package org.apache.plc4x.java.opcua.config;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.nio.file.FileSystems;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.X509Certificate;
import org.apache.plc4x.java.api.exceptions.PlcConnectionException;
import org.apache.plc4x.java.opcua.context.CertificateGenerator;
import org.apache.plc4x.java.opcua.context.CertificateKeyPair;
import org.apache.plc4x.java.opcua.readwrite.PascalByteString;
import org.apache.plc4x.java.spi.configuration.Configuration;
import org.apache.plc4x.java.spi.configuration.annotations.ConfigurationParameter;
import org.apache.plc4x.java.spi.configuration.annotations.defaults.BooleanDefaultValue;
import org.apache.plc4x.java.spi.configuration.annotations.defaults.StringDefaultValue;
import org.apache.plc4x.java.transport.tcp.TcpTransportConfiguration;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/plc4x/java/opcua/config/OpcuaConfiguration.class */
public class OpcuaConfiguration implements Configuration, TcpTransportConfiguration {
    private static final Logger LOGGER;
    private String code;
    private String host;
    private String port;
    private String endpoint;
    private String transportEndpoint;
    private String params;
    private Boolean isEncrypted = false;
    private PascalByteString thumbprint;
    private byte[] senderCertificate;

    @ConfigurationParameter("discovery")
    @BooleanDefaultValue(true)
    private boolean discovery;

    @ConfigurationParameter("username")
    private String username;

    @ConfigurationParameter("password")
    private String password;

    @ConfigurationParameter("securityPolicy")
    @StringDefaultValue("None")
    private String securityPolicy;

    @ConfigurationParameter("keyStoreFile")
    private String keyStoreFile;

    @ConfigurationParameter("certDirectory")
    private String certDirectory;

    @ConfigurationParameter("keyStorePassword")
    private String keyStorePassword;
    private CertificateKeyPair ckp;

    public boolean isDiscovery() {
        return this.discovery;
    }

    public String getUsername() {
        return this.username;
    }

    public String getPassword() {
        return this.password;
    }

    public String getCertDirectory() {
        return this.certDirectory;
    }

    public String getSecurityPolicy() {
        return this.securityPolicy;
    }

    public String getKeyStoreFile() {
        return this.keyStoreFile;
    }

    public String getKeyStorePassword() {
        return this.keyStorePassword;
    }

    public PascalByteString getThumbprint() {
        return this.thumbprint;
    }

    public CertificateKeyPair getCertificateKeyPair() {
        return this.ckp;
    }

    public boolean isEncrypted() {
        return this.isEncrypted.booleanValue();
    }

    public void setDiscovery(boolean z) {
        this.discovery = z;
    }

    public void setUsername(String str) {
        this.username = str;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public void setCertDirectory(String str) {
        this.certDirectory = str;
    }

    public void setSecurityPolicy(String str) {
        this.securityPolicy = str;
    }

    public void setKeyStoreFile(String str) {
        this.keyStoreFile = str;
    }

    public void setKeyStorePassword(String str) {
        this.keyStorePassword = str;
    }

    public void setThumbprint(PascalByteString pascalByteString) {
        this.thumbprint = pascalByteString;
    }

    public String getTransportCode() {
        return this.code;
    }

    public String getHost() {
        return this.host;
    }

    public String getPort() {
        return this.port;
    }

    public String getEndpoint() {
        return this.endpoint;
    }

    public String getTransportEndpoint() {
        return this.transportEndpoint;
    }

    public byte[] getSenderCertificate() {
        return this.senderCertificate;
    }

    public void setTransportCode(String str) {
        this.code = str;
    }

    public void setHost(String str) {
        this.host = str;
    }

    public void setPort(String str) {
        this.port = str;
    }

    public void setEndpoint(String str) {
        this.endpoint = str;
    }

    public void setTransportEndpoint(String str) {
        this.transportEndpoint = str;
    }

    public void openKeyStore() throws Exception {
        this.isEncrypted = true;
        File file = new File(this.certDirectory, "security");
        if (!file.exists() && !file.mkdirs()) {
            throw new PlcConnectionException("Unable to create directory please confirm folder permissions on " + this.certDirectory);
        }
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        File file2 = file.toPath().resolve(this.keyStoreFile).toFile();
        FileSystems.getDefault().getPath(this.certDirectory, new String[0]).resolve("pki").toFile();
        if (file2.exists()) {
            LOGGER.info("Loading KeyStore at {}", file2);
            keyStore.load(new FileInputStream(file2), this.keyStorePassword.toCharArray());
            String nextElement = keyStore.aliases().nextElement();
            this.ckp = new CertificateKeyPair(new KeyPair(keyStore.getCertificate(nextElement).getPublicKey(), (PrivateKey) keyStore.getKey(nextElement, this.keyStorePassword.toCharArray())), (X509Certificate) keyStore.getCertificate(nextElement));
            return;
        }
        this.ckp = CertificateGenerator.generateCertificate();
        LOGGER.info("Creating new KeyStore at {}", file2);
        keyStore.load(null, this.keyStorePassword.toCharArray());
        keyStore.setKeyEntry("plc4x-certificate-alias", this.ckp.getKeyPair().getPrivate(), this.keyStorePassword.toCharArray(), new X509Certificate[]{this.ckp.getCertificate()});
        keyStore.store(new FileOutputStream(file2), this.keyStorePassword.toCharArray());
    }

    public String toString() {
        return "Configuration{}";
    }

    public void setSenderCertificate(byte[] bArr) {
        this.senderCertificate = bArr;
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
        LOGGER = LoggerFactory.getLogger(OpcuaConfiguration.class);
    }
}
