package org.wildfly.security.keystore;

import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.io.Reader;
import java.nio.charset.CharacterCodingException;
import java.nio.charset.StandardCharsets;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.concurrent.atomic.AtomicReference;
import org.wildfly.security.password.Password;
import org.wildfly.security.password.util.ModularCrypt;

/* loaded from: input_file:BOOT-INF/lib/wildfly-elytron-credential-1.15.1.Final.jar:org/wildfly/security/keystore/PasswordKeyStoreSpi.class */
public final class PasswordKeyStoreSpi extends KeyStoreSpi {
    private final AtomicReference<HashMap<String, PasswordEntry>> pwRef = new AtomicReference<>();

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
        PasswordEntry passwordEntry;
        HashMap<String, PasswordEntry> hashMap = this.pwRef.get();
        if (hashMap == null || (passwordEntry = hashMap.get(str)) == null) {
            return null;
        }
        if (cArr != null) {
            throw ElytronMessages.log.invalidKeyStoreEntryPassword(str);
        }
        return passwordEntry.getPassword();
    }

    @Override // java.security.KeyStoreSpi
    public KeyStore.Entry engineGetEntry(String str, KeyStore.ProtectionParameter protectionParameter) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException {
        PasswordEntry passwordEntry;
        HashMap<String, PasswordEntry> hashMap = this.pwRef.get();
        if (hashMap == null || (passwordEntry = hashMap.get(str)) == null) {
            return null;
        }
        if (protectionParameter != null) {
            throw ElytronMessages.log.invalidKeyStoreEntryPassword(str);
        }
        return passwordEntry;
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetEntry(String str, KeyStore.Entry entry, KeyStore.ProtectionParameter protectionParameter) throws KeyStoreException {
        HashMap<String, PasswordEntry> hashMap;
        LinkedHashMap linkedHashMap;
        if (!(entry instanceof PasswordEntry)) {
            throw ElytronMessages.log.invalidKeyStoreEntryType(str, PasswordEntry.class, entry.getClass());
        }
        if (protectionParameter != null) {
            throw ElytronMessages.log.keyCannotBeProtected(str);
        }
        do {
            hashMap = this.pwRef.get();
            linkedHashMap = hashMap == null ? new LinkedHashMap(1) : new LinkedHashMap(hashMap);
            linkedHashMap.put(str, (PasswordEntry) entry);
        } while (!this.pwRef.compareAndSet(hashMap, linkedHashMap));
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineEntryInstanceOf(String str, Class<? extends KeyStore.Entry> cls) {
        HashMap<String, PasswordEntry> hashMap = this.pwRef.get();
        return hashMap != null && cls.isInstance(hashMap.get(str));
    }

    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
        if (cArr != null) {
            throw new KeyStoreException(ElytronMessages.log.invalidKeyStoreEntryPassword(str));
        }
        if (key instanceof Password) {
            engineSetEntry(str, new PasswordEntry((Password) key), null);
        }
        throw ElytronMessages.log.invalidKeyStoreEntryType(str, PasswordEntry.class, Key.class);
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
        throw ElytronMessages.log.invalidKeyStoreEntryType(str, PasswordEntry.class, Key.class);
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
        throw ElytronMessages.log.invalidKeyStoreEntryType(str, PasswordEntry.class, Certificate.class);
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) throws KeyStoreException {
        HashMap<String, PasswordEntry> hashMap;
        LinkedHashMap linkedHashMap;
        do {
            hashMap = this.pwRef.get();
            if (hashMap == null || !hashMap.containsKey(str)) {
                return;
            }
            if (hashMap.size() == 1) {
                linkedHashMap = null;
            } else {
                linkedHashMap = new LinkedHashMap(hashMap);
                linkedHashMap.remove(str);
            }
        } while (!this.pwRef.compareAndSet(hashMap, linkedHashMap));
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration<String> engineAliases() {
        HashMap<String, PasswordEntry> hashMap = this.pwRef.get();
        return Collections.enumeration(hashMap == null ? Collections.emptySet() : hashMap.keySet());
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        HashMap<String, PasswordEntry> hashMap = this.pwRef.get();
        return hashMap != null && hashMap.containsKey(str);
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        HashMap<String, PasswordEntry> hashMap = this.pwRef.get();
        if (hashMap == null) {
            return 0;
        }
        return hashMap.size();
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        return false;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        return false;
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        HashMap<String, PasswordEntry> hashMap = this.pwRef.get();
        if (hashMap != null) {
            BufferedWriter bufferedWriter = new BufferedWriter(new OutputStreamWriter(outputStream, StandardCharsets.UTF_8));
            for (Map.Entry<String, PasswordEntry> entry : hashMap.entrySet()) {
                Password password = entry.getValue().getPassword();
                String key = entry.getKey();
                try {
                    char[] encode = ModularCrypt.encode(password);
                    bufferedWriter.write(key.replaceAll("([\\\\:])", "\\$1"));
                    bufferedWriter.write(58);
                    bufferedWriter.write(encode);
                    bufferedWriter.write(10);
                    bufferedWriter.flush();
                } catch (InvalidKeySpecException e) {
                    throw ElytronMessages.log.keyStoreFailedToTranslate(key, e);
                }
            }
        }
    }

    private static int forceReadCP(Reader reader) throws IOException {
        int readCP = readCP(reader);
        if (readCP == -1) {
            throw ElytronMessages.log.unexpectedEof();
        }
        return readCP;
    }

    private static int readCP(Reader reader) throws IOException {
        int read = reader.read();
        if (read == -1) {
            return -1;
        }
        if (!Character.isHighSurrogate((char) read)) {
            return read;
        }
        int read2 = reader.read();
        if (read2 == -1) {
            throw ElytronMessages.log.unexpectedEof();
        }
        if (Character.isLowSurrogate((char) read2)) {
            return Character.toCodePoint((char) read, (char) read2);
        }
        throw new CharacterCodingException();
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        int forceReadCP;
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream, StandardCharsets.UTF_8));
        StringBuilder sb = new StringBuilder();
        while (true) {
            int readCP = readCP(bufferedReader);
            if (readCP == -1) {
                this.pwRef.set(linkedHashMap);
                return;
            }
            while (readCP == 92) {
                readCP = forceReadCP(bufferedReader);
                sb.appendCodePoint(readCP);
            }
            if (readCP == 58) {
                String sb2 = sb.toString();
                sb.setLength(0);
                while (true) {
                    forceReadCP = forceReadCP(bufferedReader);
                    if (forceReadCP == 10 || forceReadCP == 13 || forceReadCP == 58) {
                        break;
                    } else {
                        sb.appendCodePoint(forceReadCP);
                    }
                }
                char[] cArr2 = new char[sb.length()];
                sb.getChars(0, sb.length(), cArr2, 0);
                if (ModularCrypt.identifyAlgorithm(cArr2) == null) {
                    throw ElytronMessages.log.noAlgorithmForPassword(sb2);
                }
                try {
                    linkedHashMap.put(sb2, new PasswordEntry(ModularCrypt.decode(cArr2)));
                    while (forceReadCP != 10) {
                        forceReadCP = forceReadCP(bufferedReader);
                    }
                    sb.setLength(0);
                } catch (InvalidKeySpecException e) {
                    throw ElytronMessages.log.noAlgorithmForPassword(sb2);
                }
            } else {
                if (Character.isWhitespace(readCP)) {
                    throw ElytronMessages.log.unexpectedWhitespaceInPasswordFile();
                }
                sb.appendCodePoint(readCP);
            }
        }
    }
}
