package org.thingsboard.server.common.transport.config.ssl;

import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.util.ArrayList;
import java.util.List;
import java.util.stream.Collectors;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMEncryptedKeyPair;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder;
import org.thingsboard.server.common.data.ResourceUtils;
import org.thingsboard.server.common.data.StringUtils;

/* loaded from: input_file:org/thingsboard/server/common/transport/config/ssl/PemSslCredentials.class */
public class PemSslCredentials extends AbstractSslCredentials {
    private static final String DEFAULT_KEY_ALIAS = "server";
    private String certFile;
    private String keyFile;
    private String keyPassword;

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.thingsboard.server.common.transport.config.ssl.AbstractSslCredentials
    public boolean canUse() {
        return ResourceUtils.resourceExists(this, this.certFile);
    }

    @Override // org.thingsboard.server.common.transport.config.ssl.AbstractSslCredentials
    protected KeyStore loadKeyStore(boolean z, char[] cArr) throws IOException, GeneralSecurityException {
        if (Security.getProvider("BC") == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
        ArrayList arrayList = new ArrayList();
        PrivateKey privateKey = null;
        JcaX509CertificateConverter jcaX509CertificateConverter = new JcaX509CertificateConverter();
        JcaPEMKeyConverter jcaPEMKeyConverter = new JcaPEMKeyConverter();
        InputStream inputStream = ResourceUtils.getInputStream(this, this.certFile);
        try {
            PEMParser pEMParser = new PEMParser(new InputStreamReader(inputStream));
            while (true) {
                try {
                    Object readObject = pEMParser.readObject();
                    if (readObject == null) {
                        break;
                    }
                    if (readObject instanceof X509CertificateHolder) {
                        arrayList.add(jcaX509CertificateConverter.getCertificate((X509CertificateHolder) readObject));
                    } else if (readObject instanceof PEMEncryptedKeyPair) {
                        privateKey = jcaPEMKeyConverter.getKeyPair(((PEMEncryptedKeyPair) readObject).decryptKeyPair(new JcePEMDecryptorProviderBuilder().build(cArr))).getPrivate();
                    } else if (readObject instanceof PEMKeyPair) {
                        privateKey = jcaPEMKeyConverter.getKeyPair((PEMKeyPair) readObject).getPrivate();
                    } else if (readObject instanceof PrivateKeyInfo) {
                        privateKey = jcaPEMKeyConverter.getPrivateKey((PrivateKeyInfo) readObject);
                    }
                } finally {
                }
            }
            pEMParser.close();
            if (inputStream != null) {
                inputStream.close();
            }
            if (privateKey == null && !StringUtils.isEmpty(this.keyFile) && ResourceUtils.resourceExists(this, this.keyFile)) {
                inputStream = ResourceUtils.getInputStream(this, this.keyFile);
                try {
                    pEMParser = new PEMParser(new InputStreamReader(inputStream));
                    while (true) {
                        try {
                            Object readObject2 = pEMParser.readObject();
                            if (readObject2 == null) {
                                break;
                            }
                            if (readObject2 instanceof PEMEncryptedKeyPair) {
                                privateKey = jcaPEMKeyConverter.getKeyPair(((PEMEncryptedKeyPair) readObject2).decryptKeyPair(new JcePEMDecryptorProviderBuilder().build(cArr))).getPrivate();
                                break;
                            }
                            if (readObject2 instanceof PEMKeyPair) {
                                privateKey = jcaPEMKeyConverter.getKeyPair((PEMKeyPair) readObject2).getPrivate();
                                break;
                            }
                            if (readObject2 instanceof PrivateKeyInfo) {
                                privateKey = jcaPEMKeyConverter.getPrivateKey((PrivateKeyInfo) readObject2);
                            }
                        } finally {
                            try {
                                pEMParser.close();
                            } catch (Throwable th) {
                                th.addSuppressed(th);
                            }
                        }
                    }
                    pEMParser.close();
                    if (inputStream != null) {
                        inputStream.close();
                    }
                } finally {
                }
            }
            if (arrayList.isEmpty()) {
                throw new IllegalArgumentException("No certificates found in certFile: " + this.certFile);
            }
            if (privateKey == null && !z) {
                throw new IllegalArgumentException("Unable to load private key neither from certFile: " + this.certFile + " nor from keyFile: " + this.keyFile);
            }
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null);
            if (z) {
                List list = (List) arrayList.stream().distinct().collect(Collectors.toList());
                for (int i = 0; i < list.size(); i++) {
                    keyStore.setCertificateEntry("root-" + i, (Certificate) list.get(i));
                }
            }
            if (privateKey != null) {
                keyStore.setKeyEntry(DEFAULT_KEY_ALIAS, privateKey, cArr, (Certificate[]) CertificateFactory.getInstance("X.509").generateCertPath(arrayList).getCertificates().toArray(new Certificate[0]));
            }
            return keyStore;
        } finally {
        }
    }

    @Override // org.thingsboard.server.common.transport.config.ssl.SslCredentials
    public String getKeyAlias() {
        return DEFAULT_KEY_ALIAS;
    }

    @Override // org.thingsboard.server.common.transport.config.ssl.AbstractSslCredentials
    protected void updateKeyAlias(String str) {
    }

    public String getCertFile() {
        return this.certFile;
    }

    public String getKeyFile() {
        return this.keyFile;
    }

    @Override // org.thingsboard.server.common.transport.config.ssl.SslCredentials
    public String getKeyPassword() {
        return this.keyPassword;
    }

    public void setCertFile(String str) {
        this.certFile = str;
    }

    public void setKeyFile(String str) {
        this.keyFile = str;
    }

    public void setKeyPassword(String str) {
        this.keyPassword = str;
    }

    public String toString() {
        return "PemSslCredentials(certFile=" + getCertFile() + ", keyFile=" + getKeyFile() + ", keyPassword=" + getKeyPassword() + ")";
    }

    public boolean equals(Object obj) {
        if (obj == this) {
            return true;
        }
        if (!(obj instanceof PemSslCredentials)) {
            return false;
        }
        PemSslCredentials pemSslCredentials = (PemSslCredentials) obj;
        if (!pemSslCredentials.canEqual(this)) {
            return false;
        }
        String certFile = getCertFile();
        String certFile2 = pemSslCredentials.getCertFile();
        if (certFile == null) {
            if (certFile2 != null) {
                return false;
            }
        } else if (!certFile.equals(certFile2)) {
            return false;
        }
        String keyFile = getKeyFile();
        String keyFile2 = pemSslCredentials.getKeyFile();
        if (keyFile == null) {
            if (keyFile2 != null) {
                return false;
            }
        } else if (!keyFile.equals(keyFile2)) {
            return false;
        }
        String keyPassword = getKeyPassword();
        String keyPassword2 = pemSslCredentials.getKeyPassword();
        return keyPassword == null ? keyPassword2 == null : keyPassword.equals(keyPassword2);
    }

    protected boolean canEqual(Object obj) {
        return obj instanceof PemSslCredentials;
    }

    public int hashCode() {
        String certFile = getCertFile();
        int hashCode = (1 * 59) + (certFile == null ? 43 : certFile.hashCode());
        String keyFile = getKeyFile();
        int hashCode2 = (hashCode * 59) + (keyFile == null ? 43 : keyFile.hashCode());
        String keyPassword = getKeyPassword();
        return (hashCode2 * 59) + (keyPassword == null ? 43 : keyPassword.hashCode());
    }
}
