package org.wso2.micro.gateway.enforcer.util;

import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.nio.file.FileVisitOption;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:org/wso2/micro/gateway/enforcer/util/TLSUtils.class */
public class TLSUtils {
    private static final Logger log = LogManager.getLogger((Class<?>) TLSUtils.class);
    private static final String X509 = "X.509";
    private static final String crtExtension = ".crt";
    private static final String pemExtension = ".pem";

    public static Certificate getCertificateFromFile(String str) throws CertificateException, IOException {
        return getCertsFromFile(str, true).get(0);
    }

    public static Certificate getCertificateFromString(String str) throws CertificateException, IOException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(str.getBytes());
        try {
            Certificate generateCertificate = CertificateFactory.getInstance(X509).generateCertificate(byteArrayInputStream);
            byteArrayInputStream.close();
            return generateCertificate;
        } catch (Throwable th) {
            try {
                byteArrayInputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public static void addCertsToTruststore(KeyStore keyStore, String str) throws IOException {
        if (!Files.exists(Paths.get(str, new String[0]), new LinkOption[0])) {
            log.error("The provided certificates directory/file path does not exist. : " + str);
        } else if (Files.isDirectory(Paths.get(str, new String[0]), new LinkOption[0])) {
            log.debug("Provided Path is a directory: " + str);
            Files.walk(Paths.get(str, new String[0]), new FileVisitOption[0]).filter(path -> {
                Path fileName = path.getFileName();
                return fileName != null && (fileName.toString().endsWith(crtExtension) || fileName.toString().endsWith(pemExtension));
            }).forEach(path2 -> {
                updateTruststoreWithMutlipleCertPem(keyStore, path2.toAbsolutePath().toString());
            });
        } else {
            log.debug("Provided Path is a regular File Path : " + str);
            updateTruststoreWithMutlipleCertPem(keyStore, str);
        }
    }

    private static List<Certificate> getCertsFromFile(String str, boolean z) throws CertificateException, IOException {
        FileInputStream fileInputStream = new FileInputStream(str);
        try {
            BufferedInputStream bufferedInputStream = new BufferedInputStream(fileInputStream);
            try {
                ArrayList arrayList = new ArrayList();
                CertificateFactory certificateFactory = CertificateFactory.getInstance(X509);
                int i = 0;
                while (bufferedInputStream.available() > 0) {
                    if (i > 1 && z) {
                        log.warn("Provided PEM file contains more than one certificate. Hence proceeding withthe first certificate in the File");
                        bufferedInputStream.close();
                        fileInputStream.close();
                        return arrayList;
                    }
                    arrayList.add(certificateFactory.generateCertificate(bufferedInputStream));
                    i++;
                }
                bufferedInputStream.close();
                fileInputStream.close();
                return arrayList;
            } finally {
            }
        } catch (Throwable th) {
            try {
                fileInputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void updateTruststoreWithMutlipleCertPem(KeyStore keyStore, String str) {
        try {
            getCertsFromFile(str, false).forEach(certificate -> {
                try {
                    keyStore.setCertificateEntry(RandomStringUtils.random(10, true, false), certificate);
                } catch (KeyStoreException e) {
                    log.error("Error while adding the trusted certificates to the trustStore.", (Throwable) e);
                }
            });
            log.debug("Certificate Added to the truststore : " + str);
        } catch (IOException | CertificateException e) {
            log.error("Error while adding certificates to the truststore.", e);
        }
    }

    public static Certificate getCertificate(String str) throws CertificateException, IOException {
        return (X509Certificate) CertificateFactory.getInstance(X509).generateCertificate(new FileInputStream(str));
    }

    public static javax.security.cert.Certificate convertCertificate(Certificate certificate) {
        javax.security.cert.X509Certificate x509Certificate = null;
        try {
            x509Certificate = javax.security.cert.X509Certificate.getInstance(new ByteArrayInputStream(certificate.getEncoded()));
            return x509Certificate;
        } catch (CertificateEncodingException | javax.security.cert.CertificateException e) {
            log.debug("Error in loading certificate");
            return x509Certificate;
        }
    }
}
