package com.codeloom.cert.bc;

import com.codeloom.settings.Properties;
import com.codeloom.settings.PropertiesConstants;
import com.codeloom.util.IOTools;
import java.io.File;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;

/* loaded from: input_file:com/codeloom/cert/bc/KeyStoreCAStore.class */
public class KeyStoreCAStore extends AbstractCAStore {
    protected String jksType = "jks";
    protected String jksPath = "codeloom.store";
    protected String jksPwd = "codeloom";
    protected String jksRootAlias = "RootCA";
    protected KeyStore keyStore = null;

    @Override // com.codeloom.cert.bc.AbstractCAStore, com.codeloom.util.Configurable
    public void configure(Properties properties) {
        this.jksType = PropertiesConstants.getString(properties, "jks.type", this.jksType);
        this.jksPath = PropertiesConstants.getString(properties, "jks.path", this.jksPath);
        this.jksPwd = PropertiesConstants.getString(properties, "jks.pwd", this.jksPwd);
        this.jksRootAlias = PropertiesConstants.getString(properties, "jks.root", this.jksRootAlias);
        try {
            this.keyStore = KeyStore.getInstance(this.jksType);
            File file = new File(this.jksPath);
            if (file.exists() && file.isFile()) {
                InputStream newInputStream = Files.newInputStream(file.toPath(), new OpenOption[0]);
                try {
                    this.keyStore.load(newInputStream, this.jksPwd.toCharArray());
                    IOTools.close(newInputStream);
                } catch (Throwable th) {
                    IOTools.close(newInputStream);
                    throw th;
                }
            } else {
                this.keyStore.load(null, this.jksPwd.toCharArray());
            }
        } catch (Exception e) {
            LOG.error("Failed to create key store, type={}", this.jksType);
        }
        super.configure(properties);
    }

    @Override // com.codeloom.cert.bc.AbstractCAStore
    protected void loadRootCA() {
        try {
            this.rootCert = (X509Certificate) this.keyStore.getCertificate(this.jksRootAlias);
            this.rootKey = (PrivateKey) this.keyStore.getKey(this.jksRootAlias, this.jksPwd.toCharArray());
        } catch (Exception e) {
            LOG.error("Failed to load root certificate and key from key store, alias={}", this.jksRootAlias);
        }
    }

    @Override // com.codeloom.cert.bc.AbstractCAStore
    protected void saveRootCA() {
        try {
            this.keyStore.setKeyEntry(this.jksRootAlias, this.rootKey, this.jksPwd.toCharArray(), new X509Certificate[]{this.rootCert});
            File file = new File(this.jksPath);
            if (file.canWrite()) {
                OutputStream newOutputStream = Files.newOutputStream(file.toPath(), new OpenOption[0]);
                try {
                    this.keyStore.store(newOutputStream, this.jksPwd.toCharArray());
                    IOTools.close(newOutputStream);
                } catch (Throwable th) {
                    IOTools.close(newOutputStream);
                    throw th;
                }
            } else {
                LOG.error("The key store file can not be written, path={}", this.jksPath);
            }
        } catch (Exception e) {
            LOG.error("Failed to save root certificate and key to key store, path={}", this.jksPath, e);
        }
    }
}
