package com.azure.security.keyvault.jca.implementation.certificates;

import com.azure.security.keyvault.jca.implementation.shaded.com.fasterxml.jackson.annotation.JsonProperty;
import com.azure.security.keyvault.jca.implementation.shaded.org.apache.commons.codec.digest.DigestUtils;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.Key;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.stream.Stream;

/* loaded from: input_file:com/azure/security/keyvault/jca/implementation/certificates/SpecificPathCertificates.class */
public final class SpecificPathCertificates implements AzureCertificates {
    private static final Map<String, SpecificPathCertificates> CACHE = new HashMap();
    private static final Logger LOGGER = Logger.getLogger(SpecificPathCertificates.class.getName());
    private final List<String> aliases = new ArrayList();
    private final Map<String, Certificate> certificates = new HashMap();
    private final Map<String, Key> certificateKeys = new HashMap();
    private final String certificatePath;

    @Override // com.azure.security.keyvault.jca.implementation.certificates.AzureCertificates
    public List<String> getAliases() {
        return this.aliases;
    }

    @Override // com.azure.security.keyvault.jca.implementation.certificates.AzureCertificates
    public Map<String, Certificate> getCertificates() {
        return this.certificates;
    }

    @Override // com.azure.security.keyvault.jca.implementation.certificates.AzureCertificates
    public Map<String, Key> getCertificateKeys() {
        return this.certificateKeys;
    }

    @Override // com.azure.security.keyvault.jca.implementation.certificates.AzureCertificates
    public void deleteEntry(String str) {
        this.aliases.remove(str);
        this.certificates.remove(str);
        this.certificateKeys.remove(str);
    }

    private SpecificPathCertificates(String str) {
        this.certificatePath = str;
        loadCertificatesFromSpecificPath();
    }

    public void setCertificateEntry(String str, Certificate certificate) {
        if (this.aliases.contains(str)) {
            LOGGER.log(Level.WARNING, "Cannot load certificates with the same alias in specific path", str);
        } else {
            this.aliases.add(str);
            this.certificates.put(str, certificate);
        }
    }

    private void setCertificateByFile(File file) throws IOException {
        try {
            FileInputStream fileInputStream = new FileInputStream(file);
            try {
                BufferedInputStream bufferedInputStream = new BufferedInputStream(fileInputStream);
                try {
                    String certificateAlias = toCertificateAlias(file);
                    X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(bufferedInputStream);
                    if (x509Certificate != null) {
                        setCertificateEntry(certificateAlias, x509Certificate);
                        LOGGER.log(Level.INFO, "Load certificate from specific path. alias = {0}, thumbprint = {1}, file = {2}", new Object[]{certificateAlias, getThumbprint(x509Certificate), file.getName()});
                    }
                    bufferedInputStream.close();
                    fileInputStream.close();
                } catch (Throwable th) {
                    try {
                        bufferedInputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                    throw th;
                }
            } finally {
            }
        } catch (CertificateException e) {
            LOGGER.log(Level.WARNING, "Unable to load certificate from: " + file.getName(), (Throwable) e);
        }
    }

    private void loadCertificatesFromSpecificPath() {
        try {
            Iterator<File> it = getFiles().iterator();
            while (it.hasNext()) {
                setCertificateByFile(it.next());
            }
        } catch (IOException e) {
            LOGGER.log(Level.WARNING, "Unable to determine certificates to specific path", (Throwable) e);
        }
    }

    String getThumbprint(Certificate certificate) {
        try {
            return DigestUtils.sha1Hex(certificate.getEncoded());
        } catch (CertificateEncodingException e) {
            LOGGER.log(Level.WARNING, "Unable to get thumbprint for certificate", (Throwable) e);
            return JsonProperty.USE_DEFAULT_NAME;
        }
    }

    public static String toCertificateAlias(File file) {
        String name = file.getName();
        int lastIndexOf = name.lastIndexOf(46);
        return lastIndexOf == -1 ? name : name.substring(0, lastIndexOf);
    }

    private List<File> getFiles() {
        ArrayList arrayList = new ArrayList();
        Stream filter = ((Stream) Optional.ofNullable(new File(this.certificatePath).listFiles()).map((v0) -> {
            return Arrays.stream(v0);
        }).orElseGet(Stream::empty)).filter((v0) -> {
            return Objects.nonNull(v0);
        }).filter((v0) -> {
            return v0.isFile();
        }).filter((v0) -> {
            return v0.exists();
        }).filter((v0) -> {
            return v0.canRead();
        });
        Objects.requireNonNull(arrayList);
        filter.forEach((v1) -> {
            r1.add(v1);
        });
        return arrayList;
    }

    public static synchronized SpecificPathCertificates getSpecificPathCertificates(String str) {
        SpecificPathCertificates orDefault = CACHE.getOrDefault(str, null);
        if (orDefault == null) {
            orDefault = new SpecificPathCertificates(str);
            CACHE.put(str, orDefault);
        }
        return orDefault;
    }
}
