package org.eclipse.edc.spi.security;

import java.io.ByteArrayInputStream;
import java.security.GeneralSecurityException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Base64;
import org.eclipse.edc.spi.EdcException;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* loaded from: input_file:org/eclipse/edc/spi/security/VaultCertificateResolver.class */
public class VaultCertificateResolver implements CertificateResolver {
    public static final String HEADER = "-----BEGIN CERTIFICATE-----";
    public static final String FOOTER = "-----END CERTIFICATE-----";
    public static final String EDC_EXCEPTION_MESSAGE = "Found certificate with id [%s], but failed to convert it";

    @NotNull
    private final Vault vault;

    public VaultCertificateResolver(@NotNull Vault vault) {
        this.vault = vault;
    }

    @Override // org.eclipse.edc.spi.security.CertificateResolver
    @Nullable
    public X509Certificate resolveCertificate(String str) {
        String resolveSecret = this.vault.resolveSecret(str);
        if (resolveSecret == null) {
            return null;
        }
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.getDecoder().decode(resolveSecret.replace("-----BEGIN CERTIFICATE-----", "").replaceAll(System.lineSeparator(), "").replace("-----END CERTIFICATE-----", "").getBytes())));
        } catch (IllegalArgumentException | GeneralSecurityException e) {
            throw new EdcException(String.format(EDC_EXCEPTION_MESSAGE, str), e);
        }
    }
}
