package org.opendaylight.netconf.keystore.legacy.impl;

import com.google.common.util.concurrent.ListenableFuture;
import com.google.common.util.concurrent.MoreExecutors;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.Map;
import org.opendaylight.aaa.encrypt.AAAEncryptionService;
import org.opendaylight.mdsal.binding.api.DataBroker;
import org.opendaylight.mdsal.binding.api.WriteTransaction;
import org.opendaylight.mdsal.common.api.LogicalDatastoreType;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev240708.AddTrustedCertificate;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev240708.AddTrustedCertificateInput;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev240708.AddTrustedCertificateOutput;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev240708.AddTrustedCertificateOutputBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev240708.Keystore;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev240708.rpc.trusted.certificates.TrustedCertificate;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev240708.rpc.trusted.certificates.TrustedCertificateKey;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev240708.trusted.certificates.TrustedCertificateBuilder;
import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
import org.opendaylight.yangtools.yang.common.RpcResult;
import org.opendaylight.yangtools.yang.common.RpcResultBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/opendaylight/netconf/keystore/legacy/impl/DefaultAddTrustedCertificate.class */
final class DefaultAddTrustedCertificate extends AbstractEncryptingRpc implements AddTrustedCertificate {
    private static final Logger LOG = LoggerFactory.getLogger(DefaultAddTrustedCertificate.class);

    /* JADX INFO: Access modifiers changed from: package-private */
    public DefaultAddTrustedCertificate(DataBroker dataBroker, AAAEncryptionService aAAEncryptionService) {
        super(dataBroker, aAAEncryptionService);
    }

    @Override // org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev240708.AddTrustedCertificate
    public ListenableFuture<RpcResult<AddTrustedCertificateOutput>> invoke(AddTrustedCertificateInput addTrustedCertificateInput) {
        Map<TrustedCertificateKey, TrustedCertificate> trustedCertificate = addTrustedCertificateInput.getTrustedCertificate();
        if (trustedCertificate == null || trustedCertificate.isEmpty()) {
            return RpcResultBuilder.success(new AddTrustedCertificateOutputBuilder().build()).buildFuture();
        }
        LOG.debug("Updating trusted certificates: {}", trustedCertificate);
        ArrayList arrayList = new ArrayList(trustedCertificate.size());
        for (TrustedCertificate trustedCertificate2 : trustedCertificate.values()) {
            String name = trustedCertificate2.getName();
            try {
                arrayList.add(new TrustedCertificateBuilder().setName(name).setCertificate(encryptEncoded(SecurityHelper.decodeCertificate(trustedCertificate2.getCertificate()).getEncoded())).build());
            } catch (IOException e) {
                LOG.debug("Cannot decode certificate {}}", trustedCertificate2, e);
                return returnFailed("Failed to decode certificate " + name, e);
            } catch (GeneralSecurityException e2) {
                LOG.debug("Cannot encrypt certificate {}}", trustedCertificate2, e2);
                return returnFailed("Failed to encrypt certificate " + name, e2);
            }
        }
        WriteTransaction newTransaction = newTransaction();
        arrayList.forEach(trustedCertificate3 -> {
            newTransaction.put(LogicalDatastoreType.CONFIGURATION, InstanceIdentifier.create(Keystore.class).child(org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.keystore.rev240708.trusted.certificates.TrustedCertificate.class, trustedCertificate3.m44key()), trustedCertificate3);
        });
        return newTransaction.commit().transform(commitInfo -> {
            LOG.debug("Updated trusted certificates: {}", trustedCertificate.keySet());
            return RpcResultBuilder.success(new AddTrustedCertificateOutputBuilder().build()).build();
        }, MoreExecutors.directExecutor());
    }
}
