package at.gv.egovernment.moa.spss.server.iaik.config;

import at.gv.egovernment.moa.spss.server.config.ConfigurationException;
import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
import at.gv.egovernment.moa.spss.server.config.KeyGroup;
import at.gv.egovernment.moa.spss.server.config.KeyGroupEntry;
import at.gv.egovernment.moa.spss.server.logging.TransactionId;
import at.gv.egovernment.moa.spss.util.CertStoreConverter;
import at.gv.egovernment.moa.spss.util.MessageProvider;
import at.gv.egovernment.moa.spss.util.SecProviderUtils;
import at.gv.egovernment.moaspss.logging.LogMsg;
import iaik.logging.LogFactory;
import iaik.pki.PKIException;
import iaik.pki.PKIFactory;
import iaik.pki.store.revocation.RevocationFactory;
import iaik.pki.store.truststore.TrustStoreFactory;
import iaik.server.ConfigurationData;
import iaik.server.Configurator;
import iaik.server.modules.keys.KeyEntryID;
import iaik.server.modules.keys.KeyModuleFactory;
import iaik.servertools.PublicAuthorityIdentifier;
import iaik.x509.X509Extensions;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.class */
public class IaikConfigurator extends Configurator {
    private static final Logger logger = LoggerFactory.getLogger(IaikConfigurator.class);
    private static List<String> warnings = new ArrayList();

    public static ConfigurationData configure(ConfigurationProvider configurationProvider) throws ConfigurationException {
        ConfigurationDataImpl configurationDataImpl = new ConfigurationDataImpl(configurationProvider);
        try {
            TransactionId transactionId = new TransactionId("IaikConfigurator");
            LogFactory.configure(configurationDataImpl.getLoggerConfig());
            initializePkiCommons(configurationProvider, transactionId, configurationDataImpl);
            customIaikInit(configurationDataImpl, transactionId);
            SecProviderUtils.dumpSecProviders("Fully configured!");
            RevocationFactory.getInstance(transactionId).getRevocationSourceStore();
            if (configurationProvider.getSoftwareKeyModules().size() > 0 || configurationProvider.getHardwareKeyModules().size() > 0) {
                dumpKeyEntryIDs();
            }
            checkKeyGroupConfig(configurationProvider);
            TrustStoreFactory.reset();
            return configurationDataImpl;
        } catch (iaik.server.ConfigurationException e) {
            logException(e);
            throw new ConfigurationException("config.08", null, e);
        } catch (Throwable th) {
            logException(th);
            throw new ConfigurationException("config.08", null, th);
        }
    }

    public static void customIaikInit(ConfigurationData configurationData, TransactionId transactionId) throws ConfigurationException, iaik.server.ConfigurationException {
        if (configurationData == null) {
            throw new NullPointerException("Config data must not be null");
        }
        logger.trace("Setting up IAIK-MOA crypto backend ... ");
        initXSect(LogFactory.getLog("init-xsect"), transactionId);
        X509Extensions.register(PublicAuthorityIdentifier.oid, PublicAuthorityIdentifier.class);
        if (PKIFactory.getInstance().isAlreadyConfigured()) {
            logger.trace("IAIK PKI-module is still configurated");
        } else {
            initPkiModule(configurationData.getPKIConfiguration(), transactionId);
        }
        initCryptoModule(configurationData.getCryptoModuleConfigurations(), transactionId);
        initKeyModule(configurationData.getKeyModuleConfigurations(), transactionId);
    }

    private static void initializePkiCommons(ConfigurationProvider configurationProvider, TransactionId transactionId, ConfigurationData configurationData) throws PKIException {
        if (iaik.pki.Configurator.isInitialized()) {
            logger.trace("IAIK PKI-Commons already initialized");
            return;
        }
        logger.info("Initializing IAIK PKI-Commons ... ");
        iaik.pki.Configurator.initCommon(configurationData.getLoggerConfig(), transactionId);
        CertStoreConverter.convert(configurationProvider.getCertStoreLocation(), transactionId);
    }

    private static void logException(Throwable th) {
        StringWriter stringWriter = new StringWriter();
        th.printStackTrace(new PrintWriter(stringWriter));
        logger.error("IAIK_Module error: {}", stringWriter.toString());
    }

    public List getWarnings() {
        return warnings;
    }

    private static void dumpKeyEntryIDs() {
        MessageProvider messageProvider = MessageProvider.getInstance();
        Iterator it = KeyModuleFactory.getInstance(new TransactionId("dump")).getPrivateKeyEntryIDs().iterator();
        while (it.hasNext()) {
            at.gv.egovernment.moaspss.logging.Logger.info(new LogMsg(messageProvider.getMessage("config.19", new Object[]{(KeyEntryID) it.next()})));
        }
    }

    private static void checkKeyGroupConfig(ConfigurationProvider configurationProvider) {
        for (KeyGroup keyGroup : configurationProvider.getKeyGroups().values()) {
            for (KeyGroupEntry keyGroupEntry : keyGroup.getKeyGroupEntries()) {
                if (!findKeyEntryID(keyGroupEntry)) {
                    warn("config.31", new Object[]{keyGroup.getId(), keyGroupEntry.getModuleID(), keyGroupEntry.getIssuerDN(), keyGroupEntry.getSerialNumber()});
                }
            }
        }
    }

    private static boolean findKeyEntryID(KeyGroupEntry keyGroupEntry) {
        for (KeyEntryID keyEntryID : KeyModuleFactory.getInstance(new TransactionId("check")).getPrivateKeyEntryIDs()) {
            if (keyEntryID.getCertificateIssuer().equals(keyGroupEntry.getIssuerDN()) && keyEntryID.getCertificateSerialNumber().equals(keyGroupEntry.getSerialNumber()) && keyEntryID.getModuleID().equals(keyGroupEntry.getModuleID())) {
                return true;
            }
        }
        return false;
    }

    private static void warn(String str, Object[] objArr) {
        String message = MessageProvider.getInstance().getMessage(str, objArr);
        at.gv.egovernment.moaspss.logging.Logger.warn(new LogMsg(message));
        warnings.add(message);
    }
}
