package com.linkedin.venice;

import com.linkedin.venice.utils.VeniceProperties;
import java.util.Properties;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:com/linkedin/venice/SSLConfig.class */
public class SSLConfig {
    public static final boolean DEFAULT_CONTROLLER_SSL_ENABLED = true;
    private String sslKeyStoreLocation;
    private String sslKeyStorePassword;
    private String sslKeyStoreType;
    private String sslKeyPassword;
    private String sslTrustStoreLocation;
    private String sslTrustStorePassword;
    private String sslTrustStoreType;
    private String sslKeyManagerAlgorithm;
    private String sslTrustManagerAlgorithm;
    private String sslSecureRandomImplementation;
    private boolean sslNeedsClientCert;
    private boolean controllerSSLEnabled;

    public SSLConfig(VeniceProperties veniceProperties) {
        this.sslKeyStoreLocation = veniceProperties.getString("ssl.keystore.location", "");
        this.sslKeyStorePassword = veniceProperties.getString("ssl.keystore.password", "");
        this.sslKeyStoreType = veniceProperties.getString("ssl.keystore.type");
        this.sslKeyPassword = veniceProperties.getString("ssl.key.password", "");
        this.sslTrustStoreLocation = veniceProperties.getString("ssl.truststore.location");
        this.sslTrustStorePassword = veniceProperties.getString("ssl.truststore.password");
        this.sslTrustStoreType = veniceProperties.getString("ssl.truststore.type");
        this.sslKeyManagerAlgorithm = veniceProperties.getString("ssl.keymanager.algorithm");
        this.sslTrustManagerAlgorithm = veniceProperties.getString("ssl.trustmanager.algorithm");
        this.sslSecureRandomImplementation = veniceProperties.getString("ssl.secure.random.implementation");
        this.sslNeedsClientCert = veniceProperties.getBoolean(CommonConfigKeys.SSL_NEEDS_CLIENT_CERT, false);
        this.controllerSSLEnabled = veniceProperties.getBoolean(ConfigKeys.CONTROLLER_SSL_ENABLED, true);
    }

    public Properties getKafkaSSLConfig() {
        Properties properties = new Properties();
        if (!StringUtils.isBlank(this.sslKeyStoreLocation)) {
            properties.setProperty("ssl.keystore.location", this.sslKeyStoreLocation);
            properties.setProperty("ssl.keystore.password", this.sslKeyStorePassword);
            properties.setProperty("ssl.key.password", this.sslKeyPassword);
        }
        properties.setProperty("ssl.keystore.type", this.sslKeyStoreType);
        properties.setProperty("ssl.truststore.location", this.sslTrustStoreLocation);
        properties.setProperty("ssl.truststore.password", this.sslTrustStorePassword);
        properties.setProperty("ssl.truststore.type", this.sslTrustStoreType);
        properties.setProperty("ssl.keymanager.algorithm", this.sslKeyManagerAlgorithm);
        properties.setProperty("ssl.trustmanager.algorithm", this.sslTrustManagerAlgorithm);
        properties.setProperty("ssl.secure.random.implementation", this.sslSecureRandomImplementation);
        return properties;
    }

    public Properties getSslProperties() {
        Properties properties = new Properties();
        properties.setProperty(CommonConfigKeys.SSL_ENABLED, "true");
        properties.setProperty("ssl.keystore.type", this.sslKeyStoreType);
        if (!StringUtils.isBlank(this.sslKeyStoreLocation)) {
            properties.setProperty("ssl.keystore.location", this.sslKeyStoreLocation);
            properties.setProperty("ssl.keystore.password", this.sslKeyStorePassword);
        }
        properties.setProperty("ssl.truststore.type", this.sslTrustStoreType);
        properties.setProperty("ssl.truststore.location", this.sslTrustStoreLocation);
        properties.setProperty("ssl.truststore.password", this.sslTrustStorePassword);
        return properties;
    }

    public com.linkedin.venice.security.SSLConfig getSSLConfig() {
        com.linkedin.venice.security.SSLConfig sSLConfig = new com.linkedin.venice.security.SSLConfig();
        sSLConfig.setSslEnabled(true);
        sSLConfig.setKeyStoreFilePath(this.sslKeyStoreLocation);
        sSLConfig.setKeyStorePassword(this.sslKeyStorePassword);
        sSLConfig.setKeyStoreType(this.sslKeyStoreType);
        sSLConfig.setTrustStoreFilePassword(this.sslTrustStorePassword);
        sSLConfig.setTrustStoreFilePath(this.sslTrustStoreLocation);
        return sSLConfig;
    }

    public String getSslKeyStoreLocation() {
        return this.sslKeyStoreLocation;
    }

    public String getSslKeyStorePassword() {
        return this.sslKeyStorePassword;
    }

    public String getSslTrustStoreLocation() {
        return this.sslTrustStoreLocation;
    }

    public String getSslTrustStorePassword() {
        return this.sslTrustStorePassword;
    }

    public boolean isSslNeedsClientCert() {
        return this.sslNeedsClientCert;
    }

    public boolean isControllerSSLEnabled() {
        return this.controllerSSLEnabled;
    }
}
