package org.apache.geode.cache.ssl;

import java.io.File;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
import org.apache.geode.cache.ssl.TestSSLUtils;

/* loaded from: input_file:org/apache/geode/cache/ssl/CertStores.class */
public class CertStores {
    private final String alias;
    private final String storePrefix;
    private File keyStoreFile;
    private X509Certificate cert;
    private Map<String, X509Certificate> trustedCerts = new HashMap();
    private String trustStorePassword = "password";
    private String keyStorePassword = "password";

    public static CertStores locatorStore() {
        return new CertStores("locator", "locator");
    }

    public static CertStores serverStore() {
        return new CertStores("server", "server");
    }

    public static CertStores clientStore() {
        return new CertStores("client", "client");
    }

    public CertStores(String str, String str2) {
        this.alias = str;
        this.storePrefix = str2;
    }

    public String alias() {
        return this.alias;
    }

    public X509Certificate certificate() {
        return this.cert;
    }

    public CertStores withCertificate(TestSSLUtils.CertificateBuilder certificateBuilder) throws GeneralSecurityException, IOException {
        this.keyStoreFile = File.createTempFile(this.storePrefix + "KS", ".jks");
        withCertificate(certificateBuilder, this.keyStoreFile);
        return this;
    }

    private void withCertificate(TestSSLUtils.CertificateBuilder certificateBuilder, File file) throws GeneralSecurityException, IOException {
        KeyPair generateKeyPair = TestSSLUtils.generateKeyPair("RSA");
        this.cert = certificateBuilder.generate(generateKeyPair);
        TestSSLUtils.createKeyStore(file.getPath(), this.keyStorePassword, this.alias, generateKeyPair.getPrivate(), this.cert);
    }

    public CertStores trustSelf() {
        this.trustedCerts.put(this.alias, this.cert);
        return this;
    }

    public CertStores trust(String str, X509Certificate x509Certificate) {
        this.trustedCerts.put(str, x509Certificate);
        return this;
    }

    public Properties propertiesWith(String str) throws GeneralSecurityException, IOException {
        return propertiesWith(str, "any", "any", true, true);
    }

    public Properties propertiesWith(String str, boolean z, boolean z2) throws GeneralSecurityException, IOException {
        return propertiesWith(str, "any", "any", z, z2);
    }

    public Properties propertiesWith(String str, String str2, String str3, boolean z, boolean z2) throws GeneralSecurityException, IOException {
        File createTempFile = File.createTempFile(this.storePrefix + "TS", ".jks");
        createTempFile.deleteOnExit();
        TestSSLUtils.createTrustStore(createTempFile.getPath(), this.trustStorePassword, this.trustedCerts);
        return propertiesWith(str, str2, str3, createTempFile, this.keyStoreFile, z, z2);
    }

    private Properties propertiesWith(String str, String str2, String str3, File file, File file2, boolean z, boolean z2) {
        Properties properties = new Properties();
        properties.setProperty("ssl-enabled-components", str);
        properties.setProperty("ssl-keystore", file2.getPath());
        properties.setProperty("ssl-keystore-type", "JKS");
        properties.setProperty("ssl-keystore-password", this.keyStorePassword);
        properties.setProperty("ssl-truststore", file.getPath());
        properties.setProperty("ssl-truststore-password", this.trustStorePassword);
        properties.setProperty("ssl-truststore-type", "JKS");
        properties.setProperty("ssl-protocols", str2);
        properties.setProperty("ssl-ciphers", str3);
        properties.setProperty("ssl-require-authentication", String.valueOf(z));
        properties.setProperty("ssl-endpoint-identification-enabled", String.valueOf(z2));
        return properties;
    }
}
