package com.typesafe.sslconfig.ssl;

import com.typesafe.sslconfig.util.LoggerFactory;
import com.typesafe.sslconfig.util.NoDepsLogger;
import java.io.Closeable;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.interfaces.RSAPublicKey;
import javax.net.ssl.KeyManagerFactory;
import scala.Array$;
import scala.Option$;
import scala.collection.Iterator;
import scala.collection.JavaConverters$;
import scala.reflect.ScalaSignature;
import scala.runtime.BoxesRunTime;
import sun.security.x509.X509CertImpl;

/* compiled from: FakeChainedKeyStore.scala */
@ScalaSignature(bytes = "\u0006\u0001\ter!B\"E\u0011\u0003ie!B(E\u0011\u0003\u0001\u0006\"B,\u0002\t\u0003A\u0006bB-\u0002\u0005\u0004%IA\u0017\u0005\u0007C\u0006\u0001\u000b\u0011B.\b\u000b\t\f\u0001\u0012A2\u0007\u000b\u0015\f\u0001\u0012\u00014\t\u000b]3A\u0011A4\b\u000b!4\u0001\u0012A5\u0007\u000b-4\u0001\u0012\u00017\t\u000b]KA\u0011A7\t\u000f9L!\u0019!C\u0001_\"1\u00010\u0003Q\u0001\nADq!_\u0005C\u0002\u0013\u0005q\u000e\u0003\u0004{\u0013\u0001\u0006I\u0001\u001d\u0005\bw\u001a\u0011\r\u0011\"\u0001p\u0011\u0019ah\u0001)A\u0005a\"9QP\u0002b\u0001\n\u0003Q\u0006B\u0002@\u0007A\u0003%1l\u0002\u0004��\u0003!\u0005\u0011\u0011\u0001\u0004\b\u0003\u0007\t\u0001\u0012AA\u0003\u0011\u00199F\u0003\"\u0001\u0002\b\u001d1\u0001\u000e\u0006E\u0001\u0003\u00131aa\u001b\u000b\t\u0002\u00055\u0001BB,\u0018\t\u0003\ty\u0001C\u0004o/\t\u0007I\u0011A8\t\ra<\u0002\u0015!\u0003q\u0011\u001dIxC1A\u0005\u0002=DaA_\f!\u0002\u0013\u0001\bbB>\u0015\u0005\u0004%\ta\u001c\u0005\u0007yR\u0001\u000b\u0011\u00029\t\u000fu$\"\u0019!C\u00015\"1a\u0010\u0006Q\u0001\nm;q!!\u0005\u0002\u0011\u0003\t\u0019BB\u0004\u0002\u0016\u0005A\t!a\u0006\t\r]\u0013C\u0011AA\r\u0011%\tYB\tb\u0001\n\u0003\ti\u0002\u0003\u0005\u00024\t\u0002\u000b\u0011BA\u0010\u0011!\t)D\tb\u0001\n\u0003y\u0007bBA\u001cE\u0001\u0006I\u0001\u001d\u0005\t\u0003s\u0011#\u0019!C\u0001_\"9\u00111\b\u0012!\u0002\u0013\u0001\b\"CA\u001fE\t\u0007I\u0011AA \u0011!\t9E\tQ\u0001\n\u0005\u0005\u0003\u0002CA%E\t\u0007I\u0011A8\t\u000f\u0005-#\u0005)A\u0005a\"I\u0011Q\n\u0012C\u0002\u0013\u0005\u0011q\n\u0005\t\u0003K\u0012\u0003\u0015!\u0003\u0002R!A\u0011q\r\u0012C\u0002\u0013\u0005!\fC\u0004\u0002j\t\u0002\u000b\u0011B.\t\u000f\u0005-\u0014\u0001\"\u0003\u0002n!9\u00111O\u0001\u0005\u0002\u0005U\u0004\u0002CAA\u0003\u0011\u0005A)a!\t\u000f\u0005}\u0015\u0001\"\u0003\u0002\"\u001a)q\n\u0012\u0002\u0002(\"Q\u0011\u0011\u0016\u001c\u0003\u0002\u0003\u0006I!a+\t\r]3D\u0011AA[\u0011%\tYL\u000eb\u0001\n\u0013\ti\f\u0003\u0005\u0002FZ\u0002\u000b\u0011BA`\u0011\u001d\t9M\u000eC\u0001\u0003\u0013D\u0001\"a77\t\u0003!\u0015Q\u001c\u0005\b\u0003S4D\u0011BAv\u0011!\t\tP\u000eC\u0001\t\u0006M\bbBA��m\u0011\u0005!\u0011\u0001\u0005\b\u0005\u000b1D\u0011\u0002B\u0004\u0011\u001d\u0011\u0019B\u000eC\u0001\u0005+AqAa\u000b7\t\u0003\u0011i#A\nGC.,7\t[1j]\u0016$7*Z=Ti>\u0014XM\u0003\u0002F\r\u0006\u00191o\u001d7\u000b\u0005\u001dC\u0015!C:tY\u000e|gNZ5h\u0015\tI%*\u0001\u0005usB,7/\u00194f\u0015\u0005Y\u0015aA2p[\u000e\u0001\u0001C\u0001(\u0002\u001b\u0005!%a\u0005$bW\u0016\u001c\u0005.Y5oK\u0012\\U-_*u_J,7CA\u0001R!\t\u0011V+D\u0001T\u0015\u0005!\u0016!B:dC2\f\u0017B\u0001,T\u0005\u0019\te.\u001f*fM\u00061A(\u001b8jiz\"\u0012!T\u0001\u000f\u000b6\u0003F+W0Q\u0003N\u001bvk\u0014*E+\u0005Y\u0006c\u0001*]=&\u0011Ql\u0015\u0002\u0006\u0003J\u0014\u0018-\u001f\t\u0003%~K!\u0001Y*\u0003\t\rC\u0017M]\u0001\u0010\u000b6\u0003F+W0Q\u0003N\u001bvk\u0014*EA\u0005\u00111)\u0011\t\u0003I\u001ai\u0011!\u0001\u0002\u0003\u0007\u0006\u001b\"AB)\u0015\u0003\r\fQ!\u00117jCN\u0004\"A[\u0005\u000e\u0003\u0019\u0011Q!\u00117jCN\u001c\"!C)\u0015\u0003%\f\u0001\u0003\u001e:vgR,GmQ3si\u0016sGO]=\u0016\u0003A\u0004\"!\u001d<\u000e\u0003IT!a\u001d;\u0002\t1\fgn\u001a\u0006\u0002k\u0006!!.\u0019<b\u0013\t9(O\u0001\u0004TiJLgnZ\u0001\u0012iJ,8\u000f^3e\u0007\u0016\u0014H/\u00128uef\u0004\u0013a\u0004)sSZ\fG/Z&fs\u0016sGO]=\u0002!A\u0013\u0018N^1uK.+\u00170\u00128uef\u0004\u0013!\u0005#jgRLgnZ;jg\",GMT1nK\u0006\u0011B)[:uS:<W/[:iK\u0012t\u0015-\\3!\u0003-YW-\u001f)bgN<xN\u001d3\u0002\u0019-,\u0017\u0010U1tg^|'\u000f\u001a\u0011\u0002\tU\u001bXM\u001d\t\u0003IR\u0011A!V:feN\u0011A#\u0015\u000b\u0003\u0003\u0003\u00012!a\u0003\u0018\u001b\u0005!2CA\fR)\t\tI!\u0001\tLKf\u001cHo\u001c:f'\u0016$H/\u001b8hgB\u0011AM\t\u0002\u0011\u0017\u0016L8\u000f^8sKN+G\u000f^5oON\u001c\"AI)\u0015\u0005\u0005M\u0011!E$f]\u0016\u0014\u0018\r^3e\u0017\u0016L8\u000b^8sKV\u0011\u0011q\u0004\t\u0005\u0003C\tyC\u0004\u0003\u0002$\u0005-\u0002cAA\u0013'6\u0011\u0011q\u0005\u0006\u0004\u0003Sa\u0015A\u0002\u001fs_>$h(C\u0002\u0002.M\u000ba\u0001\u0015:fI\u00164\u0017bA<\u00022)\u0019\u0011QF*\u0002%\u001d+g.\u001a:bi\u0016$7*Z=Ti>\u0014X\rI\u0001\u0017'&<g.\u0019;ve\u0016\fEnZ8sSRDWNT1nK\u000692+[4oCR,(/Z!mO>\u0014\u0018\u000e\u001e5n\u001d\u0006lW\rI\u0001\u0015\u0017\u0016L\b+Y5s\u00032<wN]5uQ6t\u0015-\\3\u0002+-+\u0017\u0010U1je\u0006cwm\u001c:ji\"lg*Y7fA\u0005\u00012*Z=QC&\u00148*Z=MK:<G\u000f[\u000b\u0003\u0003\u0003\u00022AUA\"\u0013\r\t)e\u0015\u0002\u0004\u0013:$\u0018!E&fsB\u000b\u0017N]&fs2+gn\u001a;iA\u0005a1*Z=ti>\u0014X\rV=qK\u0006i1*Z=ti>\u0014X\rV=qK\u0002\nQcU5h]\u0006$XO]3BY\u001e|'/\u001b;i[>KE)\u0006\u0002\u0002RA!\u00111KA1\u001b\t\t)F\u0003\u0003\u0002X\u0005e\u0013\u0001B;uS2TA!a\u0017\u0002^\u0005A1/Z2ve&$\u0018P\u0003\u0002\u0002`\u0005\u00191/\u001e8\n\t\u0005\r\u0014Q\u000b\u0002\u0011\u001f\nTWm\u0019;JI\u0016tG/\u001b4jKJ\facU5h]\u0006$XO]3BY\u001e|'/\u001b;i[>KE\tI\u0001\u0011W\u0016L8\u000f^8sKB\u000b7o]<pe\u0012\f\u0011c[3zgR|'/\u001a)bgN<xN\u001d3!\u0003A1\u0017\u000e\\3J]\u0012+g/T8eK\u0012K'\u000f\u0006\u0003\u0002 \u0005=\u0004bBA9e\u0001\u0007\u0011qD\u0001\tM&dWM\\1nK\u0006\u0001r-\u001a8fe\u0006$XmS3z'R|'/Z\u000b\u0003\u0003o\u0002B!!\u001f\u0002~5\u0011\u00111\u0010\u0006\u0004\u00037\"\u0018\u0002BA@\u0003w\u0012\u0001bS3z'R|'/Z\u0001\u0016GJ,\u0017\r^3Vg\u0016\u00148)\u001a:uS\u001aL7-\u0019;f)\u0019\t))!%\u0002\u001cB!\u0011qQAG\u001b\t\tII\u0003\u0003\u0002\f\u0006m\u0014\u0001B2feRLA!a$\u0002\n\ny\u0001,\u000e\u0019:\u0007\u0016\u0014H/\u001b4jG\u0006$X\rC\u0004\u0002\u0014R\u0002\r!!&\u0002\u0017U\u001cXM]&fsB\u000b\u0017N\u001d\t\u0005\u0003s\n9*\u0003\u0003\u0002\u001a\u0006m$aB&fsB\u000b\u0017N\u001d\u0005\b\u0003;#\u0004\u0019AAK\u0003m\u0019WM\u001d;jM&\u001c\u0017\r^3BkRDwN]5us.+\u0017\u0010U1je\u0006Q2M]3bi\u0016\u001cUM\u001d;jM&\u001c\u0017\r^3BkRDwN]5usR!\u0011QQAR\u0011\u001d\t)+\u000ea\u0001\u0003+\u000bqa[3z!\u0006L'o\u0005\u00027#\u0006AQn\u001b'pO\u001e,'\u000f\u0005\u0003\u0002.\u0006EVBAAX\u0015\r\t9FR\u0005\u0005\u0003g\u000byKA\u0007M_\u001e<WM\u001d$bGR|'/\u001f\u000b\u0005\u0003o\u000bI\f\u0005\u0002Om!9\u0011\u0011\u0016\u001dA\u0002\u0005-\u0016A\u00027pO\u001e,'/\u0006\u0002\u0002@B!\u0011QVAa\u0013\u0011\t\u0019-a,\u0003\u00199{G)\u001a9t\u0019><w-\u001a:\u0002\u000f1|wmZ3sA\u0005\u0019r-\u001a;LKf\u001cFo\u001c:f\r&dW\rU1uQR!\u00111ZAl!\u0011\ti-a5\u000e\u0005\u0005='bAAii\u0006\u0011\u0011n\\\u0005\u0005\u0003+\fyM\u0001\u0003GS2,\u0007bBAmw\u0001\u0007\u00111Z\u0001\bCB\u0004\b+\u0019;i\u00039\u0019\bn\\;mI\u001e+g.\u001a:bi\u0016$B!a8\u0002fB\u0019!+!9\n\u0007\u0005\r8KA\u0004C_>dW-\u00198\t\u000f\u0005\u001dH\b1\u0001\u0002L\u0006a1.Z=Ti>\u0014XMR5mK\u0006aAn\\1e\u0017\u0016L8\u000b^8sKR!\u0011qOAw\u0011\u001d\ty/\u0010a\u0001\u0003\u0017\fAAZ5mK\u0006\u00112-\u001a:uS\u001aL7-\u0019;f)>|w+Z1l)\u0011\ty.!>\t\u000f\u0005]h\b1\u0001\u0002z\u0006\t1\r\u0005\u0003\u0002\b\u0006m\u0018\u0002BA\u007f\u0003\u0013\u00131bQ3si&4\u0017nY1uK\u0006q1M]3bi\u0016\\U-_*u_J,G\u0003BA<\u0005\u0007Aq!!7@\u0001\u0004\tY-A\u000fde\u0016\fG/Z&fsN$xN]3QCJ,g\u000e\u001e#je\u0016\u001cGo\u001c:z)\u0011\u0011IAa\u0004\u0011\u0007I\u0013Y!C\u0002\u0003\u000eM\u0013A!\u00168ji\"9!\u0011\u0003!A\u0002\u0005-\u0017aC6fsN#xN]3ESJ\f\u0011c[3z\u001b\u0006t\u0017mZ3s\r\u0006\u001cGo\u001c:z)\u0011\u00119B!\u000b\u0011\t\te!QE\u0007\u0003\u00057Q1!\u0012B\u000f\u0015\u0011\u0011yB!\t\u0002\u00079,GO\u0003\u0002\u0003$\u0005)!.\u0019<bq&!!q\u0005B\u000e\u0005EYU-_'b]\u0006<WM\u001d$bGR|'/\u001f\u0005\b\u00033\f\u0005\u0019AAf\u00031\u0019Gn\\:f#VLW\r\u001e7z)\u0011\u0011IAa\f\t\u000f\tE\"\t1\u0001\u00034\u0005I1\r\\8tK\u0006\u0014G.\u001a\t\u0005\u0003\u001b\u0014)$\u0003\u0003\u00038\u0005='!C\"m_N,\u0017M\u00197f\u0001")
/* loaded from: input_file:BOOT-INF/lib/ssl-config-core_2.12-0.3.8.jar:com/typesafe/sslconfig/ssl/FakeChainedKeyStore.class */
public final class FakeChainedKeyStore {
    private final NoDepsLogger logger;

    public static KeyStore generateKeyStore() {
        return FakeChainedKeyStore$.MODULE$.generateKeyStore();
    }

    private NoDepsLogger logger() {
        return this.logger;
    }

    public File getKeyStoreFilePath(File file) {
        return new File(file, FakeChainedKeyStore$KeystoreSettings$.MODULE$.GeneratedKeyStore());
    }

    public boolean shouldGenerate(File file) {
        if (!file.exists()) {
            return true;
        }
        KeyStore loadKeyStore = loadKeyStore(file);
        return ((Iterator) JavaConverters$.MODULE$.enumerationAsScalaIteratorConverter(loadKeyStore.aliases()).asScala()).exists(str -> {
            return BoxesRunTime.boxToBoolean($anonfun$shouldGenerate$1(this, loadKeyStore, str));
        });
    }

    private KeyStore loadKeyStore(File file) {
        KeyStore keyStore = KeyStore.getInstance(FakeChainedKeyStore$KeystoreSettings$.MODULE$.KeystoreType());
        InputStream newInputStream = Files.newInputStream(file.toPath(), new OpenOption[0]);
        try {
            keyStore.load(newInputStream, FakeChainedKeyStore$KeystoreSettings$.MODULE$.keystorePassword());
            return keyStore;
        } finally {
            closeQuietly(newInputStream);
        }
    }

    public boolean certificateTooWeak(Certificate certificate) {
        if (((RSAPublicKey) certificate.getPublicKey()).getModulus().bitLength() >= 2048) {
            String sigAlgName = ((X509CertImpl) certificate).getSigAlgName();
            String SignatureAlgorithmName = FakeChainedKeyStore$KeystoreSettings$.MODULE$.SignatureAlgorithmName();
            if (sigAlgName != null ? sigAlgName.equals(SignatureAlgorithmName) : SignatureAlgorithmName == null) {
                return false;
            }
        }
        return true;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v24, types: [java.io.OutputStream, java.io.Closeable] */
    /* JADX WARN: Type inference failed for: r0v27, types: [java.security.KeyStore] */
    /* JADX WARN: Type inference failed for: r0v5 */
    /* JADX WARN: Type inference failed for: r0v6, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r5v0, types: [com.typesafe.sslconfig.ssl.FakeChainedKeyStore] */
    public KeyStore createKeyStore(File file) {
        KeyStore keyStore;
        KeyStore keyStore2;
        File keyStoreFilePath = getKeyStoreFilePath(file);
        createKeystoreParentDirectory(keyStoreFilePath.getParentFile());
        ?? r0 = this;
        synchronized (r0) {
            if (shouldGenerate(keyStoreFilePath)) {
                logger().info(new StringBuilder(146).append("Generating HTTPS key pair in ").append(keyStoreFilePath.getAbsolutePath()).append(" - this may take some time. If nothing happens, try moving the mouse/typing on the keyboard to generate some entropy.").toString());
                KeyStore generateKeyStore = FakeChainedKeyStore$.MODULE$.generateKeyStore();
                r0 = Files.newOutputStream(keyStoreFilePath.toPath(), new OpenOption[0]);
                try {
                    r0 = generateKeyStore;
                    r0.store(r0, Array$.MODULE$.emptyCharArray());
                    closeQuietly(r0);
                    keyStore = generateKeyStore;
                } catch (Throwable th) {
                    closeQuietly(r0);
                    throw th;
                }
            } else {
                KeyStore loadKeyStore = loadKeyStore(keyStoreFilePath);
                logger().info(new StringBuilder(29).append("HTTPS key pair generated in ").append(keyStoreFilePath.getAbsolutePath()).append(".").toString());
                keyStore = loadKeyStore;
            }
            keyStore2 = keyStore;
        }
        return keyStore2;
    }

    private void createKeystoreParentDirectory(File file) {
        if (file.mkdirs()) {
            logger().debug(new StringBuilder(54).append("Parent directory for keystore successfully created at ").append(file.getAbsolutePath()).toString());
            return;
        }
        if (file.exists() && file.isDirectory()) {
            logger().debug(new StringBuilder(43).append("No need to create ").append(file).append(" since it already exists.").toString());
        } else {
            if (!file.exists() || !file.isFile()) {
                throw new IllegalStateException(new StringBuilder(70).append("Failed to create ").append(file).append(". Check if there is permission to create such folder.").toString());
            }
            throw new IllegalStateException(new StringBuilder(88).append(file).append(" exists, but it is NOT a directory, making it not possible to generate a key store file.").toString());
        }
    }

    public KeyManagerFactory keyManagerFactory(File file) {
        KeyStore createKeyStore = createKeyStore(file);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
        keyManagerFactory.init(createKeyStore, Array$.MODULE$.emptyCharArray());
        return keyManagerFactory;
    }

    public void closeQuietly(Closeable closeable) {
        if (closeable != null) {
            try {
                closeable.close();
            } catch (IOException e) {
                logger().warn(new StringBuilder(29).append("Error closing stream. Cause: ").append(e).toString());
            }
        }
    }

    public static final /* synthetic */ boolean $anonfun$shouldGenerate$1(FakeChainedKeyStore fakeChainedKeyStore, KeyStore keyStore, String str) {
        return Option$.MODULE$.apply(keyStore.getCertificate(str)).exists(certificate -> {
            return BoxesRunTime.boxToBoolean(fakeChainedKeyStore.certificateTooWeak(certificate));
        });
    }

    public FakeChainedKeyStore(LoggerFactory loggerFactory) {
        this.logger = loggerFactory.apply(getClass());
    }
}
