package org.eclipse.jkube.kit.build.service.docker.access;

import java.io.FileInputStream;
import java.io.FileReader;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collection;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.eclipse.jkube.kit.build.service.docker.config.handler.property.PropertyConfigHandler;

/* loaded from: input_file:org/eclipse/jkube/kit/build/service/docker/access/KeyStoreUtil.class */
public class KeyStoreUtil {
    private KeyStoreUtil() {
    }

    public static KeyStore createDockerKeyStore(String str) throws IOException, GeneralSecurityException {
        PrivateKey loadPrivateKey = loadPrivateKey(str + "/key.pem");
        Certificate[] loadCertificates = loadCertificates(str + "/cert.pem");
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null);
        keyStore.setKeyEntry(PropertyConfigHandler.DEFAULT_PREFIX, loadPrivateKey, PropertyConfigHandler.DEFAULT_PREFIX.toCharArray(), loadCertificates);
        addCA(keyStore, str + "/ca.pem");
        return keyStore;
    }

    /* JADX WARN: Finally extract failed */
    static PrivateKey loadPrivateKey(String str) throws IOException, GeneralSecurityException {
        Object readObject;
        FileReader fileReader = new FileReader(str);
        Throwable th = null;
        try {
            PEMParser pEMParser = new PEMParser(fileReader);
            Throwable th2 = null;
            do {
                try {
                    readObject = pEMParser.readObject();
                    if (readObject == null) {
                        if (pEMParser != null) {
                            if (0 != 0) {
                                try {
                                    pEMParser.close();
                                } catch (Throwable th3) {
                                    th2.addSuppressed(th3);
                                }
                            } else {
                                pEMParser.close();
                            }
                        }
                        if (fileReader != null) {
                            if (0 != 0) {
                                try {
                                    fileReader.close();
                                } catch (Throwable th4) {
                                    th.addSuppressed(th4);
                                }
                            } else {
                                fileReader.close();
                            }
                        }
                        throw new GeneralSecurityException("Cannot generate private key from file: " + str);
                    }
                    if (readObject instanceof PEMKeyPair) {
                        PrivateKey generatePrivateKey = generatePrivateKey(((PEMKeyPair) readObject).getPrivateKeyInfo());
                        if (pEMParser != null) {
                            if (0 != 0) {
                                try {
                                    pEMParser.close();
                                } catch (Throwable th5) {
                                    th2.addSuppressed(th5);
                                }
                            } else {
                                pEMParser.close();
                            }
                        }
                        return generatePrivateKey;
                    }
                } catch (Throwable th6) {
                    if (pEMParser != null) {
                        if (0 != 0) {
                            try {
                                pEMParser.close();
                            } catch (Throwable th7) {
                                th2.addSuppressed(th7);
                            }
                        } else {
                            pEMParser.close();
                        }
                    }
                    throw th6;
                }
            } while (!(readObject instanceof PrivateKeyInfo));
            PrivateKey generatePrivateKey2 = generatePrivateKey((PrivateKeyInfo) readObject);
            if (pEMParser != null) {
                if (0 != 0) {
                    try {
                        pEMParser.close();
                    } catch (Throwable th8) {
                        th2.addSuppressed(th8);
                    }
                } else {
                    pEMParser.close();
                }
            }
            if (fileReader != null) {
                if (0 != 0) {
                    try {
                        fileReader.close();
                    } catch (Throwable th9) {
                        th.addSuppressed(th9);
                    }
                } else {
                    fileReader.close();
                }
            }
            return generatePrivateKey2;
        } finally {
            if (fileReader != null) {
                if (0 != 0) {
                    try {
                        fileReader.close();
                    } catch (Throwable th10) {
                        th.addSuppressed(th10);
                    }
                } else {
                    fileReader.close();
                }
            }
        }
    }

    private static PrivateKey generatePrivateKey(PrivateKeyInfo privateKeyInfo) throws IOException {
        return new JcaPEMKeyConverter().getPrivateKey(privateKeyInfo);
    }

    private static void addCA(KeyStore keyStore, String str) throws IOException, KeyStoreException, CertificateException {
        for (Certificate certificate : loadCertificates(str)) {
            X509Certificate x509Certificate = (X509Certificate) certificate;
            keyStore.setCertificateEntry(x509Certificate.getSubjectX500Principal().getName(), x509Certificate);
        }
    }

    private static Certificate[] loadCertificates(String str) throws IOException, CertificateException {
        FileInputStream fileInputStream = new FileInputStream(str);
        Throwable th = null;
        try {
            Collection<? extends Certificate> generateCertificates = CertificateFactory.getInstance("X509").generateCertificates(fileInputStream);
            Certificate[] certificateArr = (Certificate[]) generateCertificates.toArray(new Certificate[generateCertificates.size()]);
            if (fileInputStream != null) {
                if (0 != 0) {
                    try {
                        fileInputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    fileInputStream.close();
                }
            }
            return certificateArr;
        } catch (Throwable th3) {
            if (fileInputStream != null) {
                if (0 != 0) {
                    try {
                        fileInputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    fileInputStream.close();
                }
            }
            throw th3;
        }
    }

    static {
        if (Security.getProvider("BC") == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }
}
