package org.graylog.security.certutil.keystore.storage;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.security.KeyStore;
import java.util.Base64;
import java.util.Optional;
import javax.inject.Inject;
import org.graylog.security.certutil.CertConstants;
import org.graylog.security.certutil.ca.exceptions.KeyStoreStorageException;
import org.graylog.security.certutil.keystore.storage.location.KeystoreMongoLocation;
import org.graylog2.cluster.certificates.CertificatesService;

/* loaded from: input_file:org/graylog/security/certutil/keystore/storage/KeystoreMongoStorage.class */
public final class KeystoreMongoStorage implements KeystoreStorage<KeystoreMongoLocation> {
    private final CertificatesService certificatesService;
    private final KeystoreContentMover keystoreContentMover;

    @Inject
    public KeystoreMongoStorage(CertificatesService certificatesService, KeystoreContentMover keystoreContentMover) {
        this.certificatesService = certificatesService;
        this.keystoreContentMover = keystoreContentMover;
    }

    @Override // org.graylog.security.certutil.keystore.storage.KeystoreStorage
    public void writeKeyStore(KeystoreMongoLocation keystoreMongoLocation, KeyStore keyStore, char[] cArr, char[] cArr2) throws KeyStoreStorageException {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            try {
                if (cArr2 == null) {
                    keyStore.store(byteArrayOutputStream, cArr);
                } else {
                    this.keystoreContentMover.moveContents(keyStore, cArr, cArr2).store(byteArrayOutputStream, cArr2);
                }
                this.certificatesService.writeCert(keystoreMongoLocation, Base64.getEncoder().encodeToString(byteArrayOutputStream.toByteArray()));
                byteArrayOutputStream.close();
            } finally {
            }
        } catch (Exception e) {
            throw new KeyStoreStorageException("Failed to save keystore to Mongo collection for node " + keystoreMongoLocation.nodeId(), e);
        }
    }

    @Override // org.graylog.security.certutil.keystore.storage.KeystoreStorage
    public Optional<KeyStore> readKeyStore(KeystoreMongoLocation keystoreMongoLocation, char[] cArr) throws KeyStoreStorageException {
        Optional<String> readCert = this.certificatesService.readCert(keystoreMongoLocation);
        if (!readCert.isPresent()) {
            return Optional.empty();
        }
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.getDecoder().decode(readCert.get()));
            try {
                KeyStore keyStore = KeyStore.getInstance(CertConstants.PKCS12);
                keyStore.load(byteArrayInputStream, cArr);
                Optional<KeyStore> of = Optional.of(keyStore);
                byteArrayInputStream.close();
                return of;
            } finally {
            }
        } catch (Exception e) {
            throw new KeyStoreStorageException("Failed to load keystore from Mongo collection for node " + keystoreMongoLocation.nodeId(), e);
        }
    }
}
