package cern.rbac.client.impl;

import cern.rbac.common.RbacConfiguration;
import cern.rbac.common.impl.keys.KeyStoreLoader;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;

/* loaded from: input_file:BOOT-INF/lib/rbac-client-6.0.2.jar:cern/rbac/client/impl/SslRbaKeyStore.class */
public final class SslRbaKeyStore {
    private static Map<RbacConfiguration.Environment, KeyStore> environmentToKeyStores = new ConcurrentHashMap();
    private static final String SSL_KEYSTORE_NAME = "keys/rbac-pro-ssl.key";
    private static final String SSL_KEYSTORE_PASSWD = "trustnoone";
    private static final String SSL_INT_KEYSTORE_NAME = "keys/rbac-int-ssl.key";
    private static final String SSL_INT_KEYSTORE_PASSWD = "trustintssl";
    private static final String SSL_TEST_KEYSTORE_NAME = "keys/rbac-test-ssl.key";
    private static final String SSL_TEST_KEYSTORE_PASSWD = "trusttestssl";

    private SslRbaKeyStore() {
    }

    public static synchronized KeyStore getPublicKeyStore(RbacConfiguration.Environment environment) {
        return environmentToKeyStores.computeIfAbsent(environment, environment2 -> {
            try {
                return loadSslKeyStore(environment2);
            } catch (GeneralSecurityException e) {
                throw new RuntimeException(e);
            }
        });
    }

    private static KeyStore loadSslKeyStore(RbacConfiguration.Environment environment) throws GeneralSecurityException {
        return KeyStoreLoader.loadKeyStore(getSslKeystoreName(environment), getSslKeystorePassword(environment));
    }

    private static String getSslKeystoreName(RbacConfiguration.Environment environment) {
        return (String) environment.selectValue(SSL_KEYSTORE_NAME, SSL_TEST_KEYSTORE_NAME, SSL_INT_KEYSTORE_NAME);
    }

    private static String getSslKeystorePassword(RbacConfiguration.Environment environment) {
        return (String) environment.selectValue(SSL_KEYSTORE_PASSWD, SSL_TEST_KEYSTORE_PASSWD, SSL_INT_KEYSTORE_PASSWD);
    }
}
