package org.wso2.carbon.apimgt.impl.certificatemgt;

import java.io.File;
import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.apimgt.api.dto.CertificateMetadataDTO;
import org.wso2.carbon.apimgt.impl.APIConstants;
import org.wso2.carbon.apimgt.impl.APIConsumerImpl;
import org.wso2.carbon.apimgt.impl.certificatemgt.exceptions.CertificateAliasExistsException;
import org.wso2.carbon.apimgt.impl.certificatemgt.exceptions.CertificateManagementException;
import org.wso2.carbon.apimgt.impl.certificatemgt.exceptions.EndpointForCertificateExistsException;
import org.wso2.carbon.apimgt.impl.dao.CertificateMgtDAO;
import org.wso2.carbon.apimgt.impl.utils.CertificateMgtUtils;

/* loaded from: input_file:org/wso2/carbon/apimgt/impl/certificatemgt/CertificateManagerImpl.class */
public class CertificateManagerImpl implements CertificateManager {
    private static Log log = LogFactory.getLog(CertificateManagerImpl.class);
    private static final String CARBON_HOME_STRING = "carbon.home";
    private static String CARBON_HOME = System.getProperty(CARBON_HOME_STRING);
    private static final char SEP = File.separatorChar;
    private static final String PROFILE_CONFIG = "sslprofiles.xml";
    private static String SSL_PROFILE_FILE_PATH = CARBON_HOME + SEP + "repository" + SEP + APIConstants.SWAGGER_RESOURCES + SEP + "security" + SEP + PROFILE_CONFIG;
    private static CertificateMgtDAO certificateMgtDAO = CertificateMgtDAO.getInstance();
    private static CertificateMgtUtils certificateMgtUtils = new CertificateMgtUtils();

    @Override // org.wso2.carbon.apimgt.impl.certificatemgt.CertificateManager
    public ResponseCode addCertificateToParentNode(String str, String str2, String str3, int i) {
        try {
            if (!certificateMgtDAO.addCertificate(str2, str3, i)) {
                log.error("Error persisting the certificate meta data in db. Certificate could not be added to publisher Trust Store.");
                return ResponseCode.INTERNAL_SERVER_ERROR;
            }
            ResponseCode addCertificateToTrustStore = certificateMgtUtils.addCertificateToTrustStore(str, str2);
            if (addCertificateToTrustStore.getResponseCode() == ResponseCode.INTERNAL_SERVER_ERROR.getResponseCode()) {
                log.error("Error adding the certificate to Publisher Trust Store. Rolling back...");
                certificateMgtDAO.deleteCertificate(str2, str3, i);
            } else if (addCertificateToTrustStore.getResponseCode() == ResponseCode.ALIAS_EXISTS_IN_TRUST_STORE.getResponseCode()) {
                log.error("Could not add Certificate to Trust Store. Certificate Exists. Rolling back...");
                certificateMgtDAO.deleteCertificate(str2, str3, i);
            } else if (addCertificateToTrustStore.getResponseCode() == ResponseCode.CERTIFICATE_EXPIRED.getResponseCode()) {
                log.error("Could not add Certificate. Certificate expired.");
                certificateMgtDAO.deleteCertificate(str2, str3, i);
            } else {
                log.info("Certificate is successfully added to the Publisher client Trust Store with Alias '" + str2 + "'");
            }
            return addCertificateToTrustStore;
        } catch (CertificateAliasExistsException e) {
            return ResponseCode.ALIAS_EXISTS_IN_TRUST_STORE;
        } catch (CertificateManagementException e2) {
            log.error("Error when persisting/ deleting certificate metadata. ", e2);
            return ResponseCode.INTERNAL_SERVER_ERROR;
        } catch (EndpointForCertificateExistsException e3) {
            return ResponseCode.CERTIFICATE_FOR_ENDPOINT_EXISTS;
        }
    }

    @Override // org.wso2.carbon.apimgt.impl.certificatemgt.CertificateManager
    public ResponseCode deleteCertificateFromParentNode(String str, String str2, int i) {
        try {
            if (!certificateMgtDAO.deleteCertificate(str, str2, i)) {
                log.error("Failed to remove certificate from the data base. No certificate changes will be affected.");
                return ResponseCode.INTERNAL_SERVER_ERROR;
            }
            ResponseCode removeCertificateFromTrustStore = certificateMgtUtils.removeCertificateFromTrustStore(str);
            if (removeCertificateFromTrustStore == ResponseCode.INTERNAL_SERVER_ERROR) {
                certificateMgtDAO.addCertificate(str, str2, i);
                log.error("Error removing the Certificate from Trust Store. Rolling back...");
            } else if (removeCertificateFromTrustStore.getResponseCode() == ResponseCode.CERTIFICATE_NOT_FOUND.getResponseCode()) {
                log.warn("The Certificate for Alias '" + str + "' has been previously removed from Trust Store. Hence DB entry is removed.");
            } else {
                log.info("Certificate is successfully removed from the Publisher Trust Store with Alias '" + str + "'");
            }
            return removeCertificateFromTrustStore;
        } catch (CertificateAliasExistsException e) {
            return ResponseCode.ALIAS_EXISTS_IN_TRUST_STORE;
        } catch (CertificateManagementException e2) {
            log.error("Error persisting/ deleting certificate metadata. ", e2);
            return ResponseCode.INTERNAL_SERVER_ERROR;
        } catch (EndpointForCertificateExistsException e3) {
            return ResponseCode.CERTIFICATE_FOR_ENDPOINT_EXISTS;
        }
    }

    @Override // org.wso2.carbon.apimgt.impl.certificatemgt.CertificateManager
    public boolean addCertificateToGateway(String str, String str2) {
        boolean z;
        ResponseCode addCertificateToTrustStore = certificateMgtUtils.addCertificateToTrustStore(str, str2);
        if (addCertificateToTrustStore == ResponseCode.ALIAS_EXISTS_IN_TRUST_STORE) {
            log.info("The Alias '" + str2 + "' exists in the Gateway Trust Store.");
            z = true;
        } else {
            z = addCertificateToTrustStore != ResponseCode.INTERNAL_SERVER_ERROR;
        }
        boolean z2 = z && touchConfigFile();
        if (z2) {
            log.info("The certificate with Alias '" + str2 + "' is successfully added to the Gateway Trust Store.");
        } else {
            log.error("Error adding the certificate with Alias '" + str2 + "' to the Gateway Trust Store");
        }
        return z2;
    }

    @Override // org.wso2.carbon.apimgt.impl.certificatemgt.CertificateManager
    public boolean deleteCertificateFromGateway(String str) {
        if (certificateMgtUtils.removeCertificateFromTrustStore(str) != ResponseCode.INTERNAL_SERVER_ERROR) {
            log.info("The certificate with Alias '" + str + "' is successfully removed from the Gateway Trust Store.");
            return touchConfigFile();
        }
        log.error("Error removing the certificate with Alias '" + str + "' from the Gateway Trust Store.");
        return false;
    }

    @Override // org.wso2.carbon.apimgt.impl.certificatemgt.CertificateManager
    public boolean isConfigured() {
        try {
            return new File(SSL_PROFILE_FILE_PATH).exists() && certificateMgtDAO.isTableExists();
        } catch (CertificateManagementException e) {
            log.error("Error retrieving database metadata. ", e);
            return false;
        }
    }

    @Override // org.wso2.carbon.apimgt.impl.certificatemgt.CertificateManager
    public CertificateMetadataDTO getCertificate(String str, int i) {
        CertificateMetadataDTO certificateMetadataDTO = null;
        try {
            certificateMetadataDTO = certificateMgtDAO.getCertificate(APIConsumerImpl.EMPTY_STRING, str, i);
        } catch (CertificateManagementException e) {
            log.error("Error when retrieving certificate metadata for endpoint '" + str + "'", e);
        }
        return certificateMetadataDTO;
    }

    @Override // org.wso2.carbon.apimgt.impl.certificatemgt.CertificateManager
    public List<CertificateMetadataDTO> getCertificates(int i) {
        List<CertificateMetadataDTO> list = null;
        try {
            list = certificateMgtDAO.getCertificates(i);
        } catch (CertificateManagementException e) {
            log.error("Error retrieving certificates for the tenantId '" + i + "' ", e);
        }
        return list;
    }

    private boolean touchConfigFile() {
        boolean z = false;
        File file = new File(SSL_PROFILE_FILE_PATH);
        if (file.exists()) {
            z = file.setLastModified(System.currentTimeMillis());
            if (z) {
                log.info("The Transport Sender will be re-initialized in few minutes.");
            } else {
                if (log.isDebugEnabled()) {
                    log.debug("Error when modifying the sslprofiles.xml file");
                }
                log.error("Could not modify the file 'sslprofiles.xml'");
            }
        } else {
            if (log.isDebugEnabled()) {
                log.debug("sslprofiles.xml file not found.");
            }
            log.error("Could not find the file 'sslprofiles.xml'");
        }
        return z;
    }
}
