package com.webauthn4j.anchor;

import com.webauthn4j.data.attestation.authenticator.AAGUID;
import com.webauthn4j.util.AssertUtil;
import com.webauthn4j.util.CertificateUtil;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;

/* loaded from: input_file:com/webauthn4j/anchor/KeyStoreFileTrustAnchorsProvider.class */
public class KeyStoreFileTrustAnchorsProvider extends CachingTrustAnchorsProviderBase {
    private Path keyStore;
    private String password;

    private void checkConfig() {
        AssertUtil.notNull(this.keyStore, "keyStore must not be null");
        AssertUtil.notNull(this.password, "password must not be null");
    }

    @Override // com.webauthn4j.anchor.CachingTrustAnchorsProviderBase
    protected Map<AAGUID, Set<TrustAnchor>> loadTrustAnchors() {
        checkConfig();
        try {
            InputStream newInputStream = Files.newInputStream(getKeyStore(), new OpenOption[0]);
            Throwable th = null;
            try {
                try {
                    KeyStore loadKeyStoreFromStream = loadKeyStoreFromStream(newInputStream, getPassword());
                    ArrayList list = Collections.list(loadKeyStoreFromStream.aliases());
                    HashSet hashSet = new HashSet();
                    Iterator it = list.iterator();
                    while (it.hasNext()) {
                        hashSet.add(new TrustAnchor((X509Certificate) loadKeyStoreFromStream.getCertificate((String) it.next()), null));
                    }
                    Map<AAGUID, Set<TrustAnchor>> singletonMap = Collections.singletonMap(AAGUID.NULL, hashSet);
                    if (newInputStream != null) {
                        if (0 != 0) {
                            try {
                                newInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            newInputStream.close();
                        }
                    }
                    return singletonMap;
                } finally {
                }
            } finally {
            }
        } catch (IOException | java.security.KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new KeyStoreException("Failed to load TrustAnchor from keystore", e);
        }
    }

    private KeyStore loadKeyStoreFromStream(InputStream inputStream, String str) throws CertificateException, NoSuchAlgorithmException, IOException {
        KeyStore createKeyStore = CertificateUtil.createKeyStore();
        createKeyStore.load(inputStream, str.toCharArray());
        return createKeyStore;
    }

    public Path getKeyStore() {
        return this.keyStore;
    }

    public void setKeyStore(Path path) {
        this.keyStore = path;
    }

    public String getPassword() {
        return this.password;
    }

    public void setPassword(String str) {
        this.password = str;
    }
}
