package com.venafi.vcert.sdk.connectors;

import com.google.common.annotations.VisibleForTesting;
import com.venafi.vcert.sdk.SignatureAlgorithm;
import com.venafi.vcert.sdk.certificate.EllipticCurve;
import com.venafi.vcert.sdk.certificate.KeyType;
import com.venafi.vcert.sdk.endpoint.AllowedKeyConfiguration;
import com.venafi.vcert.sdk.utils.Is;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.function.Function;
import java.util.regex.Pattern;
import java.util.stream.Collectors;

/* loaded from: input_file:WEB-INF/lib/vcert-java-0.1.4.jar:com/venafi/vcert/sdk/connectors/ServerPolicy.class */
public class ServerPolicy {
    private static final transient String allAllowedRegex = ".*";
    public static final transient Function<String, String> addStartEnd = str -> {
        if (!str.startsWith("^")) {
            str = "^" + str;
        }
        if (!str.endsWith("$")) {
            str = str + "$";
        }
        return str;
    };
    private LockableValue<String> certificateAuthority;
    private LockableValue<String> csrGeneration;
    private LockableValue<String> keyGeneration;
    private KeyPair keyPair;
    private LockableValue<String> managementType;
    private boolean privateKeyReuseAllowed;
    private boolean subjAltNameDnsAllowed;
    private boolean subjAltNameEmailAllowed;
    private boolean subjAltNameIpAllowed;
    private boolean subjAltNameUpnAllowed;
    private boolean subjAltNameUriAllowed;
    private Subject subject;
    private boolean uniqueSubjectEnforced;
    private Collection<String> whitelistedDomains;
    private boolean wildcardsAllowed;

    @VisibleForTesting
    /* loaded from: input_file:WEB-INF/lib/vcert-java-0.1.4.jar:com/venafi/vcert/sdk/connectors/ServerPolicy$KeyPair.class */
    public static class KeyPair {
        private LockableValue<String> keyAlgorithm;
        private LockableValue<Integer> keySize;
        private LockableValue<String> ellipticCurve;

        public LockableValue<String> keyAlgorithm() {
            return this.keyAlgorithm;
        }

        public LockableValue<Integer> keySize() {
            return this.keySize;
        }

        public LockableValue<String> ellipticCurve() {
            return this.ellipticCurve;
        }

        public KeyPair keyAlgorithm(LockableValue<String> lockableValue) {
            this.keyAlgorithm = lockableValue;
            return this;
        }

        public KeyPair keySize(LockableValue<Integer> lockableValue) {
            this.keySize = lockableValue;
            return this;
        }

        public KeyPair ellipticCurve(LockableValue<String> lockableValue) {
            this.ellipticCurve = lockableValue;
            return this;
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof KeyPair)) {
                return false;
            }
            KeyPair keyPair = (KeyPair) obj;
            if (!keyPair.canEqual(this)) {
                return false;
            }
            LockableValue<String> keyAlgorithm = keyAlgorithm();
            LockableValue<String> keyAlgorithm2 = keyPair.keyAlgorithm();
            if (keyAlgorithm == null) {
                if (keyAlgorithm2 != null) {
                    return false;
                }
            } else if (!keyAlgorithm.equals(keyAlgorithm2)) {
                return false;
            }
            LockableValue<Integer> keySize = keySize();
            LockableValue<Integer> keySize2 = keyPair.keySize();
            if (keySize == null) {
                if (keySize2 != null) {
                    return false;
                }
            } else if (!keySize.equals(keySize2)) {
                return false;
            }
            LockableValue<String> ellipticCurve = ellipticCurve();
            LockableValue<String> ellipticCurve2 = keyPair.ellipticCurve();
            return ellipticCurve == null ? ellipticCurve2 == null : ellipticCurve.equals(ellipticCurve2);
        }

        protected boolean canEqual(Object obj) {
            return obj instanceof KeyPair;
        }

        public int hashCode() {
            LockableValue<String> keyAlgorithm = keyAlgorithm();
            int hashCode = (1 * 59) + (keyAlgorithm == null ? 43 : keyAlgorithm.hashCode());
            LockableValue<Integer> keySize = keySize();
            int hashCode2 = (hashCode * 59) + (keySize == null ? 43 : keySize.hashCode());
            LockableValue<String> ellipticCurve = ellipticCurve();
            return (hashCode2 * 59) + (ellipticCurve == null ? 43 : ellipticCurve.hashCode());
        }

        public String toString() {
            return "ServerPolicy.KeyPair(keyAlgorithm=" + keyAlgorithm() + ", keySize=" + keySize() + ", ellipticCurve=" + ellipticCurve() + ")";
        }

        public KeyPair(LockableValue<String> lockableValue, LockableValue<Integer> lockableValue2, LockableValue<String> lockableValue3) {
            this.keyAlgorithm = lockableValue;
            this.keySize = lockableValue2;
            this.ellipticCurve = lockableValue3;
        }
    }

    @VisibleForTesting
    /* loaded from: input_file:WEB-INF/lib/vcert-java-0.1.4.jar:com/venafi/vcert/sdk/connectors/ServerPolicy$Subject.class */
    public static class Subject {
        private LockableValue<String> city;
        private LockableValue<String> country;
        private LockableValue<String> organization;
        private LockableValues<String> organizationalUnit;
        private LockableValue<String> state;

        public LockableValue<String> city() {
            return this.city;
        }

        public LockableValue<String> country() {
            return this.country;
        }

        public LockableValue<String> organization() {
            return this.organization;
        }

        public LockableValues<String> organizationalUnit() {
            return this.organizationalUnit;
        }

        public LockableValue<String> state() {
            return this.state;
        }

        public Subject city(LockableValue<String> lockableValue) {
            this.city = lockableValue;
            return this;
        }

        public Subject country(LockableValue<String> lockableValue) {
            this.country = lockableValue;
            return this;
        }

        public Subject organization(LockableValue<String> lockableValue) {
            this.organization = lockableValue;
            return this;
        }

        public Subject organizationalUnit(LockableValues<String> lockableValues) {
            this.organizationalUnit = lockableValues;
            return this;
        }

        public Subject state(LockableValue<String> lockableValue) {
            this.state = lockableValue;
            return this;
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof Subject)) {
                return false;
            }
            Subject subject = (Subject) obj;
            if (!subject.canEqual(this)) {
                return false;
            }
            LockableValue<String> city = city();
            LockableValue<String> city2 = subject.city();
            if (city == null) {
                if (city2 != null) {
                    return false;
                }
            } else if (!city.equals(city2)) {
                return false;
            }
            LockableValue<String> country = country();
            LockableValue<String> country2 = subject.country();
            if (country == null) {
                if (country2 != null) {
                    return false;
                }
            } else if (!country.equals(country2)) {
                return false;
            }
            LockableValue<String> organization = organization();
            LockableValue<String> organization2 = subject.organization();
            if (organization == null) {
                if (organization2 != null) {
                    return false;
                }
            } else if (!organization.equals(organization2)) {
                return false;
            }
            LockableValues<String> organizationalUnit = organizationalUnit();
            LockableValues<String> organizationalUnit2 = subject.organizationalUnit();
            if (organizationalUnit == null) {
                if (organizationalUnit2 != null) {
                    return false;
                }
            } else if (!organizationalUnit.equals(organizationalUnit2)) {
                return false;
            }
            LockableValue<String> state = state();
            LockableValue<String> state2 = subject.state();
            return state == null ? state2 == null : state.equals(state2);
        }

        protected boolean canEqual(Object obj) {
            return obj instanceof Subject;
        }

        public int hashCode() {
            LockableValue<String> city = city();
            int hashCode = (1 * 59) + (city == null ? 43 : city.hashCode());
            LockableValue<String> country = country();
            int hashCode2 = (hashCode * 59) + (country == null ? 43 : country.hashCode());
            LockableValue<String> organization = organization();
            int hashCode3 = (hashCode2 * 59) + (organization == null ? 43 : organization.hashCode());
            LockableValues<String> organizationalUnit = organizationalUnit();
            int hashCode4 = (hashCode3 * 59) + (organizationalUnit == null ? 43 : organizationalUnit.hashCode());
            LockableValue<String> state = state();
            return (hashCode4 * 59) + (state == null ? 43 : state.hashCode());
        }

        public String toString() {
            return "ServerPolicy.Subject(city=" + city() + ", country=" + country() + ", organization=" + organization() + ", organizationalUnit=" + organizationalUnit() + ", state=" + state() + ")";
        }

        public Subject() {
        }

        public Subject(LockableValue<String> lockableValue, LockableValue<String> lockableValue2, LockableValue<String> lockableValue3, LockableValues<String> lockableValues, LockableValue<String> lockableValue4) {
            this.city = lockableValue;
            this.country = lockableValue2;
            this.organization = lockableValue3;
            this.organizationalUnit = lockableValues;
            this.state = lockableValue4;
        }
    }

    public Policy toPolicy() {
        Function function = str -> {
            return addStartEnd.apply(Pattern.quote(str));
        };
        Function function2 = collection -> {
            return (List) collection.stream().map(function).collect(Collectors.toList());
        };
        Function function3 = lockableValue -> {
            if (null != lockableValue && lockableValue.locked()) {
                return Collections.singleton(function.apply(lockableValue.value()));
            }
            return Collections.singleton(allAllowedRegex);
        };
        Function function4 = bool -> {
            return bool.booleanValue() ? Collections.singleton(allAllowedRegex) : Collections.emptyList();
        };
        Policy allowedKeyConfigurations = new Policy().allowedKeyConfigurations(new ArrayList());
        if (Is.blank(this.whitelistedDomains)) {
            allowedKeyConfigurations.subjectCNRegexes(Collections.singleton(allAllowedRegex));
        } else {
            ArrayList arrayList = new ArrayList(this.whitelistedDomains.size());
            for (String str2 : whitelistedDomains()) {
                if (wildcardsAllowed()) {
                    arrayList.add(addStartEnd.apply(allAllowedRegex + Pattern.quote("." + str2)));
                } else {
                    arrayList.add(function.apply(str2));
                }
            }
            allowedKeyConfigurations.subjectCNRegexes(arrayList);
        }
        if (this.subject.organizationalUnit().locked()) {
            allowedKeyConfigurations.subjectOURegexes((Collection) function2.apply(this.subject.organizationalUnit().values()));
        } else {
            allowedKeyConfigurations.subjectOURegexes(Collections.singleton(allAllowedRegex));
        }
        allowedKeyConfigurations.subjectORegexes((Collection) function3.apply(this.subject.organization()));
        allowedKeyConfigurations.subjectLRegexes((Collection) function3.apply(this.subject.city()));
        allowedKeyConfigurations.subjectSTRegexes((Collection) function3.apply(this.subject.state()));
        allowedKeyConfigurations.subjectCRegexes((Collection) function3.apply(this.subject.country()));
        if (!this.subjAltNameDnsAllowed) {
            allowedKeyConfigurations.dnsSanRegExs(Collections.emptyList());
        } else if (Is.blank(this.whitelistedDomains)) {
            allowedKeyConfigurations.dnsSanRegExs(Collections.singleton(allAllowedRegex));
        } else {
            ArrayList arrayList2 = new ArrayList(this.whitelistedDomains.size());
            for (String str3 : this.whitelistedDomains) {
                if (this.wildcardsAllowed) {
                    arrayList2.add(addStartEnd.apply(allAllowedRegex + Pattern.quote("." + str3)));
                } else {
                    arrayList2.add(function.apply(str3));
                }
            }
            allowedKeyConfigurations.dnsSanRegExs(arrayList2);
        }
        allowedKeyConfigurations.ipSanRegExs((Collection) function4.apply(Boolean.valueOf(this.subjAltNameIpAllowed)));
        allowedKeyConfigurations.emailSanRegExs((Collection) function4.apply(Boolean.valueOf(this.subjAltNameEmailAllowed)));
        allowedKeyConfigurations.uriSanRegExs((Collection) function4.apply(Boolean.valueOf(this.subjAltNameUriAllowed)));
        allowedKeyConfigurations.upnSanRegExs((Collection) function4.apply(Boolean.valueOf(this.subjAltNameUpnAllowed)));
        if (this.keyPair.keyAlgorithm().locked()) {
            KeyType from = KeyType.from(this.keyPair.keyAlgorithm().value());
            AllowedKeyConfiguration keySizes = new AllowedKeyConfiguration().keyType(from).keySizes(new ArrayList());
            if (KeyType.RSA.equals(from)) {
                if (this.keyPair.keySize().locked()) {
                    for (Integer num : KeyType.allSupportedKeySizes()) {
                        if (num.intValue() >= this.keyPair.keySize().value().intValue() || this.keyPair.keySize().value() == null) {
                            keySizes.keySizes().add(num);
                        }
                    }
                } else {
                    keySizes.keySizes(KeyType.allSupportedKeySizes());
                }
            } else if (this.keyPair.ellipticCurve().locked()) {
                keySizes.keyCurves().add(EllipticCurve.from(this.keyPair.ellipticCurve().value()));
            } else {
                keySizes.keyCurves(EllipticCurve.allSupportedCures());
            }
            allowedKeyConfigurations.allowedKeyConfigurations().add(keySizes);
        } else {
            allowedKeyConfigurations.allowedKeyConfigurations().add(new AllowedKeyConfiguration().keyType(KeyType.RSA).keySizes(KeyType.allSupportedKeySizes()));
            allowedKeyConfigurations.allowedKeyConfigurations().add(new AllowedKeyConfiguration().keyType(KeyType.ECDSA).keyCurves(EllipticCurve.allSupportedCures()));
        }
        allowedKeyConfigurations.allowWildcards(this.wildcardsAllowed);
        allowedKeyConfigurations.allowKeyReuse(this.privateKeyReuseAllowed);
        return allowedKeyConfigurations;
    }

    public ZoneConfiguration toZoneConfig() {
        return new ZoneConfiguration().customAttributeValues(new HashMap()).hashAlgorithm(SignatureAlgorithm.SHA256WithRSA).country(this.subject.country().value()).organization(this.subject.organization().value()).organizationalUnit(this.subject.organizationalUnit().values()).province(this.subject.state().value()).locality(this.subject.city().value());
    }

    public LockableValue<String> certificateAuthority() {
        return this.certificateAuthority;
    }

    public LockableValue<String> csrGeneration() {
        return this.csrGeneration;
    }

    public LockableValue<String> keyGeneration() {
        return this.keyGeneration;
    }

    public KeyPair keyPair() {
        return this.keyPair;
    }

    public LockableValue<String> managementType() {
        return this.managementType;
    }

    public boolean privateKeyReuseAllowed() {
        return this.privateKeyReuseAllowed;
    }

    public boolean subjAltNameDnsAllowed() {
        return this.subjAltNameDnsAllowed;
    }

    public boolean subjAltNameEmailAllowed() {
        return this.subjAltNameEmailAllowed;
    }

    public boolean subjAltNameIpAllowed() {
        return this.subjAltNameIpAllowed;
    }

    public boolean subjAltNameUpnAllowed() {
        return this.subjAltNameUpnAllowed;
    }

    public boolean subjAltNameUriAllowed() {
        return this.subjAltNameUriAllowed;
    }

    public Subject subject() {
        return this.subject;
    }

    public boolean uniqueSubjectEnforced() {
        return this.uniqueSubjectEnforced;
    }

    public Collection<String> whitelistedDomains() {
        return this.whitelistedDomains;
    }

    public boolean wildcardsAllowed() {
        return this.wildcardsAllowed;
    }

    public ServerPolicy certificateAuthority(LockableValue<String> lockableValue) {
        this.certificateAuthority = lockableValue;
        return this;
    }

    public ServerPolicy csrGeneration(LockableValue<String> lockableValue) {
        this.csrGeneration = lockableValue;
        return this;
    }

    public ServerPolicy keyGeneration(LockableValue<String> lockableValue) {
        this.keyGeneration = lockableValue;
        return this;
    }

    public ServerPolicy keyPair(KeyPair keyPair) {
        this.keyPair = keyPair;
        return this;
    }

    public ServerPolicy managementType(LockableValue<String> lockableValue) {
        this.managementType = lockableValue;
        return this;
    }

    public ServerPolicy privateKeyReuseAllowed(boolean z) {
        this.privateKeyReuseAllowed = z;
        return this;
    }

    public ServerPolicy subjAltNameDnsAllowed(boolean z) {
        this.subjAltNameDnsAllowed = z;
        return this;
    }

    public ServerPolicy subjAltNameEmailAllowed(boolean z) {
        this.subjAltNameEmailAllowed = z;
        return this;
    }

    public ServerPolicy subjAltNameIpAllowed(boolean z) {
        this.subjAltNameIpAllowed = z;
        return this;
    }

    public ServerPolicy subjAltNameUpnAllowed(boolean z) {
        this.subjAltNameUpnAllowed = z;
        return this;
    }

    public ServerPolicy subjAltNameUriAllowed(boolean z) {
        this.subjAltNameUriAllowed = z;
        return this;
    }

    public ServerPolicy subject(Subject subject) {
        this.subject = subject;
        return this;
    }

    public ServerPolicy uniqueSubjectEnforced(boolean z) {
        this.uniqueSubjectEnforced = z;
        return this;
    }

    public ServerPolicy whitelistedDomains(Collection<String> collection) {
        this.whitelistedDomains = collection;
        return this;
    }

    public ServerPolicy wildcardsAllowed(boolean z) {
        this.wildcardsAllowed = z;
        return this;
    }

    public boolean equals(Object obj) {
        if (obj == this) {
            return true;
        }
        if (!(obj instanceof ServerPolicy)) {
            return false;
        }
        ServerPolicy serverPolicy = (ServerPolicy) obj;
        if (!serverPolicy.canEqual(this)) {
            return false;
        }
        LockableValue<String> certificateAuthority = certificateAuthority();
        LockableValue<String> certificateAuthority2 = serverPolicy.certificateAuthority();
        if (certificateAuthority == null) {
            if (certificateAuthority2 != null) {
                return false;
            }
        } else if (!certificateAuthority.equals(certificateAuthority2)) {
            return false;
        }
        LockableValue<String> csrGeneration = csrGeneration();
        LockableValue<String> csrGeneration2 = serverPolicy.csrGeneration();
        if (csrGeneration == null) {
            if (csrGeneration2 != null) {
                return false;
            }
        } else if (!csrGeneration.equals(csrGeneration2)) {
            return false;
        }
        LockableValue<String> keyGeneration = keyGeneration();
        LockableValue<String> keyGeneration2 = serverPolicy.keyGeneration();
        if (keyGeneration == null) {
            if (keyGeneration2 != null) {
                return false;
            }
        } else if (!keyGeneration.equals(keyGeneration2)) {
            return false;
        }
        KeyPair keyPair = keyPair();
        KeyPair keyPair2 = serverPolicy.keyPair();
        if (keyPair == null) {
            if (keyPair2 != null) {
                return false;
            }
        } else if (!keyPair.equals(keyPair2)) {
            return false;
        }
        LockableValue<String> managementType = managementType();
        LockableValue<String> managementType2 = serverPolicy.managementType();
        if (managementType == null) {
            if (managementType2 != null) {
                return false;
            }
        } else if (!managementType.equals(managementType2)) {
            return false;
        }
        if (privateKeyReuseAllowed() != serverPolicy.privateKeyReuseAllowed() || subjAltNameDnsAllowed() != serverPolicy.subjAltNameDnsAllowed() || subjAltNameEmailAllowed() != serverPolicy.subjAltNameEmailAllowed() || subjAltNameIpAllowed() != serverPolicy.subjAltNameIpAllowed() || subjAltNameUpnAllowed() != serverPolicy.subjAltNameUpnAllowed() || subjAltNameUriAllowed() != serverPolicy.subjAltNameUriAllowed()) {
            return false;
        }
        Subject subject = subject();
        Subject subject2 = serverPolicy.subject();
        if (subject == null) {
            if (subject2 != null) {
                return false;
            }
        } else if (!subject.equals(subject2)) {
            return false;
        }
        if (uniqueSubjectEnforced() != serverPolicy.uniqueSubjectEnforced()) {
            return false;
        }
        Collection<String> whitelistedDomains = whitelistedDomains();
        Collection<String> whitelistedDomains2 = serverPolicy.whitelistedDomains();
        if (whitelistedDomains == null) {
            if (whitelistedDomains2 != null) {
                return false;
            }
        } else if (!whitelistedDomains.equals(whitelistedDomains2)) {
            return false;
        }
        return wildcardsAllowed() == serverPolicy.wildcardsAllowed();
    }

    protected boolean canEqual(Object obj) {
        return obj instanceof ServerPolicy;
    }

    public int hashCode() {
        LockableValue<String> certificateAuthority = certificateAuthority();
        int hashCode = (1 * 59) + (certificateAuthority == null ? 43 : certificateAuthority.hashCode());
        LockableValue<String> csrGeneration = csrGeneration();
        int hashCode2 = (hashCode * 59) + (csrGeneration == null ? 43 : csrGeneration.hashCode());
        LockableValue<String> keyGeneration = keyGeneration();
        int hashCode3 = (hashCode2 * 59) + (keyGeneration == null ? 43 : keyGeneration.hashCode());
        KeyPair keyPair = keyPair();
        int hashCode4 = (hashCode3 * 59) + (keyPair == null ? 43 : keyPair.hashCode());
        LockableValue<String> managementType = managementType();
        int hashCode5 = (((((((((((((hashCode4 * 59) + (managementType == null ? 43 : managementType.hashCode())) * 59) + (privateKeyReuseAllowed() ? 79 : 97)) * 59) + (subjAltNameDnsAllowed() ? 79 : 97)) * 59) + (subjAltNameEmailAllowed() ? 79 : 97)) * 59) + (subjAltNameIpAllowed() ? 79 : 97)) * 59) + (subjAltNameUpnAllowed() ? 79 : 97)) * 59) + (subjAltNameUriAllowed() ? 79 : 97);
        Subject subject = subject();
        int hashCode6 = (((hashCode5 * 59) + (subject == null ? 43 : subject.hashCode())) * 59) + (uniqueSubjectEnforced() ? 79 : 97);
        Collection<String> whitelistedDomains = whitelistedDomains();
        return (((hashCode6 * 59) + (whitelistedDomains == null ? 43 : whitelistedDomains.hashCode())) * 59) + (wildcardsAllowed() ? 79 : 97);
    }

    public String toString() {
        return "ServerPolicy(certificateAuthority=" + certificateAuthority() + ", csrGeneration=" + csrGeneration() + ", keyGeneration=" + keyGeneration() + ", keyPair=" + keyPair() + ", managementType=" + managementType() + ", privateKeyReuseAllowed=" + privateKeyReuseAllowed() + ", subjAltNameDnsAllowed=" + subjAltNameDnsAllowed() + ", subjAltNameEmailAllowed=" + subjAltNameEmailAllowed() + ", subjAltNameIpAllowed=" + subjAltNameIpAllowed() + ", subjAltNameUpnAllowed=" + subjAltNameUpnAllowed() + ", subjAltNameUriAllowed=" + subjAltNameUriAllowed() + ", subject=" + subject() + ", uniqueSubjectEnforced=" + uniqueSubjectEnforced() + ", whitelistedDomains=" + whitelistedDomains() + ", wildcardsAllowed=" + wildcardsAllowed() + ")";
    }

    public ServerPolicy() {
    }

    public ServerPolicy(LockableValue<String> lockableValue, LockableValue<String> lockableValue2, LockableValue<String> lockableValue3, KeyPair keyPair, LockableValue<String> lockableValue4, boolean z, boolean z2, boolean z3, boolean z4, boolean z5, boolean z6, Subject subject, boolean z7, Collection<String> collection, boolean z8) {
        this.certificateAuthority = lockableValue;
        this.csrGeneration = lockableValue2;
        this.keyGeneration = lockableValue3;
        this.keyPair = keyPair;
        this.managementType = lockableValue4;
        this.privateKeyReuseAllowed = z;
        this.subjAltNameDnsAllowed = z2;
        this.subjAltNameEmailAllowed = z3;
        this.subjAltNameIpAllowed = z4;
        this.subjAltNameUpnAllowed = z5;
        this.subjAltNameUriAllowed = z6;
        this.subject = subject;
        this.uniqueSubjectEnforced = z7;
        this.whitelistedDomains = collection;
        this.wildcardsAllowed = z8;
    }
}
