package org.apache.nifi.registry.client;

import java.io.File;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.SecureRandom;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.apache.nifi.registry.security.util.CertificateUtils;
import org.apache.nifi.registry.security.util.KeyStoreUtils;
import org.apache.nifi.registry.security.util.KeystoreType;

/* loaded from: input_file:org/apache/nifi/registry/client/NiFiRegistryClientConfig.class */
public class NiFiRegistryClientConfig {
    public static final String DEFAULT_PROTOCOL = CertificateUtils.getHighestCurrentSupportedTlsProtocolVersion();
    private final String baseUrl;
    private final SSLContext sslContext;
    private final String keystoreFilename;
    private final String keystorePass;
    private final String keyPass;
    private final KeystoreType keystoreType;
    private final String truststoreFilename;
    private final String truststorePass;
    private final KeystoreType truststoreType;
    private final String protocol;
    private final HostnameVerifier hostnameVerifier;
    private final Integer readTimeout;
    private final Integer connectTimeout;

    /* loaded from: input_file:org/apache/nifi/registry/client/NiFiRegistryClientConfig$Builder.class */
    public static class Builder {
        private String baseUrl;
        private SSLContext sslContext;
        private String keystoreFilename;
        private String keystorePass;
        private String keyPass;
        private KeystoreType keystoreType;
        private String truststoreFilename;
        private String truststorePass;
        private KeystoreType truststoreType;
        private String protocol;
        private HostnameVerifier hostnameVerifier;
        private Integer readTimeout;
        private Integer connectTimeout;

        public Builder baseUrl(String str) {
            this.baseUrl = str;
            return this;
        }

        public Builder sslContext(SSLContext sSLContext) {
            this.sslContext = sSLContext;
            return this;
        }

        public Builder keystoreFilename(String str) {
            this.keystoreFilename = str;
            return this;
        }

        public Builder keystorePassword(String str) {
            this.keystorePass = str;
            return this;
        }

        public Builder keyPassword(String str) {
            this.keyPass = str;
            return this;
        }

        public Builder keystoreType(KeystoreType keystoreType) {
            this.keystoreType = keystoreType;
            return this;
        }

        public Builder truststoreFilename(String str) {
            this.truststoreFilename = str;
            return this;
        }

        public Builder truststorePassword(String str) {
            this.truststorePass = str;
            return this;
        }

        public Builder truststoreType(KeystoreType keystoreType) {
            this.truststoreType = keystoreType;
            return this;
        }

        public Builder protocol(String str) {
            this.protocol = str;
            return this;
        }

        public Builder hostnameVerifier(HostnameVerifier hostnameVerifier) {
            this.hostnameVerifier = hostnameVerifier;
            return this;
        }

        public Builder readTimeout(Integer num) {
            this.readTimeout = num;
            return this;
        }

        public Builder connectTimeout(Integer num) {
            this.connectTimeout = num;
            return this;
        }

        public NiFiRegistryClientConfig build() {
            return new NiFiRegistryClientConfig(this);
        }
    }

    private NiFiRegistryClientConfig(Builder builder) {
        this.baseUrl = builder.baseUrl;
        this.sslContext = builder.sslContext;
        this.keystoreFilename = builder.keystoreFilename;
        this.keystorePass = builder.keystorePass;
        this.keyPass = builder.keyPass;
        this.keystoreType = builder.keystoreType;
        this.truststoreFilename = builder.truststoreFilename;
        this.truststorePass = builder.truststorePass;
        this.truststoreType = builder.truststoreType;
        this.protocol = builder.protocol == null ? DEFAULT_PROTOCOL : builder.protocol;
        this.hostnameVerifier = builder.hostnameVerifier;
        this.readTimeout = builder.readTimeout;
        this.connectTimeout = builder.connectTimeout;
    }

    public String getBaseUrl() {
        return this.baseUrl;
    }

    public SSLContext getSslContext() {
        KeyManagerFactory keyManagerFactory;
        TrustManagerFactory trustManagerFactory;
        KeyManager[] keyManagers;
        FileInputStream fileInputStream;
        if (this.sslContext != null) {
            return this.sslContext;
        }
        if (this.keystoreFilename == null || this.keystorePass == null || this.keystoreType == null) {
            keyManagerFactory = null;
        } else {
            try {
                KeyStore keyStore = KeyStoreUtils.getKeyStore(this.keystoreType.name());
                fileInputStream = new FileInputStream(new File(this.keystoreFilename));
                Throwable th = null;
                try {
                    try {
                        keyStore.load(fileInputStream, this.keystorePass.toCharArray());
                        if (fileInputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileInputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileInputStream.close();
                            }
                        }
                        keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                        if (this.keyPass == null) {
                            keyManagerFactory.init(keyStore, this.keystorePass.toCharArray());
                        } else {
                            keyManagerFactory.init(keyStore, this.keyPass.toCharArray());
                        }
                    } finally {
                    }
                } finally {
                }
            } catch (Exception e) {
                throw new IllegalStateException("Failed to load Keystore", e);
            }
        }
        if (this.truststoreFilename == null || this.truststorePass == null || this.truststoreType == null) {
            trustManagerFactory = null;
        } else {
            try {
                KeyStore keyStore2 = KeyStoreUtils.getKeyStore(this.truststoreType.name());
                fileInputStream = new FileInputStream(new File(this.truststoreFilename));
                Throwable th3 = null;
                try {
                    try {
                        keyStore2.load(fileInputStream, this.truststorePass.toCharArray());
                        if (fileInputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileInputStream.close();
                                } catch (Throwable th4) {
                                    th3.addSuppressed(th4);
                                }
                            } else {
                                fileInputStream.close();
                            }
                        }
                        trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                        trustManagerFactory.init(keyStore2);
                    } finally {
                    }
                } finally {
                    if (fileInputStream != null) {
                        if (th3 != null) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th5) {
                                th3.addSuppressed(th5);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                }
            } catch (Exception e2) {
                throw new IllegalStateException("Failed to load Truststore", e2);
            }
        }
        if (keyManagerFactory == null && trustManagerFactory == null) {
            return null;
        }
        if (keyManagerFactory != null) {
            try {
                keyManagers = keyManagerFactory.getKeyManagers();
            } catch (Exception e3) {
                throw new IllegalStateException("Created keystore and truststore but failed to initialize SSLContext", e3);
            }
        } else {
            keyManagers = null;
        }
        KeyManager[] keyManagerArr = keyManagers;
        TrustManager[] trustManagers = trustManagerFactory != null ? trustManagerFactory.getTrustManagers() : null;
        SSLContext sSLContext = SSLContext.getInstance(getProtocol());
        sSLContext.init(keyManagerArr, trustManagers, new SecureRandom());
        sSLContext.getDefaultSSLParameters().setNeedClientAuth(true);
        return sSLContext;
    }

    public String getKeystoreFilename() {
        return this.keystoreFilename;
    }

    public String getKeystorePass() {
        return this.keystorePass;
    }

    public String getKeyPass() {
        return this.keyPass;
    }

    public KeystoreType getKeystoreType() {
        return this.keystoreType;
    }

    public String getTruststoreFilename() {
        return this.truststoreFilename;
    }

    public String getTruststorePass() {
        return this.truststorePass;
    }

    public KeystoreType getTruststoreType() {
        return this.truststoreType;
    }

    public String getProtocol() {
        return this.protocol;
    }

    public HostnameVerifier getHostnameVerifier() {
        return this.hostnameVerifier;
    }

    public Integer getReadTimeout() {
        return this.readTimeout;
    }

    public Integer getConnectTimeout() {
        return this.connectTimeout;
    }
}
