package org.keycloak.common.util;

import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.File;
import java.io.FileInputStream;
import java.io.InputStream;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.keycloak.common.constants.GenericConstants;

/* loaded from: input_file:WEB-INF/lib/keycloak-common-4.8.0.Final.jar:org/keycloak/common/util/KeystoreUtil.class */
public class KeystoreUtil {

    /* loaded from: input_file:WEB-INF/lib/keycloak-common-4.8.0.Final.jar:org/keycloak/common/util/KeystoreUtil$KeystoreFormat.class */
    public enum KeystoreFormat {
        JKS,
        PKCS12
    }

    public static KeyStore loadKeyStore(String str, String str2) throws Exception {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        InputStream inputStream = null;
        if (str.startsWith(GenericConstants.PROTOCOL_CLASSPATH)) {
            String replace = str.replace(GenericConstants.PROTOCOL_CLASSPATH, JsonProperty.USE_DEFAULT_NAME);
            if (Thread.currentThread().getContextClassLoader() != null) {
                inputStream = Thread.currentThread().getContextClassLoader().getResourceAsStream(replace);
            }
            if (inputStream == null) {
                inputStream = KeystoreUtil.class.getResourceAsStream(replace);
            }
            if (inputStream == null) {
                throw new RuntimeException("Unable to find key store in classpath");
            }
        } else {
            inputStream = new FileInputStream(new File(str));
        }
        keyStore.load(inputStream, str2.toCharArray());
        inputStream.close();
        return keyStore;
    }

    public static KeyPair loadKeyPairFromKeystore(String str, String str2, String str3, String str4, KeystoreFormat keystoreFormat) {
        InputStream findFile = FindFile.findFile(str);
        try {
            KeyStore keyStore = keystoreFormat == KeystoreFormat.JKS ? KeyStore.getInstance(keystoreFormat.toString()) : KeyStore.getInstance(keystoreFormat.toString(), BouncyCastleProvider.PROVIDER_NAME);
            keyStore.load(findFile, str2.toCharArray());
            PrivateKey privateKey = (PrivateKey) keyStore.getKey(str4, str3.toCharArray());
            if (privateKey == null) {
                throw new RuntimeException("Couldn't load key with alias '" + str4 + "' from keystore");
            }
            return new KeyPair(keyStore.getCertificate(str4).getPublicKey(), privateKey);
        } catch (Exception e) {
            throw new RuntimeException("Failed to load private key: " + e.getMessage(), e);
        }
    }

    static {
        BouncyIntegration.init();
    }
}
