package com.sap.cds.feature.messaging.kafka.utils;

import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.net.URL;
import java.nio.channels.Channels;
import java.nio.channels.FileChannel;
import java.nio.channels.ReadableByteChannel;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.HashMap;
import java.util.Map;

/* loaded from: input_file:com/sap/cds/feature/messaging/kafka/utils/TrustStoreUtils.class */
public class TrustStoreUtils {
    private TrustStoreUtils() {
    }

    public static String createTruststoreWithRootCertsFromUrl(String str, String str2) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        File createTempFile = File.createTempFile("kafkaRootCACerts", null);
        downloadFile(str2, createTempFile);
        return createTruststoreWithRootCerts(str, createTempFile.getAbsolutePath());
    }

    private static String createTruststoreWithRootCerts(String str, String str2) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, str.toCharArray());
        Map<String, Certificate> loadCerts = loadCerts(str2);
        keyStore.setCertificateEntry("KafkaRootCA", loadCerts.get("current"));
        if (loadCerts.containsKey("next")) {
            keyStore.setCertificateEntry("KafkaNextRootCA", loadCerts.get("next"));
        }
        File createTempFile = File.createTempFile("kafkaTrustStore", null);
        FileOutputStream fileOutputStream = new FileOutputStream(createTempFile);
        try {
            keyStore.store(fileOutputStream, str.toCharArray());
            fileOutputStream.close();
            return createTempFile.getAbsolutePath();
        } catch (Throwable th) {
            try {
                fileOutputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private static Map<String, Certificate> loadCerts(String str) throws CertificateException, IOException {
        HashMap hashMap = new HashMap();
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(str));
        try {
            hashMap.put("current", certificateFactory.generateCertificate(bufferedInputStream));
            if (bufferedInputStream.available() > 0) {
                hashMap.put("next", certificateFactory.generateCertificate(bufferedInputStream));
            }
            bufferedInputStream.close();
            return hashMap;
        } catch (Throwable th) {
            try {
                bufferedInputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private static void downloadFile(String str, File file) throws IOException {
        ReadableByteChannel newChannel = Channels.newChannel(new URL(str).openStream());
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(file);
            try {
                FileChannel channel = fileOutputStream.getChannel();
                try {
                    channel.transferFrom(newChannel, 0L, Long.MAX_VALUE);
                    if (channel != null) {
                        channel.close();
                    }
                    fileOutputStream.close();
                    if (newChannel != null) {
                        newChannel.close();
                    }
                } catch (Throwable th) {
                    if (channel != null) {
                        try {
                            channel.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } finally {
            }
        } catch (Throwable th3) {
            if (newChannel != null) {
                try {
                    newChannel.close();
                } catch (Throwable th4) {
                    th3.addSuppressed(th4);
                }
            }
            throw th3;
        }
    }
}
