package io.fabric8.kubernetes.client.internal;

import io.fabric8.kubernetes.client.utils.Utils;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import okio.ByteString;
import org.apache.tools.ant.launch.Launcher;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/kie-wb-common-ala-openshift-client-7.10.0-SNAPSHOT.jar:io/fabric8/kubernetes/client/internal/CertUtils.class */
public class CertUtils {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) CertUtils.class);
    public static String TRUST_STORE_SYSTEM_PROPERTY = "javax.net.ssl.trustStore";
    public static String TRUST_STORE_PASSWORD_SYSTEM_PROPERTY = "javax.net.ssl.trustStorePassword";
    public static String KEY_STORE_SYSTEM_PROPERTY = "javax.net.ssl.keyStore";
    public static String KEY_STORE_PASSWORD_SYSTEM_PROPERTY = "javax.net.ssl.keyStorePassword";

    public static InputStream getInputStreamFromDataOrFile(String str, String str2) throws FileNotFoundException {
        if (str != null) {
            ByteString decodeBase64 = ByteString.decodeBase64(str);
            return new ByteArrayInputStream(decodeBase64 != null ? decodeBase64.toByteArray() : str.getBytes());
        }
        if (str2 != null) {
            return new FileInputStream(str2);
        }
        return null;
    }

    public static KeyStore createTrustStore(String str, String str2, String str3, String str4) throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
        InputStream inputStreamFromDataOrFile = getInputStreamFromDataOrFile(str, str2);
        Throwable th = null;
        try {
            try {
                KeyStore createTrustStore = createTrustStore(inputStreamFromDataOrFile, str3, getTrustStorePassphrase(str4));
                if (inputStreamFromDataOrFile != null) {
                    if (0 != 0) {
                        try {
                            inputStreamFromDataOrFile.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        inputStreamFromDataOrFile.close();
                    }
                }
                return createTrustStore;
            } finally {
            }
        } catch (Throwable th3) {
            if (inputStreamFromDataOrFile != null) {
                if (th != null) {
                    try {
                        inputStreamFromDataOrFile.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    inputStreamFromDataOrFile.close();
                }
            }
            throw th3;
        }
    }

    private static char[] getTrustStorePassphrase(String str) {
        return Utils.isNullOrEmpty(str) ? System.getProperty(TRUST_STORE_PASSWORD_SYSTEM_PROPERTY, "changeit").toCharArray() : str.toCharArray();
    }

    public static KeyStore createTrustStore(InputStream inputStream, String str, char[] cArr) throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        if (Utils.isNotNullOrEmpty(str)) {
            keyStore.load(new FileInputStream(str), cArr);
        } else {
            loadDefaultTrustStoreFile(keyStore, cArr);
        }
        while (inputStream.available() > 0) {
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(inputStream);
            keyStore.setCertificateEntry(x509Certificate.getSubjectX500Principal().getName(), x509Certificate);
        }
        return keyStore;
    }

    public static KeyStore createKeyStore(InputStream inputStream, InputStream inputStream2, String str, char[] cArr, String str2, char[] cArr2) throws IOException, CertificateException, NoSuchAlgorithmException, InvalidKeySpecException, KeyStoreException {
        PrivateKey generatePrivate;
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(inputStream);
        byte[] decodePem = decodePem(inputStream2);
        KeyFactory keyFactory = KeyFactory.getInstance(str);
        try {
            generatePrivate = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(decodePem));
        } catch (InvalidKeySpecException e) {
            generatePrivate = keyFactory.generatePrivate(PKCS1Util.decodePKCS1(decodePem));
        }
        KeyStore keyStore = KeyStore.getInstance("JKS");
        if (Utils.isNotNullOrEmpty(str2)) {
            keyStore.load(new FileInputStream(str2), cArr2);
        } else {
            loadDefaultKeyStoreFile(keyStore, cArr2);
        }
        keyStore.setKeyEntry(x509Certificate.getSubjectX500Principal().getName(), generatePrivate, cArr, new Certificate[]{x509Certificate});
        return keyStore;
    }

    private static void loadDefaultTrustStoreFile(KeyStore keyStore, char[] cArr) throws CertificateException, NoSuchAlgorithmException, IOException {
        if (loadDefaultStoreFile(keyStore, getDefaultTrustStoreFile(), cArr)) {
            return;
        }
        keyStore.load(null);
    }

    private static File getDefaultTrustStoreFile() {
        String str = System.getProperty("java.home") + File.separator + Launcher.ANT_PRIVATELIB + File.separator + "security" + File.separator;
        String property = System.getProperty(TRUST_STORE_SYSTEM_PROPERTY);
        if (Utils.isNotNullOrEmpty(property)) {
            return new File(property);
        }
        File file = new File(str + "jssecacerts");
        return (file.exists() && file.isFile()) ? file : new File(str + "cacerts");
    }

    private static void loadDefaultKeyStoreFile(KeyStore keyStore, char[] cArr) throws CertificateException, NoSuchAlgorithmException, IOException {
        String property = System.getProperty(KEY_STORE_SYSTEM_PROPERTY);
        if (Utils.isNotNullOrEmpty(property) && loadDefaultStoreFile(keyStore, new File(property), cArr)) {
            return;
        }
        keyStore.load(null);
    }

    private static boolean loadDefaultStoreFile(KeyStore keyStore, File file, char[] cArr) throws CertificateException, NoSuchAlgorithmException, IOException {
        if (!file.exists() || !file.isFile() || file.length() <= 0) {
            return false;
        }
        try {
            keyStore.load(new FileInputStream(file), cArr);
            return true;
        } catch (Exception e) {
            LOG.info(String.format("There is a problem with reading default keystore/truststore file %s with the passphrase %s - the file won't be loaded. The reason is: %s", file, cArr != null ? String.valueOf(cArr) : null, e.getMessage()));
            return false;
        }
    }

    public static KeyStore createKeyStore(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8) throws IOException, CertificateException, NoSuchAlgorithmException, InvalidKeySpecException, KeyStoreException {
        InputStream inputStreamFromDataOrFile = getInputStreamFromDataOrFile(str, str2);
        Throwable th = null;
        try {
            InputStream inputStreamFromDataOrFile2 = getInputStreamFromDataOrFile(str3, str4);
            Throwable th2 = null;
            try {
                try {
                    KeyStore createKeyStore = createKeyStore(inputStreamFromDataOrFile, inputStreamFromDataOrFile2, str5, str6.toCharArray(), str7, getKeyStorePassphrase(str8));
                    if (inputStreamFromDataOrFile2 != null) {
                        if (0 != 0) {
                            try {
                                inputStreamFromDataOrFile2.close();
                            } catch (Throwable th3) {
                                th2.addSuppressed(th3);
                            }
                        } else {
                            inputStreamFromDataOrFile2.close();
                        }
                    }
                    return createKeyStore;
                } finally {
                }
            } catch (Throwable th4) {
                if (inputStreamFromDataOrFile2 != null) {
                    if (th2 != null) {
                        try {
                            inputStreamFromDataOrFile2.close();
                        } catch (Throwable th5) {
                            th2.addSuppressed(th5);
                        }
                    } else {
                        inputStreamFromDataOrFile2.close();
                    }
                }
                throw th4;
            }
        } finally {
            if (inputStreamFromDataOrFile != null) {
                if (0 != 0) {
                    try {
                        inputStreamFromDataOrFile.close();
                    } catch (Throwable th6) {
                        th.addSuppressed(th6);
                    }
                } else {
                    inputStreamFromDataOrFile.close();
                }
            }
        }
    }

    private static char[] getKeyStorePassphrase(String str) {
        return Utils.isNullOrEmpty(str) ? System.getProperty(KEY_STORE_PASSWORD_SYSTEM_PROPERTY, "changeit").toCharArray() : str.toCharArray();
    }

    private static byte[] decodePem(InputStream inputStream) throws IOException {
        String readLine;
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
        do {
            try {
                readLine = bufferedReader.readLine();
                if (readLine == null) {
                    throw new IOException("PEM is invalid: no begin marker");
                }
            } catch (Throwable th) {
                bufferedReader.close();
                throw th;
            }
        } while (!readLine.contains("-----BEGIN "));
        byte[] readBytes = readBytes(bufferedReader, readLine.trim().replace("BEGIN", "END"));
        bufferedReader.close();
        return readBytes;
    }

    private static byte[] readBytes(BufferedReader bufferedReader, String str) throws IOException {
        StringBuffer stringBuffer = new StringBuffer();
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                throw new IOException("PEM is invalid : No end marker");
            }
            if (readLine.indexOf(str) != -1) {
                return ByteString.decodeBase64(stringBuffer.toString()).toByteArray();
            }
            stringBuffer.append(readLine.trim());
        }
    }
}
