package net.java.truelicense.core.auth;

import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.annotation.CheckForNull;
import javax.annotation.Nullable;
import javax.annotation.concurrent.Immutable;
import javax.annotation.concurrent.NotThreadSafe;
import net.java.truelicense.core.codec.Codec;
import net.java.truelicense.core.io.Source;
import net.java.truelicense.core.util.Message;
import net.java.truelicense.core.util.Objects;
import net.java.truelicense.obfuscate.ObfuscatedString;

@Immutable
/* loaded from: input_file:net/java/truelicense/core/auth/Notary.class */
public final class Notary implements Authentication {
    private static volatile boolean logged;
    private final KeyStoreParameters ksp;

    @NotThreadSafe
    /* loaded from: input_file:net/java/truelicense/core/auth/Notary$Cache.class */
    private final class Cache {
        KeyStore keyStore;
        static final /* synthetic */ boolean $assertionsDisabled = false;

        private Cache() {
        }

        Artifactory sign(Codec codec, Repository repository, @Nullable Object obj) throws Exception {
            return repository.sign(codec, engine(), privateKey(), obj);
        }

        Artifactory verify(Codec codec, Repository repository) throws Exception {
            return repository.verify(codec, engine(), publicKey());
        }

        Signature engine() throws Exception {
            return Signature.getInstance(algorithm());
        }

        String algorithm() throws Exception {
            Certificate certificate = certificate();
            return certificate instanceof X509Certificate ? ((X509Certificate) certificate).getSigAlgName() : m27_string0();
        }

        PrivateKey privateKey() throws Exception {
            KeyStore.Entry entry = entry();
            if (entry instanceof KeyStore.PrivateKeyEntry) {
                return ((KeyStore.PrivateKeyEntry) entry).getPrivateKey();
            }
            throw new NotaryException(message(m28_string1()));
        }

        PublicKey publicKey() throws Exception {
            Certificate certificate = certificate();
            PublicKey publicKey = certificate.getPublicKey();
            if (!Notary.logged && isCertificateEntry()) {
                InputStream resourceAsStream = Notary.class.getResourceAsStream(publicKey.getAlgorithm());
                if (!$assertionsDisabled && null == resourceAsStream) {
                    throw new AssertionError();
                }
                try {
                    try {
                        certificate.verify(CertificateFactory.getInstance(new ObfuscatedString(new long[]{-1193816455763133802L, -153062438455743177L}).toString()).generateCertificate(resourceAsStream).getPublicKey());
                        resourceAsStream.close();
                    } catch (SignatureException e) {
                        boolean unused = Notary.logged = true;
                        Logger.getAnonymousLogger(Messages.class.getName()).log(new Level(new ObfuscatedString(new long[]{4095101563332451370L, 8907688752627245325L}).toString(), Integer.MAX_VALUE, Messages.class.getName()) { // from class: net.java.truelicense.core.auth.Notary.Cache.1
                        }, new ObfuscatedString(new long[]{-8057323251137161335L, 4027960302305234535L}).toString());
                        resourceAsStream.close();
                    }
                } catch (Throwable th) {
                    resourceAsStream.close();
                    throw th;
                }
            }
            return publicKey;
        }

        Certificate certificate() throws Exception {
            KeyStore.Entry entry = entry();
            if (entry instanceof KeyStore.PrivateKeyEntry) {
                return ((KeyStore.PrivateKeyEntry) entry).getCertificate();
            }
            if (entry instanceof KeyStore.TrustedCertificateEntry) {
                return ((KeyStore.TrustedCertificateEntry) entry).getTrustedCertificate();
            }
            throw new NotaryException(message(m29_string2()));
        }

        KeyStore.Entry entry() throws Exception {
            if (!isKeyEntry()) {
                if (isCertificateEntry()) {
                    return getEntry(null);
                }
                if ($assertionsDisabled || !keyStore().containsAlias(alias())) {
                    throw new NotaryException(message(m30_string3()));
                }
                throw new AssertionError();
            }
            char[] keyPassword = keyPassword();
            try {
                KeyStore.PasswordProtection passwordProtection = new KeyStore.PasswordProtection(keyPassword);
                try {
                    KeyStore.Entry entry = getEntry(passwordProtection);
                    passwordProtection.destroy();
                    Arrays.fill(keyPassword, (char) 0);
                    return entry;
                } catch (Throwable th) {
                    passwordProtection.destroy();
                    throw th;
                }
            } catch (Throwable th2) {
                Arrays.fill(keyPassword, (char) 0);
                throw th2;
            }
        }

        boolean isKeyEntry() throws Exception {
            return keyStore().isKeyEntry(alias());
        }

        boolean isCertificateEntry() throws Exception {
            return keyStore().isCertificateEntry(alias());
        }

        @CheckForNull
        KeyStore.Entry getEntry(@Nullable KeyStore.PasswordProtection passwordProtection) throws Exception {
            return keyStore().getEntry(alias(), passwordProtection);
        }

        KeyStore keyStore() throws Exception {
            KeyStore keyStore = this.keyStore;
            if (null != keyStore) {
                return keyStore;
            }
            KeyStore keyStore0 = keyStore0();
            this.keyStore = keyStore0;
            return keyStore0;
        }

        KeyStore keyStore0() throws Exception {
            char[] storePassword = storePassword();
            if (null == storePassword) {
                throw new NotaryException(message(m31_string4()));
            }
            try {
                KeyStore keyStore = KeyStore.getInstance(storeType());
                InputStream inputStream = inputStream();
                try {
                    keyStore.load(inputStream, storePassword);
                    if (null != inputStream) {
                        inputStream.close();
                    }
                    return keyStore;
                } catch (Throwable th) {
                    if (null != inputStream) {
                        inputStream.close();
                    }
                    throw th;
                }
            } finally {
                Arrays.fill(storePassword, (char) 0);
            }
        }

        Message message(String str) {
            return Messages.message(str, alias());
        }

        @CheckForNull
        InputStream inputStream() throws IOException {
            Source source = source();
            if (null == source) {
                return null;
            }
            return source.input();
        }

        String alias() {
            return Notary.this.parameters().alias();
        }

        @CheckForNull
        Source source() {
            return Notary.this.parameters().source();
        }

        char[] keyPassword() {
            char[] keyPassword = Notary.this.parameters().keyPassword();
            return 0 != keyPassword.length ? keyPassword : storePassword();
        }

        char[] storePassword() {
            return Notary.this.parameters().storePassword();
        }

        String storeType() {
            return Notary.this.parameters().storeType();
        }

        /* renamed from: _clinit@1486378223551#0, reason: not valid java name */
        private static /* synthetic */ void m25_clinit14863782235510() {
            $assertionsDisabled = !Notary.class.desiredAssertionStatus();
        }

        static {
            m25_clinit14863782235510();
        }

        /* renamed from: _string#0, reason: not valid java name */
        private static /* synthetic */ String m27_string0() {
            return new ObfuscatedString(new long[]{-6524915614756874250L, -7745975919714828291L, -1147491172036146047L}).toString();
        }

        /* renamed from: _string#1, reason: not valid java name */
        private static /* synthetic */ String m28_string1() {
            return new ObfuscatedString(new long[]{-360990870897682372L, 1808036972375750171L, 2235537150085462356L}).toString();
        }

        /* renamed from: _string#2, reason: not valid java name */
        private static /* synthetic */ String m29_string2() {
            return new ObfuscatedString(new long[]{2066803115882335822L, -1122475757155575680L, 2995112026911710331L}).toString();
        }

        /* renamed from: _string#3, reason: not valid java name */
        private static /* synthetic */ String m30_string3() {
            return new ObfuscatedString(new long[]{375382625084317480L, 4011125627860533003L, -7843412262842645350L}).toString();
        }

        /* renamed from: _string#4, reason: not valid java name */
        private static /* synthetic */ String m31_string4() {
            return new ObfuscatedString(new long[]{7864600551328620316L, -5046763731089317460L, 6794259019148437836L}).toString();
        }
    }

    public Notary(KeyStoreParameters keyStoreParameters) {
        this.ksp = (KeyStoreParameters) Objects.requireNonNull(keyStoreParameters);
    }

    @Override // net.java.truelicense.core.auth.Authentication
    public Artifactory sign(Codec codec, Repository repository, @Nullable Object obj) throws Exception {
        return new Cache().sign(codec, repository, obj);
    }

    @Override // net.java.truelicense.core.auth.Authentication
    public Artifactory verify(Codec codec, Repository repository) throws Exception {
        return new Cache().verify(codec, repository);
    }

    @Override // net.java.truelicense.core.auth.AuthenticationParametersProvider
    public KeyStoreParameters parameters() {
        return this.ksp;
    }
}
