package org.smallmind.nutsnbolts.ssl;

import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.StandardOpenOption;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.LinkedList;
import org.smallmind.nutsnbolts.resource.Resource;
import org.smallmind.nutsnbolts.resource.ResourceException;

/* loaded from: input_file:org/smallmind/nutsnbolts/ssl/KeyStoreUtility.class */
public class KeyStoreUtility {
    public static KeyStoreInfo construct(String str, String str2, String str3, Resource resource, Resource... resourceArr) throws IOException, ResourceException, KeyStoreException, NoSuchProviderException, NoSuchAlgorithmException, CertificateException, InvalidKeySpecException {
        String str4 = (str == null || str.isEmpty()) ? "keystore.jks" : str.endsWith(".jks") ? str : str + ".jks";
        Path path = Paths.get(System.getProperty("user.home"), str4);
        KeyStoreInfo keyStoreInfo = new KeyStoreInfo(path);
        char[] generatePasswordArray = generatePasswordArray(str3, keyStoreInfo);
        KeyStore initializeKeystore = initializeKeystore(path, generatePasswordArray);
        PrivateKey generatePrivateKey = generatePrivateKey(resource);
        Certificate[] linkCertificateChain = linkCertificateChain(initializeKeystore, resourceArr);
        String str5 = (str2 == null || str2.isEmpty()) ? "mykeystore" : str2;
        keyStoreInfo.setKeystoreName(str4);
        keyStoreInfo.setKeystoreAlias(str5);
        initializeKeystore.setKeyEntry(str5, generatePrivateKey, generatePasswordArray, linkCertificateChain);
        initializeKeystore.store(Files.newOutputStream(path, StandardOpenOption.WRITE, StandardOpenOption.CREATE, StandardOpenOption.TRUNCATE_EXISTING), generatePasswordArray);
        return keyStoreInfo;
    }

    private static char[] generatePasswordArray(String str, KeyStoreInfo keyStoreInfo) {
        String str2 = (str == null || str.isEmpty()) ? "changeit" : str;
        keyStoreInfo.setKeystorePassword(str2);
        return str2.toCharArray();
    }

    private static KeyStore initializeKeystore(Path path, char[] cArr) throws IOException, KeyStoreException, NoSuchProviderException, NoSuchAlgorithmException, CertificateException {
        KeyStore keyStore = KeyStore.getInstance("JKS", "SUN");
        keyStore.load(null, cArr);
        keyStore.store(Files.newOutputStream(path, StandardOpenOption.WRITE, StandardOpenOption.CREATE, StandardOpenOption.TRUNCATE_EXISTING), cArr);
        keyStore.load(Files.newInputStream(path, StandardOpenOption.READ), cArr);
        return keyStore;
    }

    private static PrivateKey generatePrivateKey(Resource resource) throws IOException, ResourceException, NoSuchAlgorithmException, InvalidKeySpecException {
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        InputStream inputStream = resource.getInputStream();
        Throwable th = null;
        try {
            try {
                byte[] bArr = new byte[inputStream.available()];
                for (int i = 0; i < bArr.length; i += inputStream.read(bArr, i, bArr.length - i)) {
                }
                PKCS8EncodedKeySpec pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(bArr);
                if (inputStream != null) {
                    if (0 != 0) {
                        try {
                            inputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        inputStream.close();
                    }
                }
                return keyFactory.generatePrivate(pKCS8EncodedKeySpec);
            } finally {
            }
        } catch (Throwable th3) {
            if (inputStream != null) {
                if (th != null) {
                    try {
                        inputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    inputStream.close();
                }
            }
            throw th3;
        }
    }

    private static Certificate[] linkCertificateChain(KeyStore keyStore, Resource... resourceArr) throws ResourceException, CertificateException, KeyStoreException {
        LinkedList linkedList = new LinkedList();
        for (Resource resource : resourceArr) {
            for (Certificate certificate : CertificateFactory.getInstance("X509").generateCertificates(resource.getInputStream())) {
                keyStore.setCertificateEntry(((X509Certificate) certificate).getSubjectX500Principal().getName(), certificate);
                linkedList.add(certificate);
            }
        }
        Certificate[] certificateArr = new Certificate[linkedList.size()];
        linkedList.toArray(certificateArr);
        return certificateArr;
    }
}
