package io.micronaut.oraclecloud.atp.wallet;

import io.micronaut.oraclecloud.atp.wallet.datasource.CanConfigureOracleDataSource;
import io.micronaut.oraclecloud.atp.wallet.datasource.OracleDataSourceAttributes;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.util.Enumeration;
import java.util.Map;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import oracle.security.pki.OracleSecretStore;
import oracle.security.pki.OracleSecretStoreException;
import oracle.security.pki.OracleWallet;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:io/micronaut/oraclecloud/atp/wallet/Wallet.class */
public final class Wallet implements CanConfigureOracleDataSource {
    private static final String TLS_PROTOCOL = "TLS";
    private static final String CONNECT_STRING = "oracle.security.client.connect_string";
    private static final String PASSWORD = "oracle.security.client.password";
    private static final String USER = "oracle.security.client.username";
    final transient SSLContext sslContext;
    final OracleWallet wallet;
    private final Map<String, DataSourceCredentials> credentials;
    private final String serviceAlias;

    /* loaded from: input_file:io/micronaut/oraclecloud/atp/wallet/Wallet$Builder.class */
    public static class Builder {
        private final transient KeyStore keyStore;
        private final transient OracleSecretStore store;
        private final transient OracleWallet wallet;

        private Builder(OracleWallet oracleWallet) throws IOException {
            try {
                this.wallet = oracleWallet;
                this.store = oracleWallet.getSecretStore();
                this.keyStore = oracleWallet.getKeyStore();
            } catch (IOException | OracleSecretStoreException e) {
                throw WalletException.of(e);
            }
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public static Builder of(OracleWallet oracleWallet) throws IOException {
            return new Builder(oracleWallet);
        }

        public Wallet build() throws WalletException {
            try {
                this.wallet.setSecretStore(this.store);
                return Wallet.of(this.wallet);
            } catch (IOException | OracleSecretStoreException e) {
                throw WalletException.of(e);
            }
        }

        public int findIndex(String str) throws WalletException {
            return findIndex(this.store, str);
        }

        private int findIndex(OracleSecretStore oracleSecretStore, String str) throws WalletException {
            try {
                Enumeration internalAliases = oracleSecretStore.internalAliases();
                int i = 1;
                while (internalAliases.hasMoreElements()) {
                    String str2 = (String) internalAliases.nextElement();
                    if (str2.startsWith(Wallet.CONNECT_STRING)) {
                        if (str.equals(new String(oracleSecretStore.getSecret(str2)))) {
                            return i;
                        }
                        i++;
                    }
                }
                return i;
            } catch (OracleSecretStoreException e) {
                throw WalletException.of(e);
            }
        }

        public Builder set(String str, Certificate certificate) throws WalletException {
            try {
                if (this.keyStore.containsAlias(str)) {
                    this.keyStore.deleteEntry(str);
                }
                if (certificate != null) {
                    this.keyStore.setCertificateEntry(str, certificate);
                }
                return this;
            } catch (KeyStoreException e) {
                throw WalletException.of(e);
            }
        }

        public Builder set(String str, char[] cArr) throws WalletException {
            try {
                if (cArr != null) {
                    this.store.setSecret(str, cArr);
                } else if (this.store.containsAlias(str)) {
                    this.store.deleteSecret(str);
                }
                return this;
            } catch (OracleSecretStoreException e) {
                throw WalletException.of(e);
            }
        }

        private Builder set(String str, int i, char[] cArr) throws WalletException {
            if (i > 0) {
                set(str + i, cArr);
            }
            return this;
        }

        public Builder set(String str, String str2, char[] cArr) throws WalletException {
            int findIndex = findIndex(this.store, str);
            set(Wallet.CONNECT_STRING, findIndex, str.toCharArray());
            set(Wallet.USER, findIndex, str2.toCharArray());
            set(Wallet.PASSWORD, findIndex, cArr);
            return this;
        }
    }

    private Wallet(OracleWallet oracleWallet, Map<String, DataSourceCredentials> map, SSLContext sSLContext, String str) {
        this.wallet = oracleWallet;
        this.credentials = map;
        this.sslContext = sSLContext;
        this.serviceAlias = str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Wallet of(OracleWallet oracleWallet) throws WalletException {
        try {
            return new Wallet(oracleWallet, DataSourceCredentials.credentials(oracleWallet.getSecretStore()), sslContext(oracleWallet), null);
        } catch (OracleSecretStoreException | IOException e) {
            throw WalletException.of(e);
        }
    }

    private static SSLContext sslContext(OracleWallet oracleWallet) throws WalletException {
        try {
            KeyStore keyStore = oracleWallet.getKeyStore();
            if (keyStore == null || 0 == keyStore.size()) {
                return null;
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, null);
            SSLContext sSLContext = SSLContext.getInstance(TLS_PROTOCOL);
            sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
            return sSLContext;
        } catch (IOException | KeyManagementException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            throw WalletException.of(e);
        }
    }

    public String serviceAlias() {
        return this.serviceAlias;
    }

    public Wallet with(String str) {
        return new Wallet(this.wallet, this.credentials, this.sslContext, str);
    }

    @Override // io.micronaut.oraclecloud.atp.wallet.datasource.CanConfigureOracleDataSource
    public <T extends OracleDataSourceAttributes> T configure(T t) throws WalletException {
        DataSourceCredentials dataSourceCredentials;
        if (this.sslContext != null) {
            t.sslContext(this.sslContext);
        }
        if (this.serviceAlias != null && (dataSourceCredentials = this.credentials.get(this.serviceAlias)) != null) {
            dataSourceCredentials.configure(t);
        }
        return t;
    }

    public InputStream asInputStream() throws IOException {
        return this.wallet.getWalletArray(true);
    }
}
