package cz.scholz.kafka.x509configprovider;

import java.io.File;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import org.apache.kafka.common.config.ConfigData;
import org.apache.kafka.common.config.provider.ConfigProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:cz/scholz/kafka/x509configprovider/X509TruststoreConfigProvider.class */
public class X509TruststoreConfigProvider extends AbstractX509ConfigProvider implements ConfigProvider {
    private static final Logger LOGGER = LoggerFactory.getLogger(X509TruststoreConfigProvider.class);

    public ConfigData get(String str) {
        HashSet hashSet = new HashSet();
        if (str != null && !str.isEmpty()) {
            hashSet.add(str);
        }
        return getTrustStoreConfig(hashSet);
    }

    public ConfigData get(String str, Set<String> set) {
        HashSet hashSet = new HashSet(set);
        if (str != null && !str.isEmpty()) {
            hashSet.add(str);
        }
        return getTrustStoreConfig(hashSet);
    }

    public void close() {
        LOGGER.info("Closing X509TruststoreConfigProvider");
    }

    public void configure(Map<String, ?> map) {
        LOGGER.info("Configuring X509TruststoreConfigProvider: {}", map);
    }

    private ConfigData getTrustStoreConfig(Set<String> set) {
        LOGGER.info("Generating truststore with certificates {}", set);
        String absolutePath = setupTrustStore("".toCharArray(), certificates(set)).getAbsolutePath();
        HashMap hashMap = new HashMap();
        Iterator<String> it = set.iterator();
        while (it.hasNext()) {
            hashMap.put(it.next(), absolutePath);
        }
        LOGGER.info("New truststore {} is ready", absolutePath);
        return new ConfigData(hashMap);
    }

    private File setupTrustStore(char[] cArr, Set<Certificate> set) {
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load(null, null);
            int i = 0;
            Iterator<Certificate> it = set.iterator();
            while (it.hasNext()) {
                int i2 = i;
                i++;
                keyStore.setCertificateEntry("trusted-" + i2, it.next());
            }
            return store(cArr, keyStore);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }
}
