package org.jenkinsci.plugins.azurekeyvaultplugin.credentials.certificate;

import com.cloudbees.plugins.credentials.CredentialsProvider;
import com.cloudbees.plugins.credentials.CredentialsScope;
import com.cloudbees.plugins.credentials.CredentialsStore;
import com.cloudbees.plugins.credentials.common.StandardCertificateCredentials;
import com.cloudbees.plugins.credentials.impl.BaseStandardCredentials;
import com.cloudbees.plugins.credentials.impl.Messages;
import edu.umd.cs.findbugs.annotations.CheckForNull;
import edu.umd.cs.findbugs.annotations.NonNull;
import hudson.Extension;
import hudson.Util;
import hudson.util.Secret;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.util.Base64;
import java.util.Objects;
import java.util.function.Supplier;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.jenkinsci.plugins.azurekeyvaultplugin.AzureCredentialsProvider;
import org.jvnet.localizer.ResourceBundleHolder;

/* loaded from: input_file:org/jenkinsci/plugins/azurekeyvaultplugin/credentials/certificate/AzureCertificateCredentials.class */
public class AzureCertificateCredentials extends BaseStandardCredentials implements StandardCertificateCredentials {
    private static final Logger LOG = Logger.getLogger(AzureCertificateCredentials.class.getName());
    private final Supplier<Secret> keyStoreSource;
    private final Supplier<Secret> password;

    @Extension
    /* loaded from: input_file:org/jenkinsci/plugins/azurekeyvaultplugin/credentials/certificate/AzureCertificateCredentials$DescriptorImpl.class */
    public static class DescriptorImpl extends BaseStandardCredentials.BaseStandardCredentialsDescriptor {
        @NonNull
        public String getDisplayName() {
            return ResourceBundleHolder.get(Messages.class).format("CertificateCredentialsImpl.DisplayName", new Object[0]);
        }

        public String getIconClassName() {
            return "icon-application-certificate";
        }

        public boolean isApplicable(CredentialsProvider credentialsProvider) {
            return credentialsProvider instanceof AzureCredentialsProvider;
        }

        public /* bridge */ /* synthetic */ String getCheckIdUrl(CredentialsStore credentialsStore) throws UnsupportedEncodingException {
            return super.getCheckIdUrl(credentialsStore);
        }
    }

    public AzureCertificateCredentials(CredentialsScope credentialsScope, String str, String str2, Supplier<Secret> supplier, Supplier<Secret> supplier2) {
        super(credentialsScope, str, str2);
        Objects.requireNonNull(supplier2);
        this.password = supplier;
        this.keyStoreSource = supplier2;
    }

    @CheckForNull
    private static char[] toCharArray(@NonNull Secret secret) {
        String fixEmpty = Util.fixEmpty(secret.getPlainText());
        if (fixEmpty == null) {
            return null;
        }
        return fixEmpty.toCharArray();
    }

    @NonNull
    public KeyStore getKeyStore() {
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            try {
                try {
                    keyStore.load(new ByteArrayInputStream(Base64.getDecoder().decode(Secret.toString(this.keyStoreSource.get()))), toCharArray(getPassword()));
                    return keyStore;
                } catch (IOException | NoSuchAlgorithmException | CertificateException e) {
                    LOG.log(Level.WARNING, "Error loading Keystore . Secret ID:" + getId() + ". " + e.getMessage(), (Throwable) e);
                    throw new IllegalStateException("Error loading Keystore.", e);
                }
            } catch (IllegalArgumentException e2) {
                LOG.log(Level.WARNING, "Error decoding Keystore. A base64 encoded certificate is expected. Secret ID:" + getId() + ". " + e2.getMessage(), (Throwable) e2);
                throw new IllegalStateException("Cannot decode keystore", e2);
            }
        } catch (KeyStoreException e3) {
            throw new IllegalStateException("PKCS12 is a keystore type per the JLS spec", e3);
        }
    }

    @NonNull
    public Secret getKeyStoreSecret() {
        return this.keyStoreSource.get();
    }

    @NonNull
    public Secret getPassword() {
        return this.password.get();
    }
}
