package com.huawei.bsp.ssl;

import com.huawei.bsp.deploy.util.serverconf.CertificateConf;
import com.huawei.bsp.deploy.util.serverconf.ConnectorConfConsts;
import com.huawei.bsp.encrypt.cbb.Constants;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.nio.charset.Charset;
import java.util.Properties;

/* loaded from: input_file:com/huawei/bsp/ssl/SSLOption.class */
public final class SSLOption {
    private String protocols;
    private String ciphers;
    private boolean authPeer;
    private boolean checkCNHost;
    private boolean checkCNWhite;
    private String checkCNWhiteFile;
    private boolean allowRenegociate;
    private String storePath;
    private String trustStore;
    private String trustStoreType;
    private String trustStoreValue;
    private String keyStore;
    private String keyStoreType;
    private String keyStoreValue;
    private String crl;

    private SSLOption() {
    }

    public static SSLOption defaultOption(boolean z) {
        SSLOption sSLOption = new SSLOption();
        sSLOption.setProtocols("TLSv1.2");
        sSLOption.setCiphers("TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA");
        sSLOption.setAuthPeer(true);
        if (z) {
            sSLOption.setCheckCNHost(false);
        } else {
            sSLOption.setCheckCNHost(true);
        }
        sSLOption.setCheckCNWhite(false);
        sSLOption.setCheckCNWhiteFile("white.list");
        sSLOption.setAllowRenegociate(false);
        sSLOption.setStorePath(CertificateConf.TYPE_INTERNAL);
        sSLOption.setTrustStore("trust.jks");
        sSLOption.setTrustStoreType("JKS");
        sSLOption.setTrustStoreValue("trustStoreValue");
        sSLOption.setKeyStore("server.p12");
        sSLOption.setKeyStoreType("PKCS12");
        sSLOption.setKeyStoreValue("keyStoreValue");
        sSLOption.setCrl("revoke.crl");
        return sSLOption;
    }

    public void setProtocols(String str) {
        this.protocols = str;
    }

    public void setCiphers(String str) {
        this.ciphers = str;
    }

    public void setAuthPeer(boolean z) {
        this.authPeer = z;
    }

    public void setCheckCNHost(boolean z) {
        this.checkCNHost = z;
    }

    public void setCheckCNWhite(boolean z) {
        this.checkCNWhite = z;
    }

    public void setCheckCNWhiteFile(String str) {
        this.checkCNWhiteFile = str;
    }

    public void setAllowRenegociate(boolean z) {
        this.allowRenegociate = z;
    }

    public void setStorePath(String str) {
        this.storePath = str;
    }

    public void setTrustStore(String str) {
        this.trustStore = str;
    }

    public void setTrustStoreType(String str) {
        this.trustStoreType = str;
    }

    public void setTrustStoreValue(String str) {
        this.trustStoreValue = str;
    }

    public void setKeyStore(String str) {
        this.keyStore = str;
    }

    public void setKeyStoreType(String str) {
        this.keyStoreType = str;
    }

    public void setKeyStoreValue(String str) {
        this.keyStoreValue = str;
    }

    public void setCrl(String str) {
        this.crl = str;
    }

    public String getProtocols() {
        return this.protocols;
    }

    public String getCiphers() {
        return this.ciphers;
    }

    public boolean isAuthPeer() {
        return this.authPeer;
    }

    public boolean isCheckCNHost() {
        return this.checkCNHost;
    }

    public boolean isCheckCNWhite() {
        return this.checkCNWhite;
    }

    public String getCheckCNWhiteFile() {
        return this.checkCNWhiteFile;
    }

    public boolean isAllowRenegociate() {
        return this.allowRenegociate;
    }

    public String getStorePath() {
        return this.storePath;
    }

    public String getTrustStore() {
        return this.trustStore;
    }

    public String getTrustStoreType() {
        return this.trustStoreType;
    }

    public String getTrustStoreValue() {
        return this.trustStoreValue;
    }

    public String getKeyStore() {
        return this.keyStore;
    }

    public String getKeyStoreType() {
        return this.keyStoreType;
    }

    public String getKeyStoreValue() {
        return this.keyStoreValue;
    }

    public String getCrl() {
        return this.crl;
    }

    public static SSLOption build(String str) {
        File file = new File(str);
        if (!file.isFile()) {
            throw new IllegalArgumentException("Bad file name.");
        }
        try {
            SSLOption sSLOption = new SSLOption();
            sSLOption.load(file.getCanonicalPath());
            return sSLOption;
        } catch (IOException e) {
            throw new IllegalArgumentException("Bad file name.");
        }
    }

    public static SSLOption build(InputStream inputStream) {
        SSLOption sSLOption = new SSLOption();
        sSLOption.load(inputStream);
        return sSLOption;
    }

    private void fromProperty(Properties properties) {
        this.protocols = propString(properties, ConnectorConfConsts.PROPERTY_SSL_ROTOCOL);
        this.ciphers = propString(properties, ConnectorConfConsts.PROPERTY_SSL_CIPHERS);
        this.authPeer = propBoolean(properties, "ssl.authPeer");
        this.checkCNHost = propBoolean(properties, ConnectorConfConsts.PROPERTY_SSL_CHECKCN_HOST);
        this.checkCNWhite = propBoolean(properties, ConnectorConfConsts.PROPERTY_SSL_CHECKCN_WHITE);
        this.checkCNWhiteFile = propString(properties, ConnectorConfConsts.PROPERTY_SSL_CHECKCN_WHITE_FILE);
        this.allowRenegociate = propBoolean(properties, ConnectorConfConsts.PROPERTY_SSL_RENEGOTIATE);
        this.storePath = propString(properties, "ssl.storePath");
        this.trustStore = propString(properties, "ssl.trustStore");
        this.trustStoreType = propString(properties, "ssl.trustStoreType");
        this.trustStoreValue = propString(properties, "ssl.trustStoreValue");
        this.keyStore = propString(properties, "ssl.keyStore");
        this.keyStoreType = propString(properties, "ssl.keyStoreType");
        this.keyStoreValue = propString(properties, "ssl.keyStoreValue");
        this.crl = propString(properties, ConnectorConfConsts.SSL_CRL_FILE);
    }

    private String propString(Properties properties, String str) {
        String property = properties.getProperty(str);
        if (property == null) {
            throw new IllegalArgumentException("No key :" + str);
        }
        return property;
    }

    private boolean propBoolean(Properties properties, String str) {
        String property = properties.getProperty(str);
        if (property == null) {
            throw new IllegalArgumentException("No key :" + str);
        }
        return Boolean.parseBoolean(property);
    }

    private void load(InputStream inputStream) {
        Properties properties = new Properties();
        InputStreamReader inputStreamReader = null;
        try {
            try {
                inputStreamReader = new InputStreamReader(inputStream, Charset.forName(Constants.DEF_ENCODE));
                properties.load(inputStreamReader);
                fromProperty(properties);
                if (inputStreamReader != null) {
                    try {
                        inputStreamReader.close();
                    } catch (IOException e) {
                        ignore();
                    }
                }
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e2) {
                        ignore();
                    }
                }
            } catch (IOException e3) {
                throw new IllegalArgumentException("Can not read ssl client config file");
            }
        } catch (Throwable th) {
            if (inputStreamReader != null) {
                try {
                    inputStreamReader.close();
                } catch (IOException e4) {
                    ignore();
                }
            }
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e5) {
                    ignore();
                }
            }
            throw th;
        }
    }

    private void load(String str) {
        try {
            load(new FileInputStream(str));
        } catch (FileNotFoundException e) {
            throw new IllegalArgumentException("Can not read ssl client config file: " + str);
        }
    }

    private void ignore() {
    }
}
