package no.digipost.signature.client.core.internal;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import no.digipost.signature.client.ClientConfiguration;
import no.digipost.signature.client.core.exceptions.ConfigurationException;

/* loaded from: input_file:no/digipost/signature/client/core/internal/TrustStoreLoader.class */
public class TrustStoreLoader {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:no/digipost/signature/client/core/internal/TrustStoreLoader$ClassPathFileLoader.class */
    public static class ClassPathFileLoader implements ResourceLoader {
        public static final String CLASSPATH_PATH_PREFIX = "classpath:";
        private final String certificatePath;

        public ClassPathFileLoader(String str) {
            this.certificatePath = str.substring(CLASSPATH_PATH_PREFIX.length());
        }

        @Override // no.digipost.signature.client.core.internal.TrustStoreLoader.ResourceLoader
        public void forEachFile(ForFile forFile) throws IOException {
            URL resource = TrustStoreLoader.class.getResource(this.certificatePath);
            InputStream openStream = resource.openStream();
            Throwable th = null;
            try {
                forFile.call(new File(resource.getFile()).getName(), openStream);
                if (openStream != null) {
                    if (0 == 0) {
                        openStream.close();
                        return;
                    }
                    try {
                        openStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
            } catch (Throwable th3) {
                if (openStream != null) {
                    if (0 != 0) {
                        try {
                            openStream.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        openStream.close();
                    }
                }
                throw th3;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:no/digipost/signature/client/core/internal/TrustStoreLoader$FileLoader.class */
    public static class FileLoader implements ResourceLoader {
        private final File path;

        public FileLoader(String str) {
            this.path = new File(str);
        }

        @Override // no.digipost.signature.client.core.internal.TrustStoreLoader.ResourceLoader
        public void forEachFile(ForFile forFile) throws IOException {
            if (!this.path.isDirectory()) {
                throw new ConfigurationException("Certificate path '" + this.path + "' is not a directory. It should point to a directory containing certificates.");
            }
            File[] listFiles = this.path.listFiles();
            if (listFiles == null) {
                throw new ConfigurationException("Unable to read certificates from '" + this.path + "'. Make sure it's the correct path.");
            }
            for (File file : listFiles) {
                FileInputStream fileInputStream = new FileInputStream(file);
                Throwable th = null;
                try {
                    try {
                        forFile.call(file.getName(), fileInputStream);
                        if (fileInputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileInputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileInputStream.close();
                            }
                        }
                    } finally {
                    }
                } catch (Throwable th3) {
                    if (fileInputStream != null) {
                        if (th != null) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                    throw th3;
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:no/digipost/signature/client/core/internal/TrustStoreLoader$ForFile.class */
    public static abstract class ForFile {
        private ForFile() {
        }

        abstract void call(String str, InputStream inputStream);
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:no/digipost/signature/client/core/internal/TrustStoreLoader$ResourceLoader.class */
    public interface ResourceLoader {
        void forEachFile(ForFile forFile) throws IOException;
    }

    public static KeyStore build(ClientConfiguration clientConfiguration) {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            Iterator<String> it = clientConfiguration.getCertificatePaths().iterator();
            while (it.hasNext()) {
                loadCertificatesInto(it.next(), keyStore);
            }
            return keyStore;
        } catch (IOException | KeyManagementException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new ConfigurationException("Unable to load certificates into truststore", e);
        }
    }

    private static void loadCertificatesInto(String str, final KeyStore keyStore) throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
        (str.indexOf(ClassPathFileLoader.CLASSPATH_PATH_PREFIX) == 0 ? new ClassPathFileLoader(str) : new FileLoader(str)).forEachFile(new ForFile() { // from class: no.digipost.signature.client.core.internal.TrustStoreLoader.1
            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            {
                super();
            }

            @Override // no.digipost.signature.client.core.internal.TrustStoreLoader.ForFile
            void call(String str2, InputStream inputStream) {
                try {
                    keyStore.setCertificateEntry(str2, (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(inputStream));
                } catch (KeyStoreException | CertificateException e) {
                    throw new ConfigurationException("Unable to load certificate in " + str2);
                }
            }
        });
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        SSLContext.getInstance("TLS").init(null, trustManagerFactory.getTrustManagers(), null);
    }
}
