package org.apache.knox.gateway.services.security.impl;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.InetAddress;
import java.nio.channels.Channels;
import java.nio.channels.FileChannel;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.StandardOpenOption;
import java.nio.file.attribute.FileAttribute;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.text.MessageFormat;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import javax.crypto.spec.SecretKeySpec;
import org.apache.knox.gateway.GatewayMessages;
import org.apache.knox.gateway.GatewayResources;
import org.apache.knox.gateway.config.GatewayConfig;
import org.apache.knox.gateway.i18n.messages.MessagesFactory;
import org.apache.knox.gateway.i18n.resources.ResourcesFactory;
import org.apache.knox.gateway.services.Service;
import org.apache.knox.gateway.services.ServiceLifecycleException;
import org.apache.knox.gateway.services.security.KeystoreService;
import org.apache.knox.gateway.services.security.KeystoreServiceException;
import org.apache.knox.gateway.services.security.MasterService;
import org.apache.knox.gateway.util.X509CertificateUtil;

/* loaded from: input_file:org/apache/knox/gateway/services/security/impl/DefaultKeystoreService.class */
public class DefaultKeystoreService implements KeystoreService, Service {
    private static final String DN_TEMPLATE = "CN={0},OU=Test,O=Hadoop,L=Test,ST=Test,C=US";
    private static final String CREDENTIALS_SUFFIX = "-credentials.jceks";
    private static final String CREDENTIALS_STORE_TYPE = "JCEKS";
    private static final String CERT_GEN_MODE = "hadoop.gateway.cert.gen.mode";
    private static final String CERT_GEN_MODE_LOCALHOST = "localhost";
    private static final String CERT_GEN_MODE_HOSTNAME = "hostname";
    private static GatewayMessages LOG = (GatewayMessages) MessagesFactory.get(GatewayMessages.class);
    private static GatewayResources RES = (GatewayResources) ResourcesFactory.get(GatewayResources.class);
    private GatewayConfig config;
    private Map<String, Map<String, String>> cache = new ConcurrentHashMap();
    private MasterService masterService;
    private Path keyStoreDirPath;

    public void setMasterService(MasterService masterService) {
        this.masterService = masterService;
    }

    public void init(GatewayConfig gatewayConfig, Map<String, String> map) throws ServiceLifecycleException {
        this.config = gatewayConfig;
        this.keyStoreDirPath = Paths.get(gatewayConfig.getGatewayKeystoreDir(), new String[0]);
        if (Files.notExists(this.keyStoreDirPath, new LinkOption[0])) {
            try {
                Files.createDirectories(this.keyStoreDirPath, new FileAttribute[0]);
            } catch (IOException e) {
                throw new ServiceLifecycleException(RES.failedToCreateKeyStoreDirectory(this.keyStoreDirPath.toString()));
            }
        }
    }

    public void start() throws ServiceLifecycleException {
    }

    public void stop() throws ServiceLifecycleException {
    }

    public void createKeystoreForGateway() throws KeystoreServiceException {
        createKeyStore(Paths.get(this.config.getIdentityKeystorePath(), new String[0]), this.config.getIdentityKeystoreType(), getKeyStorePassword(this.config.getIdentityKeystorePasswordAlias()));
    }

    public KeyStore getKeystoreForGateway() throws KeystoreServiceException {
        return getKeystore(Paths.get(this.config.getIdentityKeystorePath(), new String[0]), this.config.getIdentityKeystoreType(), this.config.getIdentityKeystorePasswordAlias(), true);
    }

    public KeyStore getTruststoreForHttpClient() throws KeystoreServiceException {
        String httpClientTruststorePath = this.config.getHttpClientTruststorePath();
        if (httpClientTruststorePath == null) {
            return null;
        }
        return getKeystore(Paths.get(httpClientTruststorePath, new String[0]), this.config.getHttpClientTruststoreType(), this.config.getHttpClientTruststorePasswordAlias(), true);
    }

    public KeyStore getSigningKeystore() throws KeystoreServiceException {
        return getSigningKeystore(null);
    }

    public KeyStore getSigningKeystore(String str) throws KeystoreServiceException {
        Path path;
        String signingKeystoreType;
        String signingKeystorePasswordAlias;
        if (str != null) {
            path = this.keyStoreDirPath.resolve(str + ".jks");
            signingKeystoreType = "jks";
            signingKeystorePasswordAlias = null;
        } else {
            path = Paths.get(this.config.getSigningKeystorePath(), new String[0]);
            signingKeystoreType = this.config.getSigningKeystoreType();
            signingKeystorePasswordAlias = this.config.getSigningKeystorePasswordAlias();
        }
        return getKeystore(path, signingKeystoreType, signingKeystorePasswordAlias, true);
    }

    public void addSelfSignedCertForGateway(String str, char[] cArr) throws KeystoreServiceException {
        addSelfSignedCertForGateway(str, cArr, null);
    }

    public void addSelfSignedCertForGateway(String str, char[] cArr, String str2) throws KeystoreServiceException {
        addCertForGateway(str, cArr, str2);
    }

    private synchronized void addCertForGateway(String str, char[] cArr, String str2) throws KeystoreServiceException {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(2048);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            if (str2 == null) {
                str2 = System.getProperty(CERT_GEN_MODE, CERT_GEN_MODE_LOCALHOST);
            }
            X509Certificate generateCertificate = str2.equals(CERT_GEN_MODE_HOSTNAME) ? X509CertificateUtil.generateCertificate(buildDistinguishedName(InetAddress.getLocalHost().getHostName()), generateKeyPair, 365, "SHA1withRSA") : X509CertificateUtil.generateCertificate(buildDistinguishedName(str2), generateKeyPair, 365, "SHA1withRSA");
            KeyStore keystoreForGateway = getKeystoreForGateway();
            keystoreForGateway.setKeyEntry(str, generateKeyPair.getPrivate(), cArr, new Certificate[]{generateCertificate});
            writeKeyStoreToFile(keystoreForGateway, Paths.get(this.config.getIdentityKeystorePath(), new String[0]), getKeyStorePassword(this.config.getIdentityKeystorePasswordAlias()));
        } catch (IOException | GeneralSecurityException e) {
            LOG.failedToAddSeflSignedCertForGateway(str, e);
            throw new KeystoreServiceException(e);
        }
    }

    private String buildDistinguishedName(String str) {
        return new MessageFormat(DN_TEMPLATE, Locale.ROOT).format(new String[]{str});
    }

    public void createCredentialStoreForCluster(String str) throws KeystoreServiceException {
        createKeyStore(this.keyStoreDirPath.resolve(str + CREDENTIALS_SUFFIX), CREDENTIALS_STORE_TYPE, this.masterService.getMasterSecret());
    }

    public boolean isCredentialStoreForClusterAvailable(String str) throws KeystoreServiceException {
        try {
            return isKeyStoreAvailable(this.keyStoreDirPath.resolve(str + CREDENTIALS_SUFFIX), CREDENTIALS_STORE_TYPE, this.masterService.getMasterSecret());
        } catch (IOException | KeyStoreException e) {
            throw new KeystoreServiceException(e);
        }
    }

    public boolean isKeystoreForGatewayAvailable() throws KeystoreServiceException {
        try {
            return isKeyStoreAvailable(Paths.get(this.config.getIdentityKeystorePath(), new String[0]), this.config.getIdentityKeystoreType(), getKeyStorePassword(this.config.getIdentityKeystorePasswordAlias()));
        } catch (IOException | KeyStoreException e) {
            throw new KeystoreServiceException(e);
        }
    }

    public Key getKeyForGateway(char[] cArr) throws KeystoreServiceException {
        return getKeyForGateway(this.config.getIdentityKeyAlias(), cArr);
    }

    public Key getKeyForGateway(String str, char[] cArr) throws KeystoreServiceException {
        return getKeyFromKeystore(getKeystoreForGateway(), str, cArr);
    }

    public Certificate getCertificateForGateway() throws KeystoreServiceException, KeyStoreException {
        KeyStore keystoreForGateway = getKeystoreForGateway();
        if (keystoreForGateway == null) {
            return null;
        }
        return keystoreForGateway.getCertificate(this.config.getIdentityKeyAlias());
    }

    public Key getSigningKey(String str, char[] cArr) throws KeystoreServiceException {
        return getSigningKey(null, str, cArr);
    }

    public Key getSigningKey(String str, String str2, char[] cArr) throws KeystoreServiceException {
        return getKeyFromKeystore(getSigningKeystore(str), str2, cArr);
    }

    private Key getKeyFromKeystore(KeyStore keyStore, String str, char[] cArr) {
        Key key = null;
        if (cArr == null) {
            cArr = this.masterService.getMasterSecret();
            LOG.assumingKeyPassphraseIsMaster();
        }
        if (keyStore != null) {
            try {
                key = keyStore.getKey(str, cArr);
            } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
                LOG.failedToGetKeyForGateway(str, e);
            }
        }
        return key;
    }

    public KeyStore getCredentialStoreForCluster(String str) throws KeystoreServiceException {
        return getKeystore(this.keyStoreDirPath.resolve(str + CREDENTIALS_SUFFIX), CREDENTIALS_STORE_TYPE, null, false);
    }

    public void addCredentialForCluster(String str, String str2, String str3) throws KeystoreServiceException {
        removeFromCache(str, str2);
        KeyStore credentialStoreForCluster = getCredentialStoreForCluster(str);
        if (credentialStoreForCluster != null) {
            try {
                credentialStoreForCluster.setKeyEntry(str2, new SecretKeySpec(str3.getBytes(StandardCharsets.UTF_8), "AES"), this.masterService.getMasterSecret(), null);
                writeKeyStoreToFile(credentialStoreForCluster, this.keyStoreDirPath.resolve(str + CREDENTIALS_SUFFIX), this.masterService.getMasterSecret());
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
                LOG.failedToAddCredentialForCluster(str, e);
            }
        }
    }

    public char[] getCredentialForCluster(String str, String str2) throws KeystoreServiceException {
        KeyStore credentialStoreForCluster;
        char[] checkCache = checkCache(str, str2);
        if (checkCache == null && (credentialStoreForCluster = getCredentialStoreForCluster(str)) != null) {
            try {
                Key key = credentialStoreForCluster.getKey(str2, this.masterService.getMasterSecret());
                if (key != null) {
                    String str3 = new String(key.getEncoded(), StandardCharsets.UTF_8);
                    checkCache = str3.toCharArray();
                    addToCache(str, str2, str3);
                }
            } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
                LOG.failedToGetCredentialForCluster(str, e);
            }
        }
        return checkCache;
    }

    public void removeCredentialForCluster(String str, String str2) throws KeystoreServiceException {
        removeFromCache(str, str2);
        KeyStore credentialStoreForCluster = getCredentialStoreForCluster(str);
        if (credentialStoreForCluster != null) {
            try {
                if (credentialStoreForCluster.containsAlias(str2)) {
                    credentialStoreForCluster.deleteEntry(str2);
                }
                writeKeyStoreToFile(credentialStoreForCluster, this.keyStoreDirPath.resolve(str + CREDENTIALS_SUFFIX), this.masterService.getMasterSecret());
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
                LOG.failedToRemoveCredentialForCluster(str, e);
            }
        }
    }

    private char[] checkCache(String str, String str2) {
        char[] cArr = null;
        Map<String, String> map = this.cache.get(str);
        if (map == null) {
            return null;
        }
        String str3 = map.get(str2);
        if (str3 != null) {
            cArr = str3.toCharArray();
        }
        return cArr;
    }

    private void addToCache(String str, String str2, String str3) {
        this.cache.computeIfAbsent(str, str4 -> {
            return new HashMap();
        }).put(str2, str3);
    }

    private void removeFromCache(String str, String str2) {
        Map<String, String> map = this.cache.get(str);
        if (map == null) {
            return;
        }
        map.remove(str2);
    }

    public String getKeystorePath() {
        return this.config.getIdentityKeystorePath();
    }

    private synchronized KeyStore getKeystore(Path path, String str, String str2, boolean z) throws KeystoreServiceException {
        if (z) {
            if (Files.notExists(path, new LinkOption[0])) {
                LOG.keystoreFileDoesNotExist(path.toString());
                throw new KeystoreServiceException("The keystore file does not exist: " + path.toString());
            }
            if (!Files.isRegularFile(path, new LinkOption[0])) {
                LOG.keystoreFileIsNotAFile(path.toString());
                throw new KeystoreServiceException("The keystore file is not a file: " + path.toString());
            }
            if (!Files.isReadable(path)) {
                LOG.keystoreFileIsNotAccessible(path.toString());
                throw new KeystoreServiceException("The keystore file cannot be read: " + path.toString());
            }
        }
        return loadKeyStore(path, str, getKeyStorePassword(str2));
    }

    private synchronized boolean isKeyStoreAvailable(Path path, String str, char[] cArr) throws KeyStoreException, IOException {
        if (!Files.exists(path, new LinkOption[0]) || !Files.isRegularFile(path, new LinkOption[0]) || !Files.isReadable(path)) {
            return false;
        }
        try {
            InputStream newInputStream = Files.newInputStream(path, new OpenOption[0]);
            Throwable th = null;
            try {
                try {
                    KeyStore.getInstance(str).load(newInputStream, cArr);
                    if (newInputStream != null) {
                        if (0 != 0) {
                            try {
                                newInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            newInputStream.close();
                        }
                    }
                    return true;
                } catch (Throwable th3) {
                    th = th3;
                    throw th3;
                }
            } finally {
            }
        } catch (IOException | KeyStoreException e) {
            LOG.failedToLoadKeystore(path.toString(), str, e);
            throw e;
        } catch (NoSuchAlgorithmException | CertificateException e2) {
            LOG.failedToLoadKeystore(path.toString(), str, e2);
            return false;
        }
    }

    synchronized KeyStore createKeyStore(Path path, String str, char[] cArr) throws KeystoreServiceException {
        if (Files.notExists(path, new LinkOption[0])) {
            try {
                Files.createDirectories(path.getParent(), new FileAttribute[0]);
            } catch (IOException e) {
                LOG.failedToCreateKeystore(path.toString(), str, e);
                throw new KeystoreServiceException(e);
            }
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(str);
            keyStore.load(null, null);
            writeKeyStoreToFile(keyStore, path, cArr);
            return keyStore;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e2) {
            LOG.failedToCreateKeystore(path.toString(), str, e2);
            throw new KeystoreServiceException(e2);
        }
    }

    /* JADX WARN: Failed to calculate best type for var: r12v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.calculateFromBounds(FixTypesVisitor.java:156)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.setBestType(FixTypesVisitor.java:133)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.deduceType(FixTypesVisitor.java:238)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.tryDeduceTypes(FixTypesVisitor.java:221)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Failed to calculate best type for var: r12v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.calculateFromBounds(TypeInferenceVisitor.java:145)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.setBestType(TypeInferenceVisitor.java:123)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.lambda$runTypePropagation$2(TypeInferenceVisitor.java:101)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.runTypePropagation(TypeInferenceVisitor.java:101)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.visit(TypeInferenceVisitor.java:75)
     */
    /* JADX WARN: Failed to calculate best type for var: r13v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.calculateFromBounds(FixTypesVisitor.java:156)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.setBestType(FixTypesVisitor.java:133)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.deduceType(FixTypesVisitor.java:238)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.tryDeduceTypes(FixTypesVisitor.java:221)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Failed to calculate best type for var: r13v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.calculateFromBounds(TypeInferenceVisitor.java:145)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.setBestType(TypeInferenceVisitor.java:123)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.lambda$runTypePropagation$2(TypeInferenceVisitor.java:101)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.runTypePropagation(TypeInferenceVisitor.java:101)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.visit(TypeInferenceVisitor.java:75)
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.RegisterArg.getSVar()" because the return value of "jadx.core.dex.nodes.InsnNode.getResult()" is null
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.collectRelatedVars(AbstractTypeConstraint.java:31)
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.<init>(AbstractTypeConstraint.java:19)
    	at jadx.core.dex.visitors.typeinference.TypeSearch$1.<init>(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeMoveConstraint(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeConstraint(TypeSearch.java:361)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.collectConstraints(TypeSearch.java:341)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.run(TypeSearch.java:60)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.runMultiVariableSearch(FixTypesVisitor.java:116)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Not initialized variable reg: 12, insn: 0x00c9: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r12 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:55:0x00c9 */
    /* JADX WARN: Not initialized variable reg: 13, insn: 0x00ce: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r13 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:57:0x00ce */
    /* JADX WARN: Type inference failed for: r12v0, types: [java.nio.channels.FileChannel] */
    /* JADX WARN: Type inference failed for: r13v0, types: [java.lang.Throwable] */
    synchronized KeyStore loadKeyStore(Path path, String str, char[] cArr) throws KeystoreServiceException {
        try {
            KeyStore keyStore = KeyStore.getInstance(str);
            if (Files.exists(path, new LinkOption[0])) {
                try {
                    FileChannel open = FileChannel.open(path, StandardOpenOption.READ);
                    Throwable th = null;
                    open.lock(0L, Long.MAX_VALUE, true);
                    InputStream newInputStream = Channels.newInputStream(open);
                    Throwable th2 = null;
                    try {
                        keyStore.load(newInputStream, cArr);
                        if (newInputStream != null) {
                            if (0 != 0) {
                                try {
                                    newInputStream.close();
                                } catch (Throwable th3) {
                                    th2.addSuppressed(th3);
                                }
                            } else {
                                newInputStream.close();
                            }
                        }
                        if (open != null) {
                            if (0 != 0) {
                                try {
                                    open.close();
                                } catch (Throwable th4) {
                                    th.addSuppressed(th4);
                                }
                            } else {
                                open.close();
                            }
                        }
                    } catch (Throwable th5) {
                        if (newInputStream != null) {
                            if (0 != 0) {
                                try {
                                    newInputStream.close();
                                } catch (Throwable th6) {
                                    th2.addSuppressed(th6);
                                }
                            } else {
                                newInputStream.close();
                            }
                        }
                        throw th5;
                    }
                } finally {
                }
            } else {
                keyStore.load(null, cArr);
            }
            return keyStore;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            LOG.failedToLoadKeystore(path.toString(), str, e);
            throw new KeystoreServiceException(e);
        }
    }

    synchronized void writeKeyStoreToFile(KeyStore keyStore, Path path, char[] cArr) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
        FileChannel open = FileChannel.open(path, StandardOpenOption.WRITE, StandardOpenOption.CREATE, StandardOpenOption.TRUNCATE_EXISTING);
        Throwable th = null;
        try {
            open.lock();
            OutputStream newOutputStream = Channels.newOutputStream(open);
            Throwable th2 = null;
            try {
                try {
                    keyStore.store(newOutputStream, cArr);
                    if (newOutputStream != null) {
                        if (0 != 0) {
                            try {
                                newOutputStream.close();
                            } catch (Throwable th3) {
                                th2.addSuppressed(th3);
                            }
                        } else {
                            newOutputStream.close();
                        }
                    }
                    if (open != null) {
                        if (0 == 0) {
                            open.close();
                            return;
                        }
                        try {
                            open.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    }
                } catch (Throwable th5) {
                    th2 = th5;
                    throw th5;
                }
            } catch (Throwable th6) {
                if (newOutputStream != null) {
                    if (th2 != null) {
                        try {
                            newOutputStream.close();
                        } catch (Throwable th7) {
                            th2.addSuppressed(th7);
                        }
                    } else {
                        newOutputStream.close();
                    }
                }
                throw th6;
            }
        } catch (Throwable th8) {
            if (open != null) {
                if (0 != 0) {
                    try {
                        open.close();
                    } catch (Throwable th9) {
                        th.addSuppressed(th9);
                    }
                } else {
                    open.close();
                }
            }
            throw th8;
        }
    }

    private char[] getKeyStorePassword(String str) throws KeystoreServiceException {
        char[] cArr = null;
        if (str != null && !str.isEmpty()) {
            cArr = getCredentialForCluster("__gateway", str);
        }
        return cArr == null ? this.masterService.getMasterSecret() : cArr;
    }
}
