package org.eclipse.hono.config;

import io.vertx.core.Vertx;
import io.vertx.core.buffer.Buffer;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertificateFactory;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Base64;
import java.util.Enumeration;
import java.util.Objects;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipse/hono/config/KeyLoader.class */
public final class KeyLoader {
    private static final Logger LOG = LoggerFactory.getLogger(KeyLoader.class);
    private final Vertx vertx;
    private PrivateKey privateKey;
    private PublicKey publicKey;

    private KeyLoader(Vertx vertx) {
        this.vertx = (Vertx) Objects.requireNonNull(vertx);
    }

    public static KeyLoader fromKeyStore(Vertx vertx, String str, char[] cArr) {
        String str2;
        Objects.requireNonNull(vertx);
        if (!vertx.fileSystem().existsBlocking((String) Objects.requireNonNull(str))) {
            throw new IllegalArgumentException("key store does not exist");
        }
        KeyLoader keyLoader = new KeyLoader(vertx);
        if (AbstractConfig.hasJksFileSuffix(str)) {
            str2 = "JKS";
        } else {
            if (!AbstractConfig.hasPkcsFileSuffix(str)) {
                throw new IllegalArgumentException("key store must be JKS or PKCS format");
            }
            str2 = "PKCS12";
        }
        keyLoader.loadKeysFromStore(str2, str, cArr);
        return keyLoader;
    }

    public static KeyLoader fromFiles(Vertx vertx, String str, String str2) {
        KeyLoader keyLoader = new KeyLoader(vertx);
        keyLoader.loadKeysFromFiles(str, str2);
        return keyLoader;
    }

    public PrivateKey getPrivateKey() {
        return this.privateKey;
    }

    public PublicKey getPublicKey() {
        return this.publicKey;
    }

    private void loadKeysFromFiles(String str, String str2) {
        if (str != null) {
            loadPrivateKeyFromFile(str);
        }
        if (str2 != null) {
            loadPublicKeyFromFile(str2);
        }
    }

    private void loadPrivateKeyFromFile(String str) {
        if (!this.vertx.fileSystem().existsBlocking((String) Objects.requireNonNull(str))) {
            throw new IllegalArgumentException("private key file does not exist");
        }
        if (!AbstractConfig.hasPemFileSuffix(str)) {
            LOG.error("unsupported private key file format");
            return;
        }
        try {
            Buffer readFileBlocking = this.vertx.fileSystem().readFileBlocking(str);
            this.privateKey = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.getMimeDecoder().decode(readFileBlocking.getString(0, readFileBlocking.length()).replaceAll("(-+BEGIN PRIVATE KEY-+\\r?\\n|-+END PRIVATE KEY-+\\r?\\n?)", ""))));
        } catch (GeneralSecurityException e) {
            LOG.error("cannot load private key", e);
        }
    }

    private void loadPublicKeyFromFile(String str) {
        if (!this.vertx.fileSystem().existsBlocking((String) Objects.requireNonNull(str))) {
            throw new IllegalArgumentException("certificate file does not exist");
        }
        if (!AbstractConfig.hasPemFileSuffix(str)) {
            LOG.error("unsupported public key file format");
            return;
        }
        try {
            this.publicKey = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(this.vertx.fileSystem().readFileBlocking(str).getBytes())).getPublicKey();
        } catch (GeneralSecurityException e) {
            LOG.error("cannot load public key", e);
        }
    }

    private void loadKeysFromStore(String str, String str2, char[] cArr) {
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(this.vertx.fileSystem().readFileBlocking(str2).getBytes());
            Throwable th = null;
            try {
                KeyStore keyStore = KeyStore.getInstance(str);
                keyStore.load(byteArrayInputStream, cArr);
                LOG.debug("loading keys from key store containing {} entries", Integer.valueOf(keyStore.size()));
                Enumeration<String> aliases = keyStore.aliases();
                while (aliases.hasMoreElements()) {
                    String nextElement = aliases.nextElement();
                    LOG.info("current alias: {}", nextElement);
                    if (keyStore.isKeyEntry(nextElement)) {
                        LOG.debug("loading private key [{}]", nextElement);
                        this.privateKey = (PrivateKey) keyStore.getKey(nextElement, cArr);
                        LOG.debug("loading public key [{}]", nextElement);
                        this.publicKey = keyStore.getCertificateChain(nextElement)[0].getPublicKey();
                    } else {
                        LOG.debug("skipping non-private key entry");
                    }
                }
                if (byteArrayInputStream != null) {
                    if (0 != 0) {
                        try {
                            byteArrayInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        byteArrayInputStream.close();
                    }
                }
            } finally {
            }
        } catch (IOException | GeneralSecurityException e) {
            LOG.error("cannot load keys", e);
        }
    }
}
