package oracle.kv.impl.admin.param;

import java.io.File;
import java.io.Serializable;
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
import oracle.kv.KVSecurityConstants;
import oracle.kv.impl.param.LoadParameters;
import oracle.kv.impl.param.ParameterMap;
import oracle.kv.impl.param.ParameterState;
import oracle.kv.impl.security.ClearTransport;
import oracle.kv.impl.security.ssl.SSLTransport;
import oracle.kv.impl.util.registry.ClearSocketPolicy;
import oracle.kv.impl.util.registry.ClientSocketFactory;
import oracle.kv.impl.util.registry.RMISocketPolicy;

/* loaded from: input_file:oracle/kv/impl/admin/param/SecurityParams.class */
public class SecurityParams {
    public static final String TRANS_TYPE_FACTORY = "factory";
    public static final String TRANS_TYPE_SSL = "ssl";
    public static final String TRANS_TYPE_CLEAR = "clear";
    public static final String DEFAULT_KEYSTORE_TYPE = "JKS";
    public static final String DEFAULT_TRUSTSTORE_TYPE = "JKS";
    public static final String MISSING_KEYSTORE_TYPE = "JKS";
    private RMISocketPolicy clientRMISocketPolicy;
    private RMISocketPolicy trustedRMISocketPolicy;
    private final ParameterMap map;
    private final Map<String, ParameterMap> transportMaps;
    private File configDir;

    /* loaded from: input_file:oracle/kv/impl/admin/param/SecurityParams$KrbPrincipalInfo.class */
    public static class KrbPrincipalInfo implements Serializable {
        private static final long serialVersionUID = 1;
        private final String realmName;
        private final String serviceName;
        private final String instanceName;

        KrbPrincipalInfo(String str, String str2, String str3) {
            this.realmName = str;
            this.serviceName = str2;
            this.instanceName = str3;
        }

        public String getRealmName() {
            return this.realmName;
        }

        public String getServiceName() {
            return this.serviceName;
        }

        public String getInstanceName() {
            return this.instanceName;
        }
    }

    public SecurityParams() {
        this.map = new ParameterMap();
        this.map.setValidate(true);
        this.map.setName("params");
        this.map.setType(ParameterState.SECURITY_TYPE);
        this.transportMaps = new HashMap();
    }

    public SecurityParams(ParameterMap parameterMap) {
        this.map = parameterMap;
        parameterMap.setName("params");
        parameterMap.setType(ParameterState.SECURITY_TYPE);
        this.transportMaps = new HashMap();
        this.configDir = null;
    }

    public SecurityParams(LoadParameters loadParameters, File file) {
        this.map = loadParameters.getMapByType(ParameterState.SECURITY_TYPE);
        this.map.setName("params");
        this.map.setType(ParameterState.SECURITY_TYPE);
        this.transportMaps = new HashMap();
        for (ParameterMap parameterMap : loadParameters.getAllMaps(ParameterState.SECURITY_TRANSPORT_TYPE)) {
            this.transportMaps.put(parameterMap.getName(), parameterMap);
        }
        if (file != null) {
            this.configDir = file.getAbsoluteFile().getParentFile();
        }
    }

    public static SecurityParams makeDefault() {
        SecurityParams securityParams = new SecurityParams();
        securityParams.setSecurityEnabled(false);
        securityParams.addTransportMap(ParameterState.SECURITY_TRANSPORT_CLIENT);
        securityParams.setTransType(ParameterState.SECURITY_TRANSPORT_CLIENT, TRANS_TYPE_CLEAR);
        securityParams.addTransportMap(ParameterState.SECURITY_TRANSPORT_INTERNAL);
        securityParams.setTransType(ParameterState.SECURITY_TRANSPORT_INTERNAL, TRANS_TYPE_CLEAR);
        securityParams.addTransportMap(ParameterState.SECURITY_TRANSPORT_JE_HA);
        securityParams.setTransType(ParameterState.SECURITY_TRANSPORT_JE_HA, TRANS_TYPE_CLEAR);
        return securityParams;
    }

    public boolean isSecure() {
        return getSecurityEnabled();
    }

    public boolean getSecurityEnabled() {
        return this.map.get(ParameterState.SEC_SECURITY_ENABLED).asBoolean();
    }

    public void setSecurityEnabled(boolean z) {
        this.map.setParameter(ParameterState.SEC_SECURITY_ENABLED, Boolean.toString(z));
    }

    public void setConfigDir(File file) {
        this.configDir = file;
    }

    public File getConfigDir() {
        return this.configDir;
    }

    public ParameterMap getMap() {
        return this.map;
    }

    public Collection<ParameterMap> getTransportMaps() {
        return this.transportMaps.values();
    }

    public void addTransportMap(ParameterMap parameterMap, String str) {
        parameterMap.setName(str);
        parameterMap.setType(ParameterState.SECURITY_TRANSPORT_TYPE);
        this.transportMaps.put(str, parameterMap);
    }

    public void addTransportMap(String str) {
        if (this.transportMaps.get(str) == null) {
            ParameterMap parameterMap = new ParameterMap();
            parameterMap.setValidate(true);
            parameterMap.setName(str);
            parameterMap.setType(ParameterState.SECURITY_TRANSPORT_TYPE);
            this.transportMaps.put(str, parameterMap);
        }
    }

    public ParameterMap getTransportMap(String str) {
        return this.transportMaps.get(str);
    }

    public File resolveFile(String str) {
        if (str == null) {
            return null;
        }
        File file = new File(str);
        return (file.isAbsolute() || this.configDir == null) ? file : new File(this.configDir.getPath(), file.getPath());
    }

    public String getKeystoreFile() {
        return this.map.get(ParameterState.SEC_KEYSTORE_FILE).asString();
    }

    public void setKeystoreFile(String str) {
        this.map.setParameter(ParameterState.SEC_KEYSTORE_FILE, str);
    }

    public String getKeystoreType() {
        String asString = this.map.get(ParameterState.SEC_KEYSTORE_TYPE).asString();
        return (asString == null || "".equals(asString)) ? "JKS" : asString;
    }

    public void setKeystoreType(String str) {
        this.map.setParameter(ParameterState.SEC_KEYSTORE_TYPE, str);
    }

    public String getKeystoreSigPrivateKeyAlias() {
        String asString = this.map.get(ParameterState.SEC_KEYSTORE_SIG_PRIVATE_KEY_ALIAS).asString();
        if (asString == null || asString.isEmpty()) {
            return null;
        }
        return asString;
    }

    public void setKeystoreSigPrivateKeyAlias(String str) {
        this.map.setParameter(ParameterState.SEC_KEYSTORE_SIG_PRIVATE_KEY_ALIAS, str);
    }

    public String getTruststoreFile() {
        return this.map.get(ParameterState.SEC_TRUSTSTORE_FILE).asString();
    }

    public void setTruststoreFile(String str) {
        this.map.setParameter(ParameterState.SEC_TRUSTSTORE_FILE, str);
    }

    public String getTruststoreType() {
        String asString = this.map.get(ParameterState.SEC_TRUSTSTORE_TYPE).asString();
        return (asString == null || "".equals(asString)) ? "JKS" : asString;
    }

    public void setTruststoreType(String str) {
        this.map.setParameter(ParameterState.SEC_TRUSTSTORE_TYPE, str);
    }

    public String getTruststoreSigPublicKeyAlias() {
        String asString = this.map.get(ParameterState.SEC_TRUSTSTORE_SIG_PUBLIC_KEY_ALIAS).asString();
        if (asString == null || asString.isEmpty()) {
            return null;
        }
        return asString;
    }

    public void setTruststoreSigPublicKeyAlias(String str) {
        this.map.setParameter(ParameterState.SEC_TRUSTSTORE_SIG_PUBLIC_KEY_ALIAS, str);
    }

    public String getPasswordFile() {
        return this.map.get(ParameterState.SEC_PASSWORD_FILE).asString();
    }

    public void setPasswordFile(String str) {
        this.map.setParameter(ParameterState.SEC_PASSWORD_FILE, str);
    }

    public String getPasswordClass() {
        return this.map.get(ParameterState.SEC_PASSWORD_CLASS).asString();
    }

    public void setPasswordClass(String str) {
        this.map.setParameter(ParameterState.SEC_PASSWORD_CLASS, str);
    }

    public String getWalletDir() {
        return this.map.get(ParameterState.SEC_WALLET_DIR).asString();
    }

    public void setWalletDir(String str) {
        this.map.setParameter(ParameterState.SEC_WALLET_DIR, str);
    }

    public String getInternalAuth() {
        return this.map.get(ParameterState.SEC_INTERNAL_AUTH).asString();
    }

    public void setInternalAuth(String str) {
        this.map.setParameter(ParameterState.SEC_INTERNAL_AUTH, str);
    }

    public String getCertMode() {
        return this.map.get(ParameterState.SEC_CERT_MODE).asString();
    }

    public void setCertMode(String str) {
        this.map.setParameter(ParameterState.SEC_CERT_MODE, str);
    }

    public String getKeystorePasswordAlias() {
        String asString = this.map.get(ParameterState.SEC_KEYSTORE_PWD_ALIAS).asString();
        if (asString == null || asString.length() <= 0) {
            return null;
        }
        return asString;
    }

    public void setKeystorePasswordAlias(String str) {
        this.map.setParameter(ParameterState.SEC_KEYSTORE_PWD_ALIAS, str);
    }

    public String getSignatureAlgorithm() {
        return this.map.get(ParameterState.SEC_SIGNATURE_ALGO).asString();
    }

    public void setSignatureAlgorithm(String str) {
        this.map.setParameter(ParameterState.SEC_SIGNATURE_ALGO, str);
    }

    public String getKerberosServiceName() {
        return this.map.getOrDefault(ParameterState.SEC_KERBEROS_SERVICE_NAME).asString();
    }

    public void setKerberosServiceName(String str) {
        this.map.setParameter(ParameterState.SEC_KERBEROS_SERVICE_NAME, str);
    }

    public String getKerberosInstanceName() {
        return this.map.get(ParameterState.SEC_KERBEROS_INSTANCE_NAME).asString();
    }

    public void setKerberosInstanceName(String str) {
        this.map.setParameter(ParameterState.SEC_KERBEROS_INSTANCE_NAME, str);
    }

    public String getKerberosRealmName() {
        return this.map.get(ParameterState.SEC_KERBEROS_REALM_NAME).asString();
    }

    public void setKerberosRealmName(String str) {
        this.map.setParameter(ParameterState.SEC_KERBEROS_REALM_NAME, str);
    }

    public String getKerberosConfFile() {
        return this.map.get(ParameterState.SEC_KERBEROS_CONFIG_FILE).asString();
    }

    public void setKerberosConfFile(String str) {
        this.map.setParameter(ParameterState.SEC_KERBEROS_CONFIG_FILE, str);
    }

    public String getKerberosKeytabFile() {
        return this.map.get(ParameterState.SEC_KERBEROS_KEYTAB_FILE).asString();
    }

    public void setKerberosKeytabFile(String str) {
        this.map.setParameter(ParameterState.SEC_KERBEROS_KEYTAB_FILE, str);
    }

    public KrbPrincipalInfo getKerberosPrincipalInfo() {
        return new KrbPrincipalInfo(getKerberosRealmName(), getKerberosServiceName(), getKerberosInstanceName());
    }

    public String getTransType(String str) {
        return getTransType(requireTransportMap(str));
    }

    public String getTransType(ParameterMap parameterMap) {
        return parameterMap.get(ParameterState.SEC_TRANS_TYPE).asString();
    }

    public void setTransType(String str, String str2) {
        setTransType(requireTransportMap(str), str2);
    }

    public void setTransType(ParameterMap parameterMap, String str) {
        parameterMap.setParameter(ParameterState.SEC_TRANS_TYPE, str);
    }

    public String getTransFactory(String str) {
        return getTransFactory(requireTransportMap(str));
    }

    public String getTransFactory(ParameterMap parameterMap) {
        return parameterMap.get(ParameterState.SEC_TRANS_FACTORY).asString();
    }

    public void setTransFactory(String str, String str2) {
        setTransFactory(requireTransportMap(str), str2);
    }

    public void setTransFactory(ParameterMap parameterMap, String str) {
        parameterMap.setParameter(ParameterState.SEC_TRANS_FACTORY, str);
    }

    public String getTransServerKeyAlias(String str) {
        return getTransServerKeyAlias(requireTransportMap(str));
    }

    public String getTransServerKeyAlias(ParameterMap parameterMap) {
        return parameterMap.get(ParameterState.SEC_TRANS_SERVER_KEY_ALIAS).asString();
    }

    public void setTransServerKeyAlias(String str, String str2) {
        setTransServerKeyAlias(requireTransportMap(str), str2);
    }

    public void setTransServerKeyAlias(ParameterMap parameterMap, String str) {
        parameterMap.setParameter(ParameterState.SEC_TRANS_SERVER_KEY_ALIAS, str);
    }

    public String getTransClientKeyAlias(String str) {
        return getTransClientKeyAlias(requireTransportMap(str));
    }

    public String getTransClientKeyAlias(ParameterMap parameterMap) {
        return parameterMap.get(ParameterState.SEC_TRANS_CLIENT_KEY_ALIAS).asString();
    }

    public void setTransClientKeyAlias(String str, String str2) {
        setTransClientKeyAlias(requireTransportMap(str), str2);
    }

    public void setTransClientKeyAlias(ParameterMap parameterMap, String str) {
        parameterMap.setParameter(ParameterState.SEC_TRANS_CLIENT_KEY_ALIAS, str);
    }

    public String getTransAllowCipherSuites(String str) {
        return getTransAllowCipherSuites(requireTransportMap(str));
    }

    public String getTransAllowCipherSuites(ParameterMap parameterMap) {
        return parameterMap.get(ParameterState.SEC_TRANS_ALLOW_CIPHER_SUITES).asString();
    }

    public void setTransAllowCipherSuites(String str, String str2) {
        setTransAllowCipherSuites(requireTransportMap(str), str2);
    }

    public void setTransAllowCipherSuites(ParameterMap parameterMap, String str) {
        parameterMap.setParameter(ParameterState.SEC_TRANS_ALLOW_CIPHER_SUITES, str);
    }

    public String getTransAllowProtocols(String str) {
        return getTransAllowProtocols(requireTransportMap(str));
    }

    public String getTransAllowProtocols(ParameterMap parameterMap) {
        return parameterMap.get(ParameterState.SEC_TRANS_ALLOW_PROTOCOLS).asString();
    }

    public void setTransAllowProtocols(String str, String str2) {
        setTransAllowProtocols(requireTransportMap(str), str2);
    }

    public void setTransAllowProtocols(ParameterMap parameterMap, String str) {
        parameterMap.setParameter(ParameterState.SEC_TRANS_ALLOW_PROTOCOLS, str);
    }

    public String getTransClientAllowCipherSuites(String str) {
        return getTransClientAllowCipherSuites(requireTransportMap(str));
    }

    public String getTransClientAllowCipherSuites(ParameterMap parameterMap) {
        return parameterMap.get(ParameterState.SEC_TRANS_CLIENT_ALLOW_CIPHER_SUITES).asString();
    }

    public void setTransClientAllowCipherSuites(String str, String str2) {
        setTransClientAllowCipherSuites(requireTransportMap(str), str2);
    }

    public void setTransClientAllowCipherSuites(ParameterMap parameterMap, String str) {
        parameterMap.setParameter(ParameterState.SEC_TRANS_CLIENT_ALLOW_CIPHER_SUITES, str);
    }

    public String getTransClientAllowProtocols(String str) {
        return getTransClientAllowProtocols(requireTransportMap(str));
    }

    public String getTransClientAllowProtocols(ParameterMap parameterMap) {
        return parameterMap.get(ParameterState.SEC_TRANS_CLIENT_ALLOW_PROTOCOLS).asString();
    }

    public void setTransClientAllowProtocols(String str, String str2) {
        setTransClientAllowProtocols(requireTransportMap(str), str2);
    }

    public void setTransClientAllowProtocols(ParameterMap parameterMap, String str) {
        parameterMap.setParameter(ParameterState.SEC_TRANS_CLIENT_ALLOW_PROTOCOLS, str);
    }

    public String getTransClientIdentityAllowed(String str) {
        return getTransClientIdentityAllowed(requireTransportMap(str));
    }

    public String getTransClientIdentityAllowed(ParameterMap parameterMap) {
        return parameterMap.get(ParameterState.SEC_TRANS_CLIENT_IDENT_ALLOW).asString();
    }

    public void setTransClientIdentityAllowed(String str, String str2) {
        setTransClientIdentityAllowed(requireTransportMap(str), str2);
    }

    public void setTransClientIdentityAllowed(ParameterMap parameterMap, String str) {
        parameterMap.setParameter(ParameterState.SEC_TRANS_CLIENT_IDENT_ALLOW, str);
    }

    public boolean getTransClientAuthRequired(String str) {
        return getTransClientAuthRequired(requireTransportMap(str));
    }

    public boolean getTransClientAuthRequired(ParameterMap parameterMap) {
        return parameterMap.get(ParameterState.SEC_TRANS_CLIENT_AUTH_REQUIRED).asBoolean();
    }

    public void setTransClientAuthRequired(String str, boolean z) {
        setTransClientAuthRequired(requireTransportMap(str), z);
    }

    public void setTransClientAuthRequired(ParameterMap parameterMap, boolean z) {
        parameterMap.setParameter(ParameterState.SEC_TRANS_CLIENT_AUTH_REQUIRED, Boolean.toString(z));
    }

    public String getTransServerIdentityAllowed(String str) {
        return getTransServerIdentityAllowed(requireTransportMap(str));
    }

    public String getTransServerIdentityAllowed(ParameterMap parameterMap) {
        return parameterMap.get(ParameterState.SEC_TRANS_SERVER_IDENT_ALLOW).asString();
    }

    public void setTransServerIdentityAllowed(String str, String str2) {
        setTransServerIdentityAllowed(requireTransportMap(str), str2);
    }

    public void setTransServerIdentityAllowed(ParameterMap parameterMap, String str) {
        parameterMap.setParameter(ParameterState.SEC_TRANS_SERVER_IDENT_ALLOW, str);
    }

    public RMISocketPolicy getRMISocketPolicy() {
        if (this.clientRMISocketPolicy == null) {
            throw new IllegalStateException("No RMI socket policy is in force");
        }
        return this.clientRMISocketPolicy;
    }

    public RMISocketPolicy getTrustedRMISocketPolicy() {
        return this.trustedRMISocketPolicy;
    }

    public void initRMISocketPolicies() throws IllegalStateException {
        if (isSecure()) {
            useRMISocketPolicies();
        } else {
            useRMISocketPolicyDefaults();
        }
    }

    public Properties getClientAccessProps() {
        ParameterMap transportMap = getTransportMap(ParameterState.SECURITY_TRANSPORT_CLIENT);
        Properties clientAccessProperties = ((RMISocketPolicyBuilder) makeTransportFactory(ParameterState.SECURITY_TRANSPORT_CLIENT, transportMap, RMISocketPolicyBuilder.class)).getClientAccessProperties(this, transportMap);
        String asString = transportMap.get(ParameterState.SEC_TRANS_TYPE).asString();
        if (asString != null && !asString.isEmpty()) {
            clientAccessProperties.setProperty(KVSecurityConstants.TRANSPORT_PROPERTY, asString);
        }
        return clientAccessProperties;
    }

    private void useRMISocketPolicies() throws IllegalStateException {
        RMISocketPolicy createClientRMISocketPolicy = createClientRMISocketPolicy();
        ClientSocketFactory.setRMIPolicy(createClientRMISocketPolicy);
        this.clientRMISocketPolicy = createClientRMISocketPolicy;
        RMISocketPolicy createTrustedRMISocketPolicy = createTrustedRMISocketPolicy();
        if (createTrustedRMISocketPolicy != null) {
            createTrustedRMISocketPolicy.prepareClient(null);
            this.trustedRMISocketPolicy = createTrustedRMISocketPolicy;
        }
    }

    private ParameterMap requireTransportMap(String str) {
        ParameterMap parameterMap = this.transportMaps.get(str);
        if (parameterMap == null) {
            throw new IllegalStateException("Transport " + str + " does not exist");
        }
        return parameterMap;
    }

    private void useRMISocketPolicyDefaults() {
        this.clientRMISocketPolicy = makeDefaultRMISocketPolicy();
        ClientSocketFactory.setRMIPolicy(this.clientRMISocketPolicy);
        this.trustedRMISocketPolicy = null;
    }

    private RMISocketPolicy createClientRMISocketPolicy() throws IllegalStateException {
        return makeRMISocketPolicy(ParameterState.SECURITY_TRANSPORT_CLIENT);
    }

    private RMISocketPolicy createTrustedRMISocketPolicy() throws IllegalStateException {
        RMISocketPolicy makeRMISocketPolicy = makeRMISocketPolicy(ParameterState.SECURITY_TRANSPORT_INTERNAL);
        if (makeRMISocketPolicy.isTrustCapable()) {
            return makeRMISocketPolicy;
        }
        return null;
    }

    private static RMISocketPolicy makeDefaultRMISocketPolicy() {
        return new ClearSocketPolicy();
    }

    private RMISocketPolicy makeRMISocketPolicy(String str) throws IllegalStateException {
        ParameterMap findTransportParams = findTransportParams(str);
        try {
            return ((RMISocketPolicyBuilder) makeTransportFactory(str, findTransportParams, RMISocketPolicyBuilder.class)).makeSocketPolicy(this, findTransportParams);
        } catch (Exception e) {
            throw new IllegalStateException("Error contructing RMISocketPolicy using transport class for transport " + str, e);
        }
    }

    private RepNetConfigBuilder makeRepNetConfigBuilder(ParameterMap parameterMap) throws IllegalStateException {
        return (RepNetConfigBuilder) makeTransportFactory(parameterMap.getName(), parameterMap, RepNetConfigBuilder.class);
    }

    private ParameterMap findTransportParams(String str) throws IllegalStateException {
        ParameterMap parameterMap = this.transportMaps.get(str);
        if (parameterMap == null) {
            throw new IllegalStateException("transport name " + str + " does not exist in the configuration");
        }
        return parameterMap;
    }

    private Object makeTransportFactory(String str, ParameterMap parameterMap, Class<?> cls) throws IllegalStateException {
        String transFactory;
        String transType = getTransType(parameterMap);
        if (transType == null || transType.isEmpty() || TRANS_TYPE_FACTORY.equals(transType)) {
            transFactory = getTransFactory(parameterMap);
        } else if ("ssl".equals(transType)) {
            transFactory = SSLTransport.class.getName();
        } else {
            if (!TRANS_TYPE_CLEAR.equals(transType)) {
                throw new IllegalStateException("Transport " + str + " has an unrecognized transportType: " + transType);
            }
            transFactory = ClearTransport.class.getName();
        }
        if (transFactory == null) {
            throw new IllegalStateException("Transport " + str + " has no transportFactory parameter specified");
        }
        try {
            try {
                Object newInstance = Class.forName(transFactory).newInstance();
                if (cls.isInstance(newInstance)) {
                    return newInstance;
                }
                throw new IllegalStateException("Transport factory class " + transFactory + " for transport " + str + " does not implement " + cls.getName());
            } catch (Exception e) {
                throw new IllegalStateException("Error instantiating transport class " + transFactory + " for transport " + str, e);
            }
        } catch (Exception e2) {
            throw new IllegalStateException("Error resolving transport class " + transFactory + " for transport " + str, e2);
        }
    }

    public Properties getJEHAProperties() {
        ParameterMap findTransportParams = findTransportParams(ParameterState.SECURITY_TRANSPORT_JE_HA);
        return findTransportParams == null ? new Properties() : makeRepNetConfigBuilder(findTransportParams).makeChannelProperties(this, findTransportParams);
    }
}
