package org.springframework.security.crypto.encrypt;

import java.io.InputStream;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.spec.RSAPublicKeySpec;
import org.springframework.core.io.Resource;
import org.springframework.util.StringUtils;

/* loaded from: input_file:BOOT-INF/lib/spring-security-crypto-6.4.4.jar:org/springframework/security/crypto/encrypt/KeyStoreKeyFactory.class */
public class KeyStoreKeyFactory {
    private final Resource resource;
    private final char[] password;
    private KeyStore store;
    private final Object lock;
    private final String type;

    public KeyStoreKeyFactory(Resource resource, char[] cArr) {
        this(resource, cArr, type(resource));
    }

    private static String type(Resource resource) {
        String filenameExtension = StringUtils.getFilenameExtension(resource.getFilename());
        return filenameExtension != null ? filenameExtension : "jks";
    }

    public KeyStoreKeyFactory(Resource resource, char[] cArr, String str) {
        this.lock = new Object();
        this.resource = resource;
        this.password = cArr;
        this.type = str;
    }

    public KeyPair getKeyPair(String str) {
        return getKeyPair(str, this.password);
    }

    public KeyPair getKeyPair(String str, char[] cArr) {
        try {
            synchronized (this.lock) {
                if (this.store == null) {
                    synchronized (this.lock) {
                        this.store = KeyStore.getInstance(this.type);
                        InputStream inputStream = this.resource.getInputStream();
                        try {
                            this.store.load(inputStream, this.password);
                            if (inputStream != null) {
                                inputStream.close();
                            }
                        } catch (Throwable th) {
                            if (inputStream != null) {
                                try {
                                    inputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            }
                            throw th;
                        }
                    }
                }
            }
            RSAPrivateCrtKey rSAPrivateCrtKey = (RSAPrivateCrtKey) this.store.getKey(str, cArr);
            Certificate certificate = this.store.getCertificate(str);
            PublicKey publicKey = null;
            if (certificate != null) {
                publicKey = certificate.getPublicKey();
            } else if (rSAPrivateCrtKey != null) {
                publicKey = KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(rSAPrivateCrtKey.getModulus(), rSAPrivateCrtKey.getPublicExponent()));
            }
            return new KeyPair(publicKey, rSAPrivateCrtKey);
        } catch (Exception e) {
            throw new IllegalStateException("Cannot load keys from store: " + String.valueOf(this.resource), e);
        }
    }
}
