package com.dremio.jdbc.shaded.com.dremio.ssl;

import com.dremio.jdbc.shaded.com.google.common.annotations.VisibleForTesting;
import com.dremio.jdbc.shaded.com.google.common.base.Strings;
import java.security.KeyStore;
import java.util.Objects;
import java.util.Optional;
import java.util.Properties;

/* loaded from: input_file:com/dremio/jdbc/shaded/com/dremio/ssl/SSLConfig.class */
public final class SSLConfig {
    public static final String ENABLE_SSL = "ssl";
    public static final String TRUST_STORE_TYPE = "trustStoreType";
    public static final String TRUST_STORE_PATH = "trustStore";
    public static final String TRUST_STORE_PASSWORD = "trustStorePassword";
    public static final String DISABLE_CERT_VERIFICATION = "disableCertificateVerification";
    public static final String DISABLE_HOST_VERIFICATION = "disableHostVerification";
    public static final String USE_SYSTEM_TRUST_STORE = "useSystemTrustStore";

    @VisibleForTesting
    public static final String UNSPECIFIED = "";
    private final String keyStoreType;
    private final String keyStorePath;
    private final String keyStorePassword;
    private final String keyPassword;
    private final String trustStoreType;
    private final String trustStorePath;
    private final String trustStorePassword;
    private final boolean disablePeerVerification;
    private final boolean disableHostVerification;
    private final boolean useSystemTrustStore;

    /* loaded from: input_file:com/dremio/jdbc/shaded/com/dremio/ssl/SSLConfig$Builder.class */
    public static final class Builder {
        private String keyStoreType = KeyStore.getDefaultType();
        private String keyStorePath = "";
        private String keyStorePassword = "";
        private String keyPassword = null;
        private String trustStoreType = "";
        private String trustStorePath = "";
        private String trustStorePassword = "";
        private boolean disablePeerVerification = false;
        private boolean disableHostVerification = false;
        private boolean useSystemTrustStore = false;

        private Builder() {
        }

        public Builder setKeyStoreType(String str) {
            this.keyStoreType = str;
            return this;
        }

        public Builder setKeyStorePath(String str) {
            this.keyStorePath = str;
            return this;
        }

        public Builder setKeyStorePassword(String str) {
            this.keyStorePassword = str;
            return this;
        }

        public Builder setKeyPassword(String str) {
            this.keyPassword = str;
            return this;
        }

        public Builder setTrustStoreType(String str) {
            this.trustStoreType = str;
            return this;
        }

        public Builder setTrustStorePath(String str) {
            this.trustStorePath = str;
            return this;
        }

        public Builder setTrustStorePassword(String str) {
            this.trustStorePassword = str;
            return this;
        }

        public Builder setDisablePeerVerification(boolean z) {
            this.disablePeerVerification = z;
            return this;
        }

        public Builder setDisableHostVerification(boolean z) {
            this.disableHostVerification = z;
            return this;
        }

        public Builder useSystemTrustStore(boolean z) {
            this.useSystemTrustStore = z;
            return this;
        }

        public SSLConfig build() {
            return new SSLConfig(this);
        }
    }

    private SSLConfig(Builder builder) {
        this.keyStoreType = builder.keyStoreType;
        this.keyStorePath = builder.keyStorePath;
        this.keyStorePassword = builder.keyStorePassword;
        this.keyPassword = builder.keyPassword == null ? builder.keyStorePassword : builder.keyPassword;
        this.trustStoreType = builder.trustStoreType;
        this.trustStorePath = builder.trustStorePath;
        this.trustStorePassword = builder.trustStorePassword;
        this.disablePeerVerification = builder.disablePeerVerification;
        this.disableHostVerification = builder.disableHostVerification;
        this.useSystemTrustStore = builder.useSystemTrustStore;
    }

    public String getKeyStoreType() {
        return this.keyStoreType;
    }

    public String getKeyStorePath() {
        return this.keyStorePath;
    }

    public String getKeyStorePassword() {
        return this.keyStorePassword;
    }

    public String getKeyPassword() {
        return this.keyPassword;
    }

    public boolean useDefaultTrustStore() {
        return Strings.isNullOrEmpty(this.trustStoreType) && Strings.isNullOrEmpty(this.trustStorePath);
    }

    public String getTrustStoreType() {
        return !Strings.isNullOrEmpty(this.trustStoreType) ? this.trustStoreType : KeyStore.getDefaultType();
    }

    public String getTrustStorePath() {
        return this.trustStorePath;
    }

    public String getTrustStorePassword() {
        return this.trustStorePassword;
    }

    public boolean disablePeerVerification() {
        return this.disablePeerVerification;
    }

    public boolean disableHostVerification() {
        return this.disableHostVerification;
    }

    public boolean useSystemTrustStore() {
        return this.useSystemTrustStore;
    }

    public static Builder newBuilderForServer() {
        return new Builder().useSystemTrustStore(false);
    }

    public static Builder newBuilderForClient() {
        return new Builder().useSystemTrustStore(true);
    }

    public static Optional<SSLConfig> of(Properties properties) {
        if (properties == null) {
            return Optional.empty();
        }
        Properties properties2 = new Properties();
        properties.stringPropertyNames().forEach(str -> {
            properties2.setProperty(str.toLowerCase(), properties.getProperty(str));
        });
        return getBooleanProperty(properties2, ENABLE_SSL).filter((v0) -> {
            return v0.booleanValue();
        }).map(bool -> {
            Builder newBuilderForClient = newBuilderForClient();
            Optional<String> stringProperty = getStringProperty(properties2, "trustStoreType");
            Objects.requireNonNull(newBuilderForClient);
            stringProperty.ifPresent(newBuilderForClient::setTrustStoreType);
            Optional<String> stringProperty2 = getStringProperty(properties2, "trustStore");
            Objects.requireNonNull(newBuilderForClient);
            stringProperty2.ifPresent(newBuilderForClient::setTrustStorePath);
            Optional<String> stringProperty3 = getStringProperty(properties2, "trustStorePassword");
            Objects.requireNonNull(newBuilderForClient);
            stringProperty3.ifPresent(newBuilderForClient::setTrustStorePassword);
            Optional<Boolean> booleanProperty = getBooleanProperty(properties2, DISABLE_CERT_VERIFICATION);
            Objects.requireNonNull(newBuilderForClient);
            booleanProperty.ifPresent((v1) -> {
                r1.setDisablePeerVerification(v1);
            });
            Optional<Boolean> booleanProperty2 = getBooleanProperty(properties2, "disableHostVerification");
            Objects.requireNonNull(newBuilderForClient);
            booleanProperty2.ifPresent((v1) -> {
                r1.setDisableHostVerification(v1);
            });
            Optional<Boolean> booleanProperty3 = getBooleanProperty(properties2, USE_SYSTEM_TRUST_STORE);
            Objects.requireNonNull(newBuilderForClient);
            booleanProperty3.ifPresent((v1) -> {
                r1.useSystemTrustStore(v1);
            });
            return newBuilderForClient.build();
        });
    }

    private static Optional<Boolean> getBooleanProperty(Properties properties, String str) {
        return Optional.ofNullable(properties.getProperty(str.toLowerCase())).map(Boolean::parseBoolean);
    }

    private static Optional<String> getStringProperty(Properties properties, String str) {
        return Optional.ofNullable(properties.getProperty(str.toLowerCase()));
    }
}
