package net.corda.nodeapi.internal.crypto;

import java.io.InputStream;
import java.nio.file.Path;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import kotlin.Metadata;
import kotlin.TypeCastException;
import kotlin.Unit;
import kotlin.collections.ArraysKt;
import kotlin.collections.CollectionsKt;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import net.corda.common.logging.errorReporting.ResourceBundleProperties;
import net.corda.core.crypto.Crypto;
import net.corda.core.internal.InternalUtils;
import org.apache.activemq.artemis.api.core.QueueConfiguration;
import org.jetbrains.annotations.NotNull;

/* compiled from: X509KeyStore.kt */
@Metadata(mv = {1, 1, 11}, bv = {1, 0, 2}, k = 1, d1 = {"��b\n\u0002\u0018\u0002\n\u0002\u0010��\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\u000e\n\u0002\b\u0004\n\u0002\u0018\u0002\n��\n\u0002\u0010\u000b\n\u0002\b\u0004\n\u0002\u0010(\n\u0002\b\u0004\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010 \n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\u0002\n\u0002\b\u0007\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\u0018�� +2\u00020\u0001:\u0001+B\u0017\b\u0016\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005¢\u0006\u0002\u0010\u0006B\u000f\b\u0016\u0012\u0006\u0010\u0004\u001a\u00020\u0005¢\u0006\u0002\u0010\u0007B-\b\u0002\u0012\u0006\u0010\b\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005\u0012\n\b\u0002\u0010\t\u001a\u0004\u0018\u00010\n\u0012\b\b\u0002\u0010\u000b\u001a\u00020\f¢\u0006\u0002\u0010\rJ\f\u0010\u0010\u001a\b\u0012\u0004\u0012\u00020\u00050\u0011J\b\u0010\u0012\u001a\u00020\nH\u0002J\u0011\u0010\u0013\u001a\u00020\f2\u0006\u0010\u0014\u001a\u00020\u0005H\u0086\u0002J\u000e\u0010\u0015\u001a\u00020\u00162\u0006\u0010\u0014\u001a\u00020\u0005J\u0016\u0010\u0017\u001a\u00020\u00182\u0006\u0010\u0014\u001a\u00020\u00052\u0006\u0010\u0019\u001a\u00020\u0005J\u0014\u0010\u001a\u001a\b\u0012\u0004\u0012\u00020\u00160\u001b2\u0006\u0010\u0014\u001a\u00020\u0005J\u0016\u0010\u001c\u001a\u00020\u001d2\u0006\u0010\u0014\u001a\u00020\u00052\u0006\u0010\u0019\u001a\u00020\u0005J\u000e\u0010\u001e\u001a\u00020\u001f2\u0006\u0010\u0014\u001a\u00020\u0005J\u0006\u0010 \u001a\u00020!J\u0016\u0010\"\u001a\u00020!2\u0006\u0010\u0014\u001a\u00020\u00052\u0006\u0010#\u001a\u00020\u0016J,\u0010$\u001a\u00020!2\u0006\u0010\u0014\u001a\u00020\u00052\u0006\u0010%\u001a\u00020\u001d2\f\u0010&\u001a\b\u0012\u0004\u0012\u00020\u00160\u001b2\u0006\u0010\u0019\u001a\u00020\u0005J\u001f\u0010'\u001a\u00020!2\u0017\u0010(\u001a\u0013\u0012\u0004\u0012\u00020��\u0012\u0004\u0012\u00020!0)¢\u0006\u0002\b*R\u0011\u0010\b\u001a\u00020\u0003¢\u0006\b\n��\u001a\u0004\b\u000e\u0010\u000fR\u0010\u0010\t\u001a\u0004\u0018\u00010\nX\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u000b\u001a\u00020\fX\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u0004\u001a\u00020\u0005X\u0082\u0004¢\u0006\u0002\n��¨\u0006,"}, d2 = {"Lnet/corda/nodeapi/internal/crypto/X509KeyStore;", "", "keyStore", "Ljava/security/KeyStore;", "storePassword", "", "(Ljava/security/KeyStore;Ljava/lang/String;)V", "(Ljava/lang/String;)V", QueueConfiguration.INTERNAL, "keyStoreFile", "Ljava/nio/file/Path;", "saveSupported", "", "(Ljava/security/KeyStore;Ljava/lang/String;Ljava/nio/file/Path;Z)V", "getInternal", "()Ljava/security/KeyStore;", ResourceBundleProperties.ALIASES, "", "checkWritableToFile", "contains", "alias", "getCertificate", "Ljava/security/cert/X509Certificate;", "getCertificateAndKeyPair", "Lnet/corda/nodeapi/internal/crypto/CertificateAndKeyPair;", "keyPassword", "getCertificateChain", "", "getPrivateKey", "Ljava/security/PrivateKey;", "getPublicKey", "Ljava/security/PublicKey;", "save", "", "setCertificate", "certificate", "setPrivateKey", "key", "certificates", "update", "action", "Lkotlin/Function1;", "Lkotlin/ExtensionFunctionType;", "Companion", "node-api"})
/* loaded from: input_file:corda-node-api-4.10.jar:net/corda/nodeapi/internal/crypto/X509KeyStore.class */
public final class X509KeyStore {

    @NotNull
    private final KeyStore internal;
    private final String storePassword;
    private final Path keyStoreFile;
    private final boolean saveSupported;
    public static final Companion Companion = new Companion(null);

    /* compiled from: X509KeyStore.kt */
    @Metadata(mv = {1, 1, 11}, bv = {1, 0, 2}, k = 1, d1 = {"��,\n\u0002\u0018\u0002\n\u0002\u0010��\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\u000e\n��\n\u0002\u0010\u000b\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\b\u0086\u0003\u0018��2\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J \u0010\u0003\u001a\u00020\u00042\u0006\u0010\u0005\u001a\u00020\u00062\u0006\u0010\u0007\u001a\u00020\b2\b\b\u0002\u0010\t\u001a\u00020\nJ\u0016\u0010\u000b\u001a\u00020\u00042\u0006\u0010\f\u001a\u00020\r2\u0006\u0010\u0007\u001a\u00020\b¨\u0006\u000e"}, d2 = {"Lnet/corda/nodeapi/internal/crypto/X509KeyStore$Companion;", "", "()V", "fromFile", "Lnet/corda/nodeapi/internal/crypto/X509KeyStore;", "keyStoreFile", "Ljava/nio/file/Path;", "storePassword", "", "createNew", "", "fromInputStream", "stream", "Ljava/io/InputStream;", "node-api"})
    /* loaded from: input_file:corda-node-api-4.10.jar:net/corda/nodeapi/internal/crypto/X509KeyStore$Companion.class */
    public static final class Companion {
        @NotNull
        public final X509KeyStore fromFile(@NotNull Path keyStoreFile, @NotNull String storePassword, boolean z) {
            Intrinsics.checkParameterIsNotNull(keyStoreFile, "keyStoreFile");
            Intrinsics.checkParameterIsNotNull(storePassword, "storePassword");
            return new X509KeyStore(z ? KeyStoreUtilities.loadOrCreateKeyStore$default(keyStoreFile, storePassword, null, null, 12, null) : KeyStoreUtilities.loadKeyStore(keyStoreFile, storePassword), storePassword, keyStoreFile, false, 8, null);
        }

        @NotNull
        public static /* bridge */ /* synthetic */ X509KeyStore fromFile$default(Companion companion, Path path, String str, boolean z, int i, Object obj) {
            if ((i & 4) != 0) {
                z = false;
            }
            return companion.fromFile(path, str, z);
        }

        @NotNull
        public final X509KeyStore fromInputStream(@NotNull InputStream stream, @NotNull String storePassword) {
            Intrinsics.checkParameterIsNotNull(stream, "stream");
            Intrinsics.checkParameterIsNotNull(storePassword, "storePassword");
            return new X509KeyStore(KeyStoreUtilities.loadKeyStore(stream, storePassword), storePassword);
        }

        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    public final boolean contains(@NotNull String alias) {
        Intrinsics.checkParameterIsNotNull(alias, "alias");
        return this.internal.containsAlias(alias);
    }

    @NotNull
    public final Iterator<String> aliases() {
        Enumeration<String> aliases = this.internal.aliases();
        Intrinsics.checkExpressionValueIsNotNull(aliases, "internal.aliases()");
        return CollectionsKt.iterator(aliases);
    }

    @NotNull
    public final X509Certificate getCertificate(@NotNull String alias) {
        Intrinsics.checkParameterIsNotNull(alias, "alias");
        return KeyStoreUtilities.getX509Certificate(this.internal, alias);
    }

    @NotNull
    public final List<X509Certificate> getCertificateChain(@NotNull String alias) {
        boolean z;
        Intrinsics.checkParameterIsNotNull(alias, "alias");
        Certificate[] certificateChain = this.internal.getCertificateChain(alias);
        if (certificateChain == null) {
            throw new IllegalArgumentException(("No certificate chain under the alias " + alias).toString());
        }
        int length = certificateChain.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                z = true;
                break;
            }
            if (!(certificateChain[i] instanceof X509Certificate)) {
                z = false;
                break;
            }
            i++;
        }
        if (z) {
            return (List) InternalUtils.uncheckedCast(ArraysKt.asList(certificateChain));
        }
        throw new IllegalStateException(("Certificate chain under alias " + alias + " is not X.509").toString());
    }

    @NotNull
    public final CertificateAndKeyPair getCertificateAndKeyPair(@NotNull String alias, @NotNull String keyPassword) {
        Intrinsics.checkParameterIsNotNull(alias, "alias");
        Intrinsics.checkParameterIsNotNull(keyPassword, "keyPassword");
        return new CertificateAndKeyPair(getCertificate(alias), new KeyPair(getPublicKey(alias), getPrivateKey(alias, keyPassword)));
    }

    @NotNull
    public final PublicKey getPublicKey(@NotNull String alias) {
        Intrinsics.checkParameterIsNotNull(alias, "alias");
        PublicKey publicKey = getCertificate(alias).getPublicKey();
        Intrinsics.checkExpressionValueIsNotNull(publicKey, "getCertificate(alias).publicKey");
        return Crypto.toSupportedPublicKey(publicKey);
    }

    @NotNull
    public final PrivateKey getPrivateKey(@NotNull String alias, @NotNull String keyPassword) {
        Intrinsics.checkParameterIsNotNull(alias, "alias");
        Intrinsics.checkParameterIsNotNull(keyPassword, "keyPassword");
        return KeyStoreUtilities.getSupportedKey(this.internal, alias, keyPassword);
    }

    public final void setPrivateKey(@NotNull String alias, @NotNull PrivateKey key, @NotNull List<? extends X509Certificate> certificates, @NotNull String keyPassword) {
        Intrinsics.checkParameterIsNotNull(alias, "alias");
        Intrinsics.checkParameterIsNotNull(key, "key");
        Intrinsics.checkParameterIsNotNull(certificates, "certificates");
        Intrinsics.checkParameterIsNotNull(keyPassword, "keyPassword");
        KeyStore keyStore = this.internal;
        PrivateKey privateKey = key;
        char[] charArray = keyPassword.toCharArray();
        Intrinsics.checkExpressionValueIsNotNull(charArray, "(this as java.lang.String).toCharArray()");
        Object[] array = certificates.toArray(new X509Certificate[0]);
        if (array == null) {
            throw new TypeCastException("null cannot be cast to non-null type kotlin.Array<T>");
        }
        keyStore.setKeyEntry(alias, privateKey, charArray, (Certificate[]) array);
        save();
    }

    public final void setCertificate(@NotNull String alias, @NotNull X509Certificate certificate) {
        Intrinsics.checkParameterIsNotNull(alias, "alias");
        Intrinsics.checkParameterIsNotNull(certificate, "certificate");
        this.internal.setCertificateEntry(alias, certificate);
        save();
    }

    public final void save() {
        if (this.saveSupported) {
            KeyStoreUtilities.save(this.internal, checkWritableToFile(), this.storePassword);
        }
    }

    public final void update(@NotNull Function1<? super X509KeyStore, Unit> action) {
        Intrinsics.checkParameterIsNotNull(action, "action");
        checkWritableToFile();
        action.invoke(this);
        save();
    }

    private final Path checkWritableToFile() {
        Path path = this.keyStoreFile;
        if (path != null) {
            return path;
        }
        throw new IllegalStateException("This key store cannot be written to");
    }

    @NotNull
    public final KeyStore getInternal() {
        return this.internal;
    }

    private X509KeyStore(KeyStore keyStore, String str, Path path, boolean z) {
        this.internal = keyStore;
        this.storePassword = str;
        this.keyStoreFile = path;
        this.saveSupported = z;
    }

    /* synthetic */ X509KeyStore(KeyStore keyStore, String str, Path path, boolean z, int i, DefaultConstructorMarker defaultConstructorMarker) {
        this(keyStore, str, (i & 4) != 0 ? (Path) null : path, (i & 8) != 0 ? true : z);
    }

    /* JADX WARN: 'this' call moved to the top of the method (can break code semantics) */
    public X509KeyStore(@NotNull KeyStore keyStore, @NotNull String storePassword) {
        this(keyStore, storePassword, null, false);
        Intrinsics.checkParameterIsNotNull(keyStore, "keyStore");
        Intrinsics.checkParameterIsNotNull(storePassword, "storePassword");
    }

    /* JADX WARN: Illegal instructions before constructor call */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public X509KeyStore(@org.jetbrains.annotations.NotNull java.lang.String r6) {
        /*
            r5 = this;
            r0 = r6
            java.lang.String r1 = "storePassword"
            kotlin.jvm.internal.Intrinsics.checkParameterIsNotNull(r0, r1)
            r0 = r5
            java.lang.String r1 = "JKS"
            java.security.KeyStore r1 = java.security.KeyStore.getInstance(r1)
            r7 = r1
            r14 = r0
            r0 = r7
            r8 = r0
            r0 = r8
            r1 = 0
            r2 = r6
            r9 = r2
            r10 = r1
            r11 = r0
            r0 = r9
            char[] r0 = r0.toCharArray()
            r1 = r0
            java.lang.String r2 = "(this as java.lang.String).toCharArray()"
            kotlin.jvm.internal.Intrinsics.checkExpressionValueIsNotNull(r1, r2)
            r12 = r0
            r0 = r11
            r1 = r10
            r2 = r12
            r0.load(r1, r2)
            r0 = r7
            r15 = r0
            r0 = r14
            r1 = r15
            r2 = r1
            java.lang.String r3 = "KeyStore.getInstance(KEY…Password.toCharArray()) }"
            kotlin.jvm.internal.Intrinsics.checkExpressionValueIsNotNull(r2, r3)
            r2 = r6
            r0.<init>(r1, r2)
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: net.corda.nodeapi.internal.crypto.X509KeyStore.<init>(java.lang.String):void");
    }
}
