package cz.pumpitup.driver8.jamulator.api.utils;

import java.io.IOException;
import java.io.InputStreamReader;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.io.IOUtils;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.openssl.PEMParser;

/* loaded from: input_file:cz/pumpitup/driver8/jamulator/api/utils/CertificateUtils.class */
public class CertificateUtils {
    private static final String CF_INSTANCE = "X.509";
    static CertificateFactory certificateFactory;

    public static X509Certificate getX509Certificate(String str) throws CertificateException {
        if (certificateFactory == null) {
            certificateFactory = CertificateFactory.getInstance(CF_INSTANCE);
        }
        return (X509Certificate) certificateFactory.generateCertificate(IOUtils.toInputStream(str, StandardCharsets.UTF_8));
    }

    public static List<X509Certificate> getChainX509Certificates(String str) throws IOException, CertificateException {
        ArrayList arrayList = new ArrayList();
        JcaX509CertificateConverter jcaX509CertificateConverter = new JcaX509CertificateConverter();
        PEMParser pEMParser = new PEMParser(new InputStreamReader(IOUtils.toInputStream(str, StandardCharsets.UTF_8)));
        while (true) {
            try {
                Object readObject = pEMParser.readObject();
                if (readObject == null) {
                    pEMParser.close();
                    return arrayList;
                }
                if (readObject instanceof X509CertificateHolder) {
                    arrayList.add(jcaX509CertificateConverter.getCertificate((X509CertificateHolder) readObject));
                }
            } catch (Throwable th) {
                try {
                    pEMParser.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        }
    }

    public static void addDefaultRootCaCertificates(KeyStore keyStore) throws GeneralSecurityException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init((KeyStore) null);
        for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
            if (trustManager instanceof X509TrustManager) {
                for (X509Certificate x509Certificate : ((X509TrustManager) trustManager).getAcceptedIssuers()) {
                    keyStore.setCertificateEntry(x509Certificate.getSubjectDN().getName(), x509Certificate);
                }
            }
        }
    }
}
