package org.xipki.ca.gateway;

import java.io.IOException;
import java.util.HashMap;
import java.util.Iterator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xipki.audit.Audits;
import org.xipki.ca.gateway.conf.CaNameSignerConf;
import org.xipki.ca.gateway.conf.CaNameSignersConf;
import org.xipki.ca.gateway.conf.CaProfilesControl;
import org.xipki.ca.gateway.conf.ProtocolProxyConf;
import org.xipki.ca.gateway.conf.SignerConf;
import org.xipki.ca.sdk.SdkClient;
import org.xipki.security.ConcurrentContentSigner;
import org.xipki.security.Securities;
import org.xipki.security.X509Cert;
import org.xipki.security.util.X509Util;
import org.xipki.util.StringUtil;
import org.xipki.util.XipkiBaseDir;
import org.xipki.util.exception.InvalidConfException;
import org.xipki.util.exception.ObjectCreationException;

/* loaded from: input_file:WEB-INF/lib/gateway-common-6.4.0.jar:org/xipki/ca/gateway/ProtocolProxyConfWrapper.class */
public class ProtocolProxyConfWrapper {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) ProtocolProxyConfWrapper.class);
    private final Securities securities;
    private final boolean logReqResp;
    private final SdkClient sdkClient;
    private final CaNameSigners signers;
    private final RequestorAuthenticator authenticator;
    private final PopControl popControl;
    private final CaProfilesControl caProfiles;

    public ProtocolProxyConfWrapper(ProtocolProxyConf protocolProxyConf) throws InvalidConfException, ObjectCreationException {
        XipkiBaseDir.init();
        this.logReqResp = protocolProxyConf.isLogReqResp();
        LOG.info("logReqResp: {}", Boolean.valueOf(this.logReqResp));
        Audits.AuditConf audit = protocolProxyConf.getAudit();
        String type = audit.getType();
        type = StringUtil.isBlank(type) ? "embed" : type;
        this.securities = new Securities();
        try {
            this.securities.init(protocolProxyConf.getSecurity());
            Audits.init(type, audit.getConf(), this.securities.getSecurityFactory().getPasswordResolver());
            if (Audits.getAuditService() == null) {
                throw new InvalidConfException("could not AuditService");
            }
            String authenticator = protocolProxyConf.getAuthenticator();
            if (authenticator == null) {
                this.authenticator = null;
            } else {
                try {
                    this.authenticator = (RequestorAuthenticator) Class.forName(authenticator).getConstructor(new Class[0]).newInstance(new Object[0]);
                } catch (Exception e) {
                    String str = "could not load RequestorAuthenticator " + authenticator;
                    LOG.error(str, (Throwable) e);
                    throw new InvalidConfException(str);
                }
            }
            this.popControl = new PopControl(protocolProxyConf.getPop());
            this.caProfiles = new CaProfilesControl(protocolProxyConf.getCaProfiles());
            this.sdkClient = new SdkClient(protocolProxyConf.getSdkClient());
            CaNameSignersConf signers = protocolProxyConf.getSigners();
            if (signers == null) {
                this.signers = null;
                return;
            }
            ConcurrentContentSigner buildSigner = buildSigner(signers.getDefault());
            CaNameSignerConf[] signers2 = signers.getSigners();
            HashMap hashMap = null;
            if (signers2 != null && signers2.length > 0) {
                hashMap = new HashMap();
                for (CaNameSignerConf caNameSignerConf : signers2) {
                    ConcurrentContentSigner buildSigner2 = buildSigner(caNameSignerConf.getSigner());
                    Iterator<String> it = caNameSignerConf.getNames().iterator();
                    while (it.hasNext()) {
                        hashMap.put(it.next(), buildSigner2);
                    }
                }
            }
            this.signers = new CaNameSigners(buildSigner, hashMap);
        } catch (IOException e2) {
            throw new InvalidConfException("could not initialize Securities", e2);
        }
    }

    private ConcurrentContentSigner buildSigner(SignerConf signerConf) throws InvalidConfException, ObjectCreationException {
        if (signerConf == null) {
            return null;
        }
        return this.securities.getSecurityFactory().createSigner(signerConf.getType(), new org.xipki.security.SignerConf(signerConf.getConf()), (X509Cert[]) X509Util.parseCerts(signerConf.getCerts()).toArray(new X509Cert[0]));
    }

    public Securities getSecurities() {
        return this.securities;
    }

    public boolean isLogReqResp() {
        return this.logReqResp;
    }

    public SdkClient getSdkClient() {
        return this.sdkClient;
    }

    public CaNameSigners getSigners() {
        return this.signers;
    }

    public RequestorAuthenticator getAuthenticator() {
        return this.authenticator;
    }

    public PopControl getPopControl() {
        return this.popControl;
    }

    public CaProfilesControl getCaProfiles() {
        return this.caProfiles;
    }

    public void destroy() {
        if (this.securities != null) {
            this.securities.close();
        }
    }
}
