package org.apache.hadoop.ozone.s3.remote.vault;

import com.bettercloud.vault.SslConfig;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import org.apache.hadoop.ozone.s3.remote.vault.auth.Auth;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/hadoop/ozone/s3/remote/vault/VaultS3SecretStoreBuilder.class */
public class VaultS3SecretStoreBuilder {
    private static final Logger LOG = LoggerFactory.getLogger(VaultS3SecretStoreBuilder.class);
    private String address;
    private String nameSpace;
    private String secretPath;
    private int engineVersion = 1;
    private String keyStoreType;
    private String keyStore;
    private String keyStorePassword;
    private String trustStoreType;
    private String trustStore;
    private String trustStorePassword;
    private Auth auth;

    public VaultS3SecretStoreBuilder setAddress(String str) {
        this.address = str;
        return this;
    }

    public VaultS3SecretStoreBuilder setEngineVersion(int i) {
        this.engineVersion = i;
        return this;
    }

    public VaultS3SecretStoreBuilder setKeyStoreType(String str) {
        this.keyStoreType = str;
        return this;
    }

    public VaultS3SecretStoreBuilder setKeyStore(String str) {
        this.keyStore = str;
        return this;
    }

    public VaultS3SecretStoreBuilder setKeyStorePassword(String str) {
        this.keyStorePassword = str;
        return this;
    }

    public VaultS3SecretStoreBuilder setTrustStoreType(String str) {
        this.trustStoreType = str;
        return this;
    }

    public VaultS3SecretStoreBuilder setTrustStore(String str) {
        this.trustStore = str;
        return this;
    }

    public VaultS3SecretStoreBuilder setTrustStorePassword(String str) {
        this.trustStorePassword = str;
        return this;
    }

    public VaultS3SecretStoreBuilder setAuth(Auth auth) {
        this.auth = auth;
        return this;
    }

    public VaultS3SecretStoreBuilder setSecretPath(String str) {
        this.secretPath = str;
        return this;
    }

    public VaultS3SecretStoreBuilder setNameSpace(String str) {
        this.nameSpace = str;
        return this;
    }

    public VaultS3SecretStore build() throws IOException {
        return new VaultS3SecretStore(this.address, this.nameSpace, this.secretPath, this.engineVersion, this.auth, loadTrustStore(loadKeyStore(null)));
    }

    private SslConfig loadKeyStore(SslConfig sslConfig) {
        if (sslConfig == null) {
            sslConfig = new SslConfig();
        }
        if (this.keyStoreType == null) {
            return null;
        }
        try {
            return sslConfig.keyStore(loadStore(this.keyStoreType, this.keyStore, this.keyStorePassword), this.keyStorePassword);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            LOG.error("Failed to load keystore for S3 remote secret store", e);
            return null;
        }
    }

    private SslConfig loadTrustStore(SslConfig sslConfig) {
        if (sslConfig == null) {
            sslConfig = new SslConfig();
        }
        if (this.trustStoreType == null) {
            return null;
        }
        try {
            return sslConfig.trustStore(loadStore(this.trustStoreType, this.trustStore, this.trustStorePassword));
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            LOG.error("Failed to load keystore for S3 remote secret store", e);
            return null;
        }
    }

    private static KeyStore loadStore(String str, String str2, String str3) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException {
        char[] charArray = str3 == null ? null : str3.toCharArray();
        KeyStore keyStore = KeyStore.getInstance(str);
        if (str2 != null) {
            InputStream newInputStream = Files.newInputStream(Paths.get(str2, new String[0]), new OpenOption[0]);
            Throwable th = null;
            try {
                keyStore.load(newInputStream, charArray);
                if (newInputStream != null) {
                    if (0 != 0) {
                        try {
                            newInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        newInputStream.close();
                    }
                }
            } catch (Throwable th3) {
                if (newInputStream != null) {
                    if (0 != 0) {
                        try {
                            newInputStream.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        newInputStream.close();
                    }
                }
                throw th3;
            }
        }
        return keyStore;
    }
}
