package io.micronaut.http.ssl;

import ch.qos.logback.core.net.ssl.SSL;
import io.micronaut.core.io.ResourceResolver;
import io.micronaut.http.ssl.SslConfiguration;
import java.net.URL;
import java.security.KeyStore;
import java.util.Optional;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:io/micronaut/http/ssl/SslBuilder.class */
public abstract class SslBuilder<T> {
    protected final SslConfiguration ssl;
    private final ResourceResolver resourceResolver;
    private KeyStore keyStoreCache = null;
    private KeyStore trustStoreCache = null;

    public SslBuilder(SslConfiguration sslConfiguration, ResourceResolver resourceResolver) {
        this.ssl = sslConfiguration;
        this.resourceResolver = resourceResolver;
    }

    public abstract Optional<T> build();

    /* JADX INFO: Access modifiers changed from: protected */
    public TrustManagerFactory getTrustManagerFactory() {
        try {
            Optional<KeyStore> trustStore = getTrustStore();
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(trustStore.orElse(null));
            return trustManagerFactory;
        } catch (Exception e) {
            throw new SslConfigurationException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Optional<KeyStore> getTrustStore() throws Exception {
        if (this.trustStoreCache == null) {
            SslConfiguration.TrustStoreConfiguration trustStore = this.ssl.getTrustStore();
            if (!trustStore.getPath().isPresent()) {
                return Optional.empty();
            }
            this.trustStoreCache = load(trustStore.getType(), trustStore.getPath().get(), trustStore.getPassword());
        }
        return Optional.of(this.trustStoreCache);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public KeyManagerFactory getKeyManagerFactory() {
        try {
            Optional<KeyStore> keyStore = getKeyStore();
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            char[] cArr = (char[]) this.ssl.getKey().getPassword().map((v0) -> {
                return v0.toCharArray();
            }).orElse(null);
            if (cArr == null && this.ssl.getKeyStore().getPassword().isPresent()) {
                cArr = this.ssl.getKeyStore().getPassword().get().toCharArray();
            }
            keyManagerFactory.init(keyStore.orElse(null), cArr);
            return keyManagerFactory;
        } catch (Exception e) {
            throw new SslConfigurationException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Optional<KeyStore> getKeyStore() throws Exception {
        if (this.keyStoreCache == null) {
            SslConfiguration.KeyStoreConfiguration keyStore = this.ssl.getKeyStore();
            if (!keyStore.getPath().isPresent()) {
                return Optional.empty();
            }
            this.keyStoreCache = load(keyStore.getType(), keyStore.getPath().get(), keyStore.getPassword());
        }
        return Optional.of(this.keyStoreCache);
    }

    protected KeyStore load(Optional<String> optional, String str, Optional<String> optional2) throws Exception {
        String orElse = optional.orElse(SSL.DEFAULT_KEYSTORE_TYPE);
        String orElse2 = optional2.orElse(null);
        KeyStore keyStore = KeyStore.getInstance(orElse);
        Optional<URL> resource = this.resourceResolver.getResource(str);
        if (!resource.isPresent()) {
            throw new SslConfigurationException("The resource " + str + " could not be found");
        }
        keyStore.load(resource.get().openStream(), orElse2 == null ? null : orElse2.toCharArray());
        return keyStore;
    }
}
