package org.elasticsearch.xpack.core.ssl;

import java.io.IOException;
import java.nio.file.AccessDeniedException;
import java.nio.file.Path;
import java.security.AccessControlException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509ExtendedTrustManager;
import org.elasticsearch.ElasticsearchException;
import org.elasticsearch.core.Nullable;
import org.elasticsearch.env.Environment;
import org.elasticsearch.xpack.core.ssl.cert.CertificateInfo;

/* loaded from: input_file:lib/x-pack-core-7.17.13.jar:org/elasticsearch/xpack/core/ssl/KeyConfig.class */
abstract class KeyConfig extends TrustConfig {
    static final KeyConfig NONE = new KeyConfig() { // from class: org.elasticsearch.xpack.core.ssl.KeyConfig.1
        @Override // org.elasticsearch.xpack.core.ssl.KeyConfig
        X509ExtendedKeyManager createKeyManager(@Nullable Environment environment) {
            try {
                KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore.load(null, null);
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                keyManagerFactory.init(keyStore, null);
                return (X509ExtendedKeyManager) keyManagerFactory.getKeyManagers()[0];
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) {
                throw new ElasticsearchException("failed to initialize SSL KeyManager", e, new Object[0]);
            }
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        @Override // org.elasticsearch.xpack.core.ssl.TrustConfig
        public X509ExtendedTrustManager createTrustManager(@Nullable Environment environment) {
            return null;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        @Override // org.elasticsearch.xpack.core.ssl.TrustConfig
        public Collection<CertificateInfo> certificates(Environment environment) {
            return Collections.emptyList();
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        @Override // org.elasticsearch.xpack.core.ssl.TrustConfig
        public List<Path> filesToMonitor(@Nullable Environment environment) {
            return Collections.emptyList();
        }

        @Override // org.elasticsearch.xpack.core.ssl.TrustConfig
        public String toString() {
            return "NONE";
        }

        @Override // org.elasticsearch.xpack.core.ssl.TrustConfig
        public boolean equals(Object obj) {
            return obj == this;
        }

        @Override // org.elasticsearch.xpack.core.ssl.TrustConfig
        public int hashCode() {
            return System.identityHashCode(this);
        }

        @Override // org.elasticsearch.xpack.core.ssl.KeyConfig
        List<PrivateKey> privateKeys(@Nullable Environment environment) {
            return Collections.emptyList();
        }
    };

    /* JADX INFO: Access modifiers changed from: package-private */
    public abstract X509ExtendedKeyManager createKeyManager(@Nullable Environment environment);

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ElasticsearchException missingKeyConfigFile(IOException iOException, String str, Path path) {
        return new ElasticsearchException("failed to initialize SSL KeyManager - " + str + " file [{}] does not exist", iOException, path.toAbsolutePath());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ElasticsearchException unreadableKeyConfigFile(AccessDeniedException accessDeniedException, String str, Path path) {
        return new ElasticsearchException("failed to initialize SSL KeyManager - not permitted to read " + str + " file [{}]", accessDeniedException, path.toAbsolutePath());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ElasticsearchException blockedKeyConfigFile(AccessControlException accessControlException, Environment environment, String str, Path path) {
        return new ElasticsearchException("failed to initialize SSL KeyManager - access to read {} file [{}] is blocked; SSL resources should be placed in the [{}] directory", accessControlException, str, path, environment.configFile());
    }

    abstract List<PrivateKey> privateKeys(@Nullable Environment environment);
}
