package com.djrapitops.plan.delivery.webserver.http;

import com.djrapitops.plan.settings.locale.Locale;
import com.djrapitops.plan.settings.locale.lang.PluginLang;
import com.djrapitops.plan.utilities.logging.ErrorContext;
import com.djrapitops.plan.utilities.logging.ErrorLogger;
import java.io.EOFException;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Optional;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import net.playeranalytics.plugin.server.PluginLogger;
import plan.javax.inject.Inject;
import plan.javax.inject.Singleton;
import plan.org.eclipse.jetty.util.ssl.SslContextFactory;

@Singleton
/* loaded from: input_file:com/djrapitops/plan/delivery/webserver/http/LegacyJettySSLContextLoader.class */
public class LegacyJettySSLContextLoader {
    private final Locale locale;
    private final PluginLogger logger;
    private final ErrorLogger errorLogger;

    @Inject
    public LegacyJettySSLContextLoader(Locale locale, PluginLogger pluginLogger, ErrorLogger errorLogger) {
        this.locale = locale;
        this.logger = pluginLogger;
        this.errorLogger = errorLogger;
    }

    public Optional<SslContextFactory.Server> load(String str, String str2, String str3, String str4) {
        String str5 = str.endsWith(".p12") ? "PKCS12" : "JKS";
        try {
            try {
                try {
                    FileInputStream fileInputStream = new FileInputStream(str);
                    try {
                        KeyStore keyStore = KeyStore.getInstance(str5);
                        keyStore.load(fileInputStream, str2.toCharArray());
                        Certificate certificate = keyStore.getCertificate(str4);
                        if (certificate == null) {
                            throw new IllegalStateException("Alias: '" + str4 + "' was not found in file " + str + ".");
                        }
                        this.logger.info("Certificate: " + certificate.getType());
                        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
                        keyManagerFactory.init(keyStore, str3.toCharArray());
                        TrustManagerFactory.getInstance("SunX509").init(keyStore);
                        SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
                        sSLContext.init(keyManagerFactory.getKeyManagers(), null, null);
                        SslContextFactory.Server server = new SslContextFactory.Server();
                        server.setSslContext(sSLContext);
                        Optional<SslContextFactory.Server> of = Optional.of(server);
                        fileInputStream.close();
                        return of;
                    } catch (Throwable th) {
                        try {
                            fileInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                        throw th;
                    }
                } catch (KeyManagementException | NoSuchAlgorithmException e) {
                    this.logger.error(this.locale.getString(PluginLang.WEB_SERVER_FAIL_SSL_CONTEXT));
                    this.errorLogger.error(e, ErrorContext.builder().related(str5).build());
                    return Optional.empty();
                }
            } catch (KeyStoreException | UnrecoverableKeyException | CertificateException e2) {
                this.logger.error(this.locale.getString(PluginLang.WEB_SERVER_FAIL_STORE_LOAD));
                this.errorLogger.error(e2, ErrorContext.builder().whatToDo("Make sure the Certificate settings are correct / You can try remaking the keystore without -passin or -passout parameters.").related(str).build());
                return Optional.empty();
            }
        } catch (EOFException e3) {
            this.logger.error(this.locale.getString(PluginLang.WEB_SERVER_FAIL_EMPTY_FILE));
            return Optional.empty();
        } catch (FileNotFoundException e4) {
            this.logger.info(this.locale.getString(PluginLang.WEB_SERVER_NOTIFY_NO_CERT_FILE, str));
            this.logger.info(this.locale.getString(PluginLang.WEB_SERVER_NOTIFY_HTTP));
            return Optional.empty();
        } catch (IOException e5) {
            this.errorLogger.error(e5, ErrorContext.builder().related(str).build());
            return Optional.empty();
        } catch (IllegalStateException e6) {
            this.logger.error(e6.getMessage());
            return Optional.empty();
        }
    }
}
