package org.springframework.boot.web.server;

import java.io.InputStream;
import java.security.KeyStore;
import org.springframework.util.Assert;
import org.springframework.util.ResourceUtils;
import org.springframework.util.StringUtils;

/* loaded from: input_file:org/springframework/boot/web/server/JavaKeyStoreSslStoreProvider.class */
final class JavaKeyStoreSslStoreProvider implements SslStoreProvider {
    private final Ssl ssl;

    private JavaKeyStoreSslStoreProvider(Ssl ssl) {
        this.ssl = ssl;
    }

    @Override // org.springframework.boot.web.server.SslStoreProvider
    public KeyStore getKeyStore() throws Exception {
        return createKeyStore(this.ssl.getKeyStoreType(), this.ssl.getKeyStoreProvider(), this.ssl.getKeyStore(), this.ssl.getKeyStorePassword());
    }

    @Override // org.springframework.boot.web.server.SslStoreProvider
    public KeyStore getTrustStore() throws Exception {
        if (this.ssl.getTrustStore() == null) {
            return null;
        }
        return createKeyStore(this.ssl.getTrustStoreType(), this.ssl.getTrustStoreProvider(), this.ssl.getTrustStore(), this.ssl.getTrustStorePassword());
    }

    @Override // org.springframework.boot.web.server.SslStoreProvider
    public String getKeyPassword() {
        return this.ssl.getKeyPassword();
    }

    private KeyStore createKeyStore(String str, String str2, String str3, String str4) throws Exception {
        String str5 = str != null ? str : "JKS";
        char[] charArray = str4 != null ? str4.toCharArray() : null;
        KeyStore keyStore = str2 != null ? KeyStore.getInstance(str5, str2) : KeyStore.getInstance(str5);
        if (str5.equalsIgnoreCase("PKCS11")) {
            Assert.state(!StringUtils.hasText(str3), () -> {
                return "KeyStore location is '" + str3 + "', but must be empty or null for PKCS11 key stores";
            });
            keyStore.load(null, charArray);
        } else {
            Assert.state(StringUtils.hasText(str3), () -> {
                return "KeyStore location must not be empty or null";
            });
            try {
                InputStream openStream = ResourceUtils.getURL(str3).openStream();
                try {
                    keyStore.load(openStream, charArray);
                    if (openStream != null) {
                        openStream.close();
                    }
                } finally {
                }
            } catch (Exception e) {
                throw new IllegalStateException("Could not load key store '" + str3 + "'", e);
            }
        }
        return keyStore;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SslStoreProvider from(Ssl ssl) {
        if (ssl == null || !ssl.isEnabled()) {
            return null;
        }
        return new JavaKeyStoreSslStoreProvider(ssl);
    }
}
