package org.jivesoftware.openfire.keystore;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.jivesoftware.util.CertificateManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/jivesoftware/openfire/keystore/CertificateStore.class */
public abstract class CertificateStore {
    private static final Logger Log = LoggerFactory.getLogger(CertificateStore.class);
    protected static final Provider PROVIDER = new BouncyCastleProvider();
    protected final KeyStore store;
    protected final CertificateStoreConfiguration configuration;

    public CertificateStore(CertificateStoreConfiguration certificateStoreConfiguration, boolean z) throws CertificateStoreConfigException {
        if (certificateStoreConfiguration == null) {
            throw new IllegalArgumentException("Argument 'configuration' cannot be null.");
        }
        this.configuration = certificateStoreConfiguration;
        try {
            File file = certificateStoreConfiguration.getFile();
            if (!z || file.exists()) {
                FileInputStream fileInputStream = new FileInputStream(file);
                Throwable th = null;
                try {
                    try {
                        this.store = KeyStore.getInstance(certificateStoreConfiguration.getType());
                        this.store.load(fileInputStream, certificateStoreConfiguration.getPassword());
                        if (fileInputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileInputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileInputStream.close();
                            }
                        }
                    } finally {
                    }
                } finally {
                }
            }
            FileOutputStream fileOutputStream = new FileOutputStream(file.getPath());
            Throwable th3 = null;
            try {
                try {
                    this.store = KeyStore.getInstance(certificateStoreConfiguration.getType());
                    this.store.load(null, certificateStoreConfiguration.getPassword());
                    this.store.store(fileOutputStream, certificateStoreConfiguration.getPassword());
                    if (fileOutputStream != null) {
                        if (0 != 0) {
                            try {
                                fileOutputStream.close();
                            } catch (Throwable th4) {
                                th3.addSuppressed(th4);
                            }
                        } else {
                            fileOutputStream.close();
                        }
                    }
                } finally {
                }
            } finally {
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new CertificateStoreConfigException("Unable to load store of type '" + certificateStoreConfiguration.getType() + "' from file '" + certificateStoreConfiguration.getFile() + "'", e);
        }
    }

    public void reload() throws CertificateStoreConfigException {
        try {
            FileInputStream fileInputStream = new FileInputStream(this.configuration.getFile());
            Throwable th = null;
            try {
                this.store.load(fileInputStream, this.configuration.getPassword());
                CertificateManager.fireCertificateStoreChanged(this);
                if (fileInputStream != null) {
                    if (0 != 0) {
                        try {
                            fileInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        fileInputStream.close();
                    }
                }
            } finally {
            }
        } catch (IOException | NoSuchAlgorithmException | CertificateException e) {
            throw new CertificateStoreConfigException("Unable to reload store in '" + this.configuration.getFile() + "'", e);
        }
    }

    public void persist() throws CertificateStoreConfigException {
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(this.configuration.getFile());
            Throwable th = null;
            try {
                this.store.store(fileOutputStream, this.configuration.getPassword());
                if (fileOutputStream != null) {
                    if (0 != 0) {
                        try {
                            fileOutputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        fileOutputStream.close();
                    }
                }
            } finally {
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new CertificateStoreConfigException("Unable to save changes to store in '" + this.configuration.getFile() + "'", e);
        }
    }

    public Map<String, X509Certificate> getAllCertificates() throws KeyStoreException {
        HashMap hashMap = new HashMap();
        Iterator it = Collections.list(this.store.aliases()).iterator();
        while (it.hasNext()) {
            String str = (String) it.next();
            Certificate certificate = this.store.getCertificate(str);
            if (certificate instanceof X509Certificate) {
                hashMap.put(str, (X509Certificate) certificate);
            }
        }
        return hashMap;
    }

    public void delete(String str) throws CertificateStoreConfigException {
        if (str == null || str.trim().isEmpty()) {
            throw new IllegalArgumentException("Argument 'alias' cannot be null or an empty String.");
        }
        try {
            if (!this.store.containsAlias(str)) {
                Log.info("Unable to delete certificate for alias '" + str + "' from store, as the store does not contain a certificate for that alias.");
            } else {
                this.store.deleteEntry(str);
                persist();
            }
        } catch (KeyStoreException | CertificateStoreConfigException e) {
            reload();
            throw new CertificateStoreConfigException("Unable to install a certificate into an identity store.", e);
        }
    }

    public KeyStore getStore() {
        return this.store;
    }

    public CertificateStoreConfiguration getConfiguration() {
        return this.configuration;
    }

    static {
        Security.addProvider(PROVIDER);
    }
}
