package org.opends.server.extensions;

import java.security.KeyStore;
import java.util.List;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import org.forgerock.i18n.LocalizableMessage;
import org.forgerock.i18n.slf4j.LocalizedLogger;
import org.forgerock.opendj.config.server.ConfigChangeResult;
import org.forgerock.opendj.config.server.ConfigException;
import org.forgerock.opendj.config.server.ConfigurationChangeListener;
import org.forgerock.opendj.server.config.server.PKCS11KeyManagerProviderCfg;
import org.opends.messages.ExtensionMessages;
import org.opends.server.api.KeyManagerProvider;
import org.opends.server.core.DirectoryServer;
import org.opends.server.types.DirectoryException;
import org.opends.server.types.InitializationException;
import org.opends.server.util.StaticUtils;

/* JADX WARN: Classes with same name are omitted:
  input_file:embedded-opendj/opendj.zip:opendj/lib/opendj.jar:org/opends/server/extensions/PKCS11KeyManagerProvider.class
 */
/* loaded from: input_file:embedded-opendj/opendj.zip:opendj/lib/org.openidentityplatform.opendj.opendj-server-legacy.jar:org/opends/server/extensions/PKCS11KeyManagerProvider.class */
public class PKCS11KeyManagerProvider extends KeyManagerProvider<PKCS11KeyManagerProviderCfg> implements ConfigurationChangeListener<PKCS11KeyManagerProviderCfg> {
    private static final LocalizedLogger logger = LocalizedLogger.getLoggerForThisClass();
    private static final String PKCS11_KEYSTORE_TYPE = "PKCS11";
    private char[] keyStorePIN;
    private PKCS11KeyManagerProviderCfg currentConfig;

    @Override // org.opends.server.api.KeyManagerProvider
    public void initializeKeyManagerProvider(PKCS11KeyManagerProviderCfg pKCS11KeyManagerProviderCfg) throws ConfigException, InitializationException {
        this.currentConfig = pKCS11KeyManagerProviderCfg;
        this.keyStorePIN = getKeyStorePIN(pKCS11KeyManagerProviderCfg);
        pKCS11KeyManagerProviderCfg.addPKCS11ChangeListener(this);
    }

    private char[] getKeyStorePIN(PKCS11KeyManagerProviderCfg pKCS11KeyManagerProviderCfg) throws InitializationException {
        return FileBasedKeyManagerProvider.getKeyStorePIN(pKCS11KeyManagerProviderCfg.getKeyStorePinProperty(), pKCS11KeyManagerProviderCfg.getKeyStorePinEnvironmentVariable(), pKCS11KeyManagerProviderCfg.getKeyStorePinFile(), pKCS11KeyManagerProviderCfg.getKeyStorePin(), pKCS11KeyManagerProviderCfg.dn(), ExtensionMessages.ERR_PKCS11_KEYMANAGER_PIN_PROPERTY_NOT_SET, ExtensionMessages.ERR_PKCS11_KEYMANAGER_PIN_ENVAR_NOT_SET, ExtensionMessages.ERR_PKCS11_KEYMANAGER_PIN_NO_SUCH_FILE, ExtensionMessages.ERR_PKCS11_KEYMANAGER_PIN_FILE_CANNOT_READ, ExtensionMessages.ERR_PKCS11_KEYMANAGER_PIN_FILE_EMPTY);
    }

    @Override // org.opends.server.api.KeyManagerProvider
    public void finalizeKeyManagerProvider() {
        this.currentConfig.removePKCS11ChangeListener(this);
    }

    @Override // org.opends.server.api.KeyManagerProvider
    public KeyManager[] getKeyManagers() throws DirectoryException {
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS11");
            keyStore.load(null, this.keyStorePIN);
            try {
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                keyManagerFactory.init(keyStore, this.keyStorePIN);
                return keyManagerFactory.getKeyManagers();
            } catch (Exception e) {
                logger.traceException(e);
                throw new DirectoryException(DirectoryServer.getCoreConfigManager().getServerErrorResultCode(), ExtensionMessages.ERR_PKCS11_KEYMANAGER_CANNOT_CREATE_FACTORY.get(StaticUtils.getExceptionMessage(e)), e);
            }
        } catch (Exception e2) {
            logger.traceException(e2);
            throw new DirectoryException(DirectoryServer.getCoreConfigManager().getServerErrorResultCode(), ExtensionMessages.ERR_PKCS11_KEYMANAGER_CANNOT_LOAD.get(StaticUtils.getExceptionMessage(e2)), e2);
        }
    }

    /* renamed from: isConfigurationAcceptable, reason: avoid collision after fix types in other method */
    public boolean isConfigurationAcceptable2(PKCS11KeyManagerProviderCfg pKCS11KeyManagerProviderCfg, List<LocalizableMessage> list) {
        return isConfigurationChangeAcceptable2(pKCS11KeyManagerProviderCfg, list);
    }

    /* renamed from: isConfigurationChangeAcceptable, reason: avoid collision after fix types in other method */
    public boolean isConfigurationChangeAcceptable2(PKCS11KeyManagerProviderCfg pKCS11KeyManagerProviderCfg, List<LocalizableMessage> list) {
        try {
            getKeyStorePIN(pKCS11KeyManagerProviderCfg);
            return true;
        } catch (InitializationException e) {
            list.add(e.getMessageObject());
            return false;
        }
    }

    @Override // org.forgerock.opendj.config.server.ConfigurationChangeListener
    public ConfigChangeResult applyConfigurationChange(PKCS11KeyManagerProviderCfg pKCS11KeyManagerProviderCfg) {
        ConfigChangeResult configChangeResult = new ConfigChangeResult();
        try {
            this.keyStorePIN = getKeyStorePIN(pKCS11KeyManagerProviderCfg);
            this.currentConfig = pKCS11KeyManagerProviderCfg;
        } catch (InitializationException e) {
            configChangeResult.setResultCode(DirectoryServer.getCoreConfigManager().getServerErrorResultCode());
            configChangeResult.addMessage(e.getMessageObject());
        }
        return configChangeResult;
    }

    @Override // org.opends.server.api.KeyManagerProvider
    public /* bridge */ /* synthetic */ boolean isConfigurationAcceptable(PKCS11KeyManagerProviderCfg pKCS11KeyManagerProviderCfg, List list) {
        return isConfigurationAcceptable2(pKCS11KeyManagerProviderCfg, (List<LocalizableMessage>) list);
    }

    @Override // org.forgerock.opendj.config.server.ConfigurationChangeListener
    public /* bridge */ /* synthetic */ boolean isConfigurationChangeAcceptable(PKCS11KeyManagerProviderCfg pKCS11KeyManagerProviderCfg, List list) {
        return isConfigurationChangeAcceptable2(pKCS11KeyManagerProviderCfg, (List<LocalizableMessage>) list);
    }
}
