package com.unboundid.ldap.sdk.unboundidds.extensions;

import com.unboundid.asn1.ASN1Element;
import com.unboundid.asn1.ASN1OctetString;
import com.unboundid.asn1.ASN1Sequence;
import com.unboundid.asn1.ASN1StreamReader;
import com.unboundid.ldap.sdk.LDAPException;
import com.unboundid.ldap.sdk.ResultCode;
import com.unboundid.util.Debug;
import com.unboundid.util.NotMutable;
import com.unboundid.util.NotNull;
import com.unboundid.util.Nullable;
import com.unboundid.util.PasswordFileReader;
import com.unboundid.util.StaticUtils;
import com.unboundid.util.ThreadSafety;
import com.unboundid.util.ThreadSafetyLevel;
import com.unboundid.util.Validator;
import com.unboundid.util.ssl.cert.CertException;
import com.unboundid.util.ssl.cert.PKCS8EncryptionHandler;
import com.unboundid.util.ssl.cert.PKCS8PEMFileReader;
import com.unboundid.util.ssl.cert.PKCS8PrivateKey;
import com.unboundid.util.ssl.cert.X509Certificate;
import com.unboundid.util.ssl.cert.X509PEMFileReader;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;

@ThreadSafety(level = ThreadSafetyLevel.COMPLETELY_THREADSAFE)
@NotMutable
/* loaded from: input_file:BOOT-INF/lib/unboundid-ldapsdk-6.0.8.jar:com/unboundid/ldap/sdk/unboundidds/extensions/CertificateDataReplaceCertificateKeyStoreContent.class */
public final class CertificateDataReplaceCertificateKeyStoreContent extends ReplaceCertificateKeyStoreContent {
    static final byte TYPE_KEY_STORE_CONTENT = -94;
    private static final byte TYPE_CERTIFICATE_CHAIN = -82;
    private static final byte TYPE_PRIVATE_KEY = -81;
    private static final long serialVersionUID = 1771837307666073616L;

    @Nullable
    private final byte[] privateKeyData;

    @NotNull
    private final List<byte[]> certificateChainData;

    public CertificateDataReplaceCertificateKeyStoreContent(@NotNull List<byte[]> list, @Nullable byte[] bArr) {
        Validator.ensureNotNullOrEmpty(list, "CertificateDataReplaceCertificateKeyStoreContent.certificateChainData must not be null or empty.");
        this.certificateChainData = Collections.unmodifiableList(new ArrayList(list));
        this.privateKeyData = bArr;
    }

    public CertificateDataReplaceCertificateKeyStoreContent(@NotNull List<File> list, @Nullable File file) throws LDAPException {
        this(readCertificateChain(list), file == null ? null : readPrivateKey(file));
    }

    public CertificateDataReplaceCertificateKeyStoreContent(@NotNull List<File> list, @Nullable File file, @Nullable File file2) throws LDAPException {
        this(readCertificateChain(list), file == null ? null : readPrivateKey(file, file2));
    }

    @NotNull
    public static List<byte[]> readCertificateChain(@NotNull File... fileArr) throws LDAPException {
        return readCertificateChain((List<File>) Arrays.asList(fileArr));
    }

    @NotNull
    public static List<byte[]> readCertificateChain(@NotNull List<File> list) throws LDAPException {
        Validator.ensureNotNullOrEmpty(list, "CertificateDataReplaceCertificateKeyStoreContent.readCertificateChain.files must not be null or empty.");
        ArrayList arrayList = new ArrayList();
        Iterator<File> it = list.iterator();
        while (it.hasNext()) {
            readCertificates(it.next(), arrayList);
        }
        return Collections.unmodifiableList(arrayList);
    }

    /* JADX WARN: Failed to calculate best type for var: r11v1 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Failed to calculate best type for var: r12v0 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException
     */
    /* JADX WARN: Not initialized variable reg: 11, insn: 0x0124: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r11 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:79:0x0124 */
    /* JADX WARN: Not initialized variable reg: 12, insn: 0x0128: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r12 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:81:0x0128 */
    /* JADX WARN: Type inference failed for: r11v1, types: [java.io.FileInputStream] */
    /* JADX WARN: Type inference failed for: r12v0, types: [java.lang.Throwable] */
    private static void readCertificates(@NotNull File file, @NotNull List<byte[]> list) throws LDAPException {
        FileInputStream fileInputStream;
        Throwable th;
        BufferedInputStream bufferedInputStream;
        Throwable th2;
        int read;
        try {
            try {
                fileInputStream = new FileInputStream(file);
                th = null;
                bufferedInputStream = new BufferedInputStream(fileInputStream);
                th2 = null;
                try {
                    bufferedInputStream.mark(1);
                    read = bufferedInputStream.read();
                    bufferedInputStream.reset();
                } catch (Throwable th3) {
                    if (bufferedInputStream != null) {
                        if (0 != 0) {
                            try {
                                bufferedInputStream.close();
                            } catch (Throwable th4) {
                                th2.addSuppressed(th4);
                            }
                        } else {
                            bufferedInputStream.close();
                        }
                    }
                    throw th3;
                }
            } finally {
            }
        } catch (IOException e) {
            Debug.debugException(e);
            throw new LDAPException(ResultCode.LOCAL_ERROR, ExtOpMessages.ERR_CD_KSC_DECODE_ERROR_READING_CERT_FILE.get(file.getAbsolutePath(), StaticUtils.getExceptionMessage(e)), e);
        }
        if (read < 0) {
            throw new LDAPException(ResultCode.PARAM_ERROR, ExtOpMessages.ERR_CD_KSC_DECODE_ERR_EMPTY_CERT_FILE.get(file.getAbsolutePath()));
        }
        if (read != 48) {
            readPEMCertificates(file, bufferedInputStream, list);
            if (bufferedInputStream != null) {
                if (0 != 0) {
                    try {
                        bufferedInputStream.close();
                    } catch (Throwable th5) {
                        th2.addSuppressed(th5);
                    }
                } else {
                    bufferedInputStream.close();
                }
            }
            if (fileInputStream != null) {
                if (0 != 0) {
                    try {
                        fileInputStream.close();
                    } catch (Throwable th6) {
                        th.addSuppressed(th6);
                    }
                } else {
                    fileInputStream.close();
                }
            }
            return;
        }
        readDERCertificates(file, bufferedInputStream, list);
        if (bufferedInputStream != null) {
            if (0 != 0) {
                try {
                    bufferedInputStream.close();
                } catch (Throwable th7) {
                    th2.addSuppressed(th7);
                }
            } else {
                bufferedInputStream.close();
            }
        }
        if (fileInputStream != null) {
            if (0 == 0) {
                fileInputStream.close();
                return;
            }
            try {
                fileInputStream.close();
                return;
            } catch (Throwable th8) {
                th.addSuppressed(th8);
                return;
            }
        }
        return;
        Debug.debugException(e);
        throw new LDAPException(ResultCode.LOCAL_ERROR, ExtOpMessages.ERR_CD_KSC_DECODE_ERROR_READING_CERT_FILE.get(file.getAbsolutePath(), StaticUtils.getExceptionMessage(e)), e);
    }

    private static void readDERCertificates(@NotNull File file, @NotNull InputStream inputStream, @NotNull List<byte[]> list) throws LDAPException {
        try {
            ASN1StreamReader aSN1StreamReader = new ASN1StreamReader(inputStream);
            Throwable th = null;
            while (true) {
                try {
                    try {
                        ASN1Element readElement = aSN1StreamReader.readElement();
                        if (readElement == null) {
                            break;
                        } else {
                            list.add(readElement.encode());
                        }
                    } finally {
                    }
                } catch (Throwable th2) {
                    th = th2;
                    throw th2;
                }
            }
            if (aSN1StreamReader != null) {
                if (0 == 0) {
                    aSN1StreamReader.close();
                    return;
                }
                try {
                    aSN1StreamReader.close();
                } catch (Throwable th3) {
                    th.addSuppressed(th3);
                }
            }
        } catch (IOException e) {
            Debug.debugException(e);
            throw new LDAPException(ResultCode.DECODING_ERROR, ExtOpMessages.ERR_CD_KSC_DECODE_DER_CERT_ERROR.get(file.getAbsolutePath(), StaticUtils.getExceptionMessage(e)), e);
        }
    }

    private static void readPEMCertificates(@NotNull File file, @NotNull InputStream inputStream, @NotNull List<byte[]> list) throws IOException, LDAPException {
        try {
            X509PEMFileReader x509PEMFileReader = new X509PEMFileReader(inputStream);
            Throwable th = null;
            while (true) {
                try {
                    try {
                        X509Certificate readCertificate = x509PEMFileReader.readCertificate();
                        if (readCertificate == null) {
                            break;
                        } else {
                            list.add(readCertificate.getX509CertificateBytes());
                        }
                    } finally {
                    }
                } catch (Throwable th2) {
                    th = th2;
                    throw th2;
                }
            }
            if (x509PEMFileReader != null) {
                if (0 == 0) {
                    x509PEMFileReader.close();
                    return;
                }
                try {
                    x509PEMFileReader.close();
                } catch (Throwable th3) {
                    th.addSuppressed(th3);
                }
            }
        } catch (CertException e) {
            Debug.debugException(e);
            throw new LDAPException(ResultCode.DECODING_ERROR, ExtOpMessages.ERR_CD_KSC_DECODE_PEM_CERT_ERROR.get(file.getAbsolutePath(), e.getMessage()), e);
        }
    }

    @NotNull
    public static byte[] readPrivateKey(@NotNull File file) throws LDAPException {
        return readPrivateKey(file, null);
    }

    /* JADX WARN: Failed to calculate best type for var: r13v2 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Failed to calculate best type for var: r14v1 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Failed to calculate best type for var: r15v0 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException
     */
    /* JADX WARN: Not initialized variable reg: 13, insn: 0x019a: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r13 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:97:0x019a */
    /* JADX WARN: Not initialized variable reg: 14, insn: 0x0165: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r14 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:70:0x0165 */
    /* JADX WARN: Not initialized variable reg: 15, insn: 0x016a: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r15 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:72:0x016a */
    /* JADX WARN: Type inference failed for: r0v2, types: [java.io.FileInputStream, com.unboundid.util.PasswordFileReader] */
    /* JADX WARN: Type inference failed for: r13v2, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r14v1, types: [java.io.BufferedInputStream] */
    /* JADX WARN: Type inference failed for: r15v0, types: [java.lang.Throwable] */
    @NotNull
    public static byte[] readPrivateKey(@NotNull File file, @Nullable File file2) throws LDAPException {
        ?? passwordFileReader;
        char[] readPassword;
        ?? r13;
        ?? r14;
        ?? r15;
        Validator.ensureNotNull(file, "CertificateDataReplaceCertificateKeyStoreContent.readPrivateKey.file must not be null.");
        if (file2 == null) {
            readPassword = null;
        } else {
            passwordFileReader = new PasswordFileReader();
            try {
                readPassword = passwordFileReader.readPassword(file2);
            } catch (LDAPException e) {
                Debug.debugException(e);
                throw e;
            } catch (Exception e2) {
                Debug.debugException(e2);
                throw new LDAPException(ResultCode.LOCAL_ERROR, ExtOpMessages.ERR_CD_KSC_ERROR_READING_PW_FILE.get(file2.getAbsolutePath(), StaticUtils.getExceptionMessage(e2)), e2);
            }
        }
        try {
            try {
                try {
                    FileInputStream fileInputStream = new FileInputStream(file);
                    Throwable th = null;
                    try {
                        BufferedInputStream bufferedInputStream = new BufferedInputStream(fileInputStream);
                        Throwable th2 = null;
                        bufferedInputStream.mark(1);
                        int read = bufferedInputStream.read();
                        bufferedInputStream.reset();
                        if (read < 0) {
                            throw new LDAPException(ResultCode.PARAM_ERROR, ExtOpMessages.ERR_CD_KSC_DECODE_ERROR_EMPTY_PK_FILE.get(file.getAbsolutePath()));
                        }
                        if (read == 48) {
                            byte[] readDERPrivateKey = readDERPrivateKey(file, bufferedInputStream, readPassword);
                            if (bufferedInputStream != null) {
                                if (0 != 0) {
                                    try {
                                        bufferedInputStream.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    bufferedInputStream.close();
                                }
                            }
                            if (fileInputStream != null) {
                                if (0 != 0) {
                                    try {
                                        fileInputStream.close();
                                    } catch (Throwable th4) {
                                        th.addSuppressed(th4);
                                    }
                                } else {
                                    fileInputStream.close();
                                }
                            }
                            return readDERPrivateKey;
                        }
                        byte[] readPEMPrivateKey = readPEMPrivateKey(file, bufferedInputStream, readPassword);
                        if (bufferedInputStream != null) {
                            if (0 != 0) {
                                try {
                                    bufferedInputStream.close();
                                } catch (Throwable th5) {
                                    th2.addSuppressed(th5);
                                }
                            } else {
                                bufferedInputStream.close();
                            }
                        }
                        if (fileInputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileInputStream.close();
                                } catch (Throwable th6) {
                                    th.addSuppressed(th6);
                                }
                            } else {
                                fileInputStream.close();
                            }
                        }
                        if (readPassword != null) {
                            Arrays.fill(readPassword, (char) 0);
                        }
                        return readPEMPrivateKey;
                    } catch (Throwable th7) {
                        if (r14 != 0) {
                            if (r15 != 0) {
                                try {
                                    r14.close();
                                } catch (Throwable th8) {
                                    r15.addSuppressed(th8);
                                }
                            } else {
                                r14.close();
                            }
                        }
                        throw th7;
                    }
                } catch (IOException e3) {
                    Debug.debugException(e3);
                    throw new LDAPException(ResultCode.DECODING_ERROR, ExtOpMessages.ERR_CD_KSC_DECODE_ERROR_READING_PK_FILE.get(file.getAbsolutePath(), StaticUtils.getExceptionMessage(e3)), e3);
                }
            } finally {
                if (readPassword != null) {
                    Arrays.fill(readPassword, (char) 0);
                }
            }
        } catch (Throwable th9) {
            if (passwordFileReader != 0) {
                if (r13 != 0) {
                    try {
                        passwordFileReader.close();
                    } catch (Throwable th10) {
                        r13.addSuppressed(th10);
                    }
                } else {
                    passwordFileReader.close();
                }
            }
            throw th9;
        }
    }

    @NotNull
    private static byte[] readDERPrivateKey(@NotNull File file, @NotNull InputStream inputStream, @Nullable char[] cArr) throws LDAPException {
        ASN1StreamReader aSN1StreamReader;
        Throwable th;
        ASN1Element readElement;
        try {
            aSN1StreamReader = new ASN1StreamReader(inputStream);
            th = null;
            try {
                readElement = aSN1StreamReader.readElement();
            } finally {
                if (aSN1StreamReader != null) {
                    if (0 != 0) {
                        try {
                            aSN1StreamReader.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        aSN1StreamReader.close();
                    }
                }
            }
        } catch (Exception e) {
            Debug.debugException(e);
            throw new LDAPException(ResultCode.DECODING_ERROR, ExtOpMessages.ERR_CD_KSC_DECODE_DER_PK_ERROR.get(file.getAbsolutePath(), StaticUtils.getExceptionMessage(e)), e);
        }
        if (aSN1StreamReader.readElement() != null) {
            throw new LDAPException(ResultCode.DECODING_ERROR, ExtOpMessages.ERR_CD_KSC_DECODE_MULTIPLE_DER_KEYS_IN_FILE.get(file.getAbsolutePath()));
        }
        byte[] encode = readElement.encode();
        if (cArr == null) {
            return encode;
        }
        byte[] pKCS8PrivateKeyBytes = PKCS8EncryptionHandler.decryptPrivateKey(encode, cArr).getPKCS8PrivateKeyBytes();
        if (aSN1StreamReader != null) {
            if (0 != 0) {
                try {
                    aSN1StreamReader.close();
                } catch (Throwable th3) {
                    th.addSuppressed(th3);
                }
            } else {
                aSN1StreamReader.close();
            }
        }
        return pKCS8PrivateKeyBytes;
        Debug.debugException(e);
        throw new LDAPException(ResultCode.DECODING_ERROR, ExtOpMessages.ERR_CD_KSC_DECODE_DER_PK_ERROR.get(file.getAbsolutePath(), StaticUtils.getExceptionMessage(e)), e);
    }

    /* JADX WARN: Failed to calculate best type for var: r12v1 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Failed to calculate best type for var: r13v0 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException
     */
    /* JADX WARN: Not initialized variable reg: 12, insn: 0x006b: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r12 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:25:0x006b */
    /* JADX WARN: Not initialized variable reg: 13, insn: 0x006f: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r13 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:27:0x006f */
    /* JADX WARN: Type inference failed for: r12v1, types: [com.unboundid.util.ssl.cert.PKCS8PEMFileReader] */
    /* JADX WARN: Type inference failed for: r13v0, types: [java.lang.Throwable] */
    @NotNull
    private static byte[] readPEMPrivateKey(@NotNull File file, @NotNull InputStream inputStream, @Nullable char[] cArr) throws IOException, LDAPException {
        try {
            try {
                PKCS8PEMFileReader pKCS8PEMFileReader = new PKCS8PEMFileReader(inputStream);
                Throwable th = null;
                PKCS8PrivateKey readPrivateKey = pKCS8PEMFileReader.readPrivateKey();
                if (pKCS8PEMFileReader.readPrivateKey(cArr) != null) {
                    throw new LDAPException(ResultCode.DECODING_ERROR, ExtOpMessages.ERR_CD_KSC_DECODE_MULTIPLE_PEM_KEYS_IN_FILE.get(file.getAbsolutePath()));
                }
                byte[] pKCS8PrivateKeyBytes = readPrivateKey.getPKCS8PrivateKeyBytes();
                if (pKCS8PEMFileReader != null) {
                    if (0 != 0) {
                        try {
                            pKCS8PEMFileReader.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        pKCS8PEMFileReader.close();
                    }
                }
                return pKCS8PrivateKeyBytes;
            } finally {
            }
        } catch (CertException e) {
            Debug.debugException(e);
            throw new LDAPException(ResultCode.DECODING_ERROR, ExtOpMessages.ERR_CD_KSC_DECODE_PEM_PK_ERROR.get(file.getAbsolutePath(), e.getMessage()), e);
        }
    }

    @NotNull
    public List<byte[]> getCertificateChainData() {
        return this.certificateChainData;
    }

    @Nullable
    public byte[] getPrivateKeyData() {
        return this.privateKeyData;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @NotNull
    public static CertificateDataReplaceCertificateKeyStoreContent decodeInternal(@NotNull ASN1Element aSN1Element) throws LDAPException {
        try {
            ASN1Element[] elements = aSN1Element.decodeAsSequence().elements();
            ASN1Element[] elements2 = elements[0].decodeAsSequence().elements();
            ArrayList arrayList = new ArrayList();
            for (ASN1Element aSN1Element2 : elements2) {
                arrayList.add(aSN1Element2.decodeAsOctetString().getValue());
            }
            byte[] bArr = null;
            for (int i = 1; i < elements.length; i++) {
                if (elements[i].getType() == TYPE_PRIVATE_KEY) {
                    bArr = elements[i].decodeAsOctetString().getValue();
                }
            }
            return new CertificateDataReplaceCertificateKeyStoreContent(arrayList, bArr);
        } catch (Exception e) {
            Debug.debugException(e);
            throw new LDAPException(ResultCode.DECODING_ERROR, ExtOpMessages.ERR_CD_KSC_DECODE_ERROR.get(StaticUtils.getExceptionMessage(e)), e);
        }
    }

    @Override // com.unboundid.ldap.sdk.unboundidds.extensions.ReplaceCertificateKeyStoreContent
    @NotNull
    public ASN1Element encode() {
        ArrayList arrayList = new ArrayList(2);
        ArrayList arrayList2 = new ArrayList(this.certificateChainData.size());
        Iterator<byte[]> it = this.certificateChainData.iterator();
        while (it.hasNext()) {
            arrayList2.add(new ASN1OctetString(it.next()));
        }
        arrayList.add(new ASN1Sequence((byte) -82, arrayList2));
        if (this.privateKeyData != null) {
            arrayList.add(new ASN1OctetString((byte) -81, this.privateKeyData));
        }
        return new ASN1Sequence((byte) -94, arrayList);
    }

    @Override // com.unboundid.ldap.sdk.unboundidds.extensions.ReplaceCertificateKeyStoreContent
    public void toString(@NotNull StringBuilder sb) {
        sb.append("CertificateDataReplaceCertificateKeyStoreContent(certificateChainLength=");
        sb.append(this.certificateChainData.size());
        sb.append(", privateProvided=");
        sb.append(this.privateKeyData != null);
        sb.append(')');
    }
}
