package org.apereo.cas.util.ssl;

import java.io.InputStream;
import java.security.KeyStore;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import lombok.Generated;
import org.apereo.cas.configuration.model.core.util.ClientCertificateProperties;
import org.apereo.cas.util.RandomUtils;
import org.apereo.cas.util.function.FunctionUtils;

/* loaded from: input_file:org/apereo/cas/util/ssl/SSLUtils.class */
public final class SSLUtils {
    public static KeyManagerFactory buildKeystore(ClientCertificateProperties clientCertificateProperties) {
        return (KeyManagerFactory) FunctionUtils.doUnchecked(() -> {
            InputStream inputStream = clientCertificateProperties.getCertificate().getLocation().getInputStream();
            try {
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                KeyStore keyStore = KeyStore.getInstance("PKCS12");
                keyStore.load(inputStream, clientCertificateProperties.getPassphrase().toCharArray());
                keyManagerFactory.init(keyStore, clientCertificateProperties.getPassphrase().toCharArray());
                if (inputStream != null) {
                    inputStream.close();
                }
                return keyManagerFactory;
            } catch (Throwable th) {
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        });
    }

    public static SSLContext buildSSLContext(ClientCertificateProperties clientCertificateProperties) {
        return (SSLContext) FunctionUtils.doUnchecked(() -> {
            KeyManagerFactory buildKeystore = buildKeystore(clientCertificateProperties);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(buildKeystore.getKeyManagers(), null, RandomUtils.getNativeInstance());
            return sSLContext;
        });
    }

    @Generated
    private SSLUtils() {
        throw new UnsupportedOperationException("This is a utility class and cannot be instantiated");
    }
}
