package com.falsepattern.lib.internal.impl.dependencies;

import com.falsepattern.lib.internal.FPLog;
import com.falsepattern.lib.internal.config.EarlyConfig;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Paths;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.cert.CertificateFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:com/falsepattern/lib/internal/impl/dependencies/LetsEncryptHelper.class */
public class LetsEncryptHelper {
    private static volatile boolean patched = false;

    private LetsEncryptHelper() {
    }

    public static void replaceSSLContext() {
        if (EarlyConfig.getInstance().enableLetsEncryptRoot() && !patched) {
            patched = true;
            try {
                InputStream resourceAsStream = LetsEncryptHelper.class.getResourceAsStream("/letsencrypt/isrgrootx1.pem");
                try {
                    resourceAsStream = LetsEncryptHelper.class.getResourceAsStream("/letsencrypt/isrg-root-x2.pem");
                    try {
                        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                        keyStore.load(Files.newInputStream(Paths.get(System.getProperty("java.home"), "lib", "security", "cacerts"), new OpenOption[0]), "changeit".toCharArray());
                        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                        keyStore.setCertificateEntry("archaicfix-isrgx1", certificateFactory.generateCertificate(resourceAsStream));
                        keyStore.setCertificateEntry("archaicfix-isrgx2", certificateFactory.generateCertificate(resourceAsStream));
                        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                        trustManagerFactory.init(keyStore);
                        SSLContext sSLContext = SSLContext.getInstance("TLS");
                        sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
                        SSLContext.setDefault(sSLContext);
                        FPLog.LOG.info("[LetsEncryptHelper] Added certificates to trust store.");
                        if (resourceAsStream != null) {
                            resourceAsStream.close();
                        }
                        if (resourceAsStream != null) {
                            resourceAsStream.close();
                        }
                    } finally {
                        if (resourceAsStream != null) {
                            try {
                                resourceAsStream.close();
                            } catch (Throwable th) {
                                th.addSuppressed(th);
                            }
                        }
                    }
                } catch (Throwable th2) {
                    throw th2;
                }
            } catch (IOException e) {
                FPLog.LOG.error("[LetsEncryptHelper] Failed to load certificates from classpath.", e);
            } catch (GeneralSecurityException e2) {
                FPLog.LOG.error("[LetsEncryptHelper] Failed to load default keystore.", e2);
            }
        }
    }
}
