package com.webauthn4j.async.anchor;

import com.webauthn4j.async.util.internal.FileAsyncUtil;
import com.webauthn4j.data.attestation.authenticator.AAGUID;
import com.webauthn4j.util.AssertUtil;
import com.webauthn4j.util.CertificateUtil;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.nio.file.Path;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.CompletionStage;
import org.jetbrains.annotations.NotNull;

/* loaded from: input_file:com/webauthn4j/async/anchor/KeyStoreTrustAnchorAsyncRepository.class */
public class KeyStoreTrustAnchorAsyncRepository implements TrustAnchorAsyncRepository {
    private final CompletableFuture<Set<TrustAnchor>> trustAnchors;

    public KeyStoreTrustAnchorAsyncRepository(KeyStore keyStore) {
        AssertUtil.notNull(keyStore, "keyStore must not be null");
        this.trustAnchors = CompletableFuture.completedFuture(loadTrustAnchors(keyStore));
    }

    public static CompletionStage<KeyStoreTrustAnchorAsyncRepository> createFromKeyStoreFilePath(Path path, String str) {
        return loadKeyStore(path, str).thenApply(KeyStoreTrustAnchorAsyncRepository::new);
    }

    @Override // com.webauthn4j.async.anchor.TrustAnchorAsyncRepository
    public CompletionStage<Set<TrustAnchor>> find(AAGUID aaguid) {
        return this.trustAnchors;
    }

    @Override // com.webauthn4j.async.anchor.TrustAnchorAsyncRepository
    public CompletionStage<Set<TrustAnchor>> find(byte[] bArr) {
        return this.trustAnchors;
    }

    @NotNull
    private static Set<TrustAnchor> loadTrustAnchors(KeyStore keyStore) {
        try {
            ArrayList list = Collections.list(keyStore.aliases());
            HashSet hashSet = new HashSet();
            Iterator it = list.iterator();
            while (it.hasNext()) {
                hashSet.add(new TrustAnchor((X509Certificate) keyStore.getCertificate((String) it.next()), null));
            }
            return hashSet;
        } catch (KeyStoreException e) {
            throw new com.webauthn4j.anchor.KeyStoreException("Failed to load TrustAnchor from keystore", e);
        }
    }

    @NotNull
    private static CompletionStage<KeyStore> loadKeyStore(Path path, String str) {
        AssertUtil.notNull(path, "keyStore must not be null");
        AssertUtil.notNull(str, "password must not be null");
        return FileAsyncUtil.load(path).thenCompose(bArr -> {
            try {
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
                try {
                    KeyStore createKeyStore = CertificateUtil.createKeyStore();
                    createKeyStore.load(byteArrayInputStream, str.toCharArray());
                    CompletableFuture completedFuture = CompletableFuture.completedFuture(createKeyStore);
                    byteArrayInputStream.close();
                    return completedFuture;
                } catch (Throwable th) {
                    try {
                        byteArrayInputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                    throw th;
                }
            } catch (IOException | NoSuchAlgorithmException | CertificateException e) {
                throw new com.webauthn4j.anchor.KeyStoreException("Failed to load TrustAnchor from keystore", e);
            }
        });
    }
}
