package net.lightbody.bmp.mitm;

import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableEntryException;
import java.security.cert.X509Certificate;
import net.lightbody.bmp.mitm.exception.CertificateSourceException;

/* loaded from: input_file:net/lightbody/bmp/mitm/KeyStoreCertificateSource.class */
public class KeyStoreCertificateSource implements CertificateAndKeySource {
    private final KeyStore keyStore;
    private final String keyStorePassword;
    private final String privateKeyAlias;

    public KeyStoreCertificateSource(KeyStore keyStore, String str, String str2) {
        if (keyStore == null) {
            throw new IllegalArgumentException("KeyStore cannot be null");
        }
        if (str == null) {
            throw new IllegalArgumentException("Private key alias cannot be null");
        }
        if (str2 == null) {
            throw new IllegalArgumentException("KeyStore password cannot be null");
        }
        this.keyStore = keyStore;
        this.keyStorePassword = str2;
        this.privateKeyAlias = str;
    }

    @Override // net.lightbody.bmp.mitm.CertificateAndKeySource
    public CertificateAndKey load() {
        try {
            try {
                KeyStore.Entry entry = this.keyStore.getEntry(this.privateKeyAlias, new KeyStore.PasswordProtection(this.keyStorePassword.toCharArray()));
                if (entry == null) {
                    throw new CertificateSourceException("Unable to find entry in keystore with alias: " + this.privateKeyAlias);
                }
                if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                    throw new CertificateSourceException("Entry in KeyStore with alias " + this.privateKeyAlias + " did not contain a private key entry");
                }
                KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
                PrivateKey privateKey = privateKeyEntry.getPrivateKey();
                if (privateKeyEntry.getCertificate() instanceof X509Certificate) {
                    return new CertificateAndKey((X509Certificate) privateKeyEntry.getCertificate(), privateKey);
                }
                throw new CertificateSourceException("Certificate for private key in KeyStore was not an X509Certificate. Private key alias: " + this.privateKeyAlias + ". Certificate type: " + (privateKeyEntry.getCertificate() != null ? privateKeyEntry.getCertificate().getClass().getName() : null));
            } catch (UnrecoverableEntryException e) {
                throw new CertificateSourceException("Unable to load private key with alias " + this.privateKeyAlias + " from KeyStore. Verify the KeyStore password is correct.", e);
            }
        } catch (KeyStoreException | NoSuchAlgorithmException e2) {
            throw new CertificateSourceException("Error accessing keyStore", e2);
        }
    }
}
