package net.corda.core.crypto;

import java.io.OutputStream;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.attribute.FileAttribute;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import kotlin.Metadata;
import kotlin.TypeCastException;
import kotlin.Unit;
import kotlin.jvm.internal.Intrinsics;
import net.corda.core.Utils;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.path.CertPath;
import org.jetbrains.annotations.NotNull;

/* compiled from: KeyStoreUtilities.kt */
@Metadata(mv = {1, 1, 6}, bv = {1, 0, 1}, k = 2, d1 = {"��\\\n��\n\u0002\u0010\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0010\u000e\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0010\u0019\n��\n\u0002\u0010\u0011\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n��\u001a\u001a\u0010��\u001a\u00020\u0001*\u00020\u00022\u0006\u0010\u0003\u001a\u00020\u00042\u0006\u0010\u0005\u001a\u00020\u0006\u001a5\u0010\u0007\u001a\u00020\u0001*\u00020\u00022\u0006\u0010\u0003\u001a\u00020\u00042\u0006\u0010\b\u001a\u00020\t2\u0006\u0010\n\u001a\u00020\u000b2\f\u0010\f\u001a\b\u0012\u0004\u0012\u00020\u00060\r¢\u0006\u0002\u0010\u000e\u001a*\u0010\u0007\u001a\u00020\u0001*\u00020\u00022\u0006\u0010\u0003\u001a\u00020\u00042\u0006\u0010\b\u001a\u00020\t2\u0006\u0010\n\u001a\u00020\u000b2\u0006\u0010\f\u001a\u00020\u000f\u001a\u001a\u0010\u0010\u001a\u00020\u0011*\u00020\u00022\u0006\u0010\u0003\u001a\u00020\u00042\u0006\u0010\u0012\u001a\u00020\u0004\u001a\u001a\u0010\u0013\u001a\u00020\u0014*\u00020\u00022\u0006\u0010\u0003\u001a\u00020\u00042\u0006\u0010\u0012\u001a\u00020\u0004\u001a\u001a\u0010\u0015\u001a\u00020\u0016*\u00020\u00022\u0006\u0010\u0003\u001a\u00020\u00042\u0006\u0010\u0012\u001a\u00020\u0004\u001a\u0012\u0010\u0017\u001a\u00020\u0018*\u00020\u00022\u0006\u0010\u0003\u001a\u00020\u0004\u001a\u001a\u0010\u0019\u001a\u00020\u0001*\u00020\u00022\u0006\u0010\u001a\u001a\u00020\u001b2\u0006\u0010\u001c\u001a\u00020\u0004\u001a\u001a\u0010\u001d\u001a\u00020\u0001*\u00020\u00022\u0006\u0010\u001e\u001a\u00020\u001f2\u0006\u0010\n\u001a\u00020\u0004¨\u0006 "}, d2 = {"addOrReplaceCertificate", "", "Ljava/security/KeyStore;", "alias", "", "cert", "Ljava/security/cert/Certificate;", "addOrReplaceKey", "key", "Ljava/security/Key;", "password", "", "chain", "", "(Ljava/security/KeyStore;Ljava/lang/String;Ljava/security/Key;[C[Ljava/security/cert/Certificate;)V", "Lorg/bouncycastle/cert/path/CertPath;", "getCertificateAndKeyPair", "Lnet/corda/core/crypto/CertificateAndKeyPair;", "keyPassword", "getKeyPair", "Ljava/security/KeyPair;", "getSupportedKey", "Ljava/security/PrivateKey;", "getX509Certificate", "Lorg/bouncycastle/cert/X509CertificateHolder;", "save", "keyStoreFilePath", "Ljava/nio/file/Path;", "storePassword", "store", "out", "Ljava/io/OutputStream;", "core_main"})
/* loaded from: input_file:net/corda/core/crypto/KeyStoreUtilitiesKt.class */
public final class KeyStoreUtilitiesKt {
    public static final void addOrReplaceKey(@NotNull KeyStore keyStore, @NotNull String str, @NotNull Key key, @NotNull char[] cArr, @NotNull CertPath certPath) {
        Intrinsics.checkParameterIsNotNull(keyStore, "$receiver");
        Intrinsics.checkParameterIsNotNull(str, "alias");
        Intrinsics.checkParameterIsNotNull(key, "key");
        Intrinsics.checkParameterIsNotNull(cArr, "password");
        Intrinsics.checkParameterIsNotNull(certPath, "chain");
        JcaX509CertificateConverter jcaX509CertificateConverter = new JcaX509CertificateConverter();
        X509CertificateHolder[] certificates = certPath.getCertificates();
        ArrayList arrayList = new ArrayList(certificates.length);
        for (X509CertificateHolder x509CertificateHolder : certificates) {
            arrayList.add(jcaX509CertificateConverter.getCertificate(x509CertificateHolder));
        }
        ArrayList arrayList2 = arrayList;
        Object[] array = arrayList2.toArray(new Certificate[arrayList2.size()]);
        if (array == null) {
            throw new TypeCastException("null cannot be cast to non-null type kotlin.Array<T>");
        }
        addOrReplaceKey(keyStore, str, key, cArr, (Certificate[]) array);
    }

    public static final void addOrReplaceKey(@NotNull KeyStore keyStore, @NotNull String str, @NotNull Key key, @NotNull char[] cArr, @NotNull Certificate[] certificateArr) {
        Intrinsics.checkParameterIsNotNull(keyStore, "$receiver");
        Intrinsics.checkParameterIsNotNull(str, "alias");
        Intrinsics.checkParameterIsNotNull(key, "key");
        Intrinsics.checkParameterIsNotNull(cArr, "password");
        Intrinsics.checkParameterIsNotNull(certificateArr, "chain");
        if (keyStore.containsAlias(str)) {
            keyStore.deleteEntry(str);
        }
        keyStore.setKeyEntry(str, key, cArr, certificateArr);
    }

    public static final void addOrReplaceCertificate(@NotNull KeyStore keyStore, @NotNull String str, @NotNull Certificate certificate) {
        Intrinsics.checkParameterIsNotNull(keyStore, "$receiver");
        Intrinsics.checkParameterIsNotNull(str, "alias");
        Intrinsics.checkParameterIsNotNull(certificate, "cert");
        if (keyStore.containsAlias(str)) {
            keyStore.deleteEntry(str);
        }
        keyStore.setCertificateEntry(str, certificate);
    }

    public static final void save(@NotNull KeyStore keyStore, @NotNull Path path, @NotNull String str) {
        Intrinsics.checkParameterIsNotNull(keyStore, "$receiver");
        Intrinsics.checkParameterIsNotNull(path, "keyStoreFilePath");
        Intrinsics.checkParameterIsNotNull(str, "storePassword");
        boolean z = false;
        OpenOption[] openOptionArr = null;
        if ((3 & 1) != 0) {
            z = false;
        }
        if ((3 & 2) != 0) {
            openOptionArr = new OpenOption[0];
        }
        if (z) {
            Path parent = path.normalize().getParent();
            if (parent != null) {
                Utils.createDirectories(parent, new FileAttribute[0]);
            }
        }
        OpenOption[] openOptionArr2 = openOptionArr;
        OutputStream newOutputStream = Files.newOutputStream(path, (OpenOption[]) Arrays.copyOf(openOptionArr2, openOptionArr2.length));
        boolean z2 = false;
        try {
            try {
                store(keyStore, newOutputStream, str);
                Unit unit = Unit.INSTANCE;
                if (0 == 0 && newOutputStream != null) {
                    newOutputStream.close();
                }
            } catch (Exception e) {
                z2 = true;
                if (newOutputStream != null) {
                    try {
                        newOutputStream.close();
                    } catch (Exception e2) {
                        throw e;
                    }
                }
                throw e;
            }
        } catch (Throwable th) {
            if (!z2 && newOutputStream != null) {
                newOutputStream.close();
            }
            throw th;
        }
    }

    public static final void store(@NotNull KeyStore keyStore, @NotNull OutputStream outputStream, @NotNull String str) {
        Intrinsics.checkParameterIsNotNull(keyStore, "$receiver");
        Intrinsics.checkParameterIsNotNull(outputStream, "out");
        Intrinsics.checkParameterIsNotNull(str, "password");
        char[] charArray = str.toCharArray();
        Intrinsics.checkExpressionValueIsNotNull(charArray, "(this as java.lang.String).toCharArray()");
        keyStore.store(outputStream, charArray);
    }

    @NotNull
    public static final KeyPair getKeyPair(@NotNull KeyStore keyStore, @NotNull String str, @NotNull String str2) {
        Intrinsics.checkParameterIsNotNull(keyStore, "$receiver");
        Intrinsics.checkParameterIsNotNull(str, "alias");
        Intrinsics.checkParameterIsNotNull(str2, "keyPassword");
        return getCertificateAndKeyPair(keyStore, str, str2).getKeyPair();
    }

    @NotNull
    public static final CertificateAndKeyPair getCertificateAndKeyPair(@NotNull KeyStore keyStore, @NotNull String str, @NotNull String str2) {
        Intrinsics.checkParameterIsNotNull(keyStore, "$receiver");
        Intrinsics.checkParameterIsNotNull(str, "alias");
        Intrinsics.checkParameterIsNotNull(str2, "keyPassword");
        X509CertificateHolder x509Certificate = getX509Certificate(keyStore, str);
        Crypto crypto = Crypto.INSTANCE;
        SubjectPublicKeyInfo subjectPublicKeyInfo = x509Certificate.getSubjectPublicKeyInfo();
        Intrinsics.checkExpressionValueIsNotNull(subjectPublicKeyInfo, "cert.subjectPublicKeyInfo");
        return new CertificateAndKeyPair(x509Certificate, new KeyPair(crypto.toSupportedPublicKey(subjectPublicKeyInfo), getSupportedKey(keyStore, str, str2)));
    }

    @NotNull
    public static final X509CertificateHolder getX509Certificate(@NotNull KeyStore keyStore, @NotNull String str) {
        byte[] encoded;
        Intrinsics.checkParameterIsNotNull(keyStore, "$receiver");
        Intrinsics.checkParameterIsNotNull(str, "alias");
        Certificate certificate = keyStore.getCertificate(str);
        if (certificate == null || (encoded = certificate.getEncoded()) == null) {
            throw new IllegalArgumentException("No certificate under alias \"" + str + "\"");
        }
        return new X509CertificateHolder(encoded);
    }

    @NotNull
    public static final PrivateKey getSupportedKey(@NotNull KeyStore keyStore, @NotNull String str, @NotNull String str2) {
        Intrinsics.checkParameterIsNotNull(keyStore, "$receiver");
        Intrinsics.checkParameterIsNotNull(str, "alias");
        Intrinsics.checkParameterIsNotNull(str2, "keyPassword");
        char[] charArray = str2.toCharArray();
        Intrinsics.checkExpressionValueIsNotNull(charArray, "(this as java.lang.String).toCharArray()");
        Key key = keyStore.getKey(str, charArray);
        if (key == null) {
            throw new TypeCastException("null cannot be cast to non-null type java.security.PrivateKey");
        }
        return Crypto.INSTANCE.toSupportedPrivateKey((PrivateKey) key);
    }
}
