package community.solace.spring.boot.starter.solaceclientconfig;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.time.Instant;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:community/solace/spring/boot/starter/solaceclientconfig/KeyStoreFactory.class */
final class KeyStoreFactory {
    static final String INTERNAL_PASSWORD = "internalPassword";
    private static final Logger LOG = LoggerFactory.getLogger(KeyStoreFactory.class);
    private final PemFormatTransformer pemFormatTransformer;

    /* JADX INFO: Access modifiers changed from: package-private */
    public KeyStoreFactory(PemFormatTransformer pemFormatTransformer) {
        this.pemFormatTransformer = pemFormatTransformer;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public KeyStore createClientKeyStore(String str, String str2) throws GeneralSecurityException, IOException {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        PrivateKey privateKey = this.pemFormatTransformer.getPrivateKey(str);
        try {
            keyStore.setKeyEntry("pk", privateKey, INTERNAL_PASSWORD.toCharArray(), this.pemFormatTransformer.getCertificates(str2));
            return keyStore;
        } catch (Exception e) {
            throw new IllegalArgumentException("SSL_CLIENT_CERT: " + e.getMessage(), e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getClientKeyStorePassword() {
        return INTERNAL_PASSWORD;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public KeyStore createTrustStore(String str) throws GeneralSecurityException, IOException {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        try {
            Certificate[] certificates = this.pemFormatTransformer.getCertificates(str);
            for (int i = 0; i < certificates.length; i++) {
                keyStore.setCertificateEntry("ts" + i, certificates[i]);
            }
            return keyStore;
        } catch (Exception e) {
            throw new IllegalArgumentException("SSL_TRUST_CERT: " + e.getMessage(), e);
        }
    }

    public Instant getValidTo(String str) {
        try {
            return ((X509Certificate) this.pemFormatTransformer.getCertificates(str)[0]).getNotAfter().toInstant();
        } catch (IOException | CertificateException e) {
            LOG.error("Unable to extract notAfter date from certificate", e);
            return null;
        }
    }
}
