package io.micronaut.http.ssl;

import io.micronaut.core.annotation.Nullable;
import io.micronaut.core.io.ResourceResolver;
import io.micronaut.http.HttpVersion;
import io.micronaut.http.ssl.SslConfiguration;
import java.net.URL;
import java.security.KeyStore;
import java.util.Optional;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:io/micronaut/http/ssl/SslBuilder.class */
public abstract class SslBuilder<T> {
    private final ResourceResolver resourceResolver;

    public SslBuilder(ResourceResolver resourceResolver) {
        this.resourceResolver = resourceResolver;
    }

    public abstract Optional<T> build(SslConfiguration sslConfiguration);

    public abstract Optional<T> build(SslConfiguration sslConfiguration, HttpVersion httpVersion);

    @Nullable
    protected TrustManagerFactory getTrustManagerFactory(SslConfiguration sslConfiguration) {
        try {
            Optional<KeyStore> trustStore = getTrustStore(sslConfiguration);
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(trustStore.orElse(null));
            return trustManagerFactory;
        } catch (Exception e) {
            throw new SslConfigurationException(e);
        }
    }

    protected Optional<KeyStore> getTrustStore(SslConfiguration sslConfiguration) throws Exception {
        SslConfiguration.TrustStoreConfiguration trustStore = sslConfiguration.getTrustStore();
        return !trustStore.getPath().isPresent() ? Optional.empty() : Optional.of(load(trustStore.getType(), trustStore.getPath().get(), trustStore.getPassword()));
    }

    protected KeyManagerFactory getKeyManagerFactory(SslConfiguration sslConfiguration) {
        try {
            Optional<KeyStore> keyStore = getKeyStore(sslConfiguration);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            char[] cArr = (char[]) sslConfiguration.getKey().getPassword().map((v0) -> {
                return v0.toCharArray();
            }).orElse(null);
            if (cArr == null && sslConfiguration.getKeyStore().getPassword().isPresent()) {
                cArr = sslConfiguration.getKeyStore().getPassword().get().toCharArray();
            }
            keyManagerFactory.init(keyStore.orElse(null), cArr);
            return keyManagerFactory;
        } catch (Exception e) {
            throw new SslConfigurationException(e);
        }
    }

    protected Optional<KeyStore> getKeyStore(SslConfiguration sslConfiguration) throws Exception {
        SslConfiguration.KeyStoreConfiguration keyStore = sslConfiguration.getKeyStore();
        return !keyStore.getPath().isPresent() ? Optional.empty() : Optional.of(load(keyStore.getType(), keyStore.getPath().get(), keyStore.getPassword()));
    }

    protected KeyStore load(Optional<String> optional, String str, Optional<String> optional2) throws Exception {
        String orElse = optional.orElse("JKS");
        String orElse2 = optional2.orElse(null);
        KeyStore keyStore = KeyStore.getInstance(orElse);
        Optional resource = this.resourceResolver.getResource(str);
        if (!resource.isPresent()) {
            throw new SslConfigurationException("The resource " + str + " could not be found");
        }
        keyStore.load(((URL) resource.get()).openStream(), orElse2 == null ? null : orElse2.toCharArray());
        return keyStore;
    }
}
