package convex.cli.mixins;

import convex.cli.CLIError;
import convex.core.crypto.AKeyPair;
import convex.core.crypto.PFXTools;
import convex.core.util.FileUtils;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.nio.file.Path;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.UnrecoverableKeyException;
import java.util.Enumeration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import picocli.CommandLine;

/* loaded from: input_file:convex/cli/mixins/KeyStoreMixin.class */
public class KeyStoreMixin extends AMixin {

    @CommandLine.Option(names = {"--keystore"}, defaultValue = "${env:CONVEX_KEYSTORE:-~/.convex/keystore.pfx}", scope = CommandLine.ScopeType.INHERIT, description = {"Keystore filename. Can specify with CONVEX_KEYSTORE. Default: ${DEFAULT-VALUE}"})
    private String keyStoreFilename;

    @CommandLine.Option(names = {"--storepass"}, scope = CommandLine.ScopeType.INHERIT, defaultValue = "${env:CONVEX_KEYSTORE_PASSWORD}", arity = "0..1", description = {"Store integrity password for the keystore."})
    char[] keystorePassword;
    KeyStore keyStore = null;
    static Logger log = LoggerFactory.getLogger(KeyStoreMixin.class);

    private File getKeyStoreFile() {
        if (this.keyStoreFilename != null) {
            return FileUtils.getFile(this.keyStoreFilename);
        }
        return null;
    }

    public Path getStorePath() {
        return getKeyStoreFile().toPath();
    }

    public char[] getStorePassword() {
        if (this.keystorePassword != null) {
            return this.keystorePassword;
        }
        if (isParanoid()) {
            if (isInteractive()) {
                this.keystorePassword = readPassword("Enter keystore integrity password: ");
            } else {
                paranoia("Keystore integrity password must be explicitly provided");
            }
        }
        return this.keystorePassword;
    }

    public KeyStore getKeystore() {
        return this.keyStore;
    }

    public KeyStore ensureKeyStore() {
        return this.keyStore != null ? this.keyStore : loadKeyStore(true, getStorePassword());
    }

    public KeyStore loadKeyStore() {
        return this.keyStore != null ? this.keyStore : loadKeyStore(false, getStorePassword());
    }

    private KeyStore loadKeyStore(boolean z, char[] cArr) {
        File keyStoreFile = getKeyStoreFile();
        try {
            if (keyStoreFile.exists()) {
                inform(3, "Loading key store at: " + String.valueOf(keyStoreFile));
                this.keyStore = PFXTools.loadStore(keyStoreFile, cArr);
            } else if (z) {
                informWarning("No keystore exists, creating at: " + keyStoreFile.getCanonicalPath());
                FileUtils.ensureFilePath(keyStoreFile);
                this.keyStore = PFXTools.createStore(keyStoreFile, cArr);
            } else {
                this.keyStore = null;
            }
            return this.keyStore;
        } catch (FileNotFoundException e) {
            return null;
        } catch (IOException e2) {
            if (e2.getCause() instanceof UnrecoverableKeyException) {
                throw new CLIError(77, "Integrity password check failed for keystore: " + String.valueOf(keyStoreFile), e2.getCause());
            }
            throw new CLIError("Unable to load keystore due to unexpected IO Error: " + String.valueOf(keyStoreFile), e2);
        } catch (GeneralSecurityException e3) {
            throw new CLIError("Unexpected security error: " + String.valueOf(e3.getClass()), e3);
        }
    }

    public void saveKeyStore() {
        saveKeyStore(this.keystorePassword);
    }

    public void saveKeyStore(char[] cArr) {
        if (this.keyStore == null) {
            throw new CLIError("Trying to save a keystore that has not been loaded!");
        }
        try {
            if (this.keystorePassword == null) {
                paranoia("Trying to save keystore in strict mode with no integrity password");
            }
            PFXTools.saveStore(this.keyStore, getKeyStoreFile(), cArr);
        } catch (IOException | GeneralSecurityException e) {
            throw new CLIError("Failed to save keystore", e);
        }
    }

    public void addKeyPairToStore(AKeyPair aKeyPair, char[] cArr) {
        KeyStore keystore = getKeystore();
        if (keystore == null) {
            throw new CLIError("Trying to add key pair but keystore is not yet loaded!");
        }
        try {
            PFXTools.setKeyPair(keystore, aKeyPair, cArr);
        } catch (IOException | GeneralSecurityException e) {
            throw new CLIError("Cannot store the key to the key store", e);
        }
    }

    public static String trimKey(String str) {
        String strip = str.trim().toLowerCase().replaceFirst("^0x", "").strip();
        if (strip.isEmpty()) {
            return null;
        }
        return strip;
    }

    public AKeyPair loadKeyFromStore(String str, char[] cArr) {
        String trimKey;
        if (str == null || (trimKey = trimKey(str)) == null) {
            return null;
        }
        try {
            KeyStore ensureKeyStore = ensureKeyStore();
            Enumeration<String> aliases = ensureKeyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (nextElement.indexOf(trimKey) == 0) {
                    log.trace("found keypair " + nextElement);
                    return PFXTools.getKeyPair(ensureKeyStore, nextElement, cArr);
                }
            }
            return null;
        } catch (UnrecoverableKeyException e) {
            throw new CLIError(78, "Cannot load key from key Store - possibly incorrect password?", e);
        } catch (GeneralSecurityException e2) {
            throw new CLIError("Cannot load key from key Store", e2);
        }
    }

    public boolean hasSingleKey(String str) {
        return keyCount(str) == 1;
    }

    public int keyCount(String str) {
        String trimKey = trimKey(str);
        int i = 0;
        try {
            Enumeration<String> aliases = ensureKeyStore().aliases();
            while (aliases.hasMoreElements()) {
                if (aliases.nextElement().indexOf(trimKey) == 0) {
                    i++;
                }
            }
            return i;
        } catch (GeneralSecurityException e) {
            throw new CLIError("Cannot load aliases from key Store", e);
        }
    }
}
