package io.quarkus.vault.runtime.client;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:io/quarkus/vault/runtime/client/CertificateHelper.class */
public class CertificateHelper {
    private static String CERT_BUNDLE_PATTERN = "-----BEGIN CERTIFICATE-----.*?-----END CERTIFICATE-----";
    private static Pattern certBundlePattern = Pattern.compile(CERT_BUNDLE_PATTERN, 32);

    public static TrustManager[] createTrustManagers(String str) throws GeneralSecurityException, IOException {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null);
        int i = 0;
        Matcher matcher = certBundlePattern.matcher(new String(Files.readAllBytes(Paths.get(str, new String[0])), StandardCharsets.UTF_8));
        for (int i2 = 0; matcher.find(i2); i2 = matcher.end()) {
            int i3 = i;
            i++;
            keyStore.setCertificateEntry("cert_" + i3, (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(matcher.group().getBytes(StandardCharsets.UTF_8))));
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        return trustManagerFactory.getTrustManagers();
    }

    public static SSLContext createSslContext(TrustManager[] trustManagerArr) throws GeneralSecurityException {
        SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
        sSLContext.init(new KeyManager[0], trustManagerArr, null);
        return sSLContext;
    }
}
