package com.android.tools.build.bundletool.model;

import com.android.tools.build.bundletool.model.AutoValue_SignerConfig;
import com.android.tools.build.bundletool.model.exceptions.CommandExecutionException;
import com.android.tools.build.bundletool.model.utils.files.FilePreconditions;
import com.android.tools.r8.annotations.SynthesizedClassMap;
import com.google.auto.value.AutoValue;
import com.google.common.collect.ImmutableList;
import com.google.errorprone.annotations.Immutable;
import java.io.FileInputStream;
import java.io.IOException;
import java.nio.file.Path;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Optional;
import java.util.function.Function;
import java.util.function.Supplier;
import javax.security.auth.DestroyFailedException;
import javax.security.auth.Destroyable;

@Immutable
@SynthesizedClassMap({$$Lambda$Pyz91XOvnkUnGlKhmgRZklKEfMw.class, $$Lambda$SignerConfig$zGtlo_pG8TVymR3ABkB0Dn8xps.class, $$Lambda$SignerConfig$H4SzfPPt6Oxu6YbYy2gKtIj1NXg.class})
@AutoValue.CopyAnnotations
@AutoValue
/* loaded from: classes9.dex */
public abstract class SignerConfig {

    @AutoValue.Builder
    /* loaded from: classes9.dex */
    public static abstract class Builder {
        public abstract SignerConfig build();

        public abstract Builder setCertificates(ImmutableList<X509Certificate> immutableList);

        public abstract Builder setPrivateKey(PrivateKey privateKey);
    }

    public static Builder builder() {
        return new AutoValue_SignerConfig.Builder();
    }

    public static SignerConfig extractFromKeystore(Path path, String str, Optional<Password> optional, Optional<Password> optional2) {
        FilePreconditions.checkFileExistsAndReadable(path);
        try {
            KeyStore keyStore = KeyStore.getInstance("JKS");
            Destroyable destroyable = null;
            Destroyable destroyable2 = null;
            try {
                try {
                    FileInputStream fileInputStream = new FileInputStream(path.toFile());
                    try {
                        KeyStore.PasswordProtection passwordProtection = (KeyStore.PasswordProtection) optional.map(new Function() { // from class: com.android.tools.build.bundletool.model.-$$Lambda$Pyz91XOvnkUnGlKhmgRZklKEfMw
                            @Override // java.util.function.Function
                            public final Object apply(Object obj) {
                                return ((Password) obj).getValue();
                            }
                        }).orElseGet(new Supplier() { // from class: com.android.tools.build.bundletool.model.-$$Lambda$SignerConfig$-zGtlo_pG8TVymR3ABkB0Dn8xps
                            @Override // java.util.function.Supplier
                            public final Object get() {
                                return SignerConfig.lambda$extractFromKeystore$0();
                            }
                        });
                        try {
                            keyStore.load(fileInputStream, passwordProtection.getPassword());
                            if (optional2.isPresent()) {
                                try {
                                    SignerConfig readSigningConfigFromLoadedKeyStore = readSigningConfigFromLoadedKeyStore(keyStore, str, optional2.get().getValue().getPassword());
                                    fileInputStream.close();
                                    if (0 != 0) {
                                        try {
                                            destroyable2.destroy();
                                        } catch (DestroyFailedException e) {
                                        }
                                    }
                                    if (passwordProtection != null) {
                                        passwordProtection.destroy();
                                    }
                                    return readSigningConfigFromLoadedKeyStore;
                                } catch (UnrecoverableKeyException e2) {
                                    throw CommandExecutionException.builder().withInternalMessage("Incorrect key password.").withCause(e2).build();
                                }
                            }
                            try {
                                SignerConfig readSigningConfigFromLoadedKeyStore2 = readSigningConfigFromLoadedKeyStore(keyStore, str, passwordProtection.getPassword());
                                fileInputStream.close();
                                if (0 != 0) {
                                    try {
                                        destroyable2.destroy();
                                    } catch (DestroyFailedException e3) {
                                    }
                                }
                                if (passwordProtection != null) {
                                    passwordProtection.destroy();
                                }
                                return readSigningConfigFromLoadedKeyStore2;
                            } catch (UnrecoverableKeyException e4) {
                                try {
                                    KeyStore.PasswordProtection passwordProtection2 = new KeyStore.PasswordProtection(System.console().readPassword("Enter password for key '%s': ", str));
                                    SignerConfig readSigningConfigFromLoadedKeyStore3 = readSigningConfigFromLoadedKeyStore(keyStore, str, passwordProtection2.getPassword());
                                    fileInputStream.close();
                                    try {
                                        passwordProtection2.destroy();
                                        if (passwordProtection != null) {
                                            passwordProtection.destroy();
                                        }
                                    } catch (DestroyFailedException e5) {
                                    }
                                    return readSigningConfigFromLoadedKeyStore3;
                                } catch (UnrecoverableKeyException e6) {
                                    throw CommandExecutionException.builder().withInternalMessage("Incorrect key password.").withCause(e6).build();
                                }
                            }
                        } catch (IOException e7) {
                            if (e7.getCause() instanceof UnrecoverableKeyException) {
                                throw CommandExecutionException.builder().withInternalMessage("Incorrect keystore password.").withCause(e7).build();
                            }
                            throw e7;
                        }
                    } finally {
                    }
                } catch (Throwable th) {
                    if (0 != 0) {
                        try {
                            destroyable2.destroy();
                        } catch (DestroyFailedException e8) {
                            throw th;
                        }
                    }
                    if (0 != 0) {
                        destroyable.destroy();
                    }
                    throw th;
                }
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e9) {
                throw CommandExecutionException.builder().withCause(e9).withInternalMessage("Error while loading private key and certificates from the keystore.").build();
            }
        } catch (KeyStoreException e10) {
            throw CommandExecutionException.builder().withCause(e10).withInternalMessage("Unable to build a keystore instance: " + e10.getMessage()).build();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ KeyStore.PasswordProtection lambda$extractFromKeystore$0() {
        return new KeyStore.PasswordProtection(System.console().readPassword("Enter keystore password: ", new Object[0]));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ X509Certificate lambda$readSigningConfigFromLoadedKeyStore$1(Certificate certificate) {
        return (X509Certificate) certificate;
    }

    private static SignerConfig readSigningConfigFromLoadedKeyStore(KeyStore keyStore, String str, char[] cArr) throws NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException {
        PrivateKey privateKey = (PrivateKey) keyStore.getKey(str, cArr);
        Certificate[] certificateChain = keyStore.getCertificateChain(str);
        if (certificateChain != null) {
            return builder().setPrivateKey(privateKey).setCertificates((ImmutableList) Arrays.stream(certificateChain).map(new Function() { // from class: com.android.tools.build.bundletool.model.-$$Lambda$SignerConfig$H4SzfPPt6Oxu6YbYy2gKtIj1NXg
                @Override // java.util.function.Function
                public final Object apply(Object obj) {
                    return SignerConfig.lambda$readSigningConfigFromLoadedKeyStore$1((Certificate) obj);
                }
            }).collect(ImmutableList.toImmutableList())).build();
        }
        throw CommandExecutionException.builder().withInternalMessage("No key found with alias '%s' in keystore.", str).build();
    }

    public abstract ImmutableList<X509Certificate> getCertificates();

    public abstract PrivateKey getPrivateKey();
}
