package dev.nicklasw.bankid.client.ssl;

import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:dev/nicklasw/bankid/client/ssl/SSLContexts.class */
public class SSLContexts {
    private KeyManagerFactory keyManagerFactory;
    private TrustManagerFactory trustManagerFactory;

    public static SSLContexts builder() {
        return new SSLContexts();
    }

    public SSLContext build() {
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(this.keyManagerFactory.getKeyManagers(), this.trustManagerFactory.getTrustManagers(), new SecureRandom());
        return sSLContext;
    }

    public SSLContexts loadKeyManager(Path path, String str) {
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        try {
            InputStream newInputStream = Files.newInputStream(path, new OpenOption[0]);
            try {
                keyStore.load(newInputStream, str.toCharArray());
                if (newInputStream != null) {
                    newInputStream.close();
                }
                this.keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                this.keyManagerFactory.init(keyStore, str.toCharArray());
                return this;
            } catch (Throwable th) {
                if (newInputStream != null) {
                    try {
                        newInputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        } catch (IOException e) {
            throw e;
        }
    }

    public SSLContexts loadTrustManager(Path path) {
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(Files.newInputStream(path, new OpenOption[0]));
        this.trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null);
        keyStore.setCertificateEntry("caCert", x509Certificate);
        this.trustManagerFactory.init(keyStore);
        return this;
    }
}
