package org.eclipse.leshan.server.californium.bootstrap;

import java.net.InetSocketAddress;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.List;
import org.eclipse.californium.core.config.CoapConfig;
import org.eclipse.californium.core.network.CoapEndpoint;
import org.eclipse.californium.core.observe.ObservationStore;
import org.eclipse.californium.elements.config.Configuration;
import org.eclipse.californium.elements.config.SystemConfig;
import org.eclipse.californium.elements.config.UdpConfig;
import org.eclipse.californium.oscore.OSCoreCtxDB;
import org.eclipse.californium.scandium.config.DtlsConfig;
import org.eclipse.californium.scandium.config.DtlsConnectorConfig;
import org.eclipse.californium.scandium.dtls.CertificateType;
import org.eclipse.californium.scandium.dtls.cipher.CipherSuite;
import org.eclipse.californium.scandium.dtls.x509.SingleCertificateProvider;
import org.eclipse.californium.scandium.dtls.x509.StaticNewAdvancedCertificateVerifier;
import org.eclipse.leshan.core.californium.DefaultEndpointFactory;
import org.eclipse.leshan.core.californium.EndpointFactory;
import org.eclipse.leshan.core.californium.oscore.cf.InMemoryOscoreContextDB;
import org.eclipse.leshan.core.link.lwm2m.DefaultLwM2mLinkParser;
import org.eclipse.leshan.core.link.lwm2m.LwM2mLinkParser;
import org.eclipse.leshan.core.node.codec.DefaultLwM2mDecoder;
import org.eclipse.leshan.core.node.codec.DefaultLwM2mEncoder;
import org.eclipse.leshan.core.node.codec.LwM2mDecoder;
import org.eclipse.leshan.core.node.codec.LwM2mEncoder;
import org.eclipse.leshan.server.bootstrap.BootstrapConfigStore;
import org.eclipse.leshan.server.bootstrap.BootstrapConfigStoreTaskProvider;
import org.eclipse.leshan.server.bootstrap.BootstrapHandler;
import org.eclipse.leshan.server.bootstrap.BootstrapHandlerFactory;
import org.eclipse.leshan.server.bootstrap.BootstrapSessionListener;
import org.eclipse.leshan.server.bootstrap.BootstrapSessionManager;
import org.eclipse.leshan.server.bootstrap.DefaultBootstrapAuthorizer;
import org.eclipse.leshan.server.bootstrap.DefaultBootstrapHandler;
import org.eclipse.leshan.server.bootstrap.DefaultBootstrapSessionManager;
import org.eclipse.leshan.server.bootstrap.InMemoryBootstrapConfigStore;
import org.eclipse.leshan.server.bootstrap.LwM2mBootstrapRequestSender;
import org.eclipse.leshan.server.model.LwM2mBootstrapModelProvider;
import org.eclipse.leshan.server.model.StandardBootstrapModelProvider;
import org.eclipse.leshan.server.security.BootstrapAuthorizer;
import org.eclipse.leshan.server.security.BootstrapSecurityStore;
import org.eclipse.leshan.server.security.SecurityChecker;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipse/leshan/server/californium/bootstrap/LeshanBootstrapServerBuilder.class */
public class LeshanBootstrapServerBuilder {
    private static final Logger LOG = LoggerFactory.getLogger(LeshanBootstrapServerBuilder.class);
    private InetSocketAddress localAddress;
    private InetSocketAddress localAddressSecure;
    private BootstrapConfigStore configStore;
    private BootstrapSecurityStore securityStore;
    private BootstrapSessionManager sessionManager;
    private BootstrapHandlerFactory bootstrapHandlerFactory;
    private LwM2mBootstrapModelProvider modelProvider;
    private Configuration coapConfig;
    private DtlsConnectorConfig.Builder dtlsConfigBuilder;
    private LwM2mEncoder encoder;
    private LwM2mDecoder decoder;
    private PublicKey publicKey;
    private PrivateKey privateKey;
    private X509Certificate[] certificateChain;
    private Certificate[] trustedCertificates;
    private EndpointFactory endpointFactory;
    private boolean noSecuredEndpoint;
    private boolean noUnsecuredEndpoint;
    private LwM2mLinkParser linkParser;
    private boolean enableOscore = false;
    private BootstrapAuthorizer authorizer;

    public LeshanBootstrapServerBuilder setLocalAddress(String str, int i) {
        if (str == null) {
            this.localAddress = new InetSocketAddress(i);
        } else {
            this.localAddress = new InetSocketAddress(str, i);
        }
        return this;
    }

    public LeshanBootstrapServerBuilder setLocalAddress(InetSocketAddress inetSocketAddress) {
        this.localAddress = inetSocketAddress;
        return this;
    }

    public LeshanBootstrapServerBuilder setLocalSecureAddress(String str, int i) {
        if (str == null) {
            this.localAddressSecure = new InetSocketAddress(i);
        } else {
            this.localAddressSecure = new InetSocketAddress(str, i);
        }
        return this;
    }

    public LeshanBootstrapServerBuilder setLocalSecureAddress(InetSocketAddress inetSocketAddress) {
        this.localAddressSecure = inetSocketAddress;
        return this;
    }

    public LeshanBootstrapServerBuilder setPublicKey(PublicKey publicKey) {
        this.publicKey = publicKey;
        return this;
    }

    public <T extends X509Certificate> LeshanBootstrapServerBuilder setCertificateChain(T[] tArr) {
        this.certificateChain = tArr;
        return this;
    }

    public LeshanBootstrapServerBuilder setPrivateKey(PrivateKey privateKey) {
        this.privateKey = privateKey;
        return this;
    }

    public <T extends Certificate> LeshanBootstrapServerBuilder setTrustedCertificates(T[] tArr) {
        this.trustedCertificates = tArr;
        return this;
    }

    public LeshanBootstrapServerBuilder setConfigStore(BootstrapConfigStore bootstrapConfigStore) {
        this.configStore = bootstrapConfigStore;
        return this;
    }

    public LeshanBootstrapServerBuilder setSecurityStore(BootstrapSecurityStore bootstrapSecurityStore) {
        this.securityStore = bootstrapSecurityStore;
        return this;
    }

    public LeshanBootstrapServerBuilder setSessionManager(BootstrapSessionManager bootstrapSessionManager) {
        this.sessionManager = bootstrapSessionManager;
        return this;
    }

    public LeshanBootstrapServerBuilder setBootstrapHandlerFactory(BootstrapHandlerFactory bootstrapHandlerFactory) {
        this.bootstrapHandlerFactory = bootstrapHandlerFactory;
        return this;
    }

    public LeshanBootstrapServerBuilder setObjectModelProvider(LwM2mBootstrapModelProvider lwM2mBootstrapModelProvider) {
        this.modelProvider = lwM2mBootstrapModelProvider;
        return this;
    }

    public LeshanBootstrapServerBuilder setEncoder(LwM2mEncoder lwM2mEncoder) {
        this.encoder = lwM2mEncoder;
        return this;
    }

    public LeshanBootstrapServerBuilder setDecoder(LwM2mDecoder lwM2mDecoder) {
        this.decoder = lwM2mDecoder;
        return this;
    }

    public LeshanBootstrapServerBuilder setCoapConfig(Configuration configuration) {
        this.coapConfig = configuration;
        return this;
    }

    public LeshanBootstrapServerBuilder setDtlsConfig(DtlsConnectorConfig.Builder builder) {
        this.dtlsConfigBuilder = builder;
        return this;
    }

    public LeshanBootstrapServerBuilder setEndpointFactory(EndpointFactory endpointFactory) {
        this.endpointFactory = endpointFactory;
        return this;
    }

    public void setLinkParser(LwM2mLinkParser lwM2mLinkParser) {
        this.linkParser = lwM2mLinkParser;
    }

    public LeshanBootstrapServerBuilder disableUnsecuredEndpoint() {
        this.noUnsecuredEndpoint = true;
        return this;
    }

    public LeshanBootstrapServerBuilder disableSecuredEndpoint() {
        this.noSecuredEndpoint = true;
        return this;
    }

    public LeshanBootstrapServerBuilder setEnableOscore(boolean z) {
        this.enableOscore = z;
        return this;
    }

    public LeshanBootstrapServerBuilder setAuthorizer(BootstrapAuthorizer bootstrapAuthorizer) {
        this.authorizer = bootstrapAuthorizer;
        return this;
    }

    public static Configuration createDefaultCoapConfiguration() {
        Configuration configuration = new Configuration(new Configuration.ModuleDefinitionsProvider[]{CoapConfig.DEFINITIONS, DtlsConfig.DEFINITIONS, UdpConfig.DEFINITIONS, SystemConfig.DEFINITIONS});
        configuration.set(CoapConfig.MID_TRACKER, CoapConfig.TrackerMode.NULL);
        configuration.set(DtlsConfig.DTLS_ROLE, DtlsConfig.DtlsRole.SERVER_ONLY);
        return configuration;
    }

    public LeshanBootstrapServer build() {
        List list;
        if (this.localAddress == null) {
            this.localAddress = new InetSocketAddress(5683);
        }
        if (this.bootstrapHandlerFactory == null) {
            this.bootstrapHandlerFactory = new BootstrapHandlerFactory() { // from class: org.eclipse.leshan.server.californium.bootstrap.LeshanBootstrapServerBuilder.1
                public BootstrapHandler create(LwM2mBootstrapRequestSender lwM2mBootstrapRequestSender, BootstrapSessionManager bootstrapSessionManager, BootstrapSessionListener bootstrapSessionListener) {
                    return new DefaultBootstrapHandler(lwM2mBootstrapRequestSender, bootstrapSessionManager, bootstrapSessionListener);
                }
            };
        }
        if (this.configStore == null) {
            this.configStore = new InMemoryBootstrapConfigStore();
        } else if (this.sessionManager != null) {
            LOG.warn("configStore is set but you also provide a custom SessionManager so this store will not be used");
        }
        if (this.modelProvider == null) {
            this.modelProvider = new StandardBootstrapModelProvider();
        } else if (this.sessionManager != null) {
            LOG.warn("modelProvider is set but you also provide a custom SessionManager so this provider will not be used");
        }
        if (this.sessionManager == null) {
            SecurityChecker securityChecker = new SecurityChecker();
            if (this.authorizer == null) {
                this.authorizer = new DefaultBootstrapAuthorizer(this.securityStore, securityChecker);
            }
            this.sessionManager = new DefaultBootstrapSessionManager(new BootstrapConfigStoreTaskProvider(this.configStore), this.modelProvider, this.authorizer);
        }
        if (this.coapConfig == null) {
            this.coapConfig = createDefaultCoapConfiguration();
        }
        if (this.endpointFactory == null) {
            this.endpointFactory = new DefaultEndpointFactory("LWM2M BS Server", false);
        }
        if (this.encoder == null) {
            this.encoder = new DefaultLwM2mEncoder();
        }
        if (this.decoder == null) {
            this.decoder = new DefaultLwM2mDecoder();
        }
        if (this.linkParser == null) {
            this.linkParser = new DefaultLwM2mLinkParser();
        }
        DtlsConnectorConfig dtlsConnectorConfig = null;
        if (!this.noSecuredEndpoint && shouldTryToCreateSecureEndpoint()) {
            if (this.dtlsConfigBuilder == null) {
                this.dtlsConfigBuilder = DtlsConnectorConfig.builder(this.coapConfig);
            }
            DtlsConnectorConfig incompleteConfig = this.dtlsConfigBuilder.getIncompleteConfig();
            if (incompleteConfig.getAdvancedPskStore() != null) {
                LOG.warn("PskStore should be automatically set by Leshan. Using a custom implementation is not advised.");
            } else if (this.securityStore != null && ((list = (List) incompleteConfig.getConfiguration().get(DtlsConfig.DTLS_CIPHER_SUITES)) == null || CipherSuite.containsPskBasedCipherSuite(list))) {
                this.dtlsConfigBuilder.setAdvancedPskStore(new LwM2mBootstrapPskStore(this.securityStore));
            }
            if (incompleteConfig.getAddress() == null) {
                if (this.localAddressSecure == null) {
                    this.localAddressSecure = new InetSocketAddress(5684);
                }
                this.dtlsConfigBuilder.setAddress(this.localAddressSecure);
            } else if (this.localAddressSecure != null && !this.localAddressSecure.equals(incompleteConfig.getAddress())) {
                throw new IllegalStateException(String.format("Configuration conflict between LeshanBuilder and DtlsConnectorConfig.Builder for secure address: %s != %s", this.localAddressSecure, incompleteConfig.getAddress()));
            }
            if (incompleteConfig.getCertificateIdentityProvider() != null) {
                if (this.privateKey != null) {
                    throw new IllegalStateException(String.format("Configuration conflict between LeshanBuilder and DtlsConnectorConfig.Builder for private key", new Object[0]));
                }
                if (this.publicKey != null) {
                    throw new IllegalStateException(String.format("Configuration conflict between LeshanBuilder and DtlsConnectorConfig.Builder for public key", new Object[0]));
                }
                if (this.certificateChain != null) {
                    throw new IllegalStateException(String.format("Configuration conflict between LeshanBuilder and DtlsConnectorConfig.Builder for certificate chain", new Object[0]));
                }
            } else if (this.privateKey != null) {
                if (this.certificateChain == null && this.publicKey != null) {
                    this.dtlsConfigBuilder.setCertificateIdentityProvider(new SingleCertificateProvider(this.privateKey, this.publicKey));
                }
                if (this.certificateChain != null && this.certificateChain.length > 0) {
                    this.dtlsConfigBuilder.setCertificateIdentityProvider(new SingleCertificateProvider(this.privateKey, this.certificateChain, new CertificateType[]{CertificateType.X_509, CertificateType.RAW_PUBLIC_KEY}));
                }
            }
            if (incompleteConfig.getAdvancedCertificateVerifier() != null) {
                if (this.trustedCertificates != null) {
                    throw new IllegalStateException("Configuration conflict between LeshanBuilder and DtlsConnectorConfig.Builder: if a AdvancedCertificateVerifier is set, trustedCertificates must not be set.");
                }
            } else if (incompleteConfig.getCertificateIdentityProvider() != null) {
                StaticNewAdvancedCertificateVerifier.Builder builder = StaticNewAdvancedCertificateVerifier.builder();
                builder.setTrustAllRPKs();
                if (this.trustedCertificates != null) {
                    builder.setTrustedCertificates(this.trustedCertificates);
                }
                this.dtlsConfigBuilder.setAdvancedCertificateVerifier(builder.build());
            }
            try {
                dtlsConnectorConfig = this.dtlsConfigBuilder.build();
            } catch (IllegalStateException e) {
                LOG.warn("Unable to create DTLS config and so secured endpoint.", e);
            }
        }
        OSCoreCtxDB oSCoreCtxDB = null;
        OscoreBootstrapListener oscoreBootstrapListener = null;
        BootstrapOscoreContextCleaner bootstrapOscoreContextCleaner = null;
        if (this.enableOscore && this.securityStore != null) {
            oscoreBootstrapListener = new OscoreBootstrapListener();
            oSCoreCtxDB = new InMemoryOscoreContextDB(new LwM2mBootstrapOscoreStore(this.securityStore, oscoreBootstrapListener));
            bootstrapOscoreContextCleaner = new BootstrapOscoreContextCleaner(oSCoreCtxDB);
            LOG.warn("Experimental OSCORE feature is enabled.");
        }
        CoapEndpoint coapEndpoint = null;
        if (!this.noUnsecuredEndpoint) {
            coapEndpoint = this.endpointFactory.createUnsecuredEndpoint(this.localAddress, this.coapConfig, (ObservationStore) null, oSCoreCtxDB);
        }
        CoapEndpoint coapEndpoint2 = null;
        if (!this.noSecuredEndpoint && dtlsConnectorConfig != null) {
            coapEndpoint2 = this.endpointFactory.createSecuredEndpoint(dtlsConnectorConfig, this.coapConfig, (ObservationStore) null, (OSCoreCtxDB) null);
        }
        if (coapEndpoint2 == null && coapEndpoint == null) {
            throw new IllegalStateException("All CoAP enpoints are deactivated, at least one endpoint should be activated");
        }
        LeshanBootstrapServer createBootstrapServer = createBootstrapServer(coapEndpoint, coapEndpoint2, this.sessionManager, this.bootstrapHandlerFactory, this.coapConfig, this.encoder, this.decoder, this.linkParser);
        if (oscoreBootstrapListener != null) {
            createBootstrapServer.addListener(oscoreBootstrapListener);
        }
        if (bootstrapOscoreContextCleaner != null) {
            createBootstrapServer.addListener(bootstrapOscoreContextCleaner);
        }
        return createBootstrapServer;
    }

    protected boolean shouldTryToCreateSecureEndpoint() {
        return (this.dtlsConfigBuilder == null && this.certificateChain == null && this.privateKey == null && this.publicKey == null && this.securityStore == null && this.trustedCertificates == null) ? false : true;
    }

    protected LeshanBootstrapServer createBootstrapServer(CoapEndpoint coapEndpoint, CoapEndpoint coapEndpoint2, BootstrapSessionManager bootstrapSessionManager, BootstrapHandlerFactory bootstrapHandlerFactory, Configuration configuration, LwM2mEncoder lwM2mEncoder, LwM2mDecoder lwM2mDecoder, LwM2mLinkParser lwM2mLinkParser) {
        return new LeshanBootstrapServer(coapEndpoint, coapEndpoint2, bootstrapSessionManager, bootstrapHandlerFactory, configuration, lwM2mEncoder, lwM2mDecoder, lwM2mLinkParser);
    }
}
