package org.neo4j.ssl;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.URL;
import java.nio.file.Path;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import org.neo4j.io.fs.DefaultFileSystemAbstraction;
import org.neo4j.io.fs.FileSystemAbstraction;

/* loaded from: input_file:org/neo4j/ssl/SslResourceBuilder.class */
public class SslResourceBuilder {
    private static final String CA_CERTIFICATE_NAME = "cluster.crt";
    private static final String PRIVATE_KEY_NAME = "private.key";
    private static final String PUBLIC_CERT_NAME = "public.crt";
    private static final String SELF_SIGNED_NAME = "selfsigned.crt";
    private static final String REVOKED_NAME = "revoked.crl";
    private static final String CA_SIGNED_NAME = "casigned.crt";
    private static final String TRUSTED_DIR_NAME = "trusted";
    private static final String REVOKED_DIR_NAME = "revoked";
    private static final String CA_BASE_PATH = "test-certificates/ca/";
    private static final String SERVERS_BASE_PATH = "test-certificates/servers/";
    private final int keyId;
    private final SignedBy signedBy;
    private boolean trustSignedByCA;
    private Set<Integer> trusted = new HashSet();
    private Set<Integer> revoked = new HashSet();
    private FileSystemAbstraction fsa = new DefaultFileSystemAbstraction();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/neo4j/ssl/SslResourceBuilder$SignedBy.class */
    public enum SignedBy {
        SELF(SslResourceBuilder.SELF_SIGNED_NAME),
        CA(SslResourceBuilder.CA_SIGNED_NAME);

        private final String resourceName;

        SignedBy(String str) {
            this.resourceName = str;
        }

        public URL keyId(int i) {
            return SslResourceBuilder.resource(this.resourceName, i);
        }
    }

    private SslResourceBuilder(int i, SignedBy signedBy) {
        this.keyId = i;
        this.signedBy = signedBy;
    }

    public static SslResourceBuilder selfSignedKeyId(int i) {
        return new SslResourceBuilder(i, SignedBy.SELF);
    }

    public static SslResourceBuilder caSignedKeyId(int i) {
        return new SslResourceBuilder(i, SignedBy.CA);
    }

    public SslResourceBuilder trustKeyId(int i) {
        this.trusted.add(Integer.valueOf(i));
        return this;
    }

    public SslResourceBuilder trustSignedByCA() {
        this.trustSignedByCA = true;
        return this;
    }

    public SslResourceBuilder revoke(int i) {
        this.revoked.add(Integer.valueOf(i));
        return this;
    }

    public SslResource install(Path path) throws IOException {
        return install(path, CA_CERTIFICATE_NAME);
    }

    public SslResource install(Path path, String str) throws IOException {
        Path resolve = path.resolve(PRIVATE_KEY_NAME);
        Path resolve2 = path.resolve(PUBLIC_CERT_NAME);
        Path resolve3 = path.resolve(TRUSTED_DIR_NAME);
        Path resolve4 = path.resolve(REVOKED_DIR_NAME);
        this.fsa.mkdir(resolve3);
        this.fsa.mkdir(resolve4);
        Iterator<Integer> it = this.trusted.iterator();
        while (it.hasNext()) {
            int intValue = it.next().intValue();
            copy(resource(SELF_SIGNED_NAME, intValue), resolve3.resolve(intValue + ".crt"));
        }
        Iterator<Integer> it2 = this.revoked.iterator();
        while (it2.hasNext()) {
            int intValue2 = it2.next().intValue();
            copy(resource(REVOKED_NAME, intValue2), resolve4.resolve(intValue2 + ".crl"));
        }
        if (this.trustSignedByCA) {
            copy(resource(str), resolve3.resolve(str));
        }
        copy(resource(PRIVATE_KEY_NAME, this.keyId), resolve);
        copy(this.signedBy.keyId(this.keyId), resolve2);
        return new SslResource(resolve, resolve2, resolve3, resolve4);
    }

    private static URL resource(String str, int i) {
        return SslResourceBuilder.class.getResource("test-certificates/servers/" + i + "/" + str);
    }

    private static URL resource(String str) {
        return SslResourceBuilder.class.getResource("test-certificates/ca/" + str);
    }

    private void copy(URL url, Path path) throws IOException {
        InputStream openStream = url.openStream();
        try {
            OutputStream openAsOutputStream = this.fsa.openAsOutputStream(path, false);
            try {
                openStream.transferTo(openAsOutputStream);
                if (openAsOutputStream != null) {
                    openAsOutputStream.close();
                }
                if (openStream != null) {
                    openStream.close();
                }
            } finally {
            }
        } catch (Throwable th) {
            if (openStream != null) {
                try {
                    openStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }
}
