package com.webauthn4j.anchor;

import com.webauthn4j.data.attestation.authenticator.AAGUID;
import com.webauthn4j.util.AssertUtil;
import com.webauthn4j.util.CertificateUtil;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;

/* loaded from: input_file:com/webauthn4j/anchor/KeyStoreTrustAnchorRepository.class */
public class KeyStoreTrustAnchorRepository implements TrustAnchorRepository {
    private final Set<TrustAnchor> trustAnchors;

    public KeyStoreTrustAnchorRepository(KeyStore keyStore) {
        AssertUtil.notNull(keyStore, "keyStore must not be null");
        this.trustAnchors = loadTrustAnchors(keyStore);
    }

    public KeyStoreTrustAnchorRepository(Path path, String str) {
        this(loadKeyStore(path, str));
    }

    @Override // com.webauthn4j.anchor.TrustAnchorRepository
    public Set<TrustAnchor> find(AAGUID aaguid) {
        return this.trustAnchors;
    }

    @Override // com.webauthn4j.anchor.TrustAnchorRepository
    public Set<TrustAnchor> find(byte[] bArr) {
        return this.trustAnchors;
    }

    private static Set<TrustAnchor> loadTrustAnchors(KeyStore keyStore) {
        try {
            ArrayList list = Collections.list(keyStore.aliases());
            HashSet hashSet = new HashSet();
            Iterator it = list.iterator();
            while (it.hasNext()) {
                hashSet.add(new TrustAnchor((X509Certificate) keyStore.getCertificate((String) it.next()), null));
            }
            return hashSet;
        } catch (java.security.KeyStoreException e) {
            throw new KeyStoreException("Failed to load TrustAnchor from keystore", e);
        }
    }

    private static KeyStore loadKeyStore(Path path, String str) {
        AssertUtil.notNull(path, "keyStore must not be null");
        AssertUtil.notNull(str, "password must not be null");
        try {
            InputStream newInputStream = Files.newInputStream(path, new OpenOption[0]);
            Throwable th = null;
            try {
                try {
                    KeyStore createKeyStore = CertificateUtil.createKeyStore();
                    createKeyStore.load(newInputStream, str.toCharArray());
                    if (newInputStream != null) {
                        if (0 != 0) {
                            try {
                                newInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            newInputStream.close();
                        }
                    }
                    return createKeyStore;
                } finally {
                }
            } catch (Throwable th3) {
                if (newInputStream != null) {
                    if (th != null) {
                        try {
                            newInputStream.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        newInputStream.close();
                    }
                }
                throw th3;
            }
        } catch (IOException | NoSuchAlgorithmException | CertificateException e) {
            throw new KeyStoreException("Failed to load TrustAnchor from keystore", e);
        }
    }
}
