this.extractCertificate(keyStore, str).get());
            }).toMap($less$colon$less$.MODULE$.refl()));
            if (memoryKeystore.consistent()) {
                return memoryKeystore;
            }
            throw new InconsistentKeystoreException(new StringBuilder(28).append("KeyStore [").append(this.keystore().getAbsolutePath()).append("] is inconsistent.").toString());
        });
    }

    public static final /* synthetic */ boolean $anonfun$saveKeyStore$2(Tuple2 tuple2) {
        return ((CertificateHolder) tuple2._2()).change().changed();
    }

    public static final /* synthetic */ void $anonfun$saveKeyStore$3(JavaKeystore javaKeystore, KeyStore keyStore, Tuple2 tuple2) {
        if (tuple2 == null) {
            throw new MatchError(tuple2);
        }
        String str = (String) tuple2._1();
        CertificateHolder certificateHolder = (CertificateHolder) tuple2._2();
        Some some = javaKeystore.keypass;
        if (None$.MODULE$.equals(some)) {
            keyStore.setCertificateEntry(str, (Certificate) certificateHolder.chain().last());
            BoxedUnit boxedUnit = BoxedUnit.UNIT;
        } else {
            if (!(some instanceof Some)) {
                throw new MatchError(some);
            }
            char[] cArr = (char[]) some.value();
            Some privateKey = certificateHolder.privateKey();
            if (None$.MODULE$.equals(privateKey)) {
                throw new Exception(new StringBuilder(45).append("Certificate for [").append(certificateHolder.subjectPrincipal()).append("] is missing the private key").toString());
            }
            if (!(privateKey instanceof Some)) {
                throw new MatchError(privateKey);
            }
            keyStore.setKeyEntry(str, (PrivateKey) privateKey.value(), cArr, (Certificate[]) certificateHolder.chain().toArray(ClassTag$.MODULE$.apply(Certificate.class)));
            BoxedUnit boxedUnit2 = BoxedUnit.UNIT;
            BoxedUnit boxedUnit3 = BoxedUnit.UNIT;
        }
        BoxedUnit boxedUnit4 = BoxedUnit.UNIT;
    }

    public JavaKeystore(File file, char[] cArr, Option<char[]> option) {
        String str;
        this.store = file;
        this.storepass = cArr;
        this.keypass = option;
        if (None$.MODULE$.equals(option)) {
            str = KeyStore.getDefaultType();
        } else {
            if (!(option instanceof Some)) {
                throw new MatchError(option);
            }
            str = "PKCS12";
        }
        this.storetype = str;
    }
}
