package org.xipki.ca.server.mgmt;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.Iterator;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xipki.ca.api.mgmt.CaMgmtException;
import org.xipki.ca.api.mgmt.entry.SignerEntry;
import org.xipki.ca.server.CaInfo;
import org.xipki.ca.server.CaUtil;
import org.xipki.ca.server.SignerEntryWrapper;
import org.xipki.pkcs11.wrapper.TokenException;
import org.xipki.security.XiSecurityException;
import org.xipki.security.pkcs11.P11CryptService;
import org.xipki.security.pkcs11.P11Module;
import org.xipki.security.pkcs11.P11Slot;
import org.xipki.security.pkcs11.P11SlotId;
import org.xipki.util.Args;
import org.xipki.util.StringUtil;
import org.xipki.util.exception.ObjectCreationException;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:WEB-INF/lib/ca-server-6.4.0.jar:org/xipki/ca/server/mgmt/SignerManager.class */
public class SignerManager {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) SignerManager.class);
    private boolean signerInitialized;
    private final CaManagerImpl manager;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SignerManager(CaManagerImpl caManagerImpl) {
        this.manager = caManagerImpl;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void reset() {
        this.signerInitialized = false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void initSigners() throws CaMgmtException {
        if (this.signerInitialized) {
            return;
        }
        this.manager.signerDbEntries.clear();
        this.manager.signers.clear();
        for (String str : this.manager.queryExecutor.namesFromTable("SIGNER")) {
            SignerEntry createSigner = this.manager.queryExecutor.createSigner(str);
            createSigner.setConfFaulty(true);
            this.manager.signerDbEntries.put(str, createSigner);
            SignerEntryWrapper createSigner2 = createSigner(createSigner);
            createSigner.setConfFaulty(false);
            this.manager.signers.put(str, createSigner2);
            LOG.info("loaded signer {}", str);
        }
        this.signerInitialized = true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addSigner(SignerEntry signerEntry) throws CaMgmtException {
        this.manager.assertMasterMode();
        String name = ((SignerEntry) Args.notNull(signerEntry, "signerEntry")).getName();
        CaManagerImpl.checkName(name, "signer name");
        if (this.manager.signerDbEntries.containsKey(name)) {
            throw new CaMgmtException(StringUtil.concat("Signer named ", name, " exists"));
        }
        String conf = signerEntry.getConf();
        if (conf != null) {
            String canonicalizeSignerConf = CaUtil.canonicalizeSignerConf(conf);
            if (!conf.equals(canonicalizeSignerConf)) {
                signerEntry.setConf(canonicalizeSignerConf);
            }
        }
        SignerEntryWrapper createSigner = createSigner(signerEntry);
        this.manager.queryExecutor.addSigner(signerEntry);
        this.manager.signers.put(name, createSigner);
        this.manager.signerDbEntries.put(name, signerEntry);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void removeSigner(String str) throws CaMgmtException {
        this.manager.assertMasterMode();
        String nonBlankLower = Args.toNonBlankLower(str, "name");
        if (!this.manager.queryExecutor.deleteRowWithName(nonBlankLower, "SIGNER")) {
            throw new CaMgmtException("unknown signer " + nonBlankLower);
        }
        Iterator<String> it = this.manager.caInfos.keySet().iterator();
        while (it.hasNext()) {
            CaInfo caInfo = this.manager.caInfos.get(it.next());
            if (nonBlankLower.equals(caInfo.getCrlSignerName())) {
                caInfo.setCrlSignerName(null);
            }
        }
        this.manager.signerDbEntries.remove(nonBlankLower);
        this.manager.signers.remove(nonBlankLower);
        LOG.info("removed signer '{}'", nonBlankLower);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void changeSigner(String str, String str2, String str3, String str4) throws CaMgmtException {
        this.manager.assertMasterMode();
        String nonBlankLower = Args.toNonBlankLower(str, "name");
        if (str2 == null && str3 == null && str4 == null) {
            throw new IllegalArgumentException("nothing to change");
        }
        if (str2 != null) {
            str2 = str2.toLowerCase();
        }
        SignerEntryWrapper changeSigner = this.manager.queryExecutor.changeSigner(nonBlankLower, str2, str3, str4, this.manager);
        this.manager.signers.remove(nonBlankLower);
        this.manager.signerDbEntries.remove(nonBlankLower);
        this.manager.signerDbEntries.put(nonBlankLower, changeSigner.getDbEntry());
        this.manager.signers.put(nonBlankLower, changeSigner);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SignerEntryWrapper createSigner(SignerEntry signerEntry) throws CaMgmtException {
        Args.notNull(signerEntry, "entry");
        SignerEntryWrapper signerEntryWrapper = new SignerEntryWrapper();
        signerEntryWrapper.setDbEntry(signerEntry);
        try {
            signerEntryWrapper.initSigner(this.manager.securityFactory);
            return signerEntryWrapper;
        } catch (ObjectCreationException e) {
            LOG.debug("error createSigner", (Throwable) e);
            throw new CaMgmtException(e.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getTokenInfoP11(String str, Integer num, boolean z) throws CaMgmtException {
        StringBuilder sb = new StringBuilder();
        try {
            P11CryptService p11CryptService = this.manager.p11CryptServiceFactory.getP11CryptService(str);
            if (p11CryptService == null) {
                throw new CaMgmtException("undefined module " + str);
            }
            P11Module module = p11CryptService.getModule();
            sb.append("module: ").append(str).append("\n");
            sb.append(module.getDescription()).append("\n");
            List<P11SlotId> slotIds = module.getSlotIds();
            if (num == null) {
                output(sb, slotIds);
            } else {
                P11Slot slot = module.getSlot(module.getSlotIdForIndex(num.intValue()));
                sb.append("Details of slot\n");
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                try {
                    slot.showDetails(byteArrayOutputStream, null, z);
                    byteArrayOutputStream.flush();
                    sb.append(StringUtil.toUtf8String(byteArrayOutputStream.toByteArray())).append("\n");
                    byteArrayOutputStream.close();
                } finally {
                }
            }
            return sb.toString();
        } catch (TokenException | IOException | XiSecurityException e) {
            throw new CaMgmtException((Throwable) e);
        }
    }

    private void output(StringBuilder sb, List<P11SlotId> list) {
        int size = list.size();
        if (size == 0 || size == 1) {
            sb.append(size == 0 ? "no" : "1").append(" slot is configured\n");
        } else {
            sb.append(size).append(" slots are configured\n");
        }
        for (P11SlotId p11SlotId : list) {
            sb.append("\tslot[").append(p11SlotId.getIndex()).append("]: ").append(p11SlotId.getId()).append("\n");
        }
    }
}
