package org.elasticsearch.xpack.ssl;

import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Optional;
import java.util.function.Function;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManagerFactory;
import org.elasticsearch.common.settings.Setting;
import org.elasticsearch.common.settings.Settings;

/* loaded from: input_file:org/elasticsearch/xpack/ssl/SSLConfigurationSettings.class */
public class SSLConfigurationSettings {
    private final String prefix;
    public final Setting<List<String>> ciphers;
    public final Setting<List<String>> supportedProtocols;
    public final Setting<Optional<String>> keystorePath;
    public final Setting<Optional<String>> keystorePassword;
    public final Setting<String> keystoreAlgorithm;
    public final Setting<Optional<String>> keystoreKeyPassword;
    public final Setting<Optional<String>> truststorePath;
    public final Setting<Optional<String>> truststorePassword;
    public final Setting<String> truststoreAlgorithm;
    public final Setting<Optional<String>> keyPath;
    public final Setting<Optional<String>> keyPassword;
    public final Setting<Optional<String>> cert;
    public final Setting<List<String>> caPaths;
    public final Setting<Optional<SSLClientAuth>> clientAuth;
    public final Setting<Optional<VerificationMode>> verificationMode;
    static final /* synthetic */ boolean $assertionsDisabled;

    private SSLConfigurationSettings(String str) {
        if (!$assertionsDisabled && str == null) {
            throw new AssertionError("Prefix cannot be null (but can be blank)");
        }
        this.prefix = str;
        this.ciphers = list("cipher_suites", Collections.emptyList());
        this.supportedProtocols = list("supported_protocols", Collections.emptyList());
        this.keystorePath = optionalString("keystore.path");
        this.keystorePassword = optionalString("keystore.password");
        this.keystoreKeyPassword = optionalString("keystore.key_password", this.keystorePassword);
        this.truststorePath = optionalString("truststore.path");
        this.truststorePassword = optionalString("truststore.password");
        this.keystoreAlgorithm = systemProperty("keystore.algorithm", "ssl.KeyManagerFactory.algorithm", KeyManagerFactory.getDefaultAlgorithm());
        this.truststoreAlgorithm = systemProperty("truststore.algorithm", "ssl.TrustManagerFactory.algorithm", TrustManagerFactory.getDefaultAlgorithm());
        this.keyPath = optionalString("key");
        this.keyPassword = optionalString("key_passphrase");
        this.cert = optionalString("certificate");
        this.caPaths = list("certificate_authorities", Collections.emptyList());
        this.clientAuth = optional("client_authentication", SSLClientAuth::parse);
        this.verificationMode = optional("verification_mode", VerificationMode::parse);
    }

    public List<Setting<?>> getAllSettings() {
        return Arrays.asList(this.ciphers, this.supportedProtocols, this.keystorePath, this.keystorePassword, this.keystoreAlgorithm, this.keystoreKeyPassword, this.truststorePath, this.truststorePassword, this.truststoreAlgorithm, this.keyPath, this.keyPassword, this.cert, this.caPaths, this.clientAuth, this.verificationMode);
    }

    private Setting<Optional<String>> optionalString(String str) {
        return optionalString(str, settings -> {
            return null;
        });
    }

    private Setting<Optional<String>> optionalString(String str, Function<Settings, String> function) {
        return new Setting<>(this.prefix + str, function, (v0) -> {
            return Optional.ofNullable(v0);
        }, new Setting.Property[]{Setting.Property.NodeScope, Setting.Property.Filtered});
    }

    private Setting<Optional<String>> optionalString(String str, Setting<Optional<String>> setting) {
        return new Setting<>(this.prefix + str, setting, (v0) -> {
            return Optional.ofNullable(v0);
        }, new Setting.Property[]{Setting.Property.NodeScope, Setting.Property.Filtered});
    }

    private <T> Setting<Optional<T>> optional(String str, Function<String, T> function) {
        return new Setting<>(this.prefix + str, (String) null, str2 -> {
            return str2 == null ? Optional.empty() : Optional.of(function.apply(str2));
        }, new Setting.Property[]{Setting.Property.NodeScope, Setting.Property.Filtered});
    }

    private Setting<String> systemProperty(String str, String str2, String str3) {
        return string(str, settings -> {
            return System.getProperty(str2, str3);
        });
    }

    private Setting<String> string(String str, Function<Settings, String> function) {
        return new Setting<>(this.prefix + str, function, Function.identity(), new Setting.Property[]{Setting.Property.NodeScope, Setting.Property.Filtered});
    }

    private Setting<List<String>> list(String str, List<String> list) {
        return Setting.listSetting(this.prefix + str, list, Function.identity(), new Setting.Property[]{Setting.Property.NodeScope, Setting.Property.Filtered});
    }

    public static SSLConfigurationSettings withoutPrefix() {
        return new SSLConfigurationSettings("");
    }

    public static SSLConfigurationSettings withPrefix(String str) {
        if ($assertionsDisabled || str.endsWith("ssl.")) {
            return new SSLConfigurationSettings(str);
        }
        throw new AssertionError("The ssl config prefix (" + str + ") should end in 'ssl.'");
    }

    static {
        $assertionsDisabled = !SSLConfigurationSettings.class.desiredAssertionStatus();
    }
}
