package org.testcontainers.containers;

import java.io.InputStream;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Objects;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.testcontainers.shaded.okhttp3.Cache;
import org.testcontainers.shaded.okhttp3.OkHttpClient;
import org.testcontainers.shaded.okhttp3.Request;
import org.testcontainers.shaded.okhttp3.Response;

/* loaded from: input_file:org/testcontainers/containers/KeyStoreBuilder.class */
final class KeyStoreBuilder {
    KeyStoreBuilder() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static KeyStore buildByDownloadingCertificate(String str, String str2) {
        OkHttpClient okHttpClient = null;
        Response response = null;
        try {
            try {
                okHttpClient = buildTrustAllClient(buildTrustAllManagers());
                response = okHttpClient.newCall(buildRequest(str)).execute();
                KeyStore buildKeyStore = buildKeyStore(response.body().byteStream(), str2);
                closeResponseSilently(response);
                closeClientSilently(okHttpClient);
                return buildKeyStore;
            } catch (Exception e) {
                throw new IllegalStateException(e);
            }
        } catch (Throwable th) {
            closeResponseSilently(response);
            closeClientSilently(okHttpClient);
            throw th;
        }
    }

    private static TrustManager[] buildTrustAllManagers() {
        return new TrustManager[]{new X509TrustManager() { // from class: org.testcontainers.containers.KeyStoreBuilder.1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        }};
    }

    private static OkHttpClient buildTrustAllClient(TrustManager[] trustManagerArr) throws Exception {
        SSLContext sSLContext = SSLContext.getInstance("SSL");
        sSLContext.init(null, trustManagerArr, new SecureRandom());
        return new OkHttpClient.Builder().sslSocketFactory(sSLContext.getSocketFactory(), (X509TrustManager) trustManagerArr[0]).hostnameVerifier((str, sSLSession) -> {
            return true;
        }).build();
    }

    private static Request buildRequest(String str) {
        return new Request.Builder().get().url(str + "/_explorer/emulator.pem").build();
    }

    private static KeyStore buildKeyStore(InputStream inputStream, String str) throws Exception {
        Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(inputStream);
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        keyStore.load(null, str.toCharArray());
        keyStore.setCertificateEntry("azure-cosmos-emulator", generateCertificate);
        return keyStore;
    }

    private static void closeResponseSilently(Response response) {
        try {
            if (Objects.nonNull(response)) {
                response.close();
            }
        } catch (Exception e) {
        }
    }

    private static void closeClientSilently(OkHttpClient okHttpClient) {
        try {
            if (Objects.nonNull(okHttpClient)) {
                okHttpClient.dispatcher().executorService().shutdown();
                okHttpClient.connectionPool().evictAll();
                Cache cache = okHttpClient.cache();
                if (Objects.nonNull(cache)) {
                    cache.close();
                }
            }
        } catch (Exception e) {
        }
    }
}
