package org.apache.geode.security.generator;

import java.io.File;
import java.io.IOException;
import java.security.Principal;
import java.util.Properties;
import org.apache.geode.internal.logging.LogService;
import org.apache.geode.security.AuthenticationFailedException;
import org.apache.geode.security.generator.CredentialGenerator;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:org/apache/geode/security/generator/SSLCredentialGenerator.class */
public class SSLCredentialGenerator extends CredentialGenerator {
    private static final Logger logger = LogService.getLogger();

    @Override // org.apache.geode.security.generator.CredentialGenerator
    protected Properties initialize() throws IllegalArgumentException {
        this.javaProperties = getValidJavaSSLProperties();
        return getSSLProperties();
    }

    @Override // org.apache.geode.security.generator.CredentialGenerator
    public CredentialGenerator.ClassCode classCode() {
        return CredentialGenerator.ClassCode.SSL;
    }

    @Override // org.apache.geode.security.generator.CredentialGenerator
    public String getAuthInit() {
        return null;
    }

    @Override // org.apache.geode.security.generator.CredentialGenerator
    public String getAuthenticator() {
        return null;
    }

    @Override // org.apache.geode.security.generator.CredentialGenerator
    public Properties getValidCredentials(int i) {
        this.javaProperties = getValidJavaSSLProperties();
        return getSSLProperties();
    }

    @Override // org.apache.geode.security.generator.CredentialGenerator
    public Properties getValidCredentials(Principal principal) {
        this.javaProperties = getValidJavaSSLProperties();
        return getSSLProperties();
    }

    @Override // org.apache.geode.security.generator.CredentialGenerator
    public Properties getInvalidCredentials(int i) {
        this.javaProperties = getInvalidJavaSSLProperties();
        return getSSLProperties();
    }

    private File findTrustedJKS() {
        return new File(new File(System.getProperty("JTESTS") + "/ssl"), "trusted.keystore");
    }

    private File findUntrustedJKS() {
        return new File(new File(System.getProperty("JTESTS") + "/ssl"), "untrusted.keystore");
    }

    private Properties getValidJavaSSLProperties() {
        File findTrustedJKS = findTrustedJKS();
        try {
            Properties properties = new Properties();
            properties.setProperty("javax.net.ssl.trustStore", findTrustedJKS.getCanonicalPath());
            properties.setProperty("javax.net.ssl.trustStorePassword", "password");
            properties.setProperty("javax.net.ssl.keyStore", findTrustedJKS.getCanonicalPath());
            properties.setProperty("javax.net.ssl.keyStorePassword", "password");
            return properties;
        } catch (IOException e) {
            throw new AuthenticationFailedException("SSL: Exception while opening the key store: " + e.getMessage(), e);
        }
    }

    private Properties getInvalidJavaSSLProperties() {
        File findUntrustedJKS = findUntrustedJKS();
        try {
            Properties properties = new Properties();
            properties.setProperty("javax.net.ssl.trustStore", findUntrustedJKS.getCanonicalPath());
            properties.setProperty("javax.net.ssl.trustStorePassword", "password");
            properties.setProperty("javax.net.ssl.keyStore", findUntrustedJKS.getCanonicalPath());
            properties.setProperty("javax.net.ssl.keyStorePassword", "password");
            return properties;
        } catch (IOException e) {
            throw new AuthenticationFailedException("SSL: Exception while opening the key store: " + e.getMessage(), e);
        }
    }

    private Properties getSSLProperties() {
        Properties properties = new Properties();
        properties.setProperty("cluster-ssl-ciphers", "true");
        properties.setProperty("cluster-ssl-require-authentication", "true");
        properties.setProperty("cluster-ssl-ciphers", "SSL_RSA_WITH_3DES_EDE_CBC_SHA");
        properties.setProperty("cluster-ssl-protocols", "TLSv1");
        return properties;
    }
}
