package pl.edu.icm.yadda.aas.keystore.impl;

import java.io.IOException;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Iterator;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import pl.edu.icm.pnpca.storage.NoSuchRecordException;
import pl.edu.icm.pnpca.storage.Record;
import pl.edu.icm.pnpca.storage.Storage;
import pl.edu.icm.pnpca.storage.StorageException;
import pl.edu.icm.yadda.aas.builder.IGenericBuilder;
import pl.edu.icm.yadda.aas.extractor.IExtractor;
import pl.edu.icm.yadda.aas.keystore.IEditableKeyStore;
import pl.edu.icm.yadda.aas.keystore.KeyQueryRequest;
import pl.edu.icm.yadda.aas.keystore.KeyQueryResponse;
import pl.edu.icm.yadda.aas.keystore.KeyStoreException;

/* loaded from: input_file:WEB-INF/lib/yadda-aas2-common-4.3.3.jar:pl/edu/icm/yadda/aas/keystore/impl/TrustedX509CertsStorageBasedKeystore.class */
public class TrustedX509CertsStorageBasedKeystore<C> implements IEditableKeyStore<C> {
    protected final Logger log = LoggerFactory.getLogger(getClass());
    private Storage<X509Certificate> storage;
    private Map<String, C> credentials;
    private IExtractor<Record<X509Certificate>, C> recordCredentialExtractor;
    private IGenericBuilder<C, Record<X509Certificate>> recordBuilder;
    private IExtractor<C, String> credentialIdExtractor;
    private IExtractor<C, X509Certificate> credentialCertificateExtractor;

    public void init() throws StorageException, IOException {
        this.credentials = new ConcurrentHashMap();
        Collection<String> allIds = this.storage.getAllIds();
        if (allIds == null || allIds.size() <= 0) {
            this.log.debug("no credentials to import from storage");
            return;
        }
        this.log.debug("importing " + allIds.size() + " credentials from storage...");
        Iterator<String> it = allIds.iterator();
        while (it.hasNext()) {
            C extract = this.recordCredentialExtractor.extract(this.storage.load(it.next()));
            String extract2 = this.credentialIdExtractor.extract(extract);
            this.log.debug("importing certificate: " + extract2);
            this.credentials.put(extract2, extract);
        }
        this.log.debug("importing finished!");
    }

    @Override // pl.edu.icm.yadda.aas.keystore.IEditableKeyStore
    public void addCredential(C c) throws KeyStoreException {
        if (c != null) {
            String extract = this.credentialIdExtractor.extract(c);
            try {
                this.storage.store(this.recordBuilder.build(c));
                this.credentials.put(extract, c);
            } catch (IOException e) {
                String str = "exception occured when storing credential " + extract;
                this.log.error(str);
                throw new KeyStoreException(str, e);
            } catch (StorageException e2) {
                String str2 = "exception occured when storing credential " + extract;
                this.log.error(str2);
                throw new KeyStoreException(str2, e2);
            }
        }
    }

    @Override // pl.edu.icm.yadda.aas.keystore.IKeyStore
    public Map<String, C> getAllCredentials() {
        return this.credentials;
    }

    @Override // pl.edu.icm.yadda.aas.keystore.IKeyStore
    public KeyQueryResponse<C> queryKeys(KeyQueryRequest keyQueryRequest) throws KeyStoreException {
        return (keyQueryRequest == null || keyQueryRequest.getAlias() == null) ? new KeyQueryResponse<>() : new KeyQueryResponse<>(this.credentials.get(keyQueryRequest.getAlias()));
    }

    @Override // pl.edu.icm.yadda.aas.keystore.IEditableKeyStore
    public C removeCredential(C c) throws KeyStoreException {
        if (c == null) {
            return null;
        }
        String extract = this.credentialIdExtractor.extract(c);
        if (extract != null) {
            return removeCredential(extract);
        }
        X509Certificate extract2 = this.credentialCertificateExtractor.extract(c);
        if (extract2 == null) {
            this.log.error("No x509 certificate found for removal");
            return null;
        }
        for (String str : this.credentials.keySet()) {
            X509Certificate x509Certificate = (X509Certificate) this.credentialCertificateExtractor.extract(this.credentials.get(str));
            if (x509Certificate != null && extract2.equals(x509Certificate)) {
                try {
                    this.log.debug("removing requested X509 credential: " + str);
                    this.storage.remove(str);
                    return this.credentials.remove(str);
                } catch (IOException e) {
                    throw new KeyStoreException("Couldn't remove credential " + str, e);
                } catch (NoSuchRecordException e2) {
                    throw new KeyStoreException("Couldn't remove credential " + str, e2);
                } catch (StorageException e3) {
                    throw new KeyStoreException("Couldn't remove credential " + str, e3);
                }
            }
        }
        return null;
    }

    @Override // pl.edu.icm.yadda.aas.keystore.IEditableKeyStore
    public C removeCredential(String str) throws KeyStoreException {
        if (str == null || !this.credentials.containsKey(str)) {
            return null;
        }
        try {
            this.log.debug("removing requested X509 credential: " + str);
            this.storage.remove(str);
            return this.credentials.remove(str);
        } catch (IOException e) {
            throw new KeyStoreException("Couldn't remove credential " + str, e);
        } catch (NoSuchRecordException e2) {
            throw new KeyStoreException("Couldn't remove credential " + str, e2);
        } catch (StorageException e3) {
            throw new KeyStoreException("Couldn't remove credential " + str, e3);
        }
    }

    public void setStorage(Storage<X509Certificate> storage) {
        this.storage = storage;
    }

    public void setRecordCredentialExtractor(IExtractor<Record<X509Certificate>, C> iExtractor) {
        this.recordCredentialExtractor = iExtractor;
    }

    public void setRecordBuilder(IGenericBuilder<C, Record<X509Certificate>> iGenericBuilder) {
        this.recordBuilder = iGenericBuilder;
    }

    public void setCredentialIdExtractor(IExtractor<C, String> iExtractor) {
        this.credentialIdExtractor = iExtractor;
    }

    public void setCredentialCertificateExtractor(IExtractor<C, X509Certificate> iExtractor) {
        this.credentialCertificateExtractor = iExtractor;
    }
}
