package org.springframework.boot.buildpack.platform.docker.ssl;

import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

/* loaded from: input_file:BOOT-INF/lib/spring-boot-buildpack-platform-3.3.0.jar:org/springframework/boot/buildpack/platform/docker/ssl/KeyStoreFactory.class */
final class KeyStoreFactory {
    private static final char[] NO_PASSWORD = new char[0];

    private KeyStoreFactory() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static KeyStore create(Path path, Path path2, String str) {
        try {
            KeyStore keyStore = getKeyStore();
            try {
                addCertificates(keyStore, CertificateParser.parse(path), getPrivateKey(path2), str);
                return keyStore;
            } catch (KeyStoreException e) {
                throw new IllegalStateException("Error adding certificates to KeyStore: " + e.getMessage(), e);
            }
        } catch (IOException | GeneralSecurityException e2) {
            throw new IllegalStateException("Error creating KeyStore: " + e2.getMessage(), e2);
        }
    }

    private static KeyStore getKeyStore() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null);
        return keyStore;
    }

    private static PrivateKey getPrivateKey(Path path) {
        if (path == null || !Files.exists(path, new LinkOption[0])) {
            return null;
        }
        return PrivateKeyParser.parse(path);
    }

    private static void addCertificates(KeyStore keyStore, X509Certificate[] x509CertificateArr, PrivateKey privateKey, String str) throws KeyStoreException {
        if (privateKey != null) {
            keyStore.setKeyEntry(str, privateKey, NO_PASSWORD, x509CertificateArr);
            return;
        }
        for (int i = 0; i < x509CertificateArr.length; i++) {
            keyStore.setCertificateEntry(str + "-" + i, x509CertificateArr[i]);
        }
    }
}
