package gg.essential.handlers;

import java.io.BufferedInputStream;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.cert.CertificateFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import kotlin.Pair;

/* loaded from: input_file:essential_essential_1-3-2-6_fabric_1-21.jar:gg/essential/handlers/CertChain.class */
public class CertChain {
    private final CertificateFactory cf = CertificateFactory.getInstance("X.509");
    private final KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());

    public CertChain() throws Exception {
        this.keyStore.load(Files.newInputStream(Paths.get(System.getProperty("java.home"), "lib", "security", "cacerts"), new OpenOption[0]), null);
    }

    public CertChain load(String str) throws Exception {
        InputStream resourceAsStream = CertChain.class.getResourceAsStream("/assets/essential/certs/" + str + ".der");
        Throwable th = null;
        try {
            try {
                this.keyStore.setCertificateEntry(str, this.cf.generateCertificate(new BufferedInputStream(resourceAsStream)));
                if (resourceAsStream != null) {
                    if (0 != 0) {
                        try {
                            resourceAsStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        resourceAsStream.close();
                    }
                }
                return this;
            } finally {
            }
        } catch (Throwable th3) {
            if (resourceAsStream != null) {
                if (th != null) {
                    try {
                        resourceAsStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    resourceAsStream.close();
                }
            }
            throw th3;
        }
    }

    public CertChain loadEmbedded() throws Exception {
        return load("amazon-root-ca-1").load("baltimore-cybertrust-root").load("d-trust-root-class-3-ca-2-2009").load("digicert-global-root-ca").load("digicert-global-root-g2").load("gts-root-r1").load("isrgrootx1").load("lets-encrypt-r3").load("microsoft-ecc-root-ca-2017").load("microsoft-rsa-root-ca-2017");
    }

    public Pair<SSLContext, TrustManager[]> done() throws Exception {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(this.keyStore);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, trustManagers, null);
        return new Pair<>(sSLContext, trustManagers);
    }
}
