package akka.remote.artery.tcp.ssl;

import akka.annotation.InternalApi;
import akka.pki.pem.DERPrivateKeyLoader$;
import akka.pki.pem.PEMDecoder$;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.Serializable;
import java.nio.charset.Charset;
import java.nio.file.Files;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import scala.concurrent.package$;
import scala.runtime.ModuleSerializationProxy;

/* compiled from: PemManagersProvider.scala */
@InternalApi
/* loaded from: input_file:akka/remote/artery/tcp/ssl/PemManagersProvider$.class */
public final class PemManagersProvider$ implements Serializable {
    public static final PemManagersProvider$ MODULE$ = new PemManagersProvider$();
    private static final CertificateFactory certFactory = CertificateFactory.getInstance("X.509");

    private PemManagersProvider$() {
    }

    private Object writeReplace() {
        return new ModuleSerializationProxy(PemManagersProvider$.class);
    }

    @InternalApi
    public KeyManager[] buildKeyManagers(PrivateKey privateKey, X509Certificate x509Certificate, Certificate certificate) {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null);
        keyStore.setCertificateEntry("cert", x509Certificate);
        keyStore.setCertificateEntry("cacert", certificate);
        keyStore.setKeyEntry("private-key", privateKey, "changeit".toCharArray(), new Certificate[]{x509Certificate, certificate});
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, "changeit".toCharArray());
        return keyManagerFactory.getKeyManagers();
    }

    @InternalApi
    public TrustManager[] buildTrustManagers(Certificate certificate) {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null);
        keyStore.setCertificateEntry("cacert", certificate);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        return trustManagerFactory.getTrustManagers();
    }

    @InternalApi
    public PrivateKey loadPrivateKey(String str) {
        return (PrivateKey) package$.MODULE$.blocking(() -> {
            return r1.loadPrivateKey$$anonfun$1(r2);
        });
    }

    @InternalApi
    public Certificate loadCertificate(String str) {
        return (Certificate) package$.MODULE$.blocking(() -> {
            return r1.loadCertificate$$anonfun$1(r2);
        });
    }

    private final PrivateKey loadPrivateKey$$anonfun$1(String str) {
        return DERPrivateKeyLoader$.MODULE$.load(PEMDecoder$.MODULE$.decode(new String(Files.readAllBytes(new File(str).toPath()), Charset.forName("UTF-8"))));
    }

    private final Certificate loadCertificate$$anonfun$1(String str) {
        return certFactory.generateCertificate(new ByteArrayInputStream(Files.readAllBytes(new File(str).toPath())));
    }
}
