package net.java.truelicense.core.auth;

import java.io.BufferedInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import javax.annotation.CheckForNull;
import javax.annotation.Nullable;
import javax.annotation.concurrent.Immutable;
import net.java.truelicense.core.io.Source;
import net.java.truelicense.core.io.Store;
import net.java.truelicense.core.util.Message;
import net.java.truelicense.core.util.Objects;
import net.java.truelicense.obfuscate.ObfuscatedString;

@Immutable
/* loaded from: input_file:net/java/truelicense/core/auth/Notary.class */
public final class Notary implements Authentication, KeyStoreParameters {
    private final KeyStoreParameters ksp;
    static final /* synthetic */ boolean $assertionsDisabled = false;

    public Notary(KeyStoreParameters keyStoreParameters) {
        this.ksp = (KeyStoreParameters) Objects.requireNonNull(keyStoreParameters);
    }

    @Override // net.java.truelicense.core.auth.AuthenticationParametersProvider
    public KeyStoreParameters parameters() {
        return this.ksp;
    }

    @Override // net.java.truelicense.core.auth.KeyStoreParameters, net.java.truelicense.core.io.SourceProvider
    public Source source() {
        return parameters().source();
    }

    @Override // net.java.truelicense.core.auth.KeyStoreParameters
    public String storeType() {
        return parameters().storeType();
    }

    @Override // net.java.truelicense.core.auth.KeyStoreParameters
    public char[] storePassword() {
        return parameters().storePassword();
    }

    @Override // net.java.truelicense.core.auth.KeyStoreParameters
    public String alias() {
        return parameters().alias();
    }

    @Override // net.java.truelicense.core.auth.KeyStoreParameters
    @CheckForNull
    public char[] keyPassword() {
        return parameters().keyPassword();
    }

    @Override // net.java.truelicense.core.auth.AuthenticationParameters
    public boolean forSigning() {
        return parameters().forSigning();
    }

    @Nullable
    private InputStream input() throws IOException {
        Source source = source();
        if (null == source) {
            return null;
        }
        return source.input();
    }

    @Override // net.java.truelicense.core.auth.Authentication
    public <A> Artifactory<A> sign(Repository repository, @CheckForNull A a) throws Exception {
        return repository.sign(engine(), privateKey(), a);
    }

    @Override // net.java.truelicense.core.auth.Authentication
    public Artifactory<?> verify(Repository repository) throws Exception {
        return repository.verify(engine(), publicKey());
    }

    private Signature engine() throws Exception {
        return Signature.getInstance(algorithm());
    }

    private String algorithm() throws Exception {
        Certificate certificate = certificate();
        return certificate instanceof X509Certificate ? ((X509Certificate) certificate).getSigAlgName() : DEFAULT_ALGORITHM();
    }

    private PrivateKey privateKey() throws Exception {
        KeyStore.Entry entry = entry();
        if (entry instanceof KeyStore.PrivateKeyEntry) {
            return ((KeyStore.PrivateKeyEntry) entry).getPrivateKey();
        }
        throw new NotaryException(message(NO_PRIVATE_KEY()));
    }

    private PublicKey publicKey() throws Exception {
        return certificate().getPublicKey();
    }

    private Certificate certificate() throws Exception {
        KeyStore.Entry entry = entry();
        if (entry instanceof KeyStore.PrivateKeyEntry) {
            return ((KeyStore.PrivateKeyEntry) entry).getCertificate();
        }
        if (entry instanceof KeyStore.TrustedCertificateEntry) {
            return ((KeyStore.TrustedCertificateEntry) entry).getTrustedCertificate();
        }
        throw new NotaryException(message(NO_CERTIFICATE()));
    }

    private KeyStore.Entry entry() throws Exception {
        KeyStore keyStore = keyStore();
        String alias = alias();
        char[] keyPassword = keyPassword();
        if (null != keyPassword) {
            try {
                if (keyStore.isKeyEntry(alias)) {
                    KeyStore.PasswordProtection passwordProtection = new KeyStore.PasswordProtection(keyPassword);
                    try {
                        KeyStore.Entry entry = keyStore.getEntry(alias, passwordProtection);
                        passwordProtection.destroy();
                        Arrays.fill(keyPassword, (char) 0);
                        return entry;
                    } catch (Throwable th) {
                        passwordProtection.destroy();
                        throw th;
                    }
                }
                if (keyStore.isCertificateEntry(alias)) {
                    throw new NotaryException(message(SUPERFLUOUS_PASSWORD()));
                }
            } finally {
                Arrays.fill(keyPassword, (char) 0);
            }
        } else {
            if (keyStore.isCertificateEntry(alias)) {
                return keyStore.getEntry(alias, null);
            }
            if (keyStore.isKeyEntry(alias)) {
                throw new NotaryException(message(MISSING_PASSWORD()));
            }
        }
        if ($assertionsDisabled || !keyStore.containsAlias(alias)) {
            throw new NotaryException(message(NO_SUCH_ENTRY()));
        }
        throw new AssertionError();
    }

    private Message message(String str) {
        return Messages.message(str, alias());
    }

    private KeyStore keyStore() throws Exception {
        char[] storePassword = storePassword();
        if (null == storePassword) {
            throw new NotaryException(message(NO_STORE_PASSWORD()));
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(storeType());
            BufferedInputStream bufferedInputStream = new BufferedInputStream(input(), Store.BUFSIZE);
            try {
                keyStore.load(bufferedInputStream, storePassword);
                bufferedInputStream.close();
                return keyStore;
            } catch (Throwable th) {
                bufferedInputStream.close();
                throw th;
            }
        } finally {
            Arrays.fill(storePassword, (char) 0);
        }
    }

    /* renamed from: _clinit@1360676776836#0, reason: not valid java name */
    private static /* synthetic */ void m26_clinit13606767768360() {
        $assertionsDisabled = !Notary.class.desiredAssertionStatus();
    }

    static {
        m26_clinit13606767768360();
    }

    private static final /* synthetic */ String DEFAULT_ALGORITHM() {
        return new ObfuscatedString(new long[]{5448799326879883816L, 2570205076595768886L, -480721897062107525L}).toString();
    }

    private static final /* synthetic */ String NO_STORE_PASSWORD() {
        return new ObfuscatedString(new long[]{7382008089904711881L, -7636391986667732661L, -1823124150347537758L}).toString();
    }

    private static final /* synthetic */ String NO_PRIVATE_KEY() {
        return new ObfuscatedString(new long[]{-7648532203596422343L, -3871391730917183394L, -868927972754775913L}).toString();
    }

    private static final /* synthetic */ String NO_CERTIFICATE() {
        return new ObfuscatedString(new long[]{-6545528550083001214L, 2900177426709498586L, 116493651379188163L}).toString();
    }

    private static final /* synthetic */ String MISSING_PASSWORD() {
        return new ObfuscatedString(new long[]{6877321130052170715L, 2542333585569792147L, -2836128050571520216L}).toString();
    }

    private static final /* synthetic */ String SUPERFLUOUS_PASSWORD() {
        return new ObfuscatedString(new long[]{-7372969347006639249L, -5757002316410526638L, 2006738889275178732L, -8272283974433553046L}).toString();
    }

    private static final /* synthetic */ String NO_SUCH_ENTRY() {
        return new ObfuscatedString(new long[]{5664127585212309056L, 228694463047591741L, -9159206360689963789L}).toString();
    }
}
