package org.xipki.ca.api.mgmt;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.parser.Feature;
import com.alibaba.fastjson.serializer.SerializerFeature;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.charset.Charset;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Paths;
import java.util.HashMap;
import java.util.Map;
import java.util.zip.ZipEntry;
import java.util.zip.ZipOutputStream;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xipki.ca.api.mgmt.CaConfType;
import org.xipki.util.Args;
import org.xipki.util.Base64;
import org.xipki.util.CollectionUtil;
import org.xipki.util.ConfPairs;
import org.xipki.util.FileOrBinary;
import org.xipki.util.FileOrValue;
import org.xipki.util.InvalidConfException;
import org.xipki.util.IoUtil;
import org.xipki.util.StringUtil;

/* loaded from: input_file:org/xipki/ca/api/mgmt/CaConfs.class */
public class CaConfs {
    private static final Logger LOG = LoggerFactory.getLogger(CaConfs.class);
    private static final String APP_DIR = "APP_DIR";

    private CaConfs() {
    }

    public static void marshal(CaConfType.CaSystem caSystem, OutputStream outputStream) throws InvalidConfException, IOException {
        Args.notNull(caSystem, "root");
        Args.notNull(outputStream, "out");
        caSystem.validate();
        JSON.writeJSONString(outputStream, Charset.forName("UTF8"), caSystem, new SerializerFeature[]{SerializerFeature.PrettyFormat});
    }

    public static InputStream convertFileConfToZip(String str) throws IOException, InvalidConfException {
        Args.notNull(str, "confFilename");
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(1048576);
        ZipOutputStream zipOutputStream = new ZipOutputStream(byteArrayOutputStream);
        zipOutputStream.setLevel(1);
        File expandFilepath = IoUtil.expandFilepath(new File(str));
        InputStream inputStream = null;
        try {
            inputStream = Files.newInputStream(expandFilepath.toPath(), new OpenOption[0]);
            CaConfType.CaSystem caSystem = (CaConfType.CaSystem) JSON.parseObject(inputStream, CaConfType.CaSystem.class, new Feature[0]);
            String basedir = caSystem.getBasedir();
            if (StringUtil.isBlank(basedir)) {
                File parentFile = expandFilepath.getParentFile();
                basedir = parentFile == null ? "." : parentFile.getPath();
            } else if (APP_DIR.equalsIgnoreCase(basedir)) {
                basedir = ".";
            }
            caSystem.setBasedir(null);
            HashMap hashMap = new HashMap();
            if (caSystem.getProperties() != null) {
                hashMap.putAll(caSystem.getProperties());
            }
            if (caSystem.getSigners() != null) {
                for (CaConfType.Signer signer : caSystem.getSigners()) {
                    String name = signer.getName();
                    if (signer.getConf() != null) {
                        String convertSignerConf = convertSignerConf(signer.getConf(), hashMap, basedir);
                        if (convertSignerConf.length() > 200) {
                            String str2 = "files/signer-" + name + ".conf";
                            createFileOrValue(zipOutputStream, convertSignerConf, str2);
                            signer.getConf().setFile(str2);
                            signer.getConf().setValue((String) null);
                        } else {
                            signer.getConf().setFile((String) null);
                            signer.getConf().setValue(convertSignerConf);
                        }
                    }
                    if (signer.getCert() != null && signer.getCert().getFile() != null) {
                        String str3 = "files/signer-" + name + ".crt";
                        createFileOrBinary(zipOutputStream, getBinary(signer.getConf().getFile(), hashMap, basedir), str3);
                        signer.getCert().setFile(str3);
                    }
                }
            }
            if (caSystem.getRequestors() != null) {
                for (CaConfType.Requestor requestor : caSystem.getRequestors()) {
                    String name2 = requestor.getName();
                    if (requestor.getConf() != null && requestor.getConf().getFile() != null) {
                        String str4 = "files/requestor-" + name2 + ".conf";
                        createFileOrValue(zipOutputStream, getValue(requestor.getConf().getFile(), hashMap, basedir), str4);
                        requestor.getConf().setFile(str4);
                    }
                    if (requestor.getBinaryConf() != null && requestor.getBinaryConf().getFile() != null) {
                        String str5 = "files/requestor-" + name2 + ".bin";
                        createFileOrBinary(zipOutputStream, getBinary(requestor.getBinaryConf().getFile(), hashMap, basedir), str5);
                        requestor.getBinaryConf().setFile(str5);
                    }
                }
            }
            if (caSystem.getPublishers() != null) {
                for (CaConfType.NameTypeConf nameTypeConf : caSystem.getPublishers()) {
                    if (nameTypeConf.getConf() != null && nameTypeConf.getConf().getFile() != null) {
                        String str6 = "files/publisher-" + nameTypeConf.getName() + ".conf";
                        createFileOrValue(zipOutputStream, getValue(nameTypeConf.getConf().getFile(), hashMap, basedir), str6);
                        nameTypeConf.getConf().setFile(str6);
                    }
                }
            }
            if (caSystem.getProfiles() != null) {
                for (CaConfType.NameTypeConf nameTypeConf2 : caSystem.getProfiles()) {
                    if (nameTypeConf2.getConf() != null && nameTypeConf2.getConf().getFile() != null) {
                        String str7 = "files/certprofile-" + nameTypeConf2.getName() + ".conf";
                        createFileOrValue(zipOutputStream, getValue(nameTypeConf2.getConf().getFile(), hashMap, basedir), str7);
                        nameTypeConf2.getConf().setFile(str7);
                    }
                }
            }
            if (caSystem.getCas() != null) {
                for (CaConfType.Ca ca : caSystem.getCas()) {
                    if (ca.getCaInfo() != null) {
                        String name3 = ca.getName();
                        CaConfType.CaInfo caInfo = ca.getCaInfo();
                        if (caInfo.getSignerConf() != null) {
                            FileOrValue signerConf = caInfo.getSignerConf();
                            String convertSignerConf2 = convertSignerConf(signerConf, hashMap, basedir);
                            if (convertSignerConf2.length() > 200) {
                                String str8 = "files/ca-" + name3 + "-signer.conf";
                                createFileOrValue(zipOutputStream, convertSignerConf2, str8);
                                signerConf.setFile(str8);
                                signerConf.setValue((String) null);
                            } else {
                                signerConf.setFile((String) null);
                                signerConf.setValue(convertSignerConf2);
                            }
                        }
                        if (caInfo.getDhpocControl() != null) {
                            FileOrValue dhpocControl = caInfo.getDhpocControl();
                            String convertSignerConf3 = convertSignerConf(dhpocControl, hashMap, basedir);
                            if (convertSignerConf3.length() > 200) {
                                String str9 = "files/ca-" + name3 + "-dhpoc.conf";
                                createFileOrValue(zipOutputStream, convertSignerConf3, str9);
                                dhpocControl.setFile(str9);
                                dhpocControl.setValue((String) null);
                            } else {
                                dhpocControl.setFile((String) null);
                                dhpocControl.setValue(convertSignerConf3);
                            }
                        }
                        if (caInfo.getGenSelfIssued() == null) {
                            if (caInfo.getCert() != null && caInfo.getCert().getFile() != null) {
                                String str10 = "files/ca-" + name3 + ".crt";
                                createFileOrBinary(zipOutputStream, getBinary(caInfo.getCert().getFile(), hashMap, basedir), str10);
                                caInfo.getCert().setFile(str10);
                            }
                            if (CollectionUtil.isNotEmpty(caInfo.getCertchain())) {
                                for (int i = 0; i < caInfo.getCertchain().size(); i++) {
                                    FileOrBinary fileOrBinary = caInfo.getCertchain().get(i);
                                    if (fileOrBinary.getFile() != null) {
                                        String str11 = "files/cacertchain-" + name3 + "-" + i + ".crt";
                                        createFileOrBinary(zipOutputStream, getBinary(fileOrBinary.getFile(), hashMap, basedir), str11);
                                        fileOrBinary.setFile(str11);
                                    }
                                }
                            }
                        } else {
                            if (caInfo.getCert() != null) {
                                throw new InvalidConfException("cert of CA " + name3 + " may not be set");
                            }
                            FileOrBinary csr = caInfo.getGenSelfIssued().getCsr();
                            if (csr != null && csr.getFile() != null) {
                                String str12 = "files/ca-" + name3 + "-csr.p10";
                                createFileOrBinary(zipOutputStream, getBinary(csr.getFile(), hashMap, basedir), str12);
                                csr.setFile(str12);
                            }
                        }
                    }
                }
            }
            ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
            try {
                marshal(caSystem, byteArrayOutputStream2);
                byteArrayOutputStream2.flush();
                zipOutputStream.putNextEntry(new ZipEntry("caconf.json"));
                try {
                    zipOutputStream.write(byteArrayOutputStream2.toByteArray());
                    zipOutputStream.closeEntry();
                    if (inputStream != null) {
                        try {
                            inputStream.close();
                        } catch (IOException e) {
                            LOG.info("could not clonse caConfStream", e.getMessage());
                        }
                    }
                    zipOutputStream.close();
                    byteArrayOutputStream.flush();
                    return new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
                } catch (Throwable th) {
                    zipOutputStream.closeEntry();
                    throw th;
                }
            } catch (Throwable th2) {
                byteArrayOutputStream2.flush();
                throw th2;
            }
        } catch (Throwable th3) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e2) {
                    LOG.info("could not clonse caConfStream", e2.getMessage());
                }
            }
            zipOutputStream.close();
            byteArrayOutputStream.flush();
            throw th3;
        }
    }

    private static void createFileOrValue(ZipOutputStream zipOutputStream, String str, String str2) throws IOException {
        zipOutputStream.putNextEntry(new ZipEntry(str2));
        try {
            zipOutputStream.write(StringUtil.toUtf8Bytes(str));
            zipOutputStream.closeEntry();
        } catch (Throwable th) {
            zipOutputStream.closeEntry();
            throw th;
        }
    }

    private static void createFileOrBinary(ZipOutputStream zipOutputStream, byte[] bArr, String str) throws IOException {
        zipOutputStream.putNextEntry(new ZipEntry(str));
        try {
            zipOutputStream.write(bArr);
            zipOutputStream.closeEntry();
        } catch (Throwable th) {
            zipOutputStream.closeEntry();
            throw th;
        }
    }

    private static String getValue(String str, Map<String, String> map, String str2) throws IOException {
        return new String(getBinary(str, map, str2), "UTF-8");
    }

    private static byte[] getBinary(String str, Map<String, String> map, String str2) throws IOException {
        return IoUtil.read(Files.newInputStream(Paths.get(resolveFilePath(expandConf(str, map), str2), new String[0]), new OpenOption[0]));
    }

    private static String expandConf(String str, Map<String, String> map) {
        if (str == null || !str.contains("${") || str.indexOf(125) == -1) {
            return str;
        }
        for (String str2 : map.keySet()) {
            String str3 = "${" + str2 + "}";
            while (str.contains(str3)) {
                str = str.replace(str3, map.get(str2));
            }
        }
        return str;
    }

    private static String resolveFilePath(String str, String str2) {
        return new File(str).isAbsolute() ? str : new File(str2, str).getPath();
    }

    private static String convertSignerConf(FileOrValue fileOrValue, Map<String, String> map, String str) throws IOException {
        String expandConf = expandConf(fileOrValue.getValue() != null ? fileOrValue.getValue() : getValue(fileOrValue.getFile(), map, str), map);
        if (!expandConf.contains("file:")) {
            return expandConf;
        }
        ConfPairs confPairs = new ConfPairs(expandConf);
        boolean z = false;
        for (String str2 : confPairs.names()) {
            String value = confPairs.value(str2);
            if (value.startsWith("file:")) {
                z = true;
                confPairs.putPair(str2, "base64:" + Base64.encodeToString(getBinary(value.substring("file:".length()), map, str)));
            }
        }
        return z ? confPairs.getEncoded() : expandConf;
    }
}
