package nl.altindag.ssl.util;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.UncheckedIOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.StandardOpenOption;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import java.util.function.Function;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import nl.altindag.ssl.exception.GenericCertificateException;
import nl.altindag.ssl.exception.GenericIOException;

/* loaded from: input_file:nl/altindag/ssl/util/CertificateUtils.class */
public final class CertificateUtils {
    private static final String CERTIFICATE_TYPE = "X.509";
    private static final Pattern CERTIFICATE_PATTERN = Pattern.compile("-----BEGIN CERTIFICATE-----(.*?)-----END CERTIFICATE-----", 32);
    private static final String EMPTY = "";

    private CertificateUtils() {
    }

    public static String generateAlias(Certificate certificate) {
        return certificate instanceof X509Certificate ? ((X509Certificate) certificate).getSubjectX500Principal().getName() : UUID.randomUUID().toString();
    }

    public static List<Certificate> loadCertificate(String... strArr) {
        return loadCertificate(str -> {
            return CertificateUtils.class.getClassLoader().getResourceAsStream(str);
        }, strArr);
    }

    public static List<Certificate> loadCertificate(Path... pathArr) {
        return loadCertificate(path -> {
            try {
                return Files.newInputStream(path, StandardOpenOption.READ);
            } catch (IOException e) {
                throw new UncheckedIOException(e);
            }
        }, pathArr);
    }

    public static List<Certificate> loadCertificate(InputStream... inputStreamArr) {
        return loadCertificate(Function.identity(), inputStreamArr);
    }

    private static <T> List<Certificate> loadCertificate(Function<T, InputStream> function, T[] tArr) {
        ArrayList arrayList = new ArrayList();
        for (T t : tArr) {
            try {
                InputStream apply = function.apply(t);
                Throwable th = null;
                try {
                    try {
                        arrayList.addAll(parseCertificate(apply));
                        if (apply != null) {
                            if (0 != 0) {
                                try {
                                    apply.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                apply.close();
                            }
                        }
                    } finally {
                    }
                } finally {
                }
            } catch (Exception e) {
                throw new GenericIOException(e);
            }
        }
        return Collections.unmodifiableList(arrayList);
    }

    private static List<Certificate> parseCertificate(InputStream inputStream) {
        return parseCertificate(IOUtils.getContent(inputStream));
    }

    public static List<Certificate> parseCertificate(String str) {
        ArrayList arrayList = new ArrayList();
        Matcher matcher = CERTIFICATE_PATTERN.matcher(str);
        while (matcher.find()) {
            try {
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.getDecoder().decode(matcher.group(1).replace(System.lineSeparator(), EMPTY).trim()));
                Throwable th = null;
                try {
                    try {
                        arrayList.add(CertificateFactory.getInstance(CERTIFICATE_TYPE).generateCertificate(byteArrayInputStream));
                        if (byteArrayInputStream != null) {
                            if (0 != 0) {
                                try {
                                    byteArrayInputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                byteArrayInputStream.close();
                            }
                        }
                    } finally {
                    }
                } finally {
                }
            } catch (IOException | CertificateException e) {
                throw new GenericCertificateException(e);
            }
        }
        if (arrayList.isEmpty()) {
            throw new GenericCertificateException(String.format("There are no valid certificates present to parse. Please make sure to supply at least one valid pem formatted certificate containing the header %s and the footer %s", "-----BEGIN CERTIFICATE-----", "-----END CERTIFICATE-----"));
        }
        return arrayList;
    }

    public static List<Certificate> getSystemTrustedCertificates() {
        try {
            ArrayList arrayList = new ArrayList();
            for (KeyStore keyStore : KeyStoreUtils.loadSystemKeyStores()) {
                Iterator it = Collections.list(keyStore.aliases()).iterator();
                while (it.hasNext()) {
                    String str = (String) it.next();
                    if (keyStore.isCertificateEntry(str)) {
                        arrayList.add(keyStore.getCertificate(str));
                    }
                }
            }
            return arrayList;
        } catch (KeyStoreException e) {
            throw new GenericCertificateException(e);
        }
    }
}
