package com.azure.security.keyvault.jca.implementation;

import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.AccessController;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.util.Objects;
import java.util.Optional;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.stream.Stream;

/* loaded from: input_file:com/azure/security/keyvault/jca/implementation/JreKeyStoreFactory.class */
public final class JreKeyStoreFactory {
    private static final String JAVA_HOME = privilegedGetProperty("java.home", "");
    private static final Path STORE_PATH = Paths.get(JAVA_HOME, new String[0]).resolve("lib").resolve("security");
    private static final Path DEFAULT_STORE = STORE_PATH.resolve("cacerts");
    private static final Path JSSE_DEFAULT_STORE = STORE_PATH.resolve("jssecacerts");
    private static final String KEY_STORE_PASSWORD = privilegedGetProperty("javax.net.ssl.keyStorePassword", "changeit");
    private static final Logger LOGGER = Logger.getLogger(JreKeyStoreFactory.class.getName());
    private static final KeyStore JRE_KEY_STORE = getJreKeyStore();

    private JreKeyStoreFactory() {
    }

    public static KeyStore getDefaultKeyStore() {
        return JRE_KEY_STORE;
    }

    private static KeyStore getJreKeyStore() {
        KeyStore keyStore = null;
        try {
            keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            loadKeyStore(keyStore);
        } catch (KeyStoreException e) {
            LOGGER.log(Level.WARNING, "Unable to get the jre key store.", (Throwable) e);
        }
        return keyStore;
    }

    private static void loadKeyStore(KeyStore keyStore) {
        try {
            InputStream newInputStream = Files.newInputStream(getKeyStoreFile(), new OpenOption[0]);
            try {
                keyStore.load(newInputStream, KEY_STORE_PASSWORD.toCharArray());
                if (newInputStream != null) {
                    newInputStream.close();
                }
            } finally {
            }
        } catch (IOException | NoSuchAlgorithmException | CertificateException e) {
            LOGGER.log(Level.WARNING, "unable to load the jre key store", e);
        }
    }

    private static Path getKeyStoreFile() {
        return (Path) Stream.of((Object[]) new Path[]{getConfiguredKeyStorePath(), JSSE_DEFAULT_STORE, DEFAULT_STORE}).filter((v0) -> {
            return Objects.nonNull(v0);
        }).filter(path -> {
            return Files.exists(path, new LinkOption[0]);
        }).filter(Files::isReadable).findFirst().orElse(null);
    }

    private static Path getConfiguredKeyStorePath() {
        return (Path) Optional.of(privilegedGetProperty("javax.net.ssl.keyStore", "")).filter(str -> {
            return !str.isEmpty();
        }).map(str2 -> {
            return Paths.get(str2, new String[0]);
        }).orElse(null);
    }

    private static String privilegedGetProperty(String str, String str2) {
        return (String) AccessController.doPrivileged(() -> {
            String property = System.getProperty(str, "");
            return property.isEmpty() ? str2 : property;
        });
    }
}
