package org.springframework.boot.buildpack.platform.docker.ssl;

import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import org.springframework.util.Assert;

/* loaded from: input_file:BOOT-INF/lib/spring-boot-buildpack-platform-3.3.0.jar:org/springframework/boot/buildpack/platform/docker/ssl/SslContextFactory.class */
public class SslContextFactory {
    private static final char[] NO_PASSWORD = new char[0];
    private static final String KEY_STORE_ALIAS = "spring-boot-docker";

    public SSLContext forDirectory(String str) {
        try {
            Path path = Paths.get(str, "key.pem");
            Path path2 = Paths.get(str, "cert.pem");
            Path path3 = Paths.get(str, "ca.pem");
            Path path4 = Paths.get(str, "ca-key.pem");
            verifyCertificateFiles(path, path2, path3);
            KeyManagerFactory keyManagerFactory = getKeyManagerFactory(path, path2);
            TrustManagerFactory trustManagerFactory = getTrustManagerFactory(path3, path4);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
            return sSLContext;
        } catch (RuntimeException e) {
            throw e;
        } catch (Exception e2) {
            throw new RuntimeException(e2.getMessage(), e2);
        }
    }

    private KeyManagerFactory getKeyManagerFactory(Path path, Path path2) throws Exception {
        KeyStore create = KeyStoreFactory.create(path2, path, KEY_STORE_ALIAS);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(create, NO_PASSWORD);
        return keyManagerFactory;
    }

    private TrustManagerFactory getTrustManagerFactory(Path path, Path path2) throws NoSuchAlgorithmException, KeyStoreException {
        KeyStore create = KeyStoreFactory.create(path, path2, KEY_STORE_ALIAS);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(create);
        return trustManagerFactory;
    }

    private static void verifyCertificateFiles(Path... pathArr) {
        for (Path path : pathArr) {
            Assert.state(Files.exists(path, new LinkOption[0]) && Files.isRegularFile(path, new LinkOption[0]), "Certificate path must contain the files 'ca.pem', 'cert.pem', and 'key.pem' files");
        }
    }
}
