package fr.legicloud.connector.cert;

import fr.legicloud.connector.api.LegicloudSyncApiImpl;
import fr.legicloud.connector.config.ClientConfiguration;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:fr/legicloud/connector/cert/SslUtil.class */
public class SslUtil {
    private static final Logger LOGGER = LoggerFactory.getLogger(LegicloudSyncApiImpl.class);
    private static final String CACERTS_PATH = "/lib/security/cacerts";
    private static final String CACERTS_PASSWORD = "changeit";

    public static void ensureStartSSLCert(ClientConfiguration clientConfiguration) {
        try {
            LOGGER.debug("Start ensureStartSSLCert");
            ensureSslCertIsInKeystore("startcom_certification_authority.pem", SslUtil.class.getResourceAsStream("/ca.crt"), clientConfiguration);
        } catch (Exception e) {
            LOGGER.warn("Impossible to add StartSsl CA cert", (Throwable) e);
        }
        LOGGER.debug("End ensureStartSSLCert");
    }

    public static void ensureSslCertIsInKeystore(String str, InputStream inputStream, ClientConfiguration clientConfiguration) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        File file = new File(System.getProperty("java.home") + CACERTS_PATH);
        if (!file.exists()) {
            throw new FileNotFoundException(file.getAbsolutePath());
        }
        FileInputStream fileInputStream = new FileInputStream(file);
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(fileInputStream, "changeit".toCharArray());
        fileInputStream.close();
        Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(inputStream);
        inputStream.close();
        String certificateAlias = keyStore.getCertificateAlias(generateCertificate);
        if (certificateAlias != null) {
            LOGGER.debug("StartSsl found, with alias " + certificateAlias);
            return;
        }
        keyStore.setCertificateEntry(str, generateCertificate);
        File file2 = new File(clientConfiguration.getLegicloudKeyStoreFilePath());
        LOGGER.debug("StartSsl not found, inserting it in " + file2.getPath());
        FileOutputStream fileOutputStream = new FileOutputStream(file2);
        keyStore.store(fileOutputStream, "changeit".toCharArray());
        fileOutputStream.close();
        System.setProperty("javax.net.ssl.trustStore", file2.getPath());
    }
}
