package org.cesecore.keys.validation;

import java.io.File;
import java.io.Serializable;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.collections.ListUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.cesecore.certificates.ca.CA;
import org.cesecore.profiles.Profile;
import org.cesecore.util.ExternalProcessException;
import org.cesecore.util.ExternalProcessTools;
import org.cesecore.util.ui.DynamicUiActionCallback;
import org.cesecore.util.ui.DynamicUiCallbackException;
import org.cesecore.util.ui.DynamicUiModel;
import org.cesecore.util.ui.DynamicUiProperty;

/* loaded from: input_file:org/cesecore/keys/validation/ExternalCommandCertificateValidator.class */
public class ExternalCommandCertificateValidator extends CertificateValidatorBase {
    private static final long serialVersionUID = -135859158339811678L;
    private static final Logger log = Logger.getLogger(ExternalCommandCertificateValidator.class);
    public static final float LATEST_VERSION = 4.0f;
    private static final String TYPE_IDENTIFIER = "EXTERNAL_CERTIFICATE_VALIDATOR";
    protected static final String EXTERNAL_COMMAND = "externalCommand";
    protected static final String FAIL_ON_ERROR_CODE = "failOnErrorCode";
    protected static final String FAIL_ON_STANDARD_ERROR = "failOnStandardError";
    protected static final String LOG_STANDARD_OUT = "logStandardOut";
    protected static final String LOG_ERROR_OUT = "logErrorOut";
    private List<Certificate> testCertificates;

    public ExternalCommandCertificateValidator() {
    }

    public ExternalCommandCertificateValidator(String str) {
        super(str);
    }

    @Override // org.cesecore.keys.validation.CertificateValidatorBase, org.cesecore.keys.validation.ValidatorBase, org.cesecore.keys.validation.Validator
    public void init() {
        super.init();
        if (this.data.get(EXTERNAL_COMMAND) == null) {
            setExternalCommand("");
        }
        if (this.data.get(FAIL_ON_ERROR_CODE) == null) {
            setFailOnErrorCode(true);
        }
        if (this.data.get(FAIL_ON_STANDARD_ERROR) == null) {
            setFailOnStandardError(true);
        }
        if (this.data.get(LOG_STANDARD_OUT) == null) {
            setLogStandardOut(true);
        }
        if (this.data.get(LOG_ERROR_OUT) == null) {
            setLogErrorOut(true);
        }
    }

    @Override // org.cesecore.util.ui.DynamicUiModelAware
    public void initDynamicUiModel() {
        this.uiModel = new DynamicUiModel(this.data);
        this.uiModel.add(new DynamicUiProperty<>("settings"));
        DynamicUiProperty<? extends Serializable> dynamicUiProperty = new DynamicUiProperty<>((Class<String>) String.class, EXTERNAL_COMMAND, getExternalCommand());
        dynamicUiProperty.setRequired(true);
        this.uiModel.add(dynamicUiProperty);
        this.uiModel.add(new DynamicUiProperty<>((Class<Boolean>) Boolean.class, FAIL_ON_ERROR_CODE, Boolean.valueOf(isFailOnErrorCode())));
        this.uiModel.add(new DynamicUiProperty<>((Class<Boolean>) Boolean.class, FAIL_ON_STANDARD_ERROR, Boolean.valueOf(isFailOnStandardError())));
        this.uiModel.add(new DynamicUiProperty<>((Class<Boolean>) Boolean.class, LOG_STANDARD_OUT, Boolean.valueOf(isLogStandardOut())));
        this.uiModel.add(new DynamicUiProperty<>((Class<Boolean>) Boolean.class, LOG_ERROR_OUT, Boolean.valueOf(isLogErrorOut())));
        this.uiModel.add(new DynamicUiProperty<>("test"));
        DynamicUiProperty<? extends Serializable> dynamicUiProperty2 = new DynamicUiProperty<>((Class<Serializable>) File.class, "testPath", (Serializable) null);
        dynamicUiProperty2.setTransientValue(true);
        this.uiModel.add(dynamicUiProperty2);
        DynamicUiProperty<? extends Serializable> dynamicUiProperty3 = new DynamicUiProperty<>("testOut");
        dynamicUiProperty3.setLabelOnly(false);
        dynamicUiProperty3.setRenderingHint(DynamicUiProperty.RENDER_TEXTFIELD);
        dynamicUiProperty3.setDisabled(true);
        DynamicUiProperty<? extends Serializable> dynamicUiProperty4 = new DynamicUiProperty<>((Class<String>) String.class, "testCommand", "testCommand");
        dynamicUiProperty4.setRenderingHint(DynamicUiProperty.RENDER_BUTTON);
        dynamicUiProperty4.setActionCallback(new DynamicUiActionCallback() { // from class: org.cesecore.keys.validation.ExternalCommandCertificateValidator.1
            @Override // org.cesecore.util.ui.DynamicUiActionCallback
            public void action(Object obj) throws DynamicUiCallbackException {
                List<String> testCommand = ExternalCommandCertificateValidator.this.testCommand();
                Map<Object, Object> map = (Map) ExternalCommandCertificateValidator.this.data.clone();
                Map<Object, Object> map2 = (Map) ExternalCommandCertificateValidator.this.data.clone();
                map2.put("testOut", StringUtils.join(testCommand, System.getProperty("line.separator")));
                map2.put("testPath", "");
                ExternalCommandCertificateValidator.this.uiModel.firePropertyChange(map, map2);
                ExternalCommandCertificateValidator.this.setTestCertificates(ListUtils.EMPTY_LIST);
            }

            @Override // org.cesecore.util.ui.DynamicUiActionCallback
            public List<String> getRender() {
                return null;
            }
        });
        this.uiModel.add(dynamicUiProperty4);
        this.uiModel.add(dynamicUiProperty3);
    }

    @Override // org.cesecore.keys.validation.ValidatorBase, org.cesecore.profiles.ProfileBase, org.cesecore.internal.UpgradeableDataHashMap, org.cesecore.internal.IUpgradeableData
    public float getLatestVersion() {
        return 4.0f;
    }

    @Override // org.cesecore.keys.validation.ValidatorBase, org.cesecore.profiles.ProfileBase, org.cesecore.internal.UpgradeableDataHashMap, org.cesecore.internal.IUpgradeableData
    public void upgrade() {
        super.upgrade();
        if (log.isTraceEnabled()) {
            log.trace(">upgrade: " + getLatestVersion() + ", " + getVersion());
        }
        if (Float.compare(4.0f, getVersion()) != 0) {
            log.info(intres.getLocalizedMessage("validator.implementation.certificate.external", new Float(getVersion())));
            init();
        }
    }

    @Override // org.cesecore.keys.validation.CertificateValidator
    public List<String> validate(CA ca, Certificate certificate, ExternalScriptsWhitelist externalScriptsWhitelist) throws ValidatorNotApplicableException, ValidationException, CertificateException {
        ArrayList arrayList = new ArrayList();
        log.debug("Validating certificate with external command " + getExternalCommand());
        if (log.isDebugEnabled()) {
            log.debug("Validating certificate with external command (cert):" + certificate);
        }
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(certificate);
        String externalCommand = getExternalCommand();
        ArrayList<String> arrayList3 = new ArrayList();
        try {
            arrayList3.addAll(runExternalCommandInternal(externalCommand, externalScriptsWhitelist, arrayList2));
            boolean z = false;
            if (CollectionUtils.isNotEmpty(arrayList3)) {
                try {
                    if (isLogStandardOut()) {
                        String str = null;
                        for (String str2 : arrayList3) {
                            if (str2.startsWith(ExternalProcessTools.STDOUT_PREFIX)) {
                                str = str == null ? str2 : str + "\n" + str2;
                            }
                        }
                        if (str != null) {
                            log.info("External command logged to STDOUT: " + str);
                        }
                    }
                    String str3 = null;
                    if (isLogErrorOut()) {
                        for (String str4 : arrayList3) {
                            if (str4.startsWith(ExternalProcessTools.ERROUT_PREFIX)) {
                                str3 = str3 == null ? str4 : str3 + "\n" + str4;
                            }
                        }
                        if (str3 != null) {
                            log.info("External command logged to ERROUT: " + str3);
                        }
                    }
                    int parseInt = Integer.parseInt(((String) arrayList3.get(0)).replaceFirst(ExternalProcessTools.EXIT_CODE_PREFIX, ""));
                    if (parseInt != 0 && isFailOnErrorCode()) {
                        arrayList.add("Invalid: External command exit code was " + parseInt);
                        if (str3 != null) {
                            arrayList.add("ERROUT was: " + str3);
                        }
                    } else if (isFailOnStandardError() && ExternalProcessTools.containsErrout(arrayList3)) {
                        arrayList.add("Invalid: External command logged to ERROUT. Exit code was " + parseInt);
                        if (str3 != null) {
                            arrayList.add("ERROUT was: " + str3);
                        }
                    }
                } catch (Exception e) {
                    z = true;
                }
            } else {
                z = true;
            }
            if (z) {
                arrayList.add("Invalid: External command could not be initialized: '" + externalCommand + "'. Command failed.");
            }
            return arrayList;
        } catch (ExternalProcessException e2) {
            throw new ValidatorNotApplicableException("External command could not be called, because it does not exit, command can not be found, access was denied, certificate not written, or another error occured: " + e2.getMessage());
        }
    }

    @Override // org.cesecore.keys.validation.Validator
    public String getLabel() {
        return intres.getLocalizedMessage("validator.implementation.certificate.external", new Object[0]);
    }

    @Override // org.cesecore.keys.validation.Validator
    public String getValidatorTypeIdentifier() {
        return TYPE_IDENTIFIER;
    }

    @Override // org.cesecore.profiles.ProfileBase
    protected Class<? extends Profile> getImplementationClass() {
        return ExternalCommandCertificateValidator.class;
    }

    public void setExternalCommand(String str) {
        this.data.put(EXTERNAL_COMMAND, str);
    }

    public String getExternalCommand() {
        return (String) this.data.get(EXTERNAL_COMMAND);
    }

    public void setLogStandardOut(boolean z) {
        this.data.put(LOG_STANDARD_OUT, Boolean.valueOf(z));
    }

    public boolean isLogStandardOut() {
        return ((Boolean) this.data.get(LOG_STANDARD_OUT)).booleanValue();
    }

    public void setLogErrorOut(boolean z) {
        this.data.put(LOG_ERROR_OUT, Boolean.valueOf(z));
    }

    public boolean isLogErrorOut() {
        return ((Boolean) this.data.get(LOG_ERROR_OUT)).booleanValue();
    }

    public void setFailOnErrorCode(boolean z) {
        this.data.put(FAIL_ON_ERROR_CODE, Boolean.valueOf(z));
    }

    public boolean isFailOnErrorCode() {
        return ((Boolean) this.data.get(FAIL_ON_ERROR_CODE)).booleanValue();
    }

    public void setFailOnStandardError(boolean z) {
        this.data.put(FAIL_ON_STANDARD_ERROR, Boolean.valueOf(z));
    }

    public boolean isFailOnStandardError() {
        return ((Boolean) this.data.get(FAIL_ON_STANDARD_ERROR)).booleanValue();
    }

    /* JADX WARN: Removed duplicated region for block: B:25:0x01a2  */
    /* JADX WARN: Removed duplicated region for block: B:28:0x01ac  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public java.util.List<java.lang.String> testCommand() throws org.cesecore.util.ui.DynamicUiCallbackException {
        /*
            Method dump skipped, instructions count: 430
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.cesecore.keys.validation.ExternalCommandCertificateValidator.testCommand():java.util.List");
    }

    public List<Certificate> getTestCertificates() {
        return this.testCertificates;
    }

    public void setTestCertificates(List<Certificate> list) {
        this.testCertificates = list;
        if (log.isDebugEnabled()) {
            log.debug("Test certificates uploaded: " + list);
        }
    }

    public String getPlatform() {
        return ExternalProcessTools.getPlatformString();
    }

    private List<String> runExternalCommandInternal(String str, ExternalScriptsWhitelist externalScriptsWhitelist, List<Certificate> list) throws CertificateEncodingException, ExternalProcessException, ValidatorNotApplicableException {
        String extractCommand = extractCommand(str);
        if (!externalScriptsWhitelist.isPermitted(extractCommand)) {
            throw new ValidatorNotApplicableException(intres.getLocalizedMessage("process.whitelist.error.notlisted", extractCommand));
        }
        if (StringUtils.isNotBlank(extractCommand)) {
            File file = new File(extractCommand);
            if (!file.exists()) {
                String localizedMessage = intres.getLocalizedMessage("process.commandnotfound", extractCommand);
                log.info(localizedMessage);
                throw new ExternalProcessException(localizedMessage);
            }
            if (!file.canExecute()) {
                String localizedMessage2 = intres.getLocalizedMessage("process.commandnopermission", extractCommand);
                log.info(localizedMessage2);
                throw new ExternalProcessException(localizedMessage2);
            }
        }
        List<String> extractArguments = extractArguments(str);
        ArrayList arrayList = new ArrayList();
        try {
            arrayList.addAll(ExternalProcessTools.launchExternalCommand(extractCommand, list.get(0).getEncoded(), isFailOnErrorCode(), isFailOnStandardError(), isLogStandardOut(), isLogErrorOut(), extractArguments, ExternalCommandCertificateValidator.class.getName()));
        } catch (ExternalProcessException e) {
            log.info("Could not call external command '" + extractCommand + "' with arguments " + extractArguments + " sucessfully: " + e.getMessage());
            if (log.isDebugEnabled()) {
                log.debug("Failed with exception: ", e);
            }
            if (e.getOut() != null) {
                arrayList.addAll(e.getOut());
            }
        }
        return arrayList;
    }

    private final String extractCommand(String str) {
        String trim = str.trim();
        int indexOf = trim.indexOf(" ");
        if (indexOf > 0) {
            trim = trim.substring(0, indexOf).trim();
        }
        if (log.isDebugEnabled()) {
            log.debug("Command extracted: " + trim);
        }
        return trim;
    }

    private final List<String> extractArguments(String str) {
        String trim = str.trim();
        ArrayList arrayList = new ArrayList();
        int indexOf = trim.indexOf(" ");
        if (indexOf > 0) {
            arrayList.addAll(Arrays.asList(StringUtils.split(trim.substring(indexOf, trim.length()).trim(), " ")));
        }
        if (log.isDebugEnabled()) {
            log.debug("Arguments extracted: " + arrayList);
        }
        return arrayList;
    }

    static {
        APPLICABLE_CA_TYPES.add(1);
    }
}
