package org.zowe.apiml.cloudgatewayservice.service;

import jakarta.annotation.PostConstruct;
import java.io.IOException;
import java.io.StringWriter;
import java.security.cert.Certificate;
import lombok.Generated;
import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
import org.zowe.apiml.cloudgatewayservice.config.ConnectionsConfig;
import org.zowe.apiml.message.log.ApimlLogger;
import org.zowe.apiml.message.yaml.YamlMessageServiceInstance;
import org.zowe.apiml.security.HttpsConfig;
import org.zowe.apiml.security.HttpsConfigError;
import org.zowe.apiml.security.SecurityUtils;

@Service
/* loaded from: input_file:BOOT-INF/classes/org/zowe/apiml/cloudgatewayservice/service/CertificateChainService.class */
public class CertificateChainService {

    @Generated
    private static final Logger log = LoggerFactory.getLogger((Class<?>) CertificateChainService.class);
    private static final ApimlLogger apimlLog = ApimlLogger.of(CertificateChainService.class, YamlMessageServiceInstance.getInstance());
    Certificate[] certificates;
    private final ConnectionsConfig connectionsConfig;

    public String getCertificatesInPEMFormat() {
        StringWriter stringWriter = new StringWriter();
        if (this.certificates != null && this.certificates.length > 0) {
            try {
                JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(stringWriter);
                try {
                    for (Certificate certificate : this.certificates) {
                        jcaPEMWriter.writeObject(certificate);
                    }
                    jcaPEMWriter.close();
                } finally {
                }
            } catch (IOException e) {
                log.error("Failed to convert a certificate to PEM format. {}", e.getMessage());
                return null;
            }
        }
        return stringWriter.toString();
    }

    @PostConstruct
    void loadCertChain() {
        HttpsConfig config = this.connectionsConfig.factory().getConfig();
        try {
            this.certificates = SecurityUtils.loadCertificateChain(config);
        } catch (Exception e) {
            apimlLog.log("org.zowe.apiml.common.sslContextInitializationError", e.getMessage());
            throw new HttpsConfigError("Error initializing SSL Context: " + e.getMessage(), e, HttpsConfigError.ErrorCode.HTTP_CLIENT_INITIALIZATION_FAILED, config);
        }
    }

    @Generated
    public CertificateChainService(ConnectionsConfig connectionsConfig) {
        this.connectionsConfig = connectionsConfig;
    }
}
