package com.twitter.finagle.ssl;

import com.twitter.io.StreamIO$;
import com.twitter.io.TempDirectory$;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.SecureRandom;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import scala.Function1;
import scala.Option;
import scala.Predef$;
import scala.Predef$any2stringadd$;
import scala.collection.Seq$;
import scala.collection.immutable.StringOps;
import scala.collection.mutable.StringBuilder;
import scala.runtime.RichInt$;

/* compiled from: PEMEncodedKeyManager.scala */
/* loaded from: input_file:com/twitter/finagle/ssl/PEMEncodedKeyManager$.class */
public final class PEMEncodedKeyManager$ {
    public static final PEMEncodedKeyManager$ MODULE$ = null;

    static {
        new PEMEncodedKeyManager$();
    }

    public KeyManager[] apply(String str, String str2, Option<String> option) {
        return (KeyManager[]) com$twitter$finagle$ssl$PEMEncodedKeyManager$$asStream(str2, new PEMEncodedKeyManager$$anonfun$apply$1(str, option));
    }

    private char[] secret(int i) {
        char[] cArr = new char[i];
        RichInt$.MODULE$.until$extension0(Predef$.MODULE$.intWrapper(0), i).foreach$mVc$sp(new PEMEncodedKeyManager$$anonfun$secret$1(new SecureRandom(), cArr));
        return cArr;
    }

    public <T> T com$twitter$finagle$ssl$PEMEncodedKeyManager$$asStream(String str, Function1<InputStream, T> function1) {
        FileInputStream fileInputStream = new FileInputStream(str);
        try {
            return (T) function1.apply(fileInputStream);
        } finally {
            fileInputStream.close();
        }
    }

    public KeyManager[] com$twitter$finagle$ssl$PEMEncodedKeyManager$$makeKeystore(InputStream inputStream, InputStream inputStream2) {
        File create = TempDirectory$.MODULE$.create(false);
        try {
            Shell$.MODULE$.run(new String[]{"chmod", "0700", create.getAbsolutePath()});
            char[] secret = secret(24);
            String str = new String(secret);
            String str2 = new String(secret(12));
            String stringBuilder = new StringBuilder().append(Predef$any2stringadd$.MODULE$.$plus$extension(Predef$.MODULE$.any2stringadd(create), File.separator)).append(new StringOps(Predef$.MODULE$.augmentString("%s.pem")).format(Predef$.MODULE$.genericWrapArray(new Object[]{str2}))).toString();
            String stringBuilder2 = new StringBuilder().append(Predef$any2stringadd$.MODULE$.$plus$extension(Predef$.MODULE$.any2stringadd(create), File.separator)).append(new StringOps(Predef$.MODULE$.augmentString("%s.p12")).format(Predef$.MODULE$.genericWrapArray(new Object[]{str2}))).toString();
            FileOutputStream fileOutputStream = new FileOutputStream(new File(stringBuilder));
            try {
                StreamIO$.MODULE$.copy(inputStream, fileOutputStream, StreamIO$.MODULE$.copy$default$3());
                StreamIO$.MODULE$.copy(inputStream2, fileOutputStream, StreamIO$.MODULE$.copy$default$3());
                fileOutputStream.close();
                Shell$.MODULE$.run(new String[]{"openssl", "pkcs12", "-export", "-password", new StringOps(Predef$.MODULE$.augmentString("pass:%s")).format(Predef$.MODULE$.genericWrapArray(new Object[]{str})), "-in", stringBuilder, "-out", stringBuilder2});
                KeyStore keyStore = (KeyStore) com$twitter$finagle$ssl$PEMEncodedKeyManager$$asStream(stringBuilder2, new PEMEncodedKeyManager$$anonfun$1(secret));
                Seq$.MODULE$.apply(Predef$.MODULE$.wrapRefArray(new String[]{stringBuilder, stringBuilder2})).foreach(new PEMEncodedKeyManager$$anonfun$com$twitter$finagle$ssl$PEMEncodedKeyManager$$makeKeystore$1());
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
                keyManagerFactory.init(keyStore, secret);
                return keyManagerFactory.getKeyManagers();
            } catch (Throwable th) {
                fileOutputStream.close();
                throw th;
            }
        } finally {
            create.delete();
        }
    }

    private PEMEncodedKeyManager$() {
        MODULE$ = this;
    }
}
