package org.apache.nifi.web.util.ssl;

import java.io.File;
import javax.net.ssl.SSLContext;
import org.apache.commons.lang3.StringUtils;
import org.apache.nifi.security.util.SslContextFactory;
import org.apache.nifi.security.util.StandardTlsConfiguration;
import org.apache.nifi.security.util.TemporaryKeyStoreBuilder;
import org.apache.nifi.security.util.TlsConfiguration;
import org.apache.nifi.security.util.TlsException;

/* loaded from: input_file:org/apache/nifi/web/util/ssl/SslContextUtils.class */
public class SslContextUtils {
    private static final TlsConfiguration TLS_CONFIGURATION;
    private static final TlsConfiguration KEYSTORE_TLS_CONFIGURATION;
    private static final TlsConfiguration TRUSTSTORE_TLS_CONFIGURATION;

    public static SSLContext createKeyStoreSslContext() throws TlsException {
        return SslContextFactory.createSslContext(KEYSTORE_TLS_CONFIGURATION);
    }

    public static SSLContext createTrustStoreSslContext() throws TlsException {
        return SslContextFactory.createSslContext(TRUSTSTORE_TLS_CONFIGURATION);
    }

    public static SSLContext createSslContext(TlsConfiguration tlsConfiguration) throws TlsException {
        String keystorePath = tlsConfiguration.getKeystorePath();
        if (StringUtils.isNotBlank(keystorePath)) {
            new File(keystorePath).deleteOnExit();
        }
        String truststorePath = tlsConfiguration.getTruststorePath();
        if (StringUtils.isNotBlank(truststorePath)) {
            new File(truststorePath).deleteOnExit();
        }
        SSLContext createSslContext = SslContextFactory.createSslContext(tlsConfiguration);
        if (createSslContext == null) {
            throw new TlsException(String.format("Failed to create SSLContext from Configuration %s", tlsConfiguration));
        }
        return createSslContext;
    }

    static {
        try {
            TLS_CONFIGURATION = new TemporaryKeyStoreBuilder().build();
            KEYSTORE_TLS_CONFIGURATION = new StandardTlsConfiguration(TLS_CONFIGURATION.getKeystorePath(), TLS_CONFIGURATION.getKeystorePassword(), TLS_CONFIGURATION.getKeyPassword(), TLS_CONFIGURATION.getKeystoreType().getType(), TLS_CONFIGURATION.getTruststorePath(), TLS_CONFIGURATION.getTruststorePassword(), TLS_CONFIGURATION.getTruststoreType().getType());
            TRUSTSTORE_TLS_CONFIGURATION = new StandardTlsConfiguration((String) null, (String) null, (String) null, (String) null, TLS_CONFIGURATION.getTruststorePath(), TLS_CONFIGURATION.getTruststorePassword(), TLS_CONFIGURATION.getTruststoreType().getType());
        } catch (Exception e) {
            throw new IllegalStateException("Failed to create TLS configuration for testing", e);
        }
    }
}
