package org.xipki.security.pkcs11;

import java.io.FileInputStream;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xipki.common.InvalidConfException;
import org.xipki.common.util.LogUtil;
import org.xipki.common.util.StringUtil;
import org.xipki.password.PasswordResolver;
import org.xipki.security.exception.P11TokenException;
import org.xipki.security.exception.XiSecurityException;
import org.xipki.security.pkcs11.emulator.EmulatorP11Module;
import org.xipki.security.pkcs11.iaik.IaikP11Module;
import org.xipki.security.pkcs11.proxy.ProxyP11Module;

/* loaded from: input_file:org/xipki/security/pkcs11/P11CryptServiceFactoryImpl.class */
public class P11CryptServiceFactoryImpl implements P11CryptServiceFactory {
    private static final Logger LOG = LoggerFactory.getLogger(P11CryptServiceFactoryImpl.class);
    private static final Map<String, P11CryptService> services = new HashMap();
    private static final Map<String, P11Module> modules = new HashMap();
    private PasswordResolver passwordResolver;
    private P11Conf p11Conf;
    private String pkcs11ConfFile;

    public synchronized void init() throws InvalidConfException, IOException {
        if (this.p11Conf != null) {
            return;
        }
        if (StringUtil.isBlank(this.pkcs11ConfFile)) {
            LOG.error("no pkcs11ConfFile is configured, could not initialize");
        } else {
            this.p11Conf = new P11Conf(new FileInputStream(this.pkcs11ConfFile), this.passwordResolver);
        }
    }

    @Override // org.xipki.security.pkcs11.P11CryptServiceFactory
    public synchronized P11CryptService getP11CryptService(String str) throws XiSecurityException, P11TokenException {
        if (this.p11Conf == null) {
            throw new IllegalStateException("please set pkcs11ConfFile and then call init() first");
        }
        String moduleName = getModuleName(str);
        P11ModuleConf moduleConf = this.p11Conf.moduleConf(moduleName);
        if (moduleConf == null) {
            throw new XiSecurityException("PKCS#11 module " + moduleName + " is not defined");
        }
        P11CryptService p11CryptService = services.get(str);
        if (p11CryptService != null) {
            return p11CryptService;
        }
        String nativeLibrary = moduleConf.nativeLibrary();
        P11Module p11Module = modules.get(nativeLibrary);
        if (p11Module == null) {
            p11Module = StringUtil.startsWithIgnoreCase(nativeLibrary, ProxyP11Module.PREFIX) ? ProxyP11Module.getInstance(moduleConf) : StringUtil.startsWithIgnoreCase(nativeLibrary, EmulatorP11Module.PREFIX) ? EmulatorP11Module.getInstance(moduleConf) : IaikP11Module.getInstance(moduleConf);
        }
        modules.put(nativeLibrary, p11Module);
        P11CryptService p11CryptService2 = new P11CryptService(p11Module);
        services.put(str, p11CryptService2);
        return p11CryptService2;
    }

    private String getModuleName(String str) {
        return str == null ? P11CryptServiceFactory.DEFAULT_P11MODULE_NAME : str;
    }

    public void setPkcs11ConfFile(String str) {
        this.pkcs11ConfFile = StringUtil.isBlank(str) ? null : str;
    }

    public void setPasswordResolver(PasswordResolver passwordResolver) {
        this.passwordResolver = passwordResolver;
    }

    @Override // org.xipki.security.pkcs11.P11CryptServiceFactory
    public void shutdown() {
        for (String str : modules.keySet()) {
            try {
                modules.get(str).close();
            } catch (Throwable th) {
                LogUtil.error(LOG, th, "could not close PKCS11 Module " + str);
            }
        }
        modules.clear();
        services.clear();
    }

    @Override // org.xipki.security.pkcs11.P11CryptServiceFactory
    public Set<String> moduleNames() {
        if (this.p11Conf == null) {
            throw new IllegalStateException("pkcs11ConfFile is not set");
        }
        return this.p11Conf.moduleNames();
    }
}
