package com.sun.enterprise.admin.servermgmt;

import com.sun.enterprise.admin.servermgmt.pe.PEFileLayout;
import com.sun.enterprise.universal.glassfish.ASenvPropertyReader;
import com.sun.enterprise.universal.io.SmartFile;
import com.sun.enterprise.universal.process.ProcessUtils;
import com.sun.enterprise.util.ExecException;
import com.sun.enterprise.util.OS;
import com.sun.enterprise.util.ProcessExecutor;
import com.sun.enterprise.util.SystemPropertyConstants;
import com.sun.enterprise.util.i18n.StringManager;
import com.sun.enterprise.util.io.FileUtils;
import com.sun.enterprise.util.net.NetUtils;
import com.sun.logging.LogDomains;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.regex.Pattern;

/* loaded from: input_file:com/sun/enterprise/admin/servermgmt/KeystoreManager.class */
public class KeystoreManager {
    private static final String KEYTOOL_CMD;
    private static final String KEYTOOL_EXE_NAME;
    private static String CERTIFICATE_DN_PREFIX;
    private static String CERTIFICATE_DN_SUFFIX;
    public static final String CERTIFICATE_ALIAS = "s1as";
    public static final String INSTANCE_SECURE_ADMIN_ALIAS = "glassfish-instance";
    public static final String DEFAULT_MASTER_PASSWORD = "changeit";
    private static final String SKID_EXTENSION_SYSTEM_PROPERTY = "-J-Dsun.security.internal.keytool.skid";
    private static final String INSTANCE_CN_SUFFIX = "-instance";
    private static final Logger logger;
    protected PEFileLayout _fileLayout = null;
    private static final StringManager _strMgr;

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:com/sun/enterprise/admin/servermgmt/KeystoreManager$KeytoolExecutor.class */
    public static class KeytoolExecutor extends ProcessExecutor {
        public KeytoolExecutor(String[] strArr, long j) {
            super(strArr, j);
            setExecutionRetentionFlag(true);
            addKeytoolCommand();
        }

        public KeytoolExecutor(String[] strArr, long j, String[] strArr2) {
            super(strArr, j, strArr2);
            setExecutionRetentionFlag(true);
            addKeytoolCommand();
        }

        @Override // com.sun.enterprise.util.ProcessExecutor
        protected String getExceptionMessage() {
            return getLatestOutput(this.mOutFile) + " " + getFileBuffer(this.mErrFile);
        }

        private void addKeytoolCommand() {
            if (this.mCmdStrings[0].equals(KeystoreManager.KEYTOOL_CMD)) {
                return;
            }
            String[] strArr = new String[this.mCmdStrings.length + 1];
            strArr[0] = KeystoreManager.KEYTOOL_CMD;
            System.arraycopy(this.mCmdStrings, 0, strArr, 1, this.mCmdStrings.length);
            this.mCmdStrings = strArr;
        }

        public void execute(String str, File file) throws RepositoryException {
            try {
                super.execute();
                if (getProcessExitValue() != 0) {
                    throw new RepositoryException(KeystoreManager._strMgr.getString(str, file) + getLastExecutionError() + " " + getLastExecutionOutput());
                }
            } catch (ExecException e) {
                throw new RepositoryException(KeystoreManager._strMgr.getString(str, file) + getLastExecutionError() + " " + getLastExecutionOutput(), e);
            }
        }
    }

    protected static String getCertificateDN(RepositoryConfig repositoryConfig, String str) {
        String cNFromCfg = getCNFromCfg(repositoryConfig);
        if (cNFromCfg == null) {
            try {
                cNFromCfg = NetUtils.getCanonicalHostName();
            } catch (Exception e) {
                cNFromCfg = "localhost";
            }
        }
        return CERTIFICATE_DN_PREFIX + cNFromCfg + (str != null ? str : "") + CERTIFICATE_DN_SUFFIX;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public PEFileLayout getFileLayout(RepositoryConfig repositoryConfig) {
        if (this._fileLayout == null) {
            this._fileLayout = new PEFileLayout(repositoryConfig);
        }
        return this._fileLayout;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void createSSLCertificateDatabase(RepositoryConfig repositoryConfig, String str) {
        try {
            createKeyStore(repositoryConfig, str);
            createTrustStore(repositoryConfig, str);
        } catch (RepositoryException e) {
            System.err.println(_strMgr.getString("SomeProblemWithKeytool", e.getMessage()));
            try {
                PEFileLayout fileLayout = getFileLayout(repositoryConfig);
                FileUtils.copy(fileLayout.getKeyStoreTemplate(), fileLayout.getKeyStore());
                FileUtils.copy(fileLayout.getTrustStoreTemplate(), fileLayout.getTrustStore());
            } catch (Exception e2) {
                logger.log(Level.SEVERE, (String) null, (Throwable) e2);
            }
        }
    }

    protected void createKeyStore(RepositoryConfig repositoryConfig, String str) throws RepositoryException {
        File keyStore = getFileLayout(repositoryConfig).getKeyStore();
        String dASCertDN = getDASCertDN(repositoryConfig);
        System.out.println(_strMgr.getString("CertificateDN", dASCertDN));
        addSelfSignedCertToKeyStore(keyStore, "s1as", str, dASCertDN);
        String instanceCertDN = getInstanceCertDN(repositoryConfig);
        System.out.println(_strMgr.getString("CertificateDN", instanceCertDN));
        addSelfSignedCertToKeyStore(keyStore, "glassfish-instance", str, instanceCertDN);
    }

    private void addSelfSignedCertToKeyStore(File file, String str, String str2, String str3) throws RepositoryException {
        new KeytoolExecutor(new String[]{"-genkey", "-keyalg", "RSA", "-keystore", file.getAbsolutePath(), "-alias", str, "-dname", str3, "-validity", "3650", "-keypass", str2, "-storepass", str2, SKID_EXTENSION_SYSTEM_PROPERTY}, 60L).execute("keystoreNotCreated", file);
    }

    protected void createTrustStore(RepositoryConfig repositoryConfig, String str) throws RepositoryException {
        PEFileLayout fileLayout = getFileLayout(repositoryConfig);
        File trustStoreTemplate = fileLayout.getTrustStoreTemplate();
        File trustStore = fileLayout.getTrustStore();
        try {
            FileUtils.copy(trustStoreTemplate, trustStore);
            changeKeystorePassword(DEFAULT_MASTER_PASSWORD, str, trustStore);
            copyCert(fileLayout, "s1as", str);
            copyCert(fileLayout, "glassfish-instance", str);
        } catch (IOException e) {
            throw new RepositoryException(_strMgr.getString("trustStoreNotCreated", trustStore), e);
        }
    }

    private void copyCert(PEFileLayout pEFileLayout, String str, String str2) throws RepositoryException {
        File keyStore = pEFileLayout.getKeyStore();
        File trustStore = pEFileLayout.getTrustStore();
        File file = null;
        String[] strArr = {str2};
        try {
            file = new File(pEFileLayout.getConfigRoot(), str + ".cer");
            new KeytoolExecutor(new String[]{"-export", "-keystore", keyStore.getAbsolutePath(), "-alias", str, "-file", file.getAbsolutePath()}, 30L, strArr).execute("trustStoreNotCreated", trustStore);
            new KeytoolExecutor(new String[]{"-import", "-noprompt", "-keystore", trustStore.getAbsolutePath(), "-alias", str, "-file", file.getAbsolutePath()}, 30L, strArr).execute("trustStoreNotCreated", trustStore);
            if (file == null || file.delete()) {
                return;
            }
            logger.log(Level.WARNING, "errorDeletingTempCertFile", file.getAbsolutePath());
        } catch (Throwable th) {
            if (file != null && !file.delete()) {
                logger.log(Level.WARNING, "errorDeletingTempCertFile", file.getAbsolutePath());
            }
            throw th;
        }
    }

    protected void changeKeystorePassword(String str, String str2, File file) throws RepositoryException {
        if (str.equals(str2)) {
            return;
        }
        new KeytoolExecutor(new String[]{"-storepasswd", "-keystore", file.getAbsolutePath()}, 30L, new String[]{str, str2, str2}).execute("keyStorePasswordNotChanged", file);
    }

    protected void changeS1ASAliasPassword(RepositoryConfig repositoryConfig, String str, String str2, String str3) throws RepositoryException {
        if (str.equals(str2) || str2.equals(str3)) {
            return;
        }
        File keyStore = getFileLayout(repositoryConfig).getKeyStore();
        String property = System.getProperty("javax.net.ssl.keyStoreType");
        if (property == null) {
            property = KeyStore.getDefaultType();
        }
        ArrayList arrayList = new ArrayList();
        FileInputStream fileInputStream = null;
        try {
            try {
                KeyStore keyStore2 = KeyStore.getInstance(property);
                fileInputStream = new FileInputStream(keyStore);
                keyStore2.load(fileInputStream, str.toCharArray());
                Enumeration<String> aliases = keyStore2.aliases();
                while (aliases.hasMoreElements()) {
                    arrayList.add(aliases.nextElement());
                }
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e) {
                        logger.log(Level.SEVERE, (String) null, (Throwable) e);
                    }
                }
            } catch (Throwable th) {
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e2) {
                        logger.log(Level.SEVERE, (String) null, (Throwable) e2);
                    }
                }
                throw th;
            }
        } catch (Exception e3) {
            arrayList.add("s1as");
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException e4) {
                    logger.log(Level.SEVERE, (String) null, (Throwable) e4);
                }
            }
        }
        try {
            new KeytoolExecutor(new String[]{"-list", "-keystore", keyStore.getAbsolutePath(), "-alias", "s1as"}, 30L, new String[]{str}).execute("s1asKeyPasswordNotChanged", keyStore);
            Iterator it = arrayList.iterator();
            while (it.hasNext()) {
                new KeytoolExecutor(new String[]{"-keypasswd", "-keystore", keyStore.getAbsolutePath(), "-alias", (String) it.next()}, 30L, new String[]{str, str2, str3, str3}).execute("s1asKeyPasswordNotChanged", keyStore);
            }
        } catch (RepositoryException e5) {
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void changeSSLCertificateDatabasePassword(RepositoryConfig repositoryConfig, String str, String str2) throws RepositoryException {
        PEFileLayout fileLayout = getFileLayout(repositoryConfig);
        File keyStore = fileLayout.getKeyStore();
        File trustStore = fileLayout.getTrustStore();
        if (keyStore.exists()) {
            changeKeystorePassword(str, str2, keyStore);
            try {
                changeS1ASAliasPassword(repositoryConfig, str2, str, str2);
            } catch (Exception e) {
                logger.log(Level.SEVERE, (String) null, (Throwable) e);
            }
        }
        if (trustStore.exists()) {
            changeKeystorePassword(str, str2, trustStore);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void chmod(String str, File file) throws IOException {
        if (OS.isUNIX()) {
            if (str == null || file == null) {
                throw new IOException(_strMgr.getString("nullArg"));
            }
            if (!file.exists()) {
                throw new IOException(_strMgr.getString("fileNotFound"));
            }
            String[] split = str.split(" +");
            ArrayList arrayList = new ArrayList();
            arrayList.add("/bin/chmod");
            arrayList.addAll(Arrays.asList(split));
            arrayList.add(file.getAbsolutePath());
            new ProcessBuilder(arrayList).start();
        }
    }

    public static String getDASCertDN(RepositoryConfig repositoryConfig) {
        return getCertificateDN(repositoryConfig, null);
    }

    public static String getInstanceCertDN(RepositoryConfig repositoryConfig) {
        return getCertificateDN(repositoryConfig, INSTANCE_CN_SUFFIX);
    }

    private static String getCNFromCfg(RepositoryConfig repositoryConfig) {
        String cNFromOption;
        String str = (String) repositoryConfig.get(DomainConfig.KEYTOOLOPTIONS);
        if (str == null || str.length() == 0 || (cNFromOption = getCNFromOption(str)) == null || cNFromOption.length() == 0) {
            return null;
        }
        return cNFromOption;
    }

    private static String getValueFromOptionForName(String str, String str2, boolean z) {
        for (String str3 : Pattern.compile(":").split(str)) {
            String[] split = Pattern.compile("=").split(str3);
            String trim = split[0].trim();
            String trim2 = split[1].trim();
            if (z ? trim.equalsIgnoreCase(str2) : trim.equals(str2)) {
                return trim2;
            }
        }
        return null;
    }

    private static String getCNFromOption(String str) {
        return getValueFromOptionForName(str, "CN", true);
    }

    static {
        KEYTOOL_EXE_NAME = OS.isWindows() ? "keytool.exe" : "keytool";
        CERTIFICATE_DN_PREFIX = "CN=";
        CERTIFICATE_DN_SUFFIX = ",OU=GlassFish,O=Oracle Corporation,L=Santa Clara,ST=California,C=US";
        logger = LogDomains.getLogger(KeystoreManager.class, "javax.enterprise.system.tools.admin");
        String str = KEYTOOL_EXE_NAME;
        File file = new File(new File(new ASenvPropertyReader().getProps().get(SystemPropertyConstants.JAVA_ROOT_PROPERTY), PEFileLayout.BIN_DIR), KEYTOOL_EXE_NAME);
        if (file.canExecute()) {
            str = SmartFile.sanitize(file.getPath());
        } else {
            File exe = ProcessUtils.getExe(KEYTOOL_EXE_NAME);
            if (exe != null && exe.canExecute()) {
                str = exe.getPath();
            }
        }
        KEYTOOL_CMD = str;
        _strMgr = StringManager.getManager(KeystoreManager.class);
    }
}
