package gr.cite.tools.elastic.configuration;

import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.stereotype.Component;
import org.springframework.util.ResourceUtils;

@ConditionalOnProperty(name = {"elastic.enabled"}, havingValue = "true")
@Component
/* loaded from: input_file:gr/cite/tools/elastic/configuration/ElasticCertificateProvider.class */
public class ElasticCertificateProvider {
    private final ElasticProperties elasticProperties;
    private Map<String, List<X509Certificate>> validCertificates;
    private KeyStore clientCredentialKeyStore;

    public ElasticCertificateProvider(ElasticProperties elasticProperties) {
        this.elasticProperties = elasticProperties;
        init();
    }

    private void init() {
        FileInputStream fileInputStream;
        this.validCertificates = new HashMap();
        this.clientCredentialKeyStore = null;
        if (this.elasticProperties.getServerCertificatePaths() != null) {
            for (String str : this.elasticProperties.getServerCertificatePaths()) {
                if (str != null && !str.isBlank()) {
                    try {
                        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                        fileInputStream = new FileInputStream(ResourceUtils.getFile(str));
                        try {
                            X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(fileInputStream);
                            fileInputStream.close();
                            if (this.validCertificates.containsKey(x509Certificate.getIssuerDN().getName())) {
                                this.validCertificates.get(x509Certificate.getIssuerDN().getName()).add(x509Certificate);
                            } else {
                                this.validCertificates.put(x509Certificate.getIssuerDN().getName(), List.of(x509Certificate));
                            }
                        } catch (Throwable th) {
                            throw th;
                        }
                    } catch (UnsupportedEncodingException e) {
                        throw new RuntimeException(e);
                    } catch (IOException e2) {
                        throw new RuntimeException(e2);
                    } catch (CertificateException e3) {
                        throw new RuntimeException(e3);
                    }
                }
            }
        }
        if (this.elasticProperties.getCredentialCertificatePath() == null || this.elasticProperties.getCredentialCertificatePath().isBlank() || this.elasticProperties.getCredentialCertificatePassword() == null || this.elasticProperties.getCredentialCertificatePassword().isBlank()) {
            return;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            fileInputStream = new FileInputStream(ResourceUtils.getFile(this.elasticProperties.getCredentialCertificatePath()));
            try {
                keyStore.load(fileInputStream, this.elasticProperties.getCredentialCertificatePassword().toCharArray());
                this.clientCredentialKeyStore = keyStore;
                fileInputStream.close();
            } finally {
                fileInputStream.close();
            }
        } catch (FileNotFoundException e4) {
            throw new RuntimeException(e4);
        } catch (IOException e5) {
            throw new RuntimeException(e5);
        } catch (KeyStoreException e6) {
            throw new RuntimeException(e6);
        } catch (NoSuchAlgorithmException e7) {
            throw new RuntimeException(e7);
        } catch (CertificateException e8) {
            throw new RuntimeException(e8);
        }
    }

    public List<X509Certificate> getCertificate(String str) {
        return this.validCertificates.getOrDefault(str, null);
    }

    public KeyStore getClientCredentialKeyStore() {
        return this.clientCredentialKeyStore;
    }
}
