package com.norconex.commons.lang.security;

import com.norconex.commons.lang.encrypt.EncryptionKey;
import com.norconex.commons.lang.encrypt.EncryptionUtil;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.CertificateException;
import java.util.function.Supplier;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.SystemUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/norconex/commons/lang/security/KeyStoreBuilder.class */
public final class KeyStoreBuilder {
    private static final Logger LOG = LoggerFactory.getLogger(KeyStoreBuilder.class);
    private Path storeFile;
    private String provider;
    private String type;
    private String password;
    private EncryptionKey passwordKey;

    private KeyStoreBuilder(Path path) {
        this.storeFile = path;
    }

    public KeyStoreBuilder setProvider(String str) {
        this.provider = str;
        return this;
    }

    public KeyStoreBuilder setType(String str) {
        this.type = str;
        return this;
    }

    public KeyStoreBuilder setPassword(String str) {
        this.password = str;
        return this;
    }

    public KeyStoreBuilder setPasswordKey(EncryptionKey encryptionKey) {
        this.passwordKey = encryptionKey;
        return this;
    }

    public KeyStore create() throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException, NoSuchProviderException {
        String orNotBlank = orNotBlank(this.type, KeyStore::getDefaultType);
        KeyStore keyStore = StringUtils.isNotBlank(this.provider) ? KeyStore.getInstance(orNotBlank, this.provider) : KeyStore.getInstance(orNotBlank);
        if (this.storeFile != null) {
            LOG.debug("Loading KeyStore {}...", this.storeFile.toAbsolutePath());
            InputStream newInputStream = Files.newInputStream(this.storeFile, new OpenOption[0]);
            Throwable th = null;
            try {
                try {
                    keyStore.load(newInputStream, passwordArray());
                    if (newInputStream != null) {
                        if (0 != 0) {
                            try {
                                newInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            newInputStream.close();
                        }
                    }
                } finally {
                }
            } catch (Throwable th3) {
                if (newInputStream != null) {
                    if (th != null) {
                        try {
                            newInputStream.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        newInputStream.close();
                    }
                }
                throw th3;
            }
        } else {
            keyStore.load(getClass().getResourceAsStream("empty-keystore.jks"), passwordArray());
        }
        return keyStore;
    }

    private char[] passwordArray() {
        if (this.password == null) {
            return null;
        }
        return EncryptionUtil.decrypt(this.password, this.passwordKey).toCharArray();
    }

    private String orNotBlank(String str, Supplier<String> supplier) {
        return StringUtils.isNotBlank(str) ? str : supplier.get();
    }

    public static KeyStoreBuilder fromJavaHome() {
        File javaHome = SystemUtils.getJavaHome();
        if (javaHome == null) {
            throw new IllegalStateException("The java.home system property must be set.");
        }
        return fromFile(new File(javaHome, File.separatorChar + "lib" + File.separatorChar + "security" + File.separatorChar + "cacerts").toPath());
    }

    public static KeyStoreBuilder fromFile(Path path) {
        if (path == null || !path.toFile().exists()) {
            throw new IllegalArgumentException("KeyStore file does not exist: " + path.toAbsolutePath());
        }
        return new KeyStoreBuilder(path);
    }

    public static KeyStoreBuilder empty() {
        return new KeyStoreBuilder(null);
    }
}
