package org.xipki.qa.ca;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.parser.Feature;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Paths;
import java.security.cert.CertificateException;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.atomic.AtomicBoolean;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xipki.ca.api.profile.CertprofileException;
import org.xipki.qa.ca.QaconfType;
import org.xipki.util.Args;
import org.xipki.util.LogUtil;
import org.xipki.util.StringUtil;

/* loaded from: input_file:org/xipki/qa/ca/CaQaSystemManagerImpl.class */
public class CaQaSystemManagerImpl implements CaQaSystemManager {
    private static final Logger LOG = LoggerFactory.getLogger(CaQaSystemManagerImpl.class);
    private String confFile;
    private Map<String, CertprofileQa> x509ProfileMap = new HashMap();
    private Map<String, IssuerInfo> x509IssuerInfoMap = new HashMap();
    private AtomicBoolean initialized = new AtomicBoolean(false);

    public String getConfFile() {
        return this.confFile;
    }

    public void setConfFile(String str) {
        this.confFile = Args.notBlank(str, "confFile");
    }

    @Override // org.xipki.qa.ca.CaQaSystemManager
    public boolean init() {
        boolean z;
        if (StringUtil.isBlank(this.confFile)) {
            throw new IllegalStateException("confFile may not be null and empty");
        }
        LOG.info("initializing ...");
        this.initialized.set(false);
        this.x509IssuerInfoMap.clear();
        try {
            QaconfType qaconfType = (QaconfType) JSON.parseObject(Files.newInputStream(Paths.get(this.confFile, new String[0]), new OpenOption[0]), QaconfType.class, new Feature[0]);
            for (QaconfType.Issuer issuer : qaconfType.getIssuers()) {
                try {
                    byte[] readContent = issuer.getCert().readContent();
                    String validityMode = issuer.getValidityMode();
                    if (StringUtil.isBlank(validityMode) || "CUTOFF".equalsIgnoreCase(validityMode)) {
                        z = true;
                    } else {
                        if (!"LAX".equalsIgnoreCase(validityMode)) {
                            LOG.error("invalid validityMode {}", validityMode);
                            return false;
                        }
                        z = false;
                    }
                    try {
                        this.x509IssuerInfoMap.put(issuer.getName(), new IssuerInfo(issuer.getCaIssuerUrls(), issuer.getOcspUrls(), issuer.getCrlUrls(), issuer.getDeltaCrlUrls(), readContent, z));
                        LOG.info("configured X509 issuer {}", issuer.getName());
                    } catch (CertificateException e) {
                        LogUtil.error(LOG, e, "could not parse certificate of issuer " + issuer.getName());
                    }
                } catch (IOException e2) {
                    LogUtil.error(LOG, e2, "could not read the certificate bytes of issuer " + issuer.getName());
                }
            }
            for (QaconfType.Certprofile certprofile : qaconfType.getCertprofiles()) {
                String name = certprofile.getName();
                try {
                    this.x509ProfileMap.put(name, new CertprofileQa(certprofile.readContent()));
                    LOG.info("configured X509 certificate profile {}", name);
                } catch (IOException | CertprofileException e3) {
                    LogUtil.error(LOG, e3, "could not parse QA certificate profile " + name);
                }
            }
            this.initialized.set(true);
            LOG.info("initialized");
            return true;
        } catch (Exception e4) {
            LogUtil.error(LOG, e4, "could not parse the QA configuration");
            return false;
        }
    }

    @Override // java.io.Closeable, java.lang.AutoCloseable
    public void close() {
    }

    @Override // org.xipki.qa.ca.CaQaSystemManager
    public Set<String> getIssuerNames() {
        assertInitialized();
        return Collections.unmodifiableSet(this.x509IssuerInfoMap.keySet());
    }

    @Override // org.xipki.qa.ca.CaQaSystemManager
    public IssuerInfo getIssuer(String str) {
        assertInitialized();
        return this.x509IssuerInfoMap.get(Args.notNull(str, "issuerName"));
    }

    @Override // org.xipki.qa.ca.CaQaSystemManager
    public Set<String> getCertprofileNames() {
        assertInitialized();
        return Collections.unmodifiableSet(this.x509ProfileMap.keySet());
    }

    @Override // org.xipki.qa.ca.CaQaSystemManager
    public CertprofileQa getCertprofile(String str) {
        assertInitialized();
        return this.x509ProfileMap.get(Args.notNull(str, "certprofileName"));
    }

    private void assertInitialized() {
        if (!this.initialized.get()) {
            init();
        }
        if (!this.initialized.get()) {
            throw new IllegalStateException("Could not start CaQaSystemManager.");
        }
    }
}
