package org.thingsboard.server.service.lwm2m;

import java.beans.ConstructorProperties;
import java.util.Optional;
import org.apache.commons.codec.binary.Base64;
import org.apache.kafka.common.network.NetworkReceive;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
import org.springframework.stereotype.Service;
import org.thingsboard.server.common.data.device.profile.lwm2m.bootstrap.LwM2MServerSecurityConfigDefault;
import org.thingsboard.server.common.transport.config.ssl.SslCredentials;
import org.thingsboard.server.transport.lwm2m.config.LwM2MSecureServerConfig;
import org.thingsboard.server.transport.lwm2m.config.LwM2MTransportBootstrapConfig;
import org.thingsboard.server.transport.lwm2m.config.LwM2MTransportServerConfig;

@Service
@ConditionalOnExpression("('${service.type:null}'=='monolith' || '${service.type:null}'=='tb-core') && '${transport.lwm2m.enabled:false}'=='true'")
/* loaded from: input_file:org/thingsboard/server/service/lwm2m/LwM2MServiceImpl.class */
public class LwM2MServiceImpl implements LwM2MService {
    private static final Logger log = LoggerFactory.getLogger(LwM2MServiceImpl.class);
    private final LwM2MTransportServerConfig serverConfig;
    private final Optional<LwM2MTransportBootstrapConfig> bootstrapConfig;

    @Override // org.thingsboard.server.service.lwm2m.LwM2MService
    public LwM2MServerSecurityConfigDefault getServerSecurityInfo(boolean z) {
        LwM2MSecureServerConfig lwM2MSecureServerConfig = z ? (LwM2MSecureServerConfig) this.bootstrapConfig.orElse(null) : this.serverConfig;
        if (lwM2MSecureServerConfig == null) {
            return null;
        }
        LwM2MServerSecurityConfigDefault serverSecurityConfig = getServerSecurityConfig(lwM2MSecureServerConfig);
        serverSecurityConfig.setBootstrapServerIs(z);
        return serverSecurityConfig;
    }

    private LwM2MServerSecurityConfigDefault getServerSecurityConfig(LwM2MSecureServerConfig lwM2MSecureServerConfig) {
        LwM2MServerSecurityConfigDefault lwM2MServerSecurityConfigDefault = new LwM2MServerSecurityConfigDefault();
        lwM2MServerSecurityConfigDefault.setShortServerId(lwM2MSecureServerConfig.getId());
        lwM2MServerSecurityConfigDefault.setHost(lwM2MSecureServerConfig.getHost());
        lwM2MServerSecurityConfigDefault.setPort(lwM2MSecureServerConfig.getPort());
        lwM2MServerSecurityConfigDefault.setSecurityHost(lwM2MSecureServerConfig.getSecureHost());
        lwM2MServerSecurityConfigDefault.setSecurityPort(lwM2MSecureServerConfig.getSecurePort());
        byte[] publicKey = getPublicKey(lwM2MSecureServerConfig);
        if (publicKey == null) {
            lwM2MServerSecurityConfigDefault.setServerPublicKey(NetworkReceive.UNKNOWN_SOURCE);
        } else {
            lwM2MServerSecurityConfigDefault.setServerPublicKey(Base64.encodeBase64String(publicKey));
        }
        byte[] certificate = getCertificate(lwM2MSecureServerConfig);
        if (certificate == null) {
            lwM2MServerSecurityConfigDefault.setServerCertificate(NetworkReceive.UNKNOWN_SOURCE);
        } else {
            lwM2MServerSecurityConfigDefault.setServerCertificate(Base64.encodeBase64String(certificate));
        }
        return lwM2MServerSecurityConfigDefault;
    }

    private byte[] getPublicKey(LwM2MSecureServerConfig lwM2MSecureServerConfig) {
        try {
            SslCredentials sslCredentials = lwM2MSecureServerConfig.getSslCredentials();
            if (sslCredentials != null) {
                return sslCredentials.getPublicKey().getEncoded();
            }
            return null;
        } catch (Exception e) {
            log.trace("Failed to fetch public key from key store!", e);
            return null;
        }
    }

    private byte[] getCertificate(LwM2MSecureServerConfig lwM2MSecureServerConfig) {
        try {
            SslCredentials sslCredentials = lwM2MSecureServerConfig.getSslCredentials();
            if (sslCredentials != null) {
                return sslCredentials.getCertificateChain()[0].getEncoded();
            }
            return null;
        } catch (Exception e) {
            log.trace("Failed to fetch certificate from key store!", e);
            return null;
        }
    }

    @ConstructorProperties({"serverConfig", "bootstrapConfig"})
    public LwM2MServiceImpl(LwM2MTransportServerConfig lwM2MTransportServerConfig, Optional<LwM2MTransportBootstrapConfig> optional) {
        this.serverConfig = lwM2MTransportServerConfig;
        this.bootstrapConfig = optional;
    }
}
