package org.wildfly.security.keystore;

import java.io.DataInputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.nio.channels.FileChannel;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.function.Supplier;
import org.wildfly.common.iteration.CodePointIterator;
import org.wildfly.security.pem.Pem;
import org.wildfly.security.pem.PemEntry;
import org.wildfly.security.provider.util.ProviderUtil;
import org.wildfly.security.tool.CredentialStoreCommand;

/* loaded from: input_file:org/wildfly/security/keystore/KeyStoreUtil.class */
public class KeyStoreUtil {
    private static final String BCFKS = "BCFKS";
    private static final String BKS = "BKS";
    private static final String JCEKS = "JCEKS";
    private static final String JKS = "JKS";
    private static final String PKCS12 = "PKCS12";
    private static final String UBER = "UBER";
    private static final int VERSION_0 = 0;
    private static final int VERSION_1 = 1;
    private static final int VERSION_2 = 2;
    private static final int JCEKS_MAGIC = -825307442;
    private static final int JKS_MAGIC = -17957139;
    private static final int SEQUENCE = 805306368;
    private static final int PEM_MAGIC = 757935405;

    /* loaded from: input_file:org/wildfly/security/keystore/KeyStoreUtil$ResettableDataFileInputStream.class */
    private static class ResettableDataFileInputStream extends DataInputStream {
        private FileChannel fc;
        private long startingPosition;

        public ResettableDataFileInputStream(FileInputStream fileInputStream) {
            super(fileInputStream);
            this.startingPosition = 0L;
            this.fc = fileInputStream.getChannel();
            try {
                this.startingPosition = this.fc.position();
            } catch (IOException e) {
                e.printStackTrace();
            }
        }

        @Override // java.io.FilterInputStream, java.io.InputStream
        public void reset() throws IOException {
            this.fc.position(this.startingPosition);
        }

        @Override // java.io.FilterInputStream, java.io.InputStream
        public long skip(long j) throws IOException {
            this.fc.position(this.fc.position() + j);
            return 0L;
        }
    }

    public static KeyStore loadKeyStore(Supplier<Provider[]> supplier, String str, FileInputStream fileInputStream, String str2, char[] cArr) throws IOException, KeyStoreException {
        ResettableDataFileInputStream resettableDataFileInputStream = new ResettableDataFileInputStream(fileInputStream);
        int readInt = resettableDataFileInputStream.readInt();
        resettableDataFileInputStream.reset();
        KeyStore keyStore = null;
        if (readInt == JKS_MAGIC) {
            keyStore = tryLoadKeystore(supplier, str, resettableDataFileInputStream, cArr, JKS);
        } else if (readInt == JCEKS_MAGIC) {
            keyStore = tryLoadKeystore(supplier, str, resettableDataFileInputStream, cArr, JCEKS);
        } else if (readInt == 1 || readInt == 2) {
            resettableDataFileInputStream.reset();
            resettableDataFileInputStream.skip(32L);
            byte readByte = resettableDataFileInputStream.readByte();
            resettableDataFileInputStream.reset();
            keyStore = readByte <= 5 ? tryLoadKeystore(supplier, str, resettableDataFileInputStream, cArr, BKS, UBER) : tryLoadKeystore(supplier, str, resettableDataFileInputStream, cArr, UBER, BKS);
        } else if (readInt == 0) {
            keyStore = tryLoadKeystore(supplier, str, resettableDataFileInputStream, cArr, UBER);
        } else if ((readInt & (-16777216)) == SEQUENCE) {
            String[] split = str2.split("\\.");
            String str3 = split[split.length - 1];
            keyStore = (str3.startsWith("b") || str3.startsWith("B")) ? tryLoadKeystore(supplier, str, resettableDataFileInputStream, cArr, BCFKS, PKCS12) : tryLoadKeystore(supplier, str, resettableDataFileInputStream, cArr, PKCS12, BCFKS);
        } else if (readInt == PEM_MAGIC) {
            keyStore = loadPemAsKeyStore(fileInputStream, cArr);
        }
        if (keyStore == null) {
            throw ElytronMessages.log.keyStoreTypeNotDetected();
        }
        return keyStore;
    }

    private static KeyStore tryLoadKeystore(Supplier<Provider[]> supplier, String str, InputStream inputStream, char[] cArr, String... strArr) {
        Provider findProvider;
        for (String str2 : strArr) {
            try {
                ElytronMessages.log.debug("Searching provider for: " + str2);
                findProvider = ProviderUtil.findProvider(supplier, str, (Class<?>) KeyStore.class, str2);
            } catch (Exception e) {
                ElytronMessages.log.debug("KeyStore is not of type " + str2);
            }
            if (findProvider != null) {
                ElytronMessages.log.debug("Provider found: " + findProvider.getName());
                KeyStore keyStore = KeyStore.getInstance(str2, findProvider);
                inputStream.reset();
                keyStore.load(inputStream, cArr);
                return keyStore;
            }
            ElytronMessages.log.debug("Provider not found");
        }
        return null;
    }

    private static KeyStore loadPemAsKeyStore(FileInputStream fileInputStream, char[] cArr) throws KeyStoreException, IOException {
        String num;
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        try {
            keyStore.load(null);
        } catch (Exception e) {
        }
        PrivateKey privateKey = null;
        ArrayList<Certificate> arrayList = new ArrayList();
        byte[] bArr = new byte[(int) fileInputStream.getChannel().size()];
        fileInputStream.read(bArr);
        Iterator<PemEntry<?>> parsePemContent = Pem.parsePemContent(CodePointIterator.ofUtf8Bytes(bArr));
        while (parsePemContent.hasNext()) {
            Object entry = parsePemContent.next().getEntry();
            if (entry instanceof PrivateKey) {
                privateKey = (PrivateKey) entry;
            } else if (entry instanceof Certificate) {
                arrayList.add((Certificate) entry);
            }
        }
        if (privateKey != null) {
            Certificate certificate = (Certificate) arrayList.get(0);
            keyStore.setKeyEntry(certificate instanceof X509Certificate ? ((X509Certificate) certificate).getSubjectX500Principal().getName() : CredentialStoreCommand.KEY_PARAM, privateKey, cArr, (Certificate[]) arrayList.toArray(new Certificate[0]));
        } else {
            int i = 1;
            for (Certificate certificate2 : arrayList) {
                if (certificate2 instanceof X509Certificate) {
                    num = ((X509Certificate) certificate2).getSubjectX500Principal().getName();
                } else {
                    int i2 = i;
                    i++;
                    num = Integer.toString(i2);
                }
                keyStore.setCertificateEntry(num, certificate2);
            }
        }
        return keyStore;
    }
}
