package com.sun.enterprise.security.store;

import com.hazelcast.internal.metrics.MetricDescriptorConstants;
import com.sun.enterprise.universal.i18n.LocalStringsImpl;
import com.sun.enterprise.util.CULoggerInfo;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.glassfish.grizzly.config.SSLConfigurator;
import org.jline.reader.EndOfFileException;
import org.jline.reader.LineReader;
import org.jline.reader.LineReaderBuilder;
import org.jline.reader.UserInterruptException;
import org.jline.terminal.TerminalBuilder;

/* loaded from: input_file:com/sun/enterprise/security/store/AsadminSecurityUtil.class */
public class AsadminSecurityUtil {
    private static final File DEFAULT_CLIENT_DIR;
    private static AsadminSecurityUtil instance = null;
    private static final Logger logger = CULoggerInfo.getLogger();
    private AsadminTruststore asadminTruststore = null;
    private KeyStore asadminKeystore = null;
    private static final LocalStringsImpl strmgr;

    public static synchronized AsadminSecurityUtil getInstance(char[] cArr, boolean z) {
        if (instance == null) {
            instance = new AsadminSecurityUtil(cArr, z);
        }
        return instance;
    }

    public static synchronized AsadminSecurityUtil getInstance(boolean z) {
        return getInstance(null, z);
    }

    public static char[] getAsadminTruststorePassword() {
        return System.getProperty("javax.net.ssl.trustStorePassword", "changeit").toCharArray();
    }

    public static File getDefaultClientDir() {
        if (!DEFAULT_CLIENT_DIR.isDirectory() && !DEFAULT_CLIENT_DIR.mkdirs()) {
            logger.log(Level.SEVERE, CULoggerInfo.errorCreatingDirectory, DEFAULT_CLIENT_DIR);
        }
        return DEFAULT_CLIENT_DIR;
    }

    private AsadminSecurityUtil(char[] cArr, boolean z) {
        try {
            init(cArr, z);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private char[] promptForPassword() {
        LineReader lineReader = null;
        try {
            try {
                lineReader = LineReaderBuilder.builder().terminal(TerminalBuilder.builder().system(true).build()).build();
                char[] charArray = lineReader.readLine(strmgr.get("certificateDbPrompt"), (char) 0).toCharArray();
                if (lineReader != null && lineReader.getTerminal() != null) {
                    try {
                        lineReader.getTerminal().close();
                    } catch (IOException e) {
                        logger.log(Level.WARNING, "Error closing terminal", (Throwable) e);
                    }
                }
                return charArray;
            } catch (Throwable th) {
                if (lineReader != null && lineReader.getTerminal() != null) {
                    try {
                        lineReader.getTerminal().close();
                    } catch (IOException e2) {
                        logger.log(Level.WARNING, "Error closing terminal", (Throwable) e2);
                    }
                }
                throw th;
            }
        } catch (IOException e3) {
            logger.log(Level.WARNING, "Error reading input", (Throwable) e3);
            if (lineReader == null || lineReader.getTerminal() == null) {
                return null;
            }
            try {
                lineReader.getTerminal().close();
                return null;
            } catch (IOException e4) {
                logger.log(Level.WARNING, "Error closing terminal", (Throwable) e4);
                return null;
            }
        } catch (EndOfFileException | UserInterruptException e5) {
            if (lineReader == null || lineReader.getTerminal() == null) {
                return null;
            }
            try {
                lineReader.getTerminal().close();
                return null;
            } catch (IOException e6) {
                logger.log(Level.WARNING, "Error closing terminal", (Throwable) e6);
                return null;
            }
        }
    }

    public AsadminTruststore getAsadminTruststore() {
        return this.asadminTruststore;
    }

    public KeyStore getAsadminKeystore() {
        return this.asadminKeystore;
    }

    private void init(char[] cArr, boolean z) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        char[] chooseMasterPassword = chooseMasterPassword(cArr);
        try {
            this.asadminKeystore = openKeystore(chooseMasterPassword);
            if (this.asadminKeystore == null) {
                logger.finer("Skipped loading keystore - location null");
            } else {
                logger.finer("Loaded keystore using command or default master password");
            }
        } catch (IOException e) {
            if (e.getCause() instanceof UnrecoverableKeyException) {
                if (!z) {
                    throw e;
                }
                chooseMasterPassword = promptForPassword();
                if (chooseMasterPassword == null) {
                    throw new IllegalArgumentException();
                }
                this.asadminKeystore = openKeystore(chooseMasterPassword);
                logger.finer("Loaded keystore using prompted master password");
            }
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
        try {
            this.asadminTruststore = openTruststore(chooseMasterPassword);
        } catch (IOException e3) {
            if (System.getProperty("javax.net.ssl.trustStore") != null) {
                throw e3;
            }
            logger.log(Level.WARNING, String.format("Error when reading truststore, exception:%s. Now recreating file", e3));
            recreateDefaultTrustStore(chooseMasterPassword);
        }
    }

    protected void recreateDefaultTrustStore(char[] cArr) throws IOException {
        File file = new File(getDefaultClientDir(), SSLConfigurator.TRUSTSTORE_ATTR);
        logger.log(Level.INFO, String.format("Recreating default truststore file: %s", file.getPath()));
        try {
            Files.deleteIfExists(file.toPath());
            this.asadminTruststore = openTruststore(cArr);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            logger.log(Level.WARNING, String.format("Error when processing truststore with path:%s and exception:%s", file.getPath(), e));
            throw new RuntimeException(e);
        }
    }

    private AsadminTruststore openTruststore(char[] cArr) throws CertificateException, KeyStoreException, NoSuchAlgorithmException, IOException {
        return new AsadminTruststore(cArr);
    }

    private KeyStore openKeystore(char[] cArr) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
        KeyStore keyStore = KeyStore.getInstance(SSLConfigurator.DEFAULT_KEYSTORE_TYPE);
        InputStream asadminKeyStoreStream = asadminKeyStoreStream();
        Throwable th = null;
        if (asadminKeyStoreStream == null) {
            if (asadminKeyStoreStream != null) {
                if (0 != 0) {
                    try {
                        asadminKeyStoreStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    asadminKeyStoreStream.close();
                }
            }
            return null;
        }
        try {
            try {
                keyStore.load(asadminKeyStoreStream, cArr);
                if (asadminKeyStoreStream != null) {
                    if (0 != 0) {
                        try {
                            asadminKeyStoreStream.close();
                        } catch (Throwable th3) {
                            th.addSuppressed(th3);
                        }
                    } else {
                        asadminKeyStoreStream.close();
                    }
                }
                return keyStore;
            } finally {
            }
        } catch (Throwable th4) {
            if (asadminKeyStoreStream != null) {
                if (th != null) {
                    try {
                        asadminKeyStoreStream.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    asadminKeyStoreStream.close();
                }
            }
            throw th4;
        }
    }

    private char[] chooseMasterPassword(char[] cArr) {
        return cArr == null ? defaultMasterPassword() : cArr;
    }

    private InputStream asadminKeyStoreStream() throws FileNotFoundException {
        String property = System.getProperty("javax.net.ssl.keyStore");
        if (property == null) {
            return null;
        }
        return new BufferedInputStream(new FileInputStream(property));
    }

    private char[] defaultMasterPassword() {
        return System.getProperty("javax.net.ssl.trustStorePassword", "changeit").toCharArray();
    }

    static {
        String str = System.getenv("AS_GFCLIENT");
        logger.log(Level.FINER, "AS_GFCLIENT: {0}", str);
        if (str != null) {
            DEFAULT_CLIENT_DIR = new File(str);
        } else {
            DEFAULT_CLIENT_DIR = new File(System.getProperty(MetricDescriptorConstants.FILE_DISCRIMINATOR_VALUE_DIR), ".gfclient");
        }
        logger.log(Level.FINER, "Set .gfclient directory to: {0}", DEFAULT_CLIENT_DIR);
        strmgr = new LocalStringsImpl(AsadminSecurityUtil.class);
    }
}
