package com.yahoo.athenz.common.server.store.impl;

import com.yahoo.athenz.auth.PrivateKeyStore;
import com.yahoo.athenz.common.ServerCommonConsts;
import com.yahoo.athenz.common.server.store.ChangeLogStore;
import com.yahoo.athenz.common.server.store.ChangeLogStoreFactory;
import java.io.File;
import java.security.PrivateKey;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/yahoo/athenz/common/server/store/impl/ZMSFileChangeLogStoreFactory.class */
public class ZMSFileChangeLogStoreFactory implements ChangeLogStoreFactory {
    private static final String ZTS_SERVER_PROP_KEY_PATH = "athenz.common.server.clog.zts_server_key_path";
    private static final String ZTS_SERVER_PROP_CERT_PATH = "athenz.common.server.clog.zts_server_cert_path";
    private static final String ZTS_SERVER_PROP_TRUSTORE_PATH = "athenz.common.server.clog.zts_server_trust_store_path";
    private static final String ZTS_SERVER_PROP_TRUSTORE_PWD_NAME = "athenz.common.server.clog.zts_server_trust_store_password_name";
    private static final String ZTS_SERVER_PROP_TRUSTORE_PWD_APP = "athenz.common.server.clog.zts_server_trust_store_password_app";
    PrivateKeyStore privateKeyStore;
    private static final Logger LOGGER = LoggerFactory.getLogger(ZMSFileChangeLogStoreFactory.class);
    private static final char[] DEFAULT_JDK_TRUSTSTORE_PWD = {'c', 'h', 'a', 'n', 'g', 'e', 'i', 't'};

    @Override // com.yahoo.athenz.common.server.store.ChangeLogStoreFactory
    public void setPrivateKeyStore(PrivateKeyStore privateKeyStore) {
        this.privateKeyStore = privateKeyStore;
    }

    @Override // com.yahoo.athenz.common.server.store.ChangeLogStoreFactory
    public ChangeLogStore create(String str, PrivateKey privateKey, String str2) {
        String str3 = str + File.separator + System.getProperty(ServerCommonConsts.PROP_DATA_STORE_SUBDIR, "zts_store");
        ChangeLogStore mtlsClientChangeLogStore = mtlsClientChangeLogStore(str3);
        if (mtlsClientChangeLogStore == null) {
            LOGGER.info("mtls client change log store not available");
            mtlsClientChangeLogStore = new ZMSFileChangeLogStore(str3, privateKey, str2);
        }
        return mtlsClientChangeLogStore;
    }

    ChangeLogStore mtlsClientChangeLogStore(String str) {
        String property = System.getProperty(ZTS_SERVER_PROP_KEY_PATH, "");
        String property2 = System.getProperty(ZTS_SERVER_PROP_CERT_PATH, "");
        String property3 = System.getProperty(ZTS_SERVER_PROP_TRUSTORE_PATH, "");
        if (property.isEmpty() || property2.isEmpty() || property3.isEmpty()) {
            LOGGER.info("Missing mtls client settings: key({}), cert({}), truststore({})", new Object[]{property, property2, property3});
            return null;
        }
        char[] cArr = DEFAULT_JDK_TRUSTSTORE_PWD;
        String property4 = System.getProperty(ZTS_SERVER_PROP_TRUSTORE_PWD_NAME, "");
        if (!property4.isEmpty()) {
            cArr = this.privateKeyStore == null ? property4.toCharArray() : this.privateKeyStore.getSecret(System.getProperty(ZTS_SERVER_PROP_TRUSTORE_PWD_APP), property4);
        }
        try {
            return new ZMSFileMTLSChangeLogStore(str, property, property2, property3, cArr);
        } catch (Exception e) {
            LOGGER.error("Unable to initialize change log store", e);
            throw new IllegalArgumentException(e.getMessage());
        }
    }
}
