package io.helidon.integrations.vault.secrets.pki;

import io.helidon.common.LazyValue;
import io.helidon.integrations.common.rest.ApiJsonParser;
import io.helidon.integrations.vault.VaultApiException;
import io.helidon.integrations.vault.VaultRequest;
import jakarta.json.JsonBuilderFactory;
import jakarta.json.JsonObject;
import java.io.ByteArrayInputStream;
import java.nio.charset.StandardCharsets;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Optional;

/* loaded from: input_file:io/helidon/integrations/vault/secrets/pki/CertificateGet.class */
public final class CertificateGet {

    /* loaded from: input_file:io/helidon/integrations/vault/secrets/pki/CertificateGet$Request.class */
    public static final class Request extends VaultRequest<Request> {
        private PkiFormat format = PkiFormat.PEM;
        private String serialNumber;

        private Request() {
        }

        public static Request builder() {
            return new Request();
        }

        public Request format(PkiFormat pkiFormat) {
            this.format = pkiFormat;
            return this;
        }

        public Request serialNumber(String str) {
            this.serialNumber = str;
            return this;
        }

        public PkiFormat format() {
            return this.format;
        }

        public Optional<JsonObject> toJson(JsonBuilderFactory jsonBuilderFactory) {
            return Optional.empty();
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public String serialNumber() {
            if (this.serialNumber == null) {
                throw new VaultApiException("CertificateGet.Request serial number must be defined");
            }
            return this.serialNumber;
        }
    }

    /* loaded from: input_file:io/helidon/integrations/vault/secrets/pki/CertificateGet$Response.class */
    public static final class Response extends ApiJsonParser {
        private byte[] certBytes;
        private final LazyValue<X509Certificate> cert = LazyValue.create(() -> {
            try {
                return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(this.certBytes));
            } catch (CertificateException e) {
                throw new VaultApiException("Failed to parse certificate from Vault response", e);
            }
        });

        private Response(JsonObject jsonObject) {
            this.certBytes = jsonObject.getJsonObject("data").getString("certificate").getBytes(StandardCharsets.UTF_8);
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public static Response create(JsonObject jsonObject) {
            return new Response(jsonObject);
        }

        public X509Certificate toCertificate() {
            return (X509Certificate) this.cert.get();
        }

        public byte[] toBytes() {
            return Arrays.copyOf(this.certBytes, this.certBytes.length);
        }
    }

    private CertificateGet() {
    }
}
