package org.xipki.ca.server;

import java.io.File;
import java.io.IOException;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.xipki.audit.Audits;
import org.xipki.datasource.DataSourceConf;
import org.xipki.security.Securities;
import org.xipki.security.util.JSON;
import org.xipki.util.Args;
import org.xipki.util.FileOrBinary;
import org.xipki.util.ValidatableConf;
import org.xipki.util.exception.InvalidConfException;
import org.xipki.util.exception.ObjectCreationException;
import org.xipki.util.http.SslContextConf;

/* loaded from: input_file:WEB-INF/lib/ca-server-6.4.0.jar:org/xipki/ca/server/CaServerConf.class */
public class CaServerConf extends ValidatableConf {
    private Audits.AuditConf audit;
    private Securities.SecurityConf security;
    private RemoteMgmt remoteMgmt;
    private boolean logReqResp;
    private List<DataSourceConf> datasources;
    private List<SslContext> sslContexts;
    private CtLogConf ctLog;
    private List<String> certprofileFactories;
    private boolean master = true;
    private boolean noLock = false;
    private boolean noRA = false;
    private int shardId = 0;
    private final Map<String, SslContextConf> sslContextConfMap = new HashMap();

    /* loaded from: input_file:WEB-INF/lib/ca-server-6.4.0.jar:org/xipki/ca/server/CaServerConf$CtLogConf.class */
    public static class CtLogConf {
        private String keydir;

        public String getKeydir() {
            return this.keydir;
        }

        public void setKeydir(String str) {
            this.keydir = str;
        }
    }

    /* loaded from: input_file:WEB-INF/lib/ca-server-6.4.0.jar:org/xipki/ca/server/CaServerConf$RemoteMgmt.class */
    public static class RemoteMgmt extends ValidatableConf {
        private boolean enabled;
        private List<FileOrBinary> certs;

        public boolean isEnabled() {
            return this.enabled;
        }

        public void setEnabled(boolean z) {
            this.enabled = z;
        }

        public List<FileOrBinary> getCerts() {
            return this.certs;
        }

        public void setCerts(List<FileOrBinary> list) {
            this.certs = list;
        }

        @Override // org.xipki.util.ValidatableConf
        public void validate() {
        }
    }

    /* loaded from: input_file:WEB-INF/lib/ca-server-6.4.0.jar:org/xipki/ca/server/CaServerConf$SslContext.class */
    public static class SslContext extends ValidatableConf {
        private String name;
        private FileOrBinary[] trustanchors;
        private String hostverifier;

        public String getName() {
            return this.name;
        }

        public void setName(String str) {
            this.name = str;
        }

        public FileOrBinary[] getTrustanchors() {
            return this.trustanchors;
        }

        public void setTrustanchors(FileOrBinary[] fileOrBinaryArr) {
            this.trustanchors = fileOrBinaryArr;
        }

        public String getHostverifier() {
            return this.hostverifier;
        }

        public void setHostverifier(String str) {
            this.hostverifier = str;
        }

        @Override // org.xipki.util.ValidatableConf
        public void validate() throws InvalidConfException {
            notBlank(this.name, "name");
        }
    }

    public static CaServerConf readConfFromFile(String str) throws IOException, InvalidConfException {
        Args.notBlank(str, "fileName");
        CaServerConf caServerConf = (CaServerConf) JSON.parseObject(new File(str), CaServerConf.class);
        caServerConf.validate();
        return caServerConf;
    }

    public boolean isMaster() {
        return this.master;
    }

    public void setMaster(boolean z) {
        this.master = z;
    }

    public boolean isNoLock() {
        return this.noLock;
    }

    public void setNoLock(boolean z) {
        this.noLock = z;
    }

    public boolean isNoRA() {
        return this.noRA;
    }

    public void setNoRA(boolean z) {
        this.noRA = z;
    }

    public boolean isLogReqResp() {
        return this.logReqResp;
    }

    public void setLogReqResp(boolean z) {
        this.logReqResp = z;
    }

    public int getShardId() {
        return this.shardId;
    }

    public void setShardId(int i) {
        this.shardId = i;
    }

    public List<DataSourceConf> getDatasources() {
        return this.datasources;
    }

    public void setDatasources(List<DataSourceConf> list) {
        this.datasources = list;
    }

    public List<SslContext> getSslContexts() {
        return this.sslContexts;
    }

    public void setSslContexts(List<SslContext> list) {
        this.sslContexts = list;
    }

    public SslContext getSslContext(String str) {
        if (this.sslContexts == null) {
            return null;
        }
        for (SslContext sslContext : this.sslContexts) {
            if (sslContext.getName().equals(str)) {
                return sslContext;
            }
        }
        return null;
    }

    public Audits.AuditConf getAudit() {
        return this.audit == null ? Audits.AuditConf.DEFAULT : this.audit;
    }

    public void setAudit(Audits.AuditConf auditConf) {
        this.audit = auditConf;
    }

    public Securities.SecurityConf getSecurity() {
        return this.security == null ? Securities.SecurityConf.DEFAULT : this.security;
    }

    public void setSecurity(Securities.SecurityConf securityConf) {
        this.security = securityConf;
    }

    public RemoteMgmt getRemoteMgmt() {
        return this.remoteMgmt;
    }

    public void setRemoteMgmt(RemoteMgmt remoteMgmt) {
        this.remoteMgmt = remoteMgmt;
    }

    public List<String> getCertprofileFactories() {
        return this.certprofileFactories;
    }

    public void setCertprofileFactories(List<String> list) {
        this.certprofileFactories = list;
    }

    public CtLogConf getCtLog() {
        return this.ctLog;
    }

    public void setCtLog(CtLogConf ctLogConf) {
        this.ctLog = ctLogConf;
    }

    public void initSsl() {
        if (this.sslContexts == null || this.sslContexts.isEmpty() || !this.sslContextConfMap.isEmpty()) {
            return;
        }
        for (SslContext sslContext : this.sslContexts) {
            SslContextConf sslContextConf = new SslContextConf();
            sslContextConf.setSslHostnameVerifier(sslContext.getHostverifier());
            sslContextConf.setSslTrustanchors(sslContext.trustanchors);
            try {
                sslContextConf.getSslContext();
                this.sslContextConfMap.put(sslContext.getName(), sslContextConf);
            } catch (ObjectCreationException e) {
                throw new RuntimeException(e);
            }
        }
    }

    public SslContextConf getSslContextConf(String str) {
        return this.sslContextConfMap.get(str);
    }

    @Override // org.xipki.util.ValidatableConf
    public void validate() throws InvalidConfException {
        if (this.shardId < 0 || this.shardId > 127) {
            throw new InvalidConfException("shardId is not in [0, 127]");
        }
        notEmpty(this.datasources, "datasources");
        validate(this.remoteMgmt, this.security);
    }
}
