package org.wso2.carbon.securevault.azure.handler;

import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import java.io.Console;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.util.Properties;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.securevault.azure.commons.Constants;
import org.wso2.carbon.securevault.azure.exception.AzureSecretRepositoryException;
import org.wso2.carbon.securevault.azure.repository.AzureSecretRepository;
import org.wso2.carbon.utils.CarbonUtils;
import org.wso2.securevault.secret.AbstractSecretCallbackHandler;
import org.wso2.securevault.secret.SingleSecretCallback;

/* loaded from: input_file:org/wso2/carbon/securevault/azure/handler/AzureSecretCallbackHandler.class */
public class AzureSecretCallbackHandler extends AbstractSecretCallbackHandler {
    private static final String ALIAS = "alias";
    private static final String IDENTITY = "identity";
    private static final String TRUE = "true";
    private static String keyStorePassword;
    private static String privateKeyPassword;
    private static final Log log = LogFactory.getLog(AzureSecretCallbackHandler.class);
    private static final String SECURITY = "security";
    private static final String CONFIG_FILE_PATH = CarbonUtils.getCarbonConfigDirPath() + File.separator + SECURITY + File.separator + Constants.CONFIG_FILE;

    protected void handleSingleSecretCallback(SingleSecretCallback singleSecretCallback) {
        if (StringUtils.isEmpty(keyStorePassword) || StringUtils.isEmpty(privateKeyPassword)) {
            boolean z = true;
            String property = System.getProperty("key.password");
            if (StringUtils.isNotEmpty(property) && TRUE.equals(property.trim())) {
                z = false;
            }
            try {
                retrievePasswordFromKeyVault(z);
            } catch (AzureSecretRepositoryException e) {
                if (log.isDebugEnabled()) {
                    log.debug("Retrieval of keystore and private key password from Key Vault failed with exception: ", e);
                }
            }
            if (StringUtils.isEmpty(keyStorePassword) || StringUtils.isEmpty(privateKeyPassword)) {
                log.warn("Reading keystore and/or private key password from Key Vault failed.");
                readPasswordThroughConsole(z);
            }
        }
        if (singleSecretCallback.getId().equals("identity.key.password")) {
            singleSecretCallback.setSecret(privateKeyPassword);
        } else {
            singleSecretCallback.setSecret(keyStorePassword);
        }
    }

    @SuppressFBWarnings({"PATH_TRAVERSAL_IN"})
    private void retrievePasswordFromKeyVault(boolean z) throws AzureSecretRepositoryException {
        FileInputStream fileInputStream;
        Throwable th;
        if (log.isDebugEnabled()) {
            log.debug("Reading Carbon Secure Vault keystore and private key passwords from Key Vault.");
        }
        Properties properties = new Properties();
        try {
            fileInputStream = new FileInputStream(CONFIG_FILE_PATH);
            th = null;
        } catch (IOException e) {
            log.error("Error while loading configurations from secret-conf.properties file.", e);
        }
        try {
            try {
                properties.load(fileInputStream);
                if (fileInputStream != null) {
                    if (0 != 0) {
                        try {
                            fileInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        fileInputStream.close();
                    }
                }
                if (properties == null) {
                    throw new AzureSecretRepositoryException("Failed to read properties from secret-conf.properties file.");
                }
                AzureSecretRepository azureSecretRepository = new AzureSecretRepository();
                azureSecretRepository.init(properties, Constants.AZURE_SECRET_CALLBACK_HANDLER);
                keyStorePassword = azureSecretRepository.getSecret(properties.getProperty("keystore.identity.store.alias"));
                if (z) {
                    privateKeyPassword = keyStorePassword;
                } else {
                    privateKeyPassword = azureSecretRepository.getSecret(properties.getProperty("keystore.identity.key.alias"));
                }
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } finally {
        }
    }

    private void readPasswordThroughConsole(boolean z) {
        char[] readPassword;
        char[] readPassword2;
        char[] readPassword3;
        if (log.isDebugEnabled()) {
            log.debug("Reading Carbon Secure Vault keystore and private key passwords from console.");
        }
        Console console = System.console();
        if (z) {
            if (console == null || (readPassword3 = console.readPassword("[%s]", "Enter the Keystore and Private Key Password:")) == null) {
                return;
            }
            keyStorePassword = String.valueOf(readPassword3);
            privateKeyPassword = keyStorePassword;
            return;
        }
        if (console != null && (readPassword2 = console.readPassword("[%s]", "Enter the Keystore Password:")) != null) {
            keyStorePassword = String.valueOf(readPassword2);
        }
        if (console == null || (readPassword = console.readPassword("[%s]", "Enter the Private Key Password:")) == null) {
            return;
        }
        privateKeyPassword = String.valueOf(readPassword);
    }
}
