package org.apache.james.transport;

import com.github.fge.lambdas.Throwing;
import jakarta.mail.MessagingException;
import java.io.File;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.CertificateException;
import org.apache.commons.io.input.UnsynchronizedBufferedInputStream;
import org.apache.james.filesystem.api.FileSystem;
import org.apache.james.transport.KeyStoreHolderConfiguration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/james/transport/KeyStoreHolderFactory.class */
public class KeyStoreHolderFactory {
    private static final Logger LOGGER = LoggerFactory.getLogger(KeyStoreHolderFactory.class);
    private static final String DEFAULT_KEYSTORE_FILE_PATH = "file://" + System.getProperty("java.home") + "/lib/security/cacerts".replace('/', File.separatorChar);
    private final FileSystem fileSystem;

    /* loaded from: input_file:org/apache/james/transport/KeyStoreHolderFactory$FileLoader.class */
    interface FileLoader {
        KeyStoreHolder load(KeyStoreHolderConfiguration keyStoreHolderConfiguration) throws Exception;
    }

    /* loaded from: input_file:org/apache/james/transport/KeyStoreHolderFactory$KeyStoreFileLoader.class */
    static class KeyStoreFileLoader implements FileLoader {
        private final FileSystem fileSystem;

        public KeyStoreFileLoader(FileSystem fileSystem) {
            this.fileSystem = fileSystem;
        }

        @Override // org.apache.james.transport.KeyStoreHolderFactory.FileLoader
        public KeyStoreHolder load(KeyStoreHolderConfiguration keyStoreHolderConfiguration) {
            KeyStoreHolderConfiguration.KeyStoreConfiguration keyStoreConfiguration = (KeyStoreHolderConfiguration.KeyStoreConfiguration) keyStoreHolderConfiguration;
            return (KeyStoreHolder) keyStoreConfiguration.getKeyStoreFileName().map(Throwing.function(str -> {
                return createFromKeyStoreFile(str, keyStoreConfiguration.getKeyStorePassword(), keyStoreConfiguration.getKeyStoreType());
            })).orElseGet(Throwing.supplier(() -> {
                KeyStoreHolderFactory.LOGGER.info("No trusted store path specified, using default store.");
                return createFromKeyStoreFile(KeyStoreHolderFactory.DEFAULT_KEYSTORE_FILE_PATH, keyStoreConfiguration.getKeyStorePassword(), KeyStore.getDefaultType());
            }));
        }

        private KeyStoreHolder createFromKeyStoreFile(String str, String str2, String str3) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
            KeyStore keyStore = KeyStore.getInstance(str3);
            keyStore.load(UnsynchronizedBufferedInputStream.builder().setInputStream(this.fileSystem.getResource(str)).get(), str2.toCharArray());
            if (keyStore.size() == 0) {
                throw new KeyStoreException("The keystore must be not empty");
            }
            return new KeyStoreHolder(keyStore);
        }
    }

    /* loaded from: input_file:org/apache/james/transport/KeyStoreHolderFactory$PemFileLoader.class */
    static class PemFileLoader implements FileLoader {
        private final FileSystem fileSystem;

        public PemFileLoader(FileSystem fileSystem) {
            this.fileSystem = fileSystem;
        }

        @Override // org.apache.james.transport.KeyStoreHolderFactory.FileLoader
        public KeyStoreHolder load(KeyStoreHolderConfiguration keyStoreHolderConfiguration) throws Exception {
            KeyStore loadTrustStore = PemReader.loadTrustStore(this.fileSystem.getFile(((KeyStoreHolderConfiguration.PemConfiguration) keyStoreHolderConfiguration).getPemFileName()));
            if (loadTrustStore.size() == 0) {
                throw new KeyStoreException("The keystore must be not empty");
            }
            return new KeyStoreHolder(loadTrustStore);
        }
    }

    public static KeyStoreHolderFactory from(FileSystem fileSystem) {
        return new KeyStoreHolderFactory(fileSystem);
    }

    private KeyStoreHolderFactory(FileSystem fileSystem) {
        this.fileSystem = fileSystem;
    }

    public KeyStoreHolder createKeyStoreHolder(KeyStoreHolderConfiguration keyStoreHolderConfiguration) throws MessagingException {
        try {
            initJCE();
            return keyStoreHolderConfiguration.getFileLoader(this.fileSystem).load(keyStoreHolderConfiguration);
        } catch (Exception e) {
            throw new MessagingException("Error loading the trusted certificate store", e);
        }
    }

    private static void initJCE() throws NoSuchProviderException {
        try {
            InitJCE.init();
        } catch (ClassNotFoundException | IllegalAccessException | InstantiationException | NoSuchMethodException | InvocationTargetException e) {
            NoSuchProviderException noSuchProviderException = new NoSuchProviderException("Error during cryptography provider initialization. Has bcprov-jdkxx-yyy.jar been copied in the lib directory or installed in the system?");
            noSuchProviderException.initCause(e);
            throw noSuchProviderException;
        }
    }
}
