package io.confluent.ksql.rest.util;

import io.confluent.ksql.util.KsqlException;
import io.vertx.core.buffer.Buffer;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.util.Optional;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/confluent/ksql/rest/util/KeystoreUtil.class */
public final class KeystoreUtil {
    private static final Logger LOG = LoggerFactory.getLogger(KeystoreUtil.class);
    private static final String KEYSTORE_TYPE = "JKS";

    private KeystoreUtil() {
    }

    public static Buffer getKeyStore(String str, String str2, Optional<String> optional, Optional<String> optional2, String str3) {
        char[] cArr = (char[]) optional.map((v0) -> {
            return v0.toCharArray();
        }).orElse(null);
        char[] cArr2 = (char[]) optional2.map((v0) -> {
            return v0.toCharArray();
        }).orElse(null);
        KeyStore loadExistingKeyStore = loadExistingKeyStore(str, str2, cArr);
        try {
            PrivateKey privateKey = (PrivateKey) loadExistingKeyStore.getKey(str3, cArr2);
            Certificate[] certificateChain = loadExistingKeyStore.getCertificateChain(str3);
            if (privateKey == null || certificateChain == null) {
                throw new KsqlException("Alias doesn't exist in keystore: " + str3);
            }
            return Buffer.buffer(createSingleValueKeyStore(privateKey, certificateChain, cArr, cArr2, str3));
        } catch (Exception e) {
            throw new KsqlException("Error fetching key/certificate " + str3, e);
        }
    }

    private static KeyStore loadExistingKeyStore(String str, String str2, char[] cArr) {
        try {
            FileInputStream fileInputStream = new FileInputStream(str2);
            Throwable th = null;
            try {
                try {
                    KeyStore keyStore = KeyStore.getInstance(str);
                    keyStore.load(fileInputStream, cArr);
                    if (fileInputStream != null) {
                        if (0 != 0) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                    return keyStore;
                } finally {
                }
            } finally {
            }
        } catch (Exception e) {
            throw new KsqlException("Couldn't fetch keystore", e);
        }
    }

    private static byte[] createSingleValueKeyStore(PrivateKey privateKey, Certificate[] certificateArr, char[] cArr, char[] cArr2, String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("JKS");
            keyStore.load(null, null);
            keyStore.setEntry(str, new KeyStore.PrivateKeyEntry(privateKey, certificateArr), new KeyStore.PasswordProtection(cArr2));
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            keyStore.store(byteArrayOutputStream, cArr);
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e) {
            throw new KsqlException("Couldn't create keystore", e);
        }
    }
}
