package org.wildfly.extras.creaper.commands.elytron;

import java.util.Arrays;
import java.util.List;
import org.wildfly.extras.creaper.commands.elytron.CredentialRef;
import org.wildfly.extras.creaper.commands.elytron.tls.AddKeyManager;
import org.wildfly.extras.creaper.commands.elytron.tls.AddKeyStore;
import org.wildfly.extras.creaper.commands.elytron.tls.AddServerSSLContext;
import org.wildfly.extras.creaper.commands.elytron.tls.AddTrustManager;
import org.wildfly.extras.creaper.core.online.OnlineCommand;
import org.wildfly.extras.creaper.core.online.OnlineCommandContext;

/* loaded from: input_file:org/wildfly/extras/creaper/commands/elytron/CreateServerSSLContext.class */
public final class CreateServerSSLContext implements OnlineCommand {
    private static final String KEY_STORE_NAME = "key-store-name";
    private static final String TRUST_STORE_NAME = "trust-store-name";
    private static final String KEY_MANAGER_NAME = "key-manager-name";
    private static final String TRUST_MANAGER_NAME = "trust-manager-name";
    private final String name;
    protected final List<String> protocols;
    private final String cipherSuiteFilter;
    private final String cipherSuiteNames;
    private final Boolean needClientAuth;
    private final Boolean wantClientAuth;
    private final Boolean authenticationOptional;
    private final String securityDomain;
    private final Integer maximumSessionCacheSize;
    private final Integer sessionTimeout;
    private final String providers;
    private final String keyStoreType;
    private final String keyStorePath;
    private final String keyStorePassword;
    private final String keyPassword;
    private final String keyStoreAlias;
    private final String keyStoreRelativeTo;
    private final Boolean keyStoreRequired;
    private final String keyStoreProviders;
    private final String keyManagerProviders;
    private final String trustStoreType;
    private final String trustStorePath;
    private final String trustStorePassword;
    private final String trustStoreAlias;
    private final String trustStoreRelativeTo;
    private final Boolean trustStoreRequired;
    private final String trustStoreProviders;
    private final String trustManagerProviders;
    private final String algorithm;
    public static final String TLS13_CIPHER_SUITE_NAMES = "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256";

    /* loaded from: input_file:org/wildfly/extras/creaper/commands/elytron/CreateServerSSLContext$Builder.class */
    public static final class Builder {
        private String name;
        private List<String> protocols;
        private String cipherSuiteFilter;
        private String cipherSuiteNames;
        private Boolean needClientAuth;
        private Boolean wantClientAuth;
        private Boolean authenticationOptional;
        private String securityDomain;
        private Integer maximumSessionCacheSize;
        private Integer sessionTimeout;
        private String providers;
        private String keyStorePath;
        private String keyStorePassword;
        private String keyPassword;
        private String keyStoreAlias;
        private String keyStoreRelativeTo;
        private Boolean keyStoreRequired;
        private String keyStoreProviders;
        private String keyManagerProviders;
        private String trustStorePath;
        private String trustStorePassword;
        private String trustStoreAlias;
        private String trustStoreRelativeTo;
        private Boolean trustStoreRequired;
        private String trustStoreProviders;
        private String trustManagerProviders;
        private String algorithm;
        private String keyStoreType = "JKS";
        private String trustStoreType = "JKS";

        public Builder(String str) {
            if (str == null) {
                throw new IllegalArgumentException("Name of the ssl-context must be specified as non null value");
            }
            if (str.isEmpty()) {
                throw new IllegalArgumentException("Name of the ssl-context must not be empty value");
            }
            this.name = str;
        }

        public Builder keyStoreType(String str) {
            this.keyStoreType = str;
            return this;
        }

        public Builder keyStorePath(String str) {
            this.keyStorePath = str;
            return this;
        }

        public Builder keyStorePassword(String str) {
            this.keyStorePassword = str;
            return this;
        }

        public Builder keyPassword(String str) {
            this.keyPassword = str;
            return this;
        }

        public Builder trustStoreType(String str) {
            this.trustStoreType = str;
            return this;
        }

        public Builder trustStorePath(String str) {
            this.trustStorePath = str;
            return this;
        }

        public Builder trustStorePassword(String str) {
            this.trustStorePassword = str;
            return this;
        }

        public Builder protocols(String... strArr) {
            if (strArr != null && strArr.length > 0) {
                this.protocols = Arrays.asList(strArr);
            }
            return this;
        }

        public Builder cipherSuiteFilter(String str) {
            this.cipherSuiteFilter = str;
            return this;
        }

        public Builder cipherSuiteNames(String str) {
            this.cipherSuiteNames = str;
            return this;
        }

        public Builder needClientAuth(Boolean bool) {
            this.needClientAuth = bool;
            return this;
        }

        public Builder wantClientAuth(Boolean bool) {
            this.wantClientAuth = bool;
            return this;
        }

        public Builder authenticationOptional(Boolean bool) {
            this.authenticationOptional = bool;
            return this;
        }

        public Builder securityDomain(String str) {
            this.securityDomain = str;
            return this;
        }

        public Builder maximumSessionCacheSize(Integer num) {
            this.maximumSessionCacheSize = num;
            return this;
        }

        public Builder sessionTimeout(Integer num) {
            this.sessionTimeout = num;
            return this;
        }

        public Builder keyStoreAlias(String str) {
            this.keyStoreAlias = str;
            return this;
        }

        public Builder keyStoreRelativeTo(String str) {
            this.keyStoreRelativeTo = str;
            return this;
        }

        public Builder keyStoreRequired(Boolean bool) {
            this.keyStoreRequired = bool;
            return this;
        }

        public Builder trustStoreAlias(String str) {
            this.trustStoreAlias = str;
            return this;
        }

        public Builder trustStoreRelativeTo(String str) {
            this.trustStoreRelativeTo = str;
            return this;
        }

        public Builder trustStoreRequired(Boolean bool) {
            this.trustStoreRequired = bool;
            return this;
        }

        public Builder algorithm(String str) {
            this.algorithm = str;
            return this;
        }

        public Builder trustStoreProviders(String str) {
            this.trustStoreProviders = str;
            return this;
        }

        public Builder keyStoreProviders(String str) {
            this.keyStoreProviders = str;
            return this;
        }

        public Builder keyManagerProviders(String str) {
            this.keyManagerProviders = str;
            return this;
        }

        public Builder trustManagerProviders(String str) {
            this.trustManagerProviders = str;
            return this;
        }

        public Builder providers(String str) {
            this.providers = str;
            return this;
        }

        public Builder providersAll(String str) {
            this.keyStoreProviders = str;
            this.trustStoreProviders = str;
            this.keyManagerProviders = str;
            this.trustManagerProviders = str;
            this.providers = str;
            return this;
        }

        public CreateServerSSLContext build() {
            if (this.keyStorePassword == null || this.keyStorePassword.isEmpty()) {
                throw new IllegalArgumentException("Key store password of the ssl-context must not be empty value");
            }
            if (this.keyPassword == null || this.keyPassword.isEmpty()) {
                throw new IllegalArgumentException("Key store item password of the ssl-context must not be empty value");
            }
            return new CreateServerSSLContext(this);
        }
    }

    private CreateServerSSLContext(Builder builder) {
        this.name = builder.name;
        this.keyStoreType = builder.keyStoreType;
        this.keyStorePath = builder.keyStorePath;
        this.keyStorePassword = builder.keyStorePassword;
        this.keyPassword = builder.keyPassword;
        this.trustStoreType = builder.trustStoreType;
        this.trustStorePath = builder.trustStorePath;
        this.trustStorePassword = builder.trustStorePassword;
        this.protocols = builder.protocols;
        this.cipherSuiteFilter = builder.cipherSuiteFilter;
        this.cipherSuiteNames = builder.cipherSuiteNames;
        this.needClientAuth = builder.needClientAuth;
        this.wantClientAuth = builder.wantClientAuth;
        this.authenticationOptional = builder.authenticationOptional;
        this.securityDomain = builder.securityDomain;
        this.maximumSessionCacheSize = builder.maximumSessionCacheSize;
        this.sessionTimeout = builder.sessionTimeout;
        this.keyStoreAlias = builder.keyStoreAlias;
        this.keyStoreRelativeTo = builder.keyStoreRelativeTo;
        this.keyStoreRequired = builder.keyStoreRequired;
        this.trustStoreAlias = builder.trustStoreAlias;
        this.trustStoreRelativeTo = builder.trustStoreRelativeTo;
        this.trustStoreRequired = builder.trustStoreRequired;
        this.algorithm = builder.algorithm;
        this.trustStoreProviders = builder.trustStoreProviders;
        this.keyStoreProviders = builder.keyStoreProviders;
        this.keyManagerProviders = builder.keyManagerProviders;
        this.trustManagerProviders = builder.trustManagerProviders;
        this.providers = builder.providers;
    }

    public void apply(OnlineCommandContext onlineCommandContext) throws Exception {
        AddKeyStore build = new AddKeyStore.Builder(getUniqueName(KEY_STORE_NAME)).type(this.keyStoreType).path(this.keyStorePath).relativeTo(this.keyStoreRelativeTo).required(this.keyStoreRequired).aliasFilter(this.keyStoreAlias).providers(this.keyStoreProviders).credentialReference(new CredentialRef.CredentialRefBuilder().clearText(this.keyStorePassword).build()).build();
        AddKeyManager build2 = new AddKeyManager.Builder(getUniqueName(KEY_MANAGER_NAME)).keyStore(getUniqueName(KEY_STORE_NAME)).algorithm(this.algorithm).providers(this.keyManagerProviders).credentialReference(new CredentialRef.CredentialRefBuilder().clearText(this.keyPassword).build()).build();
        AddKeyStore addKeyStore = null;
        AddTrustManager addTrustManager = null;
        if (isTrustStoreConfigured()) {
            addKeyStore = new AddKeyStore.Builder(getUniqueName(TRUST_STORE_NAME)).type(this.trustStoreType).path(this.trustStorePath).relativeTo(this.trustStoreRelativeTo).required(this.trustStoreRequired).aliasFilter(this.trustStoreAlias).providers(this.trustStoreProviders).credentialReference(new CredentialRef.CredentialRefBuilder().clearText(this.trustStorePassword).build()).build();
            addTrustManager = new AddTrustManager.Builder(getUniqueName(TRUST_MANAGER_NAME)).algorithm(this.algorithm).providers(this.trustManagerProviders).keyStore(getUniqueName(TRUST_STORE_NAME)).build();
        }
        AddServerSSLContext.Builder keyManager = new AddServerSSLContext.Builder(this.name).protocols(this.protocols == null ? null : (String[]) this.protocols.toArray(new String[this.protocols.size()])).cipherSuiteFilter(this.cipherSuiteFilter).cipherSuiteNames(this.cipherSuiteNames).needClientAuth(this.needClientAuth).sessionTimeout(this.sessionTimeout).maximumSessionCacheSize(this.maximumSessionCacheSize).securityDomain(this.securityDomain).authenticationOptional(this.authenticationOptional).wantClientAuth(this.wantClientAuth).providers(this.providers).keyManager(getUniqueName(KEY_MANAGER_NAME));
        if (isTrustStoreConfigured()) {
            keyManager.trustManager(getUniqueName(TRUST_MANAGER_NAME));
        }
        onlineCommandContext.client.apply(new OnlineCommand[]{build});
        onlineCommandContext.client.apply(new OnlineCommand[]{build2});
        if (isTrustStoreConfigured()) {
            onlineCommandContext.client.apply(new OnlineCommand[]{addKeyStore});
            onlineCommandContext.client.apply(new OnlineCommand[]{addTrustManager});
        }
        onlineCommandContext.client.apply(new OnlineCommand[]{keyManager.build()});
    }

    public static String getTrustManagerName(String str) {
        return getUniqueName(TRUST_MANAGER_NAME, str);
    }

    public static String getKeyManagerName(String str) {
        return getUniqueName(KEY_MANAGER_NAME, str);
    }

    public static String getKeyStoreName(String str) {
        return getUniqueName(KEY_STORE_NAME, str);
    }

    public static String getTrustStoreName(String str) {
        return getUniqueName(TRUST_STORE_NAME, str);
    }

    private boolean isTrustStoreConfigured() {
        return (this.trustStorePassword == null || this.trustStorePassword.isEmpty()) ? false : true;
    }

    private String getUniqueName(String str) {
        return getUniqueName(str, this.name);
    }

    private static String getUniqueName(String str, String str2) {
        return str + "_" + str2;
    }
}
