package io.spiffe.helper.keystore;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import lombok.Generated;
import lombok.NonNull;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:io/spiffe/helper/keystore/KeyStore.class */
class KeyStore {
    private final Path keyStoreFilePath;
    private final KeyStoreType keyStoreType;
    private final String keyStorePassword;
    private final java.security.KeyStore javaKeyStore;

    @Generated
    /* loaded from: input_file:io/spiffe/helper/keystore/KeyStore$KeyStoreBuilder.class */
    public static class KeyStoreBuilder {

        @Generated
        private Path keyStoreFilePath;

        @Generated
        private KeyStoreType keyStoreType;

        @Generated
        private String keyStorePassword;

        @Generated
        KeyStoreBuilder() {
        }

        @Generated
        public KeyStoreBuilder keyStoreFilePath(@NonNull Path path) {
            if (path == null) {
                throw new NullPointerException("keyStoreFilePath is marked non-null but is null");
            }
            this.keyStoreFilePath = path;
            return this;
        }

        @Generated
        public KeyStoreBuilder keyStoreType(@NonNull KeyStoreType keyStoreType) {
            if (keyStoreType == null) {
                throw new NullPointerException("keyStoreType is marked non-null but is null");
            }
            this.keyStoreType = keyStoreType;
            return this;
        }

        @Generated
        public KeyStoreBuilder keyStorePassword(@NonNull String str) {
            if (str == null) {
                throw new NullPointerException("keyStorePassword is marked non-null but is null");
            }
            this.keyStorePassword = str;
            return this;
        }

        @Generated
        public KeyStore build() throws KeyStoreException {
            return new KeyStore(this.keyStoreFilePath, this.keyStoreType, this.keyStorePassword);
        }

        @Generated
        public String toString() {
            return "KeyStore.KeyStoreBuilder(keyStoreFilePath=" + this.keyStoreFilePath + ", keyStoreType=" + this.keyStoreType + ", keyStorePassword=" + this.keyStorePassword + ")";
        }
    }

    KeyStore(@NonNull Path path, @NonNull KeyStoreType keyStoreType, @NonNull String str) throws KeyStoreException {
        if (path == null) {
            throw new NullPointerException("keyStoreFilePath is marked non-null but is null");
        }
        if (keyStoreType == null) {
            throw new NullPointerException("keyStoreType is marked non-null but is null");
        }
        if (str == null) {
            throw new NullPointerException("keyStorePassword is marked non-null but is null");
        }
        this.keyStoreFilePath = path;
        this.keyStoreType = keyStoreType;
        if (StringUtils.isBlank(str)) {
            throw new IllegalArgumentException("keyStorePassword cannot be blank");
        }
        this.keyStorePassword = str;
        this.javaKeyStore = loadKeyStore();
    }

    private java.security.KeyStore loadKeyStore() throws KeyStoreException {
        try {
            java.security.KeyStore keyStore = java.security.KeyStore.getInstance(this.keyStoreType.value());
            if (Files.exists(this.keyStoreFilePath, new LinkOption[0])) {
                InputStream newInputStream = Files.newInputStream(this.keyStoreFilePath, new OpenOption[0]);
                try {
                    keyStore.load(newInputStream, this.keyStorePassword.toCharArray());
                    if (newInputStream != null) {
                        newInputStream.close();
                    }
                } finally {
                }
            } else {
                keyStore.load(null, this.keyStorePassword.toCharArray());
            }
            return keyStore;
        } catch (IOException | NoSuchAlgorithmException | CertificateException e) {
            throw new KeyStoreException("KeyStore cannot be created", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void storePrivateKeyEntry(PrivateKeyEntry privateKeyEntry) throws KeyStoreException {
        this.javaKeyStore.setKeyEntry(privateKeyEntry.getAlias(), privateKeyEntry.getPrivateKey(), privateKeyEntry.getPassword().toCharArray(), privateKeyEntry.getCertificateChain());
        flush();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void storeAuthorityEntry(AuthorityEntry authorityEntry) throws KeyStoreException {
        this.javaKeyStore.setCertificateEntry(authorityEntry.getAlias(), authorityEntry.getCertificate());
        flush();
    }

    private void flush() throws KeyStoreException {
        try {
            OutputStream newOutputStream = Files.newOutputStream(this.keyStoreFilePath, new OpenOption[0]);
            try {
                this.javaKeyStore.store(newOutputStream, this.keyStorePassword.toCharArray());
                if (newOutputStream != null) {
                    newOutputStream.close();
                }
            } finally {
            }
        } catch (IOException | NoSuchAlgorithmException | CertificateException e) {
            throw new KeyStoreException(e);
        }
    }

    @Generated
    public static KeyStoreBuilder builder() {
        return new KeyStoreBuilder();
    }
}
