package com.enonic.lib.http.client;

import java.io.FileInputStream;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Objects;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import okhttp3.tls.HeldCertificate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/enonic/lib/http/client/KeyStoreLoader.class */
public class KeyStoreLoader {
    private static final Logger LOG = LoggerFactory.getLogger(KeyStoreLoader.class);
    private static final ConcurrentMap<String, HeldCertificate> CACHE = new ConcurrentHashMap();
    private static final HeldCertificate NO_CERTIFICATE = new HeldCertificate.Builder().commonName("stub").build();

    private KeyStoreLoader() {
    }

    public static HeldCertificate get(String str) {
        HeldCertificate computeIfAbsent = CACHE.computeIfAbsent(str, KeyStoreLoader::compute);
        if (computeIfAbsent == NO_CERTIFICATE) {
            return null;
        }
        return computeIfAbsent;
    }

    static void clearCache() {
        CACHE.clear();
    }

    private static HeldCertificate compute(String str) {
        try {
            String property = System.getProperty("com.enonic.lib.http.client.keyStore", "");
            String property2 = System.getProperty("com.enonic.lib.http.client.keyStoreType", KeyStore.getDefaultType());
            String property3 = System.getProperty("com.enonic.lib.http.client.keyStoreProvider", "");
            char[] charArray = System.getProperty("com.enonic.lib.http.client.keyStorePassword", "").toCharArray();
            if (!property2.isEmpty() && !property.isEmpty()) {
                KeyStore keyStore = getKeyStore(property, property2, property3, charArray);
                String nextElement = str.isEmpty() ? keyStore.aliases().nextElement() : str;
                Certificate certificate = (Certificate) Objects.requireNonNull(keyStore.getCertificate(nextElement), "No certificate found for alias " + str);
                return new HeldCertificate(new KeyPair(certificate.getPublicKey(), (PrivateKey) ((Key) Objects.requireNonNull(keyStore.getKey(nextElement, charArray), "No key found for alias " + str))), (X509Certificate) certificate);
            }
        } catch (Exception e) {
            LOG.error("Failed loading com.enonic.lib.http.client.keyStore", e);
        }
        return NO_CERTIFICATE;
    }

    private static KeyStore getKeyStore(String str, String str2, String str3, char[] cArr) throws Exception {
        KeyStore keyStore = str3.isEmpty() ? KeyStore.getInstance(str2) : KeyStore.getInstance(str2, str3);
        FileInputStream fileInputStream = "NONE".equals(str) ? null : new FileInputStream(str);
        try {
            keyStore.load(fileInputStream, cArr.length != 0 ? cArr : null);
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            return keyStore;
        } catch (Throwable th) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }
}
