package org.apache.pekko.pki.kubernetes;

import ch.qos.logback.core.net.ssl.SSL;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.nio.charset.Charset;
import java.nio.file.Files;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.apache.pekko.annotation.InternalApi;
import org.apache.pekko.pki.pem.DERPrivateKeyLoader$;
import org.apache.pekko.pki.pem.PEMDecoder$;
import org.apache.pekko.util.ccompat.package$JavaConverters$;
import scala.collection.Iterable;
import scala.concurrent.package$;
import scala.runtime.BoxedUnit;
import scala.util.Random$;

/* compiled from: PemManagersProvider.scala */
@InternalApi
/* loaded from: input_file:org/apache/pekko/pki/kubernetes/PemManagersProvider$.class */
public final class PemManagersProvider$ {
    public static final PemManagersProvider$ MODULE$ = new PemManagersProvider$();
    private static final CertificateFactory certFactory = CertificateFactory.getInstance("X.509");

    @InternalApi
    public TrustManager[] buildTrustManagers(Iterable<Certificate> iterable) {
        KeyStore keyStore = KeyStore.getInstance(SSL.DEFAULT_KEYSTORE_TYPE);
        keyStore.load(null);
        iterable.foreach(certificate -> {
            $anonfun$buildTrustManagers$1(keyStore, certificate);
            return BoxedUnit.UNIT;
        });
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        return trustManagerFactory.getTrustManagers();
    }

    @InternalApi
    public PrivateKey loadPrivateKey(String str) {
        return (PrivateKey) package$.MODULE$.blocking(() -> {
            return DERPrivateKeyLoader$.MODULE$.load(PEMDecoder$.MODULE$.decode(new String(Files.readAllBytes(new File(str).toPath()), Charset.forName("UTF-8"))));
        });
    }

    private CertificateFactory certFactory() {
        return certFactory;
    }

    @InternalApi
    public Iterable<Certificate> loadCertificates(String str) {
        return (Iterable) package$.MODULE$.blocking(() -> {
            return package$JavaConverters$.MODULE$.CollectionHasAsScala(MODULE$.certFactory().generateCertificates(new ByteArrayInputStream(Files.readAllBytes(new File(str).toPath())))).asScala();
        });
    }

    public static final /* synthetic */ void $anonfun$buildTrustManagers$1(KeyStore keyStore, Certificate certificate) {
        keyStore.setCertificateEntry(new StringBuilder(7).append("cacert-").append(Random$.MODULE$.alphanumeric().take(6).mkString("")).toString(), certificate);
    }

    private PemManagersProvider$() {
    }
}
