package com.ibm.ws.ssl.internal;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ssl.Constants;
import com.ibm.websphere.ssl.JSSEHelper;
import com.ibm.websphere.ssl.JSSEProvider;
import com.ibm.websphere.ssl.SSLException;
import com.ibm.ws.ssl.JSSEProviderFactory;
import com.ibm.ws.ssl.config.KeyStoreManager;
import com.ibm.ws.ssl.config.SSLConfigManager;
import com.ibm.ws.ssl.config.WSKeyStore;
import com.ibm.ws.ssl.optional.SSLSupportOptional;
import com.ibm.wsspi.kernel.service.location.WsLocationAdmin;
import com.ibm.wsspi.kernel.service.location.WsLocationConstants;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import org.apache.felix.scr.impl.xml.XmlHandler;
import org.osgi.framework.ServiceReference;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ConfigurationPolicy;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Modified;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferenceCardinality;
import org.osgi.service.component.annotations.ReferencePolicy;
import org.osgi.service.component.annotations.ReferencePolicyOption;

@Component(immediate = true, configurationPid = {"com.ibm.ws.ssl.default"}, configurationPolicy = ConfigurationPolicy.REQUIRE, property = {"service.vendor=IBM"}, xmlns = XmlHandler.NAMESPACE_URI_1_2_FELIX)
/* loaded from: input_file:wlp/lib/com.ibm.ws.ssl_1.1.15.jar:com/ibm/ws/ssl/internal/SSLComponent.class */
public class SSLComponent extends GenericSSLConfigService implements SSLSupportOptional {
    private static final TraceComponent tc = Tr.register(SSLComponent.class);
    protected static final String MY_ALIAS = "sslDefault";
    private final Map<String, RepertoireConfigService> repertoireMap = new HashMap();
    private final Map<String, Map<String, String>> repertoirePropertiesMap = new HashMap();
    private final Map<String, WSKeyStore> keystoreIdMap = new HashMap();
    private final Map<String, WSKeyStore> keystorePidMap = new HashMap();
    private volatile WsLocationAdmin locSvc;
    private boolean activated;

    @Activate
    protected synchronized Map<String, Object> activate(Map<String, Object> map) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
            Tr.event(tc, "Activated: " + map, new Object[0]);
        }
        super.activate(MY_ALIAS, map);
        this.activated = true;
        Map<String, Object> processConfig = processConfig(true);
        if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
            Tr.event(tc, "activate return: " + processConfig, new Object[0]);
        }
        return processConfig;
    }

    @Deactivate
    protected synchronized Map<String, Object> deactivate(int i) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
            Tr.event(tc, "Deactivated: " + i, new Object[0]);
        }
        super.deactivate(MY_ALIAS, i);
        this.repertoireMap.clear();
        this.keystoreIdMap.clear();
        this.keystorePidMap.clear();
        Map<String, Object> processConfig = processConfig(true);
        this.activated = false;
        if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
            Tr.event(tc, "deactivate return: " + processConfig, new Object[0]);
        }
        return processConfig;
    }

    @Modified
    protected synchronized Map<String, Object> modified(Map<String, Object> map) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
            Tr.event(tc, "Modified: " + map, new Object[0]);
        }
        super.modified(MY_ALIAS, map);
        Map<String, Object> processConfig = processConfig(true);
        if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
            Tr.event(tc, "modified return: " + processConfig, new Object[0]);
        }
        return processConfig;
    }

    @Reference(service = KeystoreConfig.class, cardinality = ReferenceCardinality.MULTIPLE, policy = ReferencePolicy.DYNAMIC, target = "(id=*)")
    protected synchronized Map<String, Object> setKeyStore(KeystoreConfig keystoreConfig) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
            Tr.event(tc, "Adding keystore: " + keystoreConfig.getId(), new Object[0]);
        }
        Map<String, Object> addKeyStores = addKeyStores(false, keystoreConfig);
        if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
            Tr.event(tc, "setKeyStore return: " + addKeyStores, new Object[0]);
        }
        return addKeyStores;
    }

    protected synchronized void updatedKeyStore(KeystoreConfig keystoreConfig) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
            Tr.event(tc, "Updating keystore: " + keystoreConfig.getId(), new Object[0]);
        }
        addKeyStores(false, keystoreConfig);
    }

    protected synchronized Map<String, Object> unsetKeyStore(KeystoreConfig keystoreConfig) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
            Tr.event(tc, "Removing keystore: " + keystoreConfig.getId(), new Object[0]);
        }
        this.keystoreIdMap.remove(keystoreConfig.getId());
        this.keystorePidMap.remove(keystoreConfig.getPid());
        KeyStoreManager.getInstance().clearKeyStoreFromMap(keystoreConfig.getId());
        Iterator<Map.Entry<String, RepertoireConfigService>> it = this.repertoireMap.entrySet().iterator();
        while (it.hasNext()) {
            RepertoireConfigService value = it.next().getValue();
            if (value.getKeyStore() == keystoreConfig || value.getTrustStore() == keystoreConfig) {
                it.remove();
                this.repertoirePropertiesMap.remove(value.getAlias());
            }
        }
        Map<String, Object> processConfig = processConfig(true);
        if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
            Tr.event(tc, "unsetKeyStore return: " + processConfig, new Object[0]);
        }
        return processConfig;
    }

    private Map<String, Object> addKeyStores(boolean z, KeystoreConfig... keystoreConfigArr) {
        for (KeystoreConfig keystoreConfig : keystoreConfigArr) {
            WSKeyStore keyStore = keystoreConfig.getKeyStore();
            if (keyStore != this.keystoreIdMap.put(keystoreConfig.getId(), keyStore)) {
                z = true;
                this.keystorePidMap.put(keystoreConfig.getPid(), keyStore);
            }
        }
        return processConfig(z);
    }

    @Reference(service = RepertoireConfigService.class, cardinality = ReferenceCardinality.MULTIPLE, policy = ReferencePolicy.DYNAMIC, target = "(id=*)")
    protected synchronized Map<String, Object> setRepertoire(RepertoireConfigService repertoireConfigService) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
            Tr.event(tc, "Adding repertoire: " + repertoireConfigService.getAlias(), new Object[0]);
        }
        Map<String, String> properties = repertoireConfigService.getProperties();
        this.repertoireMap.put(repertoireConfigService.getAlias(), repertoireConfigService);
        this.repertoirePropertiesMap.put(repertoireConfigService.getAlias(), properties);
        Map<String, Object> addKeyStores = addKeyStores(true, repertoireConfigService.getKeyStore(), repertoireConfigService.getTrustStore());
        if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
            Tr.event(tc, "setRepertoire return: " + addKeyStores, new Object[0]);
        }
        return addKeyStores;
    }

    protected synchronized Map<String, Object> updatedRepertoire(RepertoireConfigService repertoireConfigService) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
            Tr.event(tc, "Updating repertoire: " + repertoireConfigService.getAlias(), new Object[0]);
        }
        Map<String, String> properties = repertoireConfigService.getProperties();
        this.repertoirePropertiesMap.put(properties.get("id"), properties);
        Map<String, Object> addKeyStores = addKeyStores(true, repertoireConfigService.getKeyStore(), repertoireConfigService.getTrustStore());
        if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
            Tr.event(tc, "updatedRepertoire return: " + addKeyStores, new Object[0]);
        }
        return addKeyStores;
    }

    protected synchronized Map<String, Object> unsetRepertoire(RepertoireConfigService repertoireConfigService) {
        if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
            Tr.event(tc, "Removing repertoire: " + repertoireConfigService.getAlias(), new Object[0]);
        }
        this.repertoireMap.remove(repertoireConfigService.getAlias());
        this.repertoirePropertiesMap.remove(repertoireConfigService.getAlias());
        Map<String, Object> processConfig = processConfig(this.repertoirePropertiesMap.remove(repertoireConfigService.getAlias()) != null);
        if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
            Tr.event(tc, "unsetRepertoire return: " + processConfig, new Object[0]);
        }
        return processConfig;
    }

    @Reference(policy = ReferencePolicy.DYNAMIC, policyOption = ReferencePolicyOption.GREEDY)
    protected void setLocMgr(WsLocationAdmin wsLocationAdmin) {
        this.locSvc = wsLocationAdmin;
    }

    protected void unsetLocMgr(ServiceReference<WsLocationAdmin> serviceReference) {
    }

    private Map<String, Object> processConfig(boolean z) {
        if (!this.activated) {
            if (!TraceComponent.isAnyTracingEnabled() || !tc.isDebugEnabled()) {
                return null;
            }
            Tr.debug(tc, "Not yet activated, can not process config", new Object[0]);
            return null;
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
            Tr.event(tc, "Processing configuration", new Object[0]);
        }
        boolean equals = this.locSvc.resolveString(WsLocationConstants.SYMBOL_PROCESS_TYPE).equals("server");
        HashMap hashMap = new HashMap(this.config);
        hashMap.put(SSLSupportOptional.REPERTOIRE_IDS, this.repertoireMap.keySet().toArray(new String[this.repertoireMap.size()]));
        hashMap.put(SSLSupportOptional.KEYSTORE_IDS, this.keystoreIdMap.keySet().toArray(new String[this.keystoreIdMap.size()]));
        if (z) {
            try {
                SSLConfigManager.getInstance().initializeSSL(getGlobalProps(), getRepertoireProps(), getKeyStores(), true, equals);
            } catch (SSLException e) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isEventEnabled()) {
                    Tr.event(tc, "Exception processing SSL configuration; " + e, new Object[0]);
                }
            }
        }
        if (!this.repertoireMap.isEmpty() && !this.keystoreIdMap.isEmpty()) {
            hashMap.put("SSLSupport", "active");
        }
        return hashMap;
    }

    Map<String, String> getGlobalProps() {
        Map<String, String> properties = getProperties();
        String str = properties.get(LibertyConstants.KEY_DEFAULT_REPERTOIRE);
        if (str != null) {
            properties.put(Constants.SSLPROP_DEFAULT_ALIAS, str);
        } else {
            properties.put(Constants.SSLPROP_DEFAULT_ALIAS, LibertyConstants.DEFAULT_SSL_CONFIG_ID);
        }
        return properties;
    }

    Map<String, Map<String, String>> getRepertoireProps() {
        return this.repertoirePropertiesMap;
    }

    Map<String, WSKeyStore> getKeyStores() {
        HashMap hashMap = new HashMap(this.keystoreIdMap);
        hashMap.putAll(this.keystorePidMap);
        return hashMap;
    }

    @Override // com.ibm.wsspi.ssl.SSLSupport
    public synchronized JSSEHelper getJSSEHelper() {
        return JSSEHelper.getInstance();
    }

    @Override // com.ibm.wsspi.ssl.SSLSupport
    public JSSEProvider getJSSEProvider() {
        return JSSEProviderFactory.getInstance();
    }

    @Override // com.ibm.wsspi.ssl.SSLSupport
    public JSSEProvider getJSSEProvider(String str) {
        return JSSEProviderFactory.getInstance(str);
    }
}
