package org.apache.pulsar.client.impl.auth;

import java.security.KeyManagementException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import org.apache.pulsar.client.api.AuthenticationDataProvider;
import org.apache.pulsar.common.util.FileModifiedTimeUpdater;
import org.apache.pulsar.common.util.SecurityUtility;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:META-INF/bundled-dependencies/pulsar-client-original-2.4.1.jar:org/apache/pulsar/client/impl/auth/AuthenticationDataTls.class */
public class AuthenticationDataTls implements AuthenticationDataProvider {
    protected X509Certificate[] tlsCertificates;
    protected PrivateKey tlsPrivateKey;
    protected FileModifiedTimeUpdater certFile;
    protected FileModifiedTimeUpdater keyFile;
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) AuthenticationDataTls.class);

    public AuthenticationDataTls(String str, String str2) throws KeyManagementException {
        if (str == null) {
            throw new IllegalArgumentException("certFilePath must not be null");
        }
        if (str2 == null) {
            throw new IllegalArgumentException("keyFilePath must not be null");
        }
        this.certFile = new FileModifiedTimeUpdater(str);
        this.keyFile = new FileModifiedTimeUpdater(str2);
        this.tlsCertificates = SecurityUtility.loadCertificatesFromPemFile(str);
        this.tlsPrivateKey = SecurityUtility.loadPrivateKeyFromPemFile(str2);
    }

    @Override // org.apache.pulsar.client.api.AuthenticationDataProvider
    public boolean hasDataForTls() {
        return true;
    }

    @Override // org.apache.pulsar.client.api.AuthenticationDataProvider
    public Certificate[] getTlsCertificates() {
        if (this.certFile.checkAndRefresh()) {
            try {
                this.tlsCertificates = SecurityUtility.loadCertificatesFromPemFile(this.certFile.getFileName());
            } catch (KeyManagementException e) {
                LOG.error("Unable to refresh authData for cert {}: ", this.certFile.getFileName(), e);
            }
        }
        return this.tlsCertificates;
    }

    @Override // org.apache.pulsar.client.api.AuthenticationDataProvider
    public PrivateKey getTlsPrivateKey() {
        if (this.keyFile.checkAndRefresh()) {
            try {
                this.tlsPrivateKey = SecurityUtility.loadPrivateKeyFromPemFile(this.keyFile.getFileName());
            } catch (KeyManagementException e) {
                LOG.error("Unable to refresh authData for cert {}: ", this.keyFile.getFileName(), e);
            }
        }
        return this.tlsPrivateKey;
    }
}
