package org.apache.zookeeper.common;

import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.lang.invoke.MethodHandles;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Objects;
import org.apache.commons.io.FileUtils;
import org.apache.zookeeper.server.quorum.SessionUpgradeQuorumTest;
import org.apache.zookeeper.server.quorum.ZabUtils;
import org.bouncycastle.asn1.x500.X500NameBuilder;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.operator.OperatorCreationException;

/* loaded from: input_file:org/apache/zookeeper/common/X509TestContext.class */
public class X509TestContext {
    private static final String TRUST_STORE_PREFIX = "zk_test_ca";
    private static final String KEY_STORE_PREFIX = "zk_test_key";
    private final File tempDir;
    private final X509KeyType trustStoreKeyType;
    private final KeyPair trustStoreKeyPair;
    private final long trustStoreCertExpirationMillis;
    private final X509Certificate trustStoreCertificate;
    private final String trustStorePassword;
    private File trustStoreJksFile;
    private File trustStorePemFile;
    private File trustStorePkcs12File;
    private File trustStoreBcfksFile;
    private final X509KeyType keyStoreKeyType;
    private final KeyPair keyStoreKeyPair;
    private final long keyStoreCertExpirationMillis;
    private final X509Certificate keyStoreCertificate;
    private final String keyStorePassword;
    private File keyStoreJksFile;
    private File keyStorePemFile;
    private File keyStorePkcs12File;
    private File keyStoreBcfksFile;
    private final Boolean hostnameVerification;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.apache.zookeeper.common.X509TestContext$1, reason: invalid class name */
    /* loaded from: input_file:org/apache/zookeeper/common/X509TestContext$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$apache$zookeeper$common$KeyStoreFileType = new int[KeyStoreFileType.values().length];

        static {
            try {
                $SwitchMap$org$apache$zookeeper$common$KeyStoreFileType[KeyStoreFileType.JKS.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$apache$zookeeper$common$KeyStoreFileType[KeyStoreFileType.PEM.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$apache$zookeeper$common$KeyStoreFileType[KeyStoreFileType.PKCS12.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$apache$zookeeper$common$KeyStoreFileType[KeyStoreFileType.BCFKS.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
        }
    }

    /* loaded from: input_file:org/apache/zookeeper/common/X509TestContext$Builder.class */
    public static class Builder {
        public static final long DEFAULT_CERT_EXPIRATION_MILLIS = 86400000;
        private File tempDir;
        private X509KeyType trustStoreKeyType = X509KeyType.EC;
        private String trustStorePassword = "";
        private long trustStoreCertExpirationMillis = DEFAULT_CERT_EXPIRATION_MILLIS;
        private X509KeyType keyStoreKeyType = X509KeyType.EC;
        private String keyStorePassword = "";
        private long keyStoreCertExpirationMillis = DEFAULT_CERT_EXPIRATION_MILLIS;
        private Boolean hostnameVerification = null;

        public X509TestContext build() throws IOException, GeneralSecurityException, OperatorCreationException {
            return new X509TestContext(this.tempDir, X509TestHelpers.generateKeyPair(this.trustStoreKeyType), this.trustStoreCertExpirationMillis, this.trustStorePassword, X509TestHelpers.generateKeyPair(this.keyStoreKeyType), this.keyStoreCertExpirationMillis, this.keyStorePassword, this.hostnameVerification, null);
        }

        public Builder setTempDir(File file) {
            this.tempDir = file;
            return this;
        }

        public Builder setTrustStoreKeyType(X509KeyType x509KeyType) {
            this.trustStoreKeyType = x509KeyType;
            return this;
        }

        public Builder setTrustStorePassword(String str) {
            this.trustStorePassword = str;
            return this;
        }

        public Builder setTrustStoreCertExpirationMillis(long j) {
            this.trustStoreCertExpirationMillis = j;
            return this;
        }

        public Builder setKeyStoreKeyType(X509KeyType x509KeyType) {
            this.keyStoreKeyType = x509KeyType;
            return this;
        }

        public Builder setKeyStorePassword(String str) {
            this.keyStorePassword = str;
            return this;
        }

        public Builder setKeyStoreCertExpirationMillis(long j) {
            this.keyStoreCertExpirationMillis = j;
            return this;
        }

        public Builder setHostnameVerification(Boolean bool) {
            this.hostnameVerification = bool;
            return this;
        }
    }

    private X509TestContext(File file, KeyPair keyPair, long j, String str, KeyPair keyPair2, long j2, String str2, Boolean bool) throws IOException, GeneralSecurityException, OperatorCreationException {
        if (Security.getProvider("BC") == null) {
            throw new IllegalStateException("BC Security provider was not found");
        }
        this.tempDir = (File) Objects.requireNonNull(file);
        if (!file.isDirectory()) {
            throw new IllegalArgumentException("Not a directory: " + file);
        }
        this.trustStoreKeyPair = (KeyPair) Objects.requireNonNull(keyPair);
        this.trustStoreKeyType = keyPairToType(keyPair);
        this.trustStoreCertExpirationMillis = j;
        this.trustStorePassword = (String) Objects.requireNonNull(str);
        this.keyStoreKeyPair = (KeyPair) Objects.requireNonNull(keyPair2);
        this.keyStoreKeyType = keyPairToType(keyPair2);
        this.keyStoreCertExpirationMillis = j2;
        this.keyStorePassword = (String) Objects.requireNonNull(str2);
        X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
        x500NameBuilder.addRDN(BCStyle.CN, MethodHandles.lookup().lookupClass().getCanonicalName() + " Root CA");
        this.trustStoreCertificate = X509TestHelpers.newSelfSignedCACert(x500NameBuilder.build(), keyPair, j);
        X500NameBuilder x500NameBuilder2 = new X500NameBuilder(BCStyle.INSTANCE);
        x500NameBuilder2.addRDN(BCStyle.CN, MethodHandles.lookup().lookupClass().getCanonicalName() + " Zookeeper Test");
        this.keyStoreCertificate = X509TestHelpers.newCert(this.trustStoreCertificate, keyPair, x500NameBuilder2.build(), keyPair2.getPublic(), j2);
        this.trustStoreJksFile = null;
        this.trustStorePemFile = null;
        this.trustStorePkcs12File = null;
        this.keyStoreJksFile = null;
        this.keyStorePemFile = null;
        this.keyStorePkcs12File = null;
        this.hostnameVerification = bool;
    }

    private X509KeyType keyPairToType(KeyPair keyPair) {
        return keyPair.getPrivate().getAlgorithm().contains("RSA") ? X509KeyType.RSA : X509KeyType.EC;
    }

    public File getTempDir() {
        return this.tempDir;
    }

    public X509KeyType getTrustStoreKeyType() {
        return this.trustStoreKeyType;
    }

    public KeyPair getTrustStoreKeyPair() {
        return this.trustStoreKeyPair;
    }

    public long getTrustStoreCertExpirationMillis() {
        return this.trustStoreCertExpirationMillis;
    }

    public X509Certificate getTrustStoreCertificate() {
        return this.trustStoreCertificate;
    }

    public String getTrustStorePassword() {
        return this.trustStorePassword;
    }

    public File getTrustStoreFile(KeyStoreFileType keyStoreFileType) throws IOException {
        switch (AnonymousClass1.$SwitchMap$org$apache$zookeeper$common$KeyStoreFileType[keyStoreFileType.ordinal()]) {
            case 1:
                return getTrustStoreJksFile();
            case ZabUtils.SYNC_LIMIT /* 2 */:
                return getTrustStorePemFile();
            case SessionUpgradeQuorumTest.SERVER_COUNT /* 3 */:
                return getTrustStorePkcs12File();
            case 4:
                return getTrustStoreBcfksFile();
            default:
                throw new IllegalArgumentException("Invalid trust store type: " + keyStoreFileType + ", must be one of: " + Arrays.toString(KeyStoreFileType.values()));
        }
    }

    private File getTrustStoreJksFile() throws IOException {
        if (this.trustStoreJksFile == null) {
            File createTempFile = File.createTempFile(TRUST_STORE_PREFIX, KeyStoreFileType.JKS.getDefaultFileExtension(), this.tempDir);
            createTempFile.deleteOnExit();
            try {
                FileOutputStream fileOutputStream = new FileOutputStream(createTempFile);
                Throwable th = null;
                try {
                    try {
                        fileOutputStream.write(X509TestHelpers.certToJavaTrustStoreBytes(this.trustStoreCertificate, this.trustStorePassword));
                        fileOutputStream.flush();
                        if (fileOutputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileOutputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileOutputStream.close();
                            }
                        }
                        this.trustStoreJksFile = createTempFile;
                    } finally {
                    }
                } finally {
                }
            } catch (GeneralSecurityException e) {
                throw new IOException(e);
            }
        }
        return this.trustStoreJksFile;
    }

    private File getTrustStorePemFile() throws IOException {
        if (this.trustStorePemFile == null) {
            File createTempFile = File.createTempFile(TRUST_STORE_PREFIX, KeyStoreFileType.PEM.getDefaultFileExtension(), this.tempDir);
            createTempFile.deleteOnExit();
            FileUtils.writeStringToFile(createTempFile, X509TestHelpers.pemEncodeX509Certificate(this.trustStoreCertificate), StandardCharsets.US_ASCII, false);
            this.trustStorePemFile = createTempFile;
        }
        return this.trustStorePemFile;
    }

    private File getTrustStorePkcs12File() throws IOException {
        if (this.trustStorePkcs12File == null) {
            File createTempFile = File.createTempFile(TRUST_STORE_PREFIX, KeyStoreFileType.PKCS12.getDefaultFileExtension(), this.tempDir);
            createTempFile.deleteOnExit();
            try {
                FileOutputStream fileOutputStream = new FileOutputStream(createTempFile);
                Throwable th = null;
                try {
                    try {
                        fileOutputStream.write(X509TestHelpers.certToPKCS12TrustStoreBytes(this.trustStoreCertificate, this.trustStorePassword));
                        fileOutputStream.flush();
                        if (fileOutputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileOutputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileOutputStream.close();
                            }
                        }
                        this.trustStorePkcs12File = createTempFile;
                    } finally {
                    }
                } finally {
                }
            } catch (GeneralSecurityException e) {
                throw new IOException(e);
            }
        }
        return this.trustStorePkcs12File;
    }

    private File getTrustStoreBcfksFile() throws IOException {
        if (this.trustStoreBcfksFile == null) {
            File createTempFile = File.createTempFile(TRUST_STORE_PREFIX, KeyStoreFileType.BCFKS.getDefaultFileExtension(), this.tempDir);
            createTempFile.deleteOnExit();
            try {
                FileOutputStream fileOutputStream = new FileOutputStream(createTempFile);
                Throwable th = null;
                try {
                    try {
                        fileOutputStream.write(X509TestHelpers.certToBCFKSTrustStoreBytes(this.trustStoreCertificate, this.trustStorePassword));
                        fileOutputStream.flush();
                        if (fileOutputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileOutputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileOutputStream.close();
                            }
                        }
                        this.trustStoreBcfksFile = createTempFile;
                    } finally {
                    }
                } finally {
                }
            } catch (GeneralSecurityException e) {
                throw new IOException(e);
            }
        }
        return this.trustStoreBcfksFile;
    }

    public X509KeyType getKeyStoreKeyType() {
        return this.keyStoreKeyType;
    }

    public KeyPair getKeyStoreKeyPair() {
        return this.keyStoreKeyPair;
    }

    public long getKeyStoreCertExpirationMillis() {
        return this.keyStoreCertExpirationMillis;
    }

    public X509Certificate getKeyStoreCertificate() {
        return this.keyStoreCertificate;
    }

    public String getKeyStorePassword() {
        return this.keyStorePassword;
    }

    public boolean isKeyStoreEncrypted() {
        return this.keyStorePassword.length() > 0;
    }

    public File getKeyStoreFile(KeyStoreFileType keyStoreFileType) throws IOException {
        switch (AnonymousClass1.$SwitchMap$org$apache$zookeeper$common$KeyStoreFileType[keyStoreFileType.ordinal()]) {
            case 1:
                return getKeyStoreJksFile();
            case ZabUtils.SYNC_LIMIT /* 2 */:
                return getKeyStorePemFile();
            case SessionUpgradeQuorumTest.SERVER_COUNT /* 3 */:
                return getKeyStorePkcs12File();
            case 4:
                return getKeyStoreBcfksFile();
            default:
                throw new IllegalArgumentException("Invalid key store type: " + keyStoreFileType + ", must be one of: " + Arrays.toString(KeyStoreFileType.values()));
        }
    }

    private File getKeyStoreJksFile() throws IOException {
        if (this.keyStoreJksFile == null) {
            File createTempFile = File.createTempFile(KEY_STORE_PREFIX, KeyStoreFileType.JKS.getDefaultFileExtension(), this.tempDir);
            createTempFile.deleteOnExit();
            try {
                FileOutputStream fileOutputStream = new FileOutputStream(createTempFile);
                Throwable th = null;
                try {
                    try {
                        fileOutputStream.write(X509TestHelpers.certAndPrivateKeyToJavaKeyStoreBytes(this.keyStoreCertificate, this.keyStoreKeyPair.getPrivate(), this.keyStorePassword));
                        fileOutputStream.flush();
                        if (fileOutputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileOutputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileOutputStream.close();
                            }
                        }
                        this.keyStoreJksFile = createTempFile;
                    } finally {
                    }
                } finally {
                }
            } catch (GeneralSecurityException e) {
                throw new IOException(e);
            }
        }
        return this.keyStoreJksFile;
    }

    private File getKeyStorePemFile() throws IOException {
        if (this.keyStorePemFile == null) {
            try {
                File createTempFile = File.createTempFile(KEY_STORE_PREFIX, KeyStoreFileType.PEM.getDefaultFileExtension(), this.tempDir);
                createTempFile.deleteOnExit();
                FileUtils.writeStringToFile(createTempFile, X509TestHelpers.pemEncodeCertAndPrivateKey(this.keyStoreCertificate, this.keyStoreKeyPair.getPrivate(), this.keyStorePassword), StandardCharsets.US_ASCII, false);
                this.keyStorePemFile = createTempFile;
            } catch (OperatorCreationException e) {
                throw new IOException((Throwable) e);
            }
        }
        return this.keyStorePemFile;
    }

    private File getKeyStorePkcs12File() throws IOException {
        if (this.keyStorePkcs12File == null) {
            File createTempFile = File.createTempFile(KEY_STORE_PREFIX, KeyStoreFileType.PKCS12.getDefaultFileExtension(), this.tempDir);
            createTempFile.deleteOnExit();
            try {
                FileOutputStream fileOutputStream = new FileOutputStream(createTempFile);
                Throwable th = null;
                try {
                    try {
                        fileOutputStream.write(X509TestHelpers.certAndPrivateKeyToPKCS12Bytes(this.keyStoreCertificate, this.keyStoreKeyPair.getPrivate(), this.keyStorePassword));
                        fileOutputStream.flush();
                        if (fileOutputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileOutputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileOutputStream.close();
                            }
                        }
                        this.keyStorePkcs12File = createTempFile;
                    } finally {
                    }
                } finally {
                }
            } catch (GeneralSecurityException e) {
                throw new IOException(e);
            }
        }
        return this.keyStorePkcs12File;
    }

    private File getKeyStoreBcfksFile() throws IOException {
        if (this.keyStoreBcfksFile == null) {
            File createTempFile = File.createTempFile(KEY_STORE_PREFIX, KeyStoreFileType.BCFKS.getDefaultFileExtension(), this.tempDir);
            createTempFile.deleteOnExit();
            try {
                FileOutputStream fileOutputStream = new FileOutputStream(createTempFile);
                Throwable th = null;
                try {
                    try {
                        fileOutputStream.write(X509TestHelpers.certAndPrivateKeyToBCFKSBytes(this.keyStoreCertificate, this.keyStoreKeyPair.getPrivate(), this.keyStorePassword));
                        fileOutputStream.flush();
                        if (fileOutputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileOutputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileOutputStream.close();
                            }
                        }
                        this.keyStoreBcfksFile = createTempFile;
                    } finally {
                    }
                } finally {
                }
            } catch (GeneralSecurityException e) {
                throw new IOException(e);
            }
        }
        return this.keyStoreBcfksFile;
    }

    public void setSystemProperties(X509Util x509Util, KeyStoreFileType keyStoreFileType, KeyStoreFileType keyStoreFileType2) throws IOException {
        System.setProperty(x509Util.getSslKeystoreLocationProperty(), getKeyStoreFile(keyStoreFileType).getAbsolutePath());
        System.setProperty(x509Util.getSslKeystorePasswdProperty(), getKeyStorePassword());
        System.setProperty(x509Util.getSslKeystoreTypeProperty(), keyStoreFileType.getPropertyValue());
        System.setProperty(x509Util.getSslTruststoreLocationProperty(), getTrustStoreFile(keyStoreFileType2).getAbsolutePath());
        System.setProperty(x509Util.getSslTruststorePasswdProperty(), getTrustStorePassword());
        System.setProperty(x509Util.getSslTruststoreTypeProperty(), keyStoreFileType2.getPropertyValue());
        if (this.hostnameVerification != null) {
            System.setProperty(x509Util.getSslHostnameVerificationEnabledProperty(), this.hostnameVerification.toString());
        } else {
            System.clearProperty(x509Util.getSslHostnameVerificationEnabledProperty());
        }
    }

    public void clearSystemProperties(X509Util x509Util) {
        System.clearProperty(x509Util.getSslKeystoreLocationProperty());
        System.clearProperty(x509Util.getSslKeystorePasswdProperty());
        System.clearProperty(x509Util.getSslKeystoreTypeProperty());
        System.clearProperty(x509Util.getSslTruststoreLocationProperty());
        System.clearProperty(x509Util.getSslTruststorePasswdProperty());
        System.clearProperty(x509Util.getSslTruststoreTypeProperty());
        System.clearProperty(x509Util.getSslHostnameVerificationEnabledProperty());
    }

    public static Builder newBuilder() {
        return new Builder();
    }

    /* synthetic */ X509TestContext(File file, KeyPair keyPair, long j, String str, KeyPair keyPair2, long j2, String str2, Boolean bool, AnonymousClass1 anonymousClass1) throws IOException, GeneralSecurityException, OperatorCreationException {
        this(file, keyPair, j, str, keyPair2, j2, str2, bool);
    }
}
