package org.springframework.boot.web.server;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;

/* loaded from: input_file:ingrid-iplug-csw-dsc-7.2.0/lib/spring-boot-2.7.18.jar:org/springframework/boot/web/server/CertificateFileSslStoreProvider.class */
public final class CertificateFileSslStoreProvider implements SslStoreProvider {
    private static final String KEY_PASSWORD = "";
    private static final String DEFAULT_KEY_ALIAS = "spring-boot-web";
    private final Ssl ssl;

    private CertificateFileSslStoreProvider(Ssl ssl) {
        this.ssl = ssl;
    }

    @Override // org.springframework.boot.web.server.SslStoreProvider
    public KeyStore getKeyStore() throws Exception {
        return createKeyStore(this.ssl.getCertificate(), this.ssl.getCertificatePrivateKey(), this.ssl.getKeyStoreType(), this.ssl.getKeyAlias());
    }

    @Override // org.springframework.boot.web.server.SslStoreProvider
    public KeyStore getTrustStore() throws Exception {
        if (this.ssl.getTrustCertificate() == null) {
            return null;
        }
        return createKeyStore(this.ssl.getTrustCertificate(), this.ssl.getTrustCertificatePrivateKey(), this.ssl.getTrustStoreType(), this.ssl.getKeyAlias());
    }

    @Override // org.springframework.boot.web.server.SslStoreProvider
    public String getKeyPassword() {
        return "";
    }

    private KeyStore createKeyStore(String str, String str2, String str3, String str4) {
        String defaultType;
        if (str3 != null) {
            defaultType = str3;
        } else {
            try {
                defaultType = KeyStore.getDefaultType();
            } catch (IOException | GeneralSecurityException e) {
                throw new IllegalStateException("Error creating KeyStore: " + e.getMessage(), e);
            }
        }
        KeyStore keyStore = KeyStore.getInstance(defaultType);
        keyStore.load(null);
        try {
            addCertificates(keyStore, CertificateParser.parse(str), str2 != null ? PrivateKeyParser.parse(str2) : null, str4);
            return keyStore;
        } catch (KeyStoreException e2) {
            throw new IllegalStateException("Error adding certificates to KeyStore: " + e2.getMessage(), e2);
        }
    }

    private void addCertificates(KeyStore keyStore, X509Certificate[] x509CertificateArr, PrivateKey privateKey, String str) throws KeyStoreException {
        String str2 = str != null ? str : DEFAULT_KEY_ALIAS;
        if (privateKey != null) {
            keyStore.setKeyEntry(str2, privateKey, "".toCharArray(), x509CertificateArr);
            return;
        }
        for (int i = 0; i < x509CertificateArr.length; i++) {
            keyStore.setCertificateEntry(str2 + "-" + i, x509CertificateArr[i]);
        }
    }

    public static SslStoreProvider from(Ssl ssl) {
        if (ssl == null || !ssl.isEnabled() || ssl.getCertificate() == null || ssl.getCertificatePrivateKey() == null) {
            return null;
        }
        return new CertificateFileSslStoreProvider(ssl);
    }
}
