package org.jivesoftware.openfire.keystore;

import java.io.File;
import java.io.IOException;
import java.util.Iterator;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import org.jivesoftware.openfire.XMPPServer;
import org.jivesoftware.openfire.container.BasicModule;
import org.jivesoftware.openfire.spi.ConnectionListener;
import org.jivesoftware.openfire.spi.ConnectionManagerImpl;
import org.jivesoftware.openfire.spi.ConnectionType;
import org.jivesoftware.util.JiveGlobals;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/jivesoftware/openfire/keystore/CertificateStoreManager.class */
public class CertificateStoreManager extends BasicModule {
    private static final Logger Log = LoggerFactory.getLogger(CertificateStoreManager.class);
    private final ConcurrentMap<ConnectionType, CertificateStoreConfiguration> typeToTrustStore;
    private final ConcurrentMap<ConnectionType, CertificateStoreConfiguration> typeToIdentityStore;
    private final ConcurrentMap<CertificateStoreConfiguration, IdentityStore> identityStores;
    private final ConcurrentMap<CertificateStoreConfiguration, TrustStore> trustStores;
    private CertificateStoreWatcher storeWatcher;

    public CertificateStoreManager() {
        super("Certificate Store Manager");
        this.typeToTrustStore = new ConcurrentHashMap();
        this.typeToIdentityStore = new ConcurrentHashMap();
        this.identityStores = new ConcurrentHashMap();
        this.trustStores = new ConcurrentHashMap();
    }

    @Override // org.jivesoftware.openfire.container.BasicModule, org.jivesoftware.openfire.container.Module
    public synchronized void initialize(XMPPServer xMPPServer) {
        super.initialize(xMPPServer);
        this.storeWatcher = new CertificateStoreWatcher();
        for (ConnectionType connectionType : ConnectionType.values()) {
            try {
                Log.debug("(identity store for connection type '{}') Initializing store...", connectionType);
                CertificateStoreConfiguration identityStoreConfiguration = getIdentityStoreConfiguration(connectionType);
                if (!this.identityStores.containsKey(identityStoreConfiguration)) {
                    IdentityStore identityStore = new IdentityStore(identityStoreConfiguration, false);
                    this.identityStores.put(identityStoreConfiguration, identityStore);
                    this.storeWatcher.watch(identityStore);
                }
                this.typeToIdentityStore.put(connectionType, identityStoreConfiguration);
            } catch (IOException | CertificateStoreConfigException e) {
                Log.warn("(identity store for connection type '{}') Unable to instantiate store ", connectionType, e);
            }
            try {
                Log.debug("(trust store for connection type '{}') Initializing store...", connectionType);
                CertificateStoreConfiguration trustStoreConfiguration = getTrustStoreConfiguration(connectionType);
                if (!this.trustStores.containsKey(trustStoreConfiguration)) {
                    TrustStore trustStore = new TrustStore(trustStoreConfiguration, false);
                    this.trustStores.put(trustStoreConfiguration, trustStore);
                    this.storeWatcher.watch(trustStore);
                }
                this.typeToTrustStore.put(connectionType, trustStoreConfiguration);
            } catch (IOException | CertificateStoreConfigException e2) {
                Log.warn("(trust store for connection type '{}') Unable to instantiate store ", connectionType, e2);
            }
        }
    }

    @Override // org.jivesoftware.openfire.container.BasicModule, org.jivesoftware.openfire.container.Module
    public synchronized void destroy() {
        this.storeWatcher.destroy();
        this.typeToIdentityStore.clear();
        this.typeToTrustStore.clear();
        this.identityStores.clear();
        this.trustStores.clear();
        super.destroy();
    }

    public IdentityStore getIdentityStore(ConnectionType connectionType) {
        CertificateStoreConfiguration certificateStoreConfiguration = this.typeToIdentityStore.get(connectionType);
        if (certificateStoreConfiguration == null) {
            return null;
        }
        return this.identityStores.get(certificateStoreConfiguration);
    }

    public TrustStore getTrustStore(ConnectionType connectionType) {
        CertificateStoreConfiguration certificateStoreConfiguration = this.typeToTrustStore.get(connectionType);
        if (certificateStoreConfiguration == null) {
            return null;
        }
        return this.trustStores.get(certificateStoreConfiguration);
    }

    public void replaceIdentityStore(ConnectionType connectionType, CertificateStoreConfiguration certificateStoreConfiguration, boolean z) throws CertificateStoreConfigException {
        IdentityStore remove;
        if (connectionType == null) {
            throw new IllegalArgumentException("Argument 'type' cannot be null.");
        }
        if (certificateStoreConfiguration == null) {
            throw new IllegalArgumentException("Argument 'configuration' cannot be null.");
        }
        CertificateStoreConfiguration certificateStoreConfiguration2 = this.typeToIdentityStore.get(connectionType);
        if (certificateStoreConfiguration2 == null || !certificateStoreConfiguration2.equals(certificateStoreConfiguration)) {
            if (!this.identityStores.containsKey(certificateStoreConfiguration)) {
                IdentityStore identityStore = new IdentityStore(certificateStoreConfiguration, z);
                this.identityStores.put(certificateStoreConfiguration, identityStore);
                this.storeWatcher.watch(identityStore);
            }
            this.typeToIdentityStore.put(connectionType, certificateStoreConfiguration);
            if (certificateStoreConfiguration2 != null && !this.typeToIdentityStore.containsValue(certificateStoreConfiguration2) && (remove = this.identityStores.remove(certificateStoreConfiguration2)) != null) {
                this.storeWatcher.unwatch(remove);
            }
            Iterator<ConnectionListener> it = ((ConnectionManagerImpl) XMPPServer.getInstance().getConnectionManager()).getListeners(connectionType).iterator();
            while (it.hasNext()) {
                try {
                    it.next().setIdentityStoreConfiguration(certificateStoreConfiguration);
                } catch (RuntimeException e) {
                    Log.warn("An exception occurred while trying to update the identity store configuration for connection type '" + connectionType + "'", e);
                }
            }
        }
        JiveGlobals.setProperty(connectionType.getPrefix() + "keystore", certificateStoreConfiguration.getFile().getPath());
        JiveGlobals.setProperty(connectionType.getPrefix() + "keypass", new String(certificateStoreConfiguration.getPassword()));
    }

    public void replaceTrustStore(ConnectionType connectionType, CertificateStoreConfiguration certificateStoreConfiguration, boolean z) throws CertificateStoreConfigException {
        TrustStore remove;
        if (connectionType == null) {
            throw new IllegalArgumentException("Argument 'type' cannot be null.");
        }
        if (certificateStoreConfiguration == null) {
            throw new IllegalArgumentException("Argument 'configuration' cannot be null.");
        }
        CertificateStoreConfiguration certificateStoreConfiguration2 = this.typeToTrustStore.get(connectionType);
        if (certificateStoreConfiguration2 == null || !certificateStoreConfiguration2.equals(certificateStoreConfiguration)) {
            if (!this.trustStores.containsKey(certificateStoreConfiguration)) {
                TrustStore trustStore = new TrustStore(certificateStoreConfiguration, z);
                this.trustStores.put(certificateStoreConfiguration, trustStore);
                this.storeWatcher.watch(trustStore);
            }
            this.typeToTrustStore.put(connectionType, certificateStoreConfiguration);
            if (certificateStoreConfiguration2 != null && !this.typeToTrustStore.containsValue(certificateStoreConfiguration2) && (remove = this.trustStores.remove(certificateStoreConfiguration2)) != null) {
                this.storeWatcher.unwatch(remove);
            }
            Iterator<ConnectionListener> it = ((ConnectionManagerImpl) XMPPServer.getInstance().getConnectionManager()).getListeners(connectionType).iterator();
            while (it.hasNext()) {
                try {
                    it.next().setTrustStoreConfiguration(certificateStoreConfiguration);
                } catch (RuntimeException e) {
                    Log.warn("An exception occurred while trying to update the trust store configuration for connection type '" + connectionType + "'", e);
                }
            }
        }
        JiveGlobals.setProperty(connectionType.getPrefix() + "truststore", certificateStoreConfiguration.getFile().getPath());
        JiveGlobals.setProperty(connectionType.getPrefix() + "trustpass", new String(certificateStoreConfiguration.getPassword()));
    }

    public CertificateStoreConfiguration getIdentityStoreConfiguration(ConnectionType connectionType) throws IOException {
        return new CertificateStoreConfiguration(getKeyStoreType(connectionType), canonicalize(getIdentityStoreLocation(connectionType)), getIdentityStorePassword(connectionType).toCharArray());
    }

    public CertificateStoreConfiguration getTrustStoreConfiguration(ConnectionType connectionType) throws IOException {
        return new CertificateStoreConfiguration(getKeyStoreType(connectionType), canonicalize(getTrustStoreLocation(connectionType)), getTrustStorePassword(connectionType).toCharArray());
    }

    static String getKeyStoreType(ConnectionType connectionType) {
        String str = connectionType.getPrefix() + "storeType";
        return connectionType.getFallback() == null ? JiveGlobals.getProperty(str, "jks").trim() : JiveGlobals.getProperty(str, getKeyStoreType(connectionType.getFallback())).trim();
    }

    static void setKeyStoreType(ConnectionType connectionType, String str) {
        JiveGlobals.setProperty(connectionType.getPrefix() + "storeType", str);
        String keyStoreType = getKeyStoreType(connectionType);
        if (keyStoreType.equals(str)) {
            Log.debug("Ignoring KeyStore type change request (to '{}'): listener already in this state.", str);
        } else {
            Log.debug("Changing KeyStore type from '{}' to '{}'.", keyStoreType, str);
        }
    }

    static String getIdentityStorePassword(ConnectionType connectionType) {
        String str = connectionType.getPrefix() + "keypass";
        return connectionType.getFallback() == null ? JiveGlobals.getProperty(str, "changeit").trim() : JiveGlobals.getProperty(str, getIdentityStorePassword(connectionType.getFallback())).trim();
    }

    static String getTrustStorePassword(ConnectionType connectionType) {
        String str = connectionType.getPrefix() + "trustpass";
        return connectionType.getFallback() == null ? JiveGlobals.getProperty(str, "changeit").trim() : JiveGlobals.getProperty(str, getTrustStorePassword(connectionType.getFallback())).trim();
    }

    static String getIdentityStoreLocation(ConnectionType connectionType) {
        String str = connectionType.getPrefix() + "keystore";
        return connectionType.getFallback() == null ? JiveGlobals.getProperty(str, "resources" + File.separator + "security" + File.separator + "keystore").trim() : JiveGlobals.getProperty(str, getIdentityStoreLocation(connectionType.getFallback())).trim();
    }

    static String getTrustStoreLocation(ConnectionType connectionType) {
        String str = connectionType.getPrefix() + "truststore";
        return connectionType.getFallback() == null ? JiveGlobals.getProperty(str, "resources" + File.separator + "security" + File.separator + "truststore").trim() : JiveGlobals.getProperty(str, getTrustStoreLocation(connectionType.getFallback())).trim();
    }

    static File canonicalize(String str) throws IOException {
        File file = new File(str);
        if (!file.isAbsolute()) {
            file = new File(JiveGlobals.getHomeDirectory() + File.separator + str);
        }
        return file;
    }
}
