package org.apache.kafka.common.network;

import java.net.InetAddress;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.kafka.common.utils.Utils;
import org.apache.kafka.test.TestSslUtils;
import org.apache.kafka.test.TestUtils;

/* loaded from: input_file:org/apache/kafka/common/network/CertStores.class */
public class CertStores {
    public static final Set<String> KEYSTORE_PROPS = Utils.mkSet(new String[]{"ssl.keystore.location", "ssl.keystore.type", "ssl.keystore.password", "ssl.key.password", "ssl.keystore.key", "ssl.keystore.certificate.chain"});
    public static final Set<String> TRUSTSTORE_PROPS = Utils.mkSet(new String[]{"ssl.truststore.location", "ssl.truststore.type", "ssl.truststore.password", "ssl.truststore.certificates"});
    private final Map<String, Object> sslConfig;

    /* loaded from: input_file:org/apache/kafka/common/network/CertStores$Builder.class */
    public static class Builder {
        private final boolean isServer;
        private String cn;
        private InetAddress sanIp;
        private boolean usePem;
        private List<String> sanDns = new ArrayList();
        private String keyAlgorithm = "RSA";

        public Builder(boolean z) {
            this.isServer = z;
        }

        public Builder cn(String str) {
            this.cn = str;
            return this;
        }

        public Builder addHostName(String str) {
            this.sanDns.add(str);
            return this;
        }

        public Builder hostAddress(InetAddress inetAddress) {
            this.sanIp = inetAddress;
            return this;
        }

        public Builder keyAlgorithm(String str) {
            this.keyAlgorithm = str;
            return this;
        }

        public Builder usePem(boolean z) {
            this.usePem = z;
            return this;
        }

        protected TestSslUtils.CertificateBuilder getCertificateBuilder() {
            return new TestSslUtils.CertificateBuilder();
        }

        public CertStores build() throws Exception {
            TestSslUtils.CertificateBuilder sanDnsNames = getCertificateBuilder().sanDnsNames((String[]) this.sanDns.toArray(new String[0]));
            if (this.sanIp != null) {
                sanDnsNames = sanDnsNames.sanIpAddress(this.sanIp);
            }
            return new CertStores(this.isServer, this.cn, this.keyAlgorithm, sanDnsNames, this.usePem);
        }
    }

    public CertStores(boolean z, String str) throws Exception {
        this(z, str, new TestSslUtils.CertificateBuilder());
    }

    public CertStores(boolean z, String str, String str2) throws Exception {
        this(z, str, new TestSslUtils.CertificateBuilder().sanDnsNames(str2));
    }

    public CertStores(boolean z, String str, InetAddress inetAddress) throws Exception {
        this(z, str, new TestSslUtils.CertificateBuilder().sanIpAddress(inetAddress));
    }

    public CertStores(boolean z, String str, TestSslUtils.CertificateBuilder certificateBuilder) throws Exception {
        this(z, str, "RSA", certificateBuilder, false);
    }

    private CertStores(boolean z, String str, String str2, TestSslUtils.CertificateBuilder certificateBuilder, boolean z2) throws Exception {
        String str3 = z ? "server" : "client";
        this.sslConfig = new TestSslUtils.SslConfigsBuilder(z ? Mode.SERVER : Mode.CLIENT).useClientCert(!z).certAlias(str3).cn(str).createNewTrustStore(z2 ? null : TestUtils.tempFile(str3 + "TS", ".jks")).certBuilder(certificateBuilder).algorithm(str2).usePem(z2).build();
    }

    public Map<String, Object> getTrustingConfig(CertStores certStores) {
        HashMap hashMap = new HashMap(this.sslConfig);
        for (String str : TRUSTSTORE_PROPS) {
            hashMap.put(str, certStores.sslConfig.get(str));
        }
        return hashMap;
    }

    public Map<String, Object> getUntrustingConfig() {
        return this.sslConfig;
    }

    public Map<String, Object> keyStoreProps() {
        HashMap hashMap = new HashMap();
        for (String str : KEYSTORE_PROPS) {
            hashMap.put(str, this.sslConfig.get(str));
        }
        return hashMap;
    }

    public Map<String, Object> trustStoreProps() {
        HashMap hashMap = new HashMap();
        for (String str : TRUSTSTORE_PROPS) {
            hashMap.put(str, this.sslConfig.get(str));
        }
        return hashMap;
    }
}
