package com.redhat.lightblue.client.http.auth;

import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Set;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/redhat/lightblue/client/http/auth/CertificateManager.class */
public class CertificateManager {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) SslSocketFactories.class);
    static final String FILE_PROTOCOL = "file://";

    /* JADX INFO: Access modifiers changed from: package-private */
    public static List<InputStream> getCaCertFiles(List<String> list) throws FileNotFoundException {
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(loadFile(it.next()));
        }
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Set<Certificate> getCertificates(List<InputStream> list) throws CertificateException {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        Iterator<InputStream> it = list.iterator();
        while (it.hasNext()) {
            linkedHashSet.add(getCertificate(it.next()));
        }
        return linkedHashSet;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static InputStream loadFile(String str) throws FileNotFoundException {
        InputStream loadFile = loadFile(CertificateManager.class.getClassLoader(), str);
        if (loadFile == null) {
            throw new FileNotFoundException("Could not read certs from " + str);
        }
        return loadFile;
    }

    private static InputStream loadFile(ClassLoader classLoader, String str) throws FileNotFoundException {
        return str.startsWith(FILE_PROTOCOL) ? new FileInputStream(str.substring(FILE_PROTOCOL.length())) : classLoader.getResourceAsStream(str);
    }

    static X509Certificate getCertificate(InputStream inputStream) throws CertificateException {
        return (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(inputStream);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static KeyStore getPkcs12KeyStore(InputStream inputStream, char[] cArr) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        KeyStore keyStore = KeyStore.getInstance("pkcs12");
        keyStore.load(inputStream, cArr);
        return keyStore;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static KeyStore getJksKeyStore(Set<Certificate> set, KeyStore keyStore, String str, char[] cArr) throws CertificateException, NoSuchAlgorithmException, IOException, KeyStoreException, UnrecoverableKeyException {
        Certificate[] certificateChain;
        Key key;
        KeyStore keyStore2 = KeyStore.getInstance("jks");
        keyStore2.load(null, cArr);
        for (Certificate certificate : set) {
            keyStore2.setCertificateEntry(certificate.toString(), certificate);
        }
        if (str != null) {
            LOGGER.debug("Loading certificates using alias='" + str + "'");
            certificateChain = keyStore.getCertificateChain(str);
            key = keyStore.getKey(str, cArr);
            if (certificateChain == null || key == null) {
                throw new RuntimeException("Specified alias='" + str + "' does not appear to exist in the keystore.");
            }
        } else {
            LOGGER.debug("Certificate alias not specified");
            ArrayList list = Collections.list(keyStore.aliases());
            if (list.size() != 1) {
                throw new RuntimeException("Certificate alias not specified and the keystore has more than one alias or keystore is empty. Aliases found: " + list);
            }
            String str2 = (String) list.get(0);
            LOGGER.debug("Certificate alias was not specified, but only one alias exist is the keystore. Using alias='" + str2 + "'");
            certificateChain = keyStore.getCertificateChain(str2);
            key = keyStore.getKey(str2, cArr);
        }
        keyStore2.setKeyEntry("anykey", key, cArr, certificateChain);
        return keyStore2;
    }
}
