package org.omnifaces.utils.security;

import java.io.FileOutputStream;
import java.io.IOException;
import java.io.UncheckedIOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.attribute.FileAttribute;
import java.security.KeyManagementException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import org.omnifaces.utils.Lang;

/* loaded from: input_file:org/omnifaces/utils/security/Certificates.class */
public final class Certificates {
    private Certificates() {
    }

    public static X509Certificate[] getCertificateChainFromServer(String str, int i) {
        return getCertificateChainFromServer(str, i, 15000);
    }

    public static X509Certificate[] getCertificateChainFromServer(String str, int i, int i2) {
        SSLSocket sSLSocket;
        Throwable th;
        InterceptingX509TrustManager interceptingX509TrustManager = new InterceptingX509TrustManager();
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new TrustManager[]{interceptingX509TrustManager}, null);
            sSLSocket = (SSLSocket) sSLContext.getSocketFactory().createSocket(str, i);
            th = null;
        } catch (IOException | KeyManagementException | NoSuchAlgorithmException e) {
            e.printStackTrace();
        }
        try {
            try {
                sSLSocket.setSoTimeout(i2);
                sSLSocket.startHandshake();
                if (sSLSocket != null) {
                    if (0 != 0) {
                        try {
                            sSLSocket.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        sSLSocket.close();
                    }
                }
                if (interceptingX509TrustManager.getX509ServerCertificates().isEmpty()) {
                    return null;
                }
                return interceptingX509TrustManager.getX509ServerCertificates().get(0);
            } finally {
            }
        } finally {
        }
    }

    public static String getHostFromCertificate(X509Certificate[] x509CertificateArr) {
        String[] split = x509CertificateArr[0].getIssuerX500Principal().getName().split(",");
        if (Lang.isEmpty((Object[]) split)) {
            throw new IllegalStateException("No CN name found");
        }
        String str = split[0];
        return str.substring(str.indexOf(61) + 1).trim();
    }

    public static KeyPair generateRandomRSAKeys() {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "BC");
            keyPairGenerator.initialize(2048);
            return keyPairGenerator.generateKeyPair();
        } catch (NoSuchAlgorithmException | NoSuchProviderException e) {
            throw new IllegalStateException(e);
        }
    }

    public static String createTempJKSKeyStore(PrivateKey privateKey, X509Certificate x509Certificate) {
        try {
            Path createTempFile = Files.createTempFile("trustStore", ".jks", new FileAttribute[0]);
            createJKSKeyStore(createTempFile, "changeit".toCharArray(), privateKey, x509Certificate);
            return createTempFile.toString();
        } catch (IOException e) {
            throw new UncheckedIOException(e);
        }
    }

    public static void createJKSKeyStore(Path path, char[] cArr, PrivateKey privateKey, X509Certificate x509Certificate) {
        try {
            KeyStore keyStore = KeyStore.getInstance("jks");
            keyStore.load(null, null);
            keyStore.setEntry("omniKey", new KeyStore.PrivateKeyEntry(privateKey, new Certificate[]{x509Certificate}), new KeyStore.PasswordProtection(cArr));
            keyStore.store(new FileOutputStream(path.toFile()), cArr);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public static String createTempJKSTrustStore(X509Certificate[] x509CertificateArr) {
        try {
            Path createTempFile = Files.createTempFile("trustStore", ".jks", new FileAttribute[0]);
            createJKSTrustStore(createTempFile, "changeit".toCharArray(), x509CertificateArr);
            return createTempFile.toString();
        } catch (IOException e) {
            throw new UncheckedIOException(e);
        }
    }

    public static void createJKSTrustStore(Path path, char[] cArr, X509Certificate[] x509CertificateArr) {
        try {
            KeyStore keyStore = KeyStore.getInstance("jks");
            keyStore.load(null, null);
            for (int i = 0; i < x509CertificateArr.length; i++) {
                keyStore.setCertificateEntry("omniCert" + i, x509CertificateArr[i]);
            }
            keyStore.store(new FileOutputStream(path.toFile()), cArr);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static void setSystemTrustStore(String str) {
        setSystemTrustStore(str, "changeit");
    }

    public static void setSystemTrustStore(String str, String str2) {
        System.setProperty("javax.net.ssl.trustStore", str);
        System.setProperty("javax.net.ssl.trustStorePassword", str2);
    }
}
