package io.cresco.agent.controller.communication;

import com.google.gson.Gson;
import io.cresco.agent.controller.core.ControllerEngine;
import io.cresco.library.plugin.PluginBuilder;
import io.cresco.library.utilities.CLogger;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.math.BigInteger;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.attribute.FileAttribute;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Base64;
import java.util.Random;
import java.util.UUID;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.BasicConstraints;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.KeyUsage;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.joda.time.DateTime;

/* loaded from: input_file:io/cresco/agent/controller/communication/CertificateManager.class */
public class CertificateManager {
    private KeyStore keyStore;
    private KeyStore trustStore;
    private char[] keyStorePassword;
    private String keyStoreFilePath;
    private char[] trustStorePassword;
    private String trustStoreFilePath;
    private String keyStoreAlias;
    private X509Certificate[] chain;
    private CLogger logger;
    private ControllerEngine controllerEngine;
    private PluginBuilder plugin;
    private int keySize;
    private int YEARS_VALID = 3;
    private boolean certificateSaveFailureEncountered = false;

    public CertificateManager(ControllerEngine controllerEngine) {
        this.keySize = 2048;
        long currentTimeMillis = System.currentTimeMillis();
        this.controllerEngine = controllerEngine;
        this.plugin = controllerEngine.getPluginBuilder();
        this.logger = this.plugin.getLogger(CertificateManager.class.getName(), CLogger.Level.Info);
        try {
            Security.addProvider(new BouncyCastleProvider());
            this.keySize = this.plugin.getConfig().getIntegerParam("messagekeysize", 2048).intValue();
            if (this.keySize < 512) {
                this.logger.warn("Message key sizes (messagekeysize) of <512 are not currently supported, using 512 bits");
                this.keySize = 512;
            }
            this.keyStoreAlias = this.controllerEngine.cstate.getAgentPath();
            String stringParam = this.plugin.getConfig().getStringParam("keystorepwd");
            this.keyStoreFilePath = this.plugin.getConfig().getStringParam("keystorefile");
            String stringParam2 = this.plugin.getConfig().getStringParam("truststorepwd");
            this.trustStoreFilePath = this.plugin.getConfig().getStringParam("truststorefile");
            if (stringParam == null || this.keyStoreFilePath == null || stringParam2 == null || this.trustStoreFilePath == null || this.keyStoreFilePath.equals(this.trustStoreFilePath)) {
                this.keyStorePassword = UUID.randomUUID().toString().toCharArray();
                this.keyStore = KeyStore.getInstance("jks");
                this.keyStore.load(null, null);
                this.trustStore = KeyStore.getInstance("jks");
                this.trustStore.load(null, null);
                generateCertChain();
                addCertificatesToTrustStore(this.keyStoreAlias, getPublicCertificate());
            } else {
                this.logger.debug("keyStorePasswordStr: {}", new Object[]{stringParam});
                this.logger.debug("keyStoreFilePath: {}", new Object[]{this.keyStoreFilePath});
                this.logger.debug("trustStorePasswordStr: {}", new Object[]{stringParam2});
                this.logger.debug("trustStoreFilePath: {}", new Object[]{this.trustStoreFilePath});
                this.keyStorePassword = stringParam.toCharArray();
                this.trustStorePassword = stringParam2.toCharArray();
                if (Files.exists(Paths.get(this.keyStoreFilePath, new String[0]), new LinkOption[0]) && Files.exists(Paths.get(this.trustStoreFilePath, new String[0]), new LinkOption[0]) && loadKeyAndTrustStore()) {
                    this.logger.info("Existing key store and trust store loaded");
                } else {
                    Path parent = Paths.get(this.keyStoreFilePath, new String[0]).getParent();
                    if (parent != null && !parent.toFile().exists()) {
                        Files.createDirectories(parent, new FileAttribute[0]);
                    }
                    Path parent2 = Paths.get(this.trustStoreFilePath, new String[0]).getParent();
                    if (parent2 != null && !parent2.toFile().exists()) {
                        Files.createDirectories(parent2, new FileAttribute[0]);
                    }
                    this.logger.info("Key store or trust store do not exists or are invalid, (re)creating");
                    this.keyStore = KeyStore.getInstance("jks");
                    this.keyStore.load(null, null);
                    this.trustStore = KeyStore.getInstance("jks");
                    this.trustStore.load(null, null);
                    generateCertChain();
                    addCertificatesToTrustStore(this.keyStoreAlias, getPublicCertificate());
                }
            }
            this.logger.info("CertificateManager Init: " + (System.currentTimeMillis() - currentTimeMillis) + " ms");
        } catch (Exception e) {
            e.printStackTrace();
            this.logger.error("CertificateChainGeneration() Error: " + e.getMessage());
        }
    }

    public void addCertificatesToTrustStore(String str, Certificate[] certificateArr) {
        try {
            for (Certificate certificate : certificateArr) {
                if (certificate instanceof X509Certificate) {
                    str = ((X509Certificate) certificate).getSubjectDN().getName();
                }
                this.logger.debug("addCertificatesToTrustStore: ADDING ALIAS: " + str + " to truststore");
                this.trustStore.setCertificateEntry(str, certificate);
            }
            saveKeyAndTrustStore();
        } catch (Exception e) {
            this.logger.error("addCertificatesToTrustStore() : error " + e.getMessage());
        }
    }

    public X509Certificate[] getPublicCertificate() {
        return this.chain;
    }

    private void generateCertChain() {
        try {
            String str = "agent-" + UUID.randomUUID().toString();
            String str2 = "plugin-" + UUID.randomUUID().toString();
            String str3 = "message-" + UUID.randomUUID().toString();
            KeyPair generateKeyPair = generateKeyPair();
            JcaX509v3CertificateBuilder jcaX509v3CertificateBuilder = new JcaX509v3CertificateBuilder(new X500Name("CN=rootCA-" + str), BigInteger.valueOf(new Random().nextInt()), DateTime.now().toDate(), new DateTime().plusYears(this.YEARS_VALID).toDate(), new X500Name("CN=rootCA-" + str), generateKeyPair.getPublic());
            jcaX509v3CertificateBuilder.addExtension(Extension.keyUsage, true, (ASN1Encodable) new KeyUsage(4));
            jcaX509v3CertificateBuilder.addExtension(Extension.basicConstraints, false, (ASN1Encodable) new BasicConstraints(true));
            X509Certificate certificate = new JcaX509CertificateConverter().getCertificate(jcaX509v3CertificateBuilder.build(new JcaContentSignerBuilder("SHA256withRSA").setProvider(BouncyCastleProvider.PROVIDER_NAME).build(generateKeyPair.getPrivate())));
            KeyPair generateKeyPair2 = generateKeyPair();
            JcaX509v3CertificateBuilder jcaX509v3CertificateBuilder2 = new JcaX509v3CertificateBuilder(certificate, BigInteger.valueOf(new Random().nextInt()), DateTime.now().toDate(), new DateTime().plusYears(this.YEARS_VALID).toDate(), new X500Name("CN=IntermedCA-" + str2), generateKeyPair2.getPublic());
            jcaX509v3CertificateBuilder2.addExtension(Extension.keyUsage, true, (ASN1Encodable) new KeyUsage(4));
            jcaX509v3CertificateBuilder2.addExtension(Extension.basicConstraints, false, (ASN1Encodable) new BasicConstraints(true));
            X509Certificate certificate2 = new JcaX509CertificateConverter().getCertificate(jcaX509v3CertificateBuilder2.build(new JcaContentSignerBuilder("SHA256withRSA").setProvider(BouncyCastleProvider.PROVIDER_NAME).build(generateKeyPair.getPrivate())));
            KeyPair generateKeyPair3 = generateKeyPair();
            JcaX509v3CertificateBuilder jcaX509v3CertificateBuilder3 = new JcaX509v3CertificateBuilder(certificate2, BigInteger.valueOf(new Random().nextInt()), DateTime.now().toDate(), new DateTime().plusYears(this.YEARS_VALID).toDate(), new X500Name("CN=endUserCert-" + str3), generateKeyPair3.getPublic());
            jcaX509v3CertificateBuilder3.addExtension(Extension.keyUsage, true, (ASN1Encodable) new KeyUsage(128));
            jcaX509v3CertificateBuilder3.addExtension(Extension.basicConstraints, false, (ASN1Encodable) new BasicConstraints(false));
            X509Certificate certificate3 = new JcaX509CertificateConverter().getCertificate(jcaX509v3CertificateBuilder3.build(new JcaContentSignerBuilder("SHA256withRSA").setProvider(BouncyCastleProvider.PROVIDER_NAME).build(generateKeyPair2.getPrivate())));
            this.chain = new X509Certificate[3];
            this.chain[0] = certificate3;
            this.chain[1] = certificate2;
            this.chain[2] = certificate;
            storeKeyAndCertificateChain(this.keyStoreAlias, this.keyStorePassword, generateKeyPair3.getPrivate(), this.chain);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    private KeyPair generateKeyPair() throws NoSuchAlgorithmException, NoSuchProviderException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", BouncyCastleProvider.PROVIDER_NAME);
        keyPairGenerator.initialize(this.keySize, new SecureRandom());
        return keyPairGenerator.generateKeyPair();
    }

    public TrustManager[] getTrustManagers() {
        TrustManager[] trustManagerArr = null;
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(this.trustStore);
            trustManagerArr = trustManagerFactory.getTrustManagers();
        } catch (Exception e) {
            this.logger.error("getTrustManagers Error : " + e.getMessage());
        }
        return trustManagerArr;
    }

    public KeyManager[] getKeyManagers() {
        KeyManager[] keyManagerArr = null;
        try {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(this.keyStore, this.keyStorePassword);
            keyManagerArr = keyManagerFactory.getKeyManagers();
        } catch (Exception e) {
            this.logger.error("getKeyManagers Error : " + e.getMessage());
        }
        return keyManagerArr;
    }

    private void storeKeyAndCertificateChain(String str, char[] cArr, Key key, X509Certificate[] x509CertificateArr) throws Exception {
        this.keyStore.setKeyEntry(str, key, cArr, x509CertificateArr);
    }

    private String getStringFromCert(X509Certificate x509Certificate) {
        String str = null;
        try {
            str = Base64.getEncoder().encodeToString(x509Certificate.getEncoded());
        } catch (Exception e) {
            this.logger.error("getStringfromCert : error " + e.getMessage());
            StringWriter stringWriter = new StringWriter();
            e.printStackTrace(new PrintWriter(stringWriter));
            this.logger.error(stringWriter.toString());
        }
        return str;
    }

    private X509Certificate getCertfromString(String str) {
        X509Certificate x509Certificate = null;
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.getDecoder().decode(str));
            x509Certificate = (X509Certificate) certificateFactory.generateCertificate(byteArrayInputStream);
            if (byteArrayInputStream != null) {
                byteArrayInputStream.close();
            }
        } catch (Exception e) {
            this.logger.error("getCertsfromString : error " + e.getMessage());
            StringWriter stringWriter = new StringWriter();
            e.printStackTrace(new PrintWriter(stringWriter));
            this.logger.error(stringWriter.toString());
        }
        return x509Certificate;
    }

    public X509Certificate[] getCertsfromJson(String str) {
        X509Certificate[] x509CertificateArr = null;
        try {
            String[] strArr = (String[]) new Gson().fromJson(str, String[].class);
            x509CertificateArr = new X509Certificate[3];
            for (int i = 0; i < strArr.length; i++) {
                x509CertificateArr[i] = getCertfromString(strArr[i]);
            }
        } catch (Exception e) {
            this.logger.error("getCertsfromJson : error " + e.getMessage());
            StringWriter stringWriter = new StringWriter();
            e.printStackTrace(new PrintWriter(stringWriter));
            this.logger.error(stringWriter.toString());
        }
        return x509CertificateArr;
    }

    private String[] getStringsFromCerts(X509Certificate[] x509CertificateArr) {
        String[] strArr = null;
        try {
            strArr = new String[x509CertificateArr.length];
            for (int i = 0; i < x509CertificateArr.length; i++) {
                strArr[i] = getStringFromCert(x509CertificateArr[i]);
            }
        } catch (Exception e) {
            this.logger.error("getStringsfromCerts : error " + e.getMessage());
            StringWriter stringWriter = new StringWriter();
            e.printStackTrace(new PrintWriter(stringWriter));
            this.logger.error(stringWriter.toString());
        }
        return strArr;
    }

    public String getJsonFromCerts(X509Certificate[] x509CertificateArr) {
        String str = null;
        try {
            str = new Gson().toJson(getStringsFromCerts(x509CertificateArr));
        } catch (Exception e) {
            this.logger.error("getJsonFromCerts : error " + e.getMessage());
            StringWriter stringWriter = new StringWriter();
            e.printStackTrace(new PrintWriter(stringWriter));
            this.logger.error(stringWriter.toString());
        }
        return str;
    }

    public void saveKeyAndTrustStore() {
        if (this.keyStoreFilePath == null || this.trustStoreFilePath == null || this.keyStoreFilePath.equals(this.trustStoreFilePath) || this.certificateSaveFailureEncountered) {
            return;
        }
        this.logger.debug("saveKeyAndTrustStore({},{})", new Object[]{this.keyStoreFilePath, this.trustStoreFilePath});
        Path path = Paths.get(this.keyStoreFilePath, new String[0]);
        try {
            Files.createDirectories(path.getParent(), new FileAttribute[0]);
            Path path2 = Paths.get(this.trustStoreFilePath, new String[0]);
            try {
                Files.createDirectories(path2.getParent(), new FileAttribute[0]);
                try {
                    FileOutputStream fileOutputStream = new FileOutputStream(this.keyStoreFilePath);
                    try {
                        fileOutputStream = new FileOutputStream(this.trustStoreFilePath);
                        try {
                            this.keyStore.store(fileOutputStream, this.keyStorePassword);
                            this.trustStore.store(fileOutputStream, this.trustStorePassword);
                            fileOutputStream.close();
                            fileOutputStream.close();
                        } finally {
                            try {
                                fileOutputStream.close();
                            } catch (Throwable th) {
                                th.addSuppressed(th);
                            }
                        }
                    } catch (Throwable th2) {
                        throw th2;
                    }
                } catch (IOException e) {
                    e.printStackTrace();
                } catch (KeyStoreException e2) {
                    e2.printStackTrace();
                } catch (NoSuchAlgorithmException e3) {
                    e3.printStackTrace();
                } catch (CertificateException e4) {
                    e4.printStackTrace();
                }
            } catch (IOException e5) {
                this.logger.warn("Failed to create trust store parent directory: {}, retaining certificates only in memory", new Object[]{path2.getParent()});
                this.certificateSaveFailureEncountered = true;
            }
        } catch (IOException e6) {
            this.logger.warn("Failed to create key store parent directory: {}, retaining certificates only in memory", new Object[]{path.getParent()});
            this.certificateSaveFailureEncountered = true;
        }
    }

    public boolean loadKeyAndTrustStore() {
        if (this.keyStoreFilePath == null || this.trustStoreFilePath == null) {
            return false;
        }
        this.logger.debug("loadKeyAndTrustStore({},{})", new Object[]{this.keyStoreFilePath, this.trustStoreFilePath});
        try {
            FileInputStream fileInputStream = new FileInputStream(this.keyStoreFilePath);
            try {
                fileInputStream = new FileInputStream(this.trustStoreFilePath);
                try {
                    this.logger.trace("Generating blank key store object");
                    this.keyStore = KeyStore.getInstance("jks");
                    this.logger.trace("Loading existing key store: {}", new Object[]{Paths.get(this.keyStoreFilePath, new String[0]).toAbsolutePath()});
                    this.keyStore.load(fileInputStream, this.keyStorePassword);
                    if (this.keyStore == null) {
                        this.logger.warn("Failed to load existing key store file with provided password");
                        fileInputStream.close();
                        fileInputStream.close();
                        return false;
                    }
                    this.logger.trace("Checking for alias [{}] in key store", new Object[]{this.keyStoreAlias});
                    if (!this.keyStore.containsAlias(this.keyStoreAlias)) {
                        this.logger.warn("Alias [{}] does not appear in key store, load failed", new Object[]{this.keyStoreAlias});
                        fileInputStream.close();
                        fileInputStream.close();
                        return false;
                    }
                    this.logger.trace("Generating blank trust store object");
                    this.trustStore = KeyStore.getInstance("jks");
                    this.logger.trace("Loading existing trust store: {}", new Object[]{Paths.get(this.trustStoreFilePath, new String[0]).toAbsolutePath()});
                    this.trustStore.load(fileInputStream, this.trustStorePassword);
                    Certificate[] certificateChain = this.keyStore.getCertificateChain(this.keyStoreAlias);
                    if (certificateChain == null) {
                        this.logger.warn("Certificate chain for alias [{}] does not appear in key store, load failed", new Object[]{this.keyStoreAlias});
                        fileInputStream.close();
                        fileInputStream.close();
                        return false;
                    }
                    this.logger.trace("Loading [{}] certificates from key store alias [{}]", new Object[]{Integer.valueOf(certificateChain.length), this.keyStoreAlias});
                    this.chain = new X509Certificate[certificateChain.length];
                    for (int i = 0; i < certificateChain.length; i++) {
                        this.chain[i] = (X509Certificate) certificateChain[i];
                    }
                    fileInputStream.close();
                    fileInputStream.close();
                    return true;
                } finally {
                    try {
                        fileInputStream.close();
                    } catch (Throwable th) {
                        th.addSuppressed(th);
                    }
                }
            } catch (Throwable th2) {
                throw th2;
            }
        } catch (IOException e) {
            e.printStackTrace();
            return false;
        } catch (KeyStoreException e2) {
            e2.printStackTrace();
            return false;
        } catch (NoSuchAlgorithmException e3) {
            e3.printStackTrace();
            return false;
        } catch (CertificateException e4) {
            e4.printStackTrace();
            return false;
        } catch (Exception e5) {
            e5.printStackTrace();
            return false;
        }
    }

    public void updateSSL(X509Certificate[] x509CertificateArr, String str) {
        try {
            TrustManager[] trustManagers = getTrustManagers();
            if (trustManagers != null) {
                for (TrustManager trustManager : trustManagers) {
                    if (trustManager instanceof X509TrustManager) {
                        ((X509TrustManager) trustManager).checkClientTrusted(x509CertificateArr, "RSA");
                        ((X509TrustManager) trustManager).checkServerTrusted(x509CertificateArr, "RSA");
                    }
                }
            }
        } catch (Exception e) {
            this.logger.error("updateSSL error " + e.getMessage());
        }
    }

    public void addCertificatesToKeyStore(String str, Certificate[] certificateArr) {
        try {
            for (Certificate certificate : certificateArr) {
                this.keyStore.setCertificateEntry(str, certificate);
            }
        } catch (Exception e) {
            this.logger.error("addCertificatesToTrustStore() : error " + e.getMessage());
        }
    }

    public TrustManager getTrustManager() {
        TrustManager trustManager = null;
        try {
            trustManager = getTrustManagers()[0];
            if (trustManager == null) {
                this.logger.error("TRUST MANAGER NULL!!!");
            }
        } catch (Exception e) {
            this.logger.error("getTrustManager Error : " + e.getMessage());
        }
        return trustManager;
    }

    public KeyManager getKeyManager() {
        KeyManager keyManager = null;
        try {
            keyManager = getKeyManagers()[0];
        } catch (Exception e) {
            this.logger.error("getKeyManager Error : " + e.getMessage());
        }
        return keyManager;
    }

    public Certificate[] getPublicCertificates() {
        Certificate[] certificateArr = null;
        try {
            if (this.keyStore.getKey(this.keyStoreAlias, this.keyStorePassword) instanceof PrivateKey) {
                certificateArr = this.keyStore.getCertificateChain(this.keyStoreAlias);
            }
        } catch (Exception e) {
            this.logger.error("getCertificates() : error " + e.getMessage());
        }
        return certificateArr;
    }

    public Certificate[] getCertificates() {
        Certificate[] certificateArr = null;
        try {
            if (this.keyStore.getKey(this.keyStoreAlias, this.keyStorePassword) instanceof PrivateKey) {
                certificateArr = this.keyStore.getCertificateChain(this.keyStoreAlias);
            }
        } catch (Exception e) {
            this.logger.error("getCertificates() : error " + e.getMessage());
        }
        return certificateArr;
    }

    public void loadTrustStoreCertChain(String str) throws Exception {
        Key key = this.trustStore.getKey(str, this.keyStorePassword);
        if (!(key instanceof PrivateKey)) {
            this.logger.error("Key is not private key");
            Certificate certificate = this.trustStore.getCertificate(str);
            if (certificate == null) {
                this.logger.error("cert null");
                return;
            }
            this.logger.error(certificate.toString());
            this.logger.error(Base64.getEncoder().encodeToString(certificate.getPublicKey().getEncoded()));
            return;
        }
        this.logger.error(key.toString());
        Certificate[] certificateChain = this.trustStore.getCertificateChain(str);
        this.logger.error("Certificate chain length : " + certificateChain.length);
        for (Certificate certificate2 : certificateChain) {
            this.logger.error(certificate2.toString());
            this.logger.error(Base64.getEncoder().encodeToString(certificate2.getPublicKey().getEncoded()));
        }
    }

    public void loadKeyStoreCertChain(String str) throws Exception {
        Key key = this.keyStore.getKey(str, this.keyStorePassword);
        if (!(key instanceof PrivateKey)) {
            this.logger.error("Key is not private key");
            Certificate certificate = this.keyStore.getCertificate(str);
            if (certificate == null) {
                this.logger.error("cert null");
                return;
            }
            this.logger.error(certificate.toString());
            this.logger.error(Base64.getEncoder().encodeToString(certificate.getPublicKey().getEncoded()));
            return;
        }
        this.logger.error(key.toString());
        Certificate[] certificateChain = this.keyStore.getCertificateChain(str);
        this.logger.error("Certificate chain length : " + certificateChain.length);
        for (Certificate certificate2 : certificateChain) {
            this.logger.error(certificate2.toString());
            this.logger.error(Base64.getEncoder().encodeToString(certificate2.getPublicKey().getEncoded()));
        }
    }

    private void loadAndDisplayChain(String str, char[] cArr, String str2) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("jks");
        keyStore.load(new FileInputStream(str2), cArr);
        Key key = keyStore.getKey(str, cArr);
        if (!(key instanceof PrivateKey)) {
            this.logger.error("Key is not private key");
            return;
        }
        this.logger.error("Get private key : ");
        this.logger.error(key.toString());
        Certificate[] certificateChain = keyStore.getCertificateChain(str);
        this.logger.error("Certificate chain length : " + certificateChain.length);
        for (Certificate certificate : certificateChain) {
            this.logger.error(certificate.toString());
            String encodeToString = Base64.getEncoder().encodeToString(certificate.getPublicKey().getEncoded());
            this.trustStore.setCertificateEntry(certificate.toString(), certificate);
            this.logger.error(encodeToString);
        }
    }

    private void clearKeyStore(String str, char[] cArr, String str2) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("jks");
        keyStore.load(new FileInputStream(str2), cArr);
        keyStore.deleteEntry(str);
        keyStore.store(new FileOutputStream(str2), cArr);
    }
}
