package com.helger.dbnalliance.commons.security;

import com.helger.commons.annotation.Nonempty;
import com.helger.security.certificate.TrustedCAChecker;
import com.helger.security.keystore.EKeyStoreType;
import com.helger.security.keystore.ITrustStoreDescriptor;
import com.helger.security.keystore.TrustStoreDescriptor;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.X509Certificate;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.annotation.concurrent.Immutable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Immutable
/* loaded from: input_file:com/helger/dbnalliance/commons/security/DBNAllianceTrustStores.class */
public final class DBNAllianceTrustStores {
    public static final String TRUSTSTORE_PASSWORD = "dbnalliance";
    private static final Logger LOGGER = LoggerFactory.getLogger(DBNAllianceTrustStores.class);
    private static final DBNAllianceTrustStores INSTANCE = new DBNAllianceTrustStores();

    @Immutable
    /* loaded from: input_file:com/helger/dbnalliance/commons/security/DBNAllianceTrustStores$Config2023.class */
    public static final class Config2023 {
        public static final EKeyStoreType TRUSTSTORE_TYPE = EKeyStoreType.PKCS12;
        public static final String TRUSTSTORE_PILOT_CLASSPATH = "truststore-dbnalliance/2023/pilot-truststore.p12";
        public static final ITrustStoreDescriptor TRUSTSTORE_DESCRIPTOR_PILOT = TrustStoreDescriptor.builder().type(TRUSTSTORE_TYPE).path(TRUSTSTORE_PILOT_CLASSPATH).password(DBNAllianceTrustStores.TRUSTSTORE_PASSWORD).build();
        public static final KeyStore TRUSTSTORE_PILOT = TRUSTSTORE_DESCRIPTOR_PILOT.loadTrustStore().getKeyStore();
        public static final String TRUSTSTORE_PILOT_ALIAS_ROOT = "dbnalliance demo root ca";
        public static final X509Certificate CERTIFICATE_PILOT_ROOT;
        public static final String TRUSTSTORE_PILOT_ALIAS_INTERMEDIATE = "dbnalliance demo intermediate test (dbnalliance demo root ca)";
        public static final X509Certificate CERTIFICATE_PILOT_INTERMEDIATE;
        public static final TrustedCAChecker PILOT_CA;

        private Config2023() {
        }

        static {
            if (TRUSTSTORE_PILOT == null) {
                throw new IllegalStateException("Failed to load pre-configured production Pilot trust store");
            }
            CERTIFICATE_PILOT_ROOT = DBNAllianceTrustStores._resolveCert(TRUSTSTORE_PILOT, TRUSTSTORE_PILOT_ALIAS_ROOT);
            CERTIFICATE_PILOT_INTERMEDIATE = DBNAllianceTrustStores._resolveCert(TRUSTSTORE_PILOT, TRUSTSTORE_PILOT_ALIAS_INTERMEDIATE);
            PILOT_CA = new TrustedCAChecker(new X509Certificate[]{CERTIFICATE_PILOT_INTERMEDIATE});
        }
    }

    @Nullable
    private static X509Certificate _resolveCert(@Nonnull KeyStore keyStore, @Nonnull @Nonempty String str) {
        try {
            X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(str);
            if (x509Certificate == null) {
                LOGGER.warn("Failed to resolve alias '" + str + "' in trust store");
            }
            return x509Certificate;
        } catch (KeyStoreException e) {
            LOGGER.warn("Failed to resolve alias '" + str + "' in trust store.", e);
            return null;
        }
    }

    private DBNAllianceTrustStores() {
    }
}
