package org.opends.server.extensions;

import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileReader;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.util.Enumeration;
import java.util.List;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import org.forgerock.i18n.LocalizableMessage;
import org.forgerock.i18n.LocalizableMessageDescriptor;
import org.forgerock.i18n.slf4j.LocalizedLogger;
import org.forgerock.opendj.config.server.ConfigChangeResult;
import org.forgerock.opendj.config.server.ConfigException;
import org.forgerock.opendj.config.server.ConfigurationChangeListener;
import org.forgerock.opendj.ldap.DN;
import org.forgerock.opendj.ldap.ResultCode;
import org.forgerock.opendj.server.config.server.FileBasedKeyManagerProviderCfg;
import org.opends.messages.ExtensionMessages;
import org.opends.server.api.KeyManagerProvider;
import org.opends.server.core.DirectoryServer;
import org.opends.server.types.DirectoryException;
import org.opends.server.types.InitializationException;
import org.opends.server.util.StaticUtils;

/* loaded from: input_file:WEB-INF/lib/opendj.jar:org/opends/server/extensions/FileBasedKeyManagerProvider.class */
public class FileBasedKeyManagerProvider extends KeyManagerProvider<FileBasedKeyManagerProviderCfg> implements ConfigurationChangeListener<FileBasedKeyManagerProviderCfg> {
    private static final LocalizedLogger logger = LocalizedLogger.getLoggerForThisClass();
    private FileBasedKeyManagerProviderCfg currentConfig;
    private char[] keyStorePIN;
    private String keyStoreFile;
    private String keyStoreType;

    @Override // org.opends.server.api.KeyManagerProvider
    public void initializeKeyManagerProvider(FileBasedKeyManagerProviderCfg fileBasedKeyManagerProviderCfg) throws ConfigException, InitializationException {
        ConfigChangeResult configChangeResult = new ConfigChangeResult();
        this.currentConfig = fileBasedKeyManagerProviderCfg;
        this.keyStoreFile = getKeyStoreFile(fileBasedKeyManagerProviderCfg, configChangeResult);
        this.keyStoreType = getKeyStoreType(fileBasedKeyManagerProviderCfg, configChangeResult);
        this.keyStorePIN = getKeyStorePIN(fileBasedKeyManagerProviderCfg, configChangeResult);
        if (!configChangeResult.getMessages().isEmpty()) {
            throw new InitializationException(configChangeResult.getMessages().get(0));
        }
        fileBasedKeyManagerProviderCfg.addFileBasedChangeListener(this);
    }

    @Override // org.opends.server.api.KeyManagerProvider
    public void finalizeKeyManagerProvider() {
        this.currentConfig.removeFileBasedChangeListener(this);
    }

    @Override // org.opends.server.api.KeyManagerProvider
    public boolean containsKeyWithAlias(String str) {
        try {
            KeyStore keystore = getKeystore();
            Enumeration<String> aliases = keystore.aliases();
            while (aliases.hasMoreElements()) {
                if (str.equals(aliases.nextElement()) && keystore.entryInstanceOf(str, KeyStore.PrivateKeyEntry.class)) {
                    return true;
                }
            }
            return false;
        } catch (KeyStoreException | DirectoryException e) {
            logger.traceException(e);
            return false;
        }
    }

    private KeyStore getKeystore() throws DirectoryException {
        try {
            KeyStore keyStore = KeyStore.getInstance(this.keyStoreType);
            FileInputStream fileInputStream = new FileInputStream(StaticUtils.getFileForPath(this.keyStoreFile));
            Throwable th = null;
            try {
                try {
                    keyStore.load(fileInputStream, this.keyStorePIN);
                    if (fileInputStream != null) {
                        if (0 != 0) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                    return keyStore;
                } finally {
                }
            } finally {
            }
        } catch (Exception e) {
            throw new DirectoryException(DirectoryServer.getCoreConfigManager().getServerErrorResultCode(), ExtensionMessages.ERR_FILE_KEYMANAGER_CANNOT_LOAD.get(this.keyStoreFile, StaticUtils.getExceptionMessage(e)), e);
        }
    }

    @Override // org.opends.server.api.KeyManagerProvider
    public KeyManager[] getKeyManagers() throws DirectoryException {
        KeyStore keystore = getKeystore();
        try {
            if (!findOneKeyEntry(keystore)) {
                logger.error((LocalizableMessageDescriptor.Arg1<LocalizableMessageDescriptor.Arg1<Object>>) ExtensionMessages.ERR_NO_KEY_ENTRY_IN_KEYSTORE, (LocalizableMessageDescriptor.Arg1<Object>) this.keyStoreFile);
            }
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keystore, this.keyStorePIN);
            return keyManagerFactory.getKeyManagers();
        } catch (Exception e) {
            logger.traceException(e);
            throw new DirectoryException(DirectoryServer.getCoreConfigManager().getServerErrorResultCode(), ExtensionMessages.ERR_FILE_KEYMANAGER_CANNOT_CREATE_FACTORY.get(this.keyStoreFile, StaticUtils.getExceptionMessage(e)), e);
        }
    }

    @Override // org.opends.server.api.KeyManagerProvider
    public boolean containsAtLeastOneKey() {
        try {
            return findOneKeyEntry(getKeystore());
        } catch (Exception e) {
            logger.traceException(e);
            return false;
        }
    }

    private boolean findOneKeyEntry(KeyStore keyStore) throws KeyStoreException {
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            if (keyStore.entryInstanceOf(aliases.nextElement(), KeyStore.PrivateKeyEntry.class)) {
                return true;
            }
        }
        return false;
    }

    /* renamed from: isConfigurationAcceptable, reason: avoid collision after fix types in other method */
    public boolean isConfigurationAcceptable2(FileBasedKeyManagerProviderCfg fileBasedKeyManagerProviderCfg, List<LocalizableMessage> list) {
        return isConfigurationChangeAcceptable2(fileBasedKeyManagerProviderCfg, list);
    }

    /* renamed from: isConfigurationChangeAcceptable, reason: avoid collision after fix types in other method */
    public boolean isConfigurationChangeAcceptable2(FileBasedKeyManagerProviderCfg fileBasedKeyManagerProviderCfg, List<LocalizableMessage> list) {
        int size = list.size();
        ConfigChangeResult configChangeResult = new ConfigChangeResult();
        getKeyStoreFile(fileBasedKeyManagerProviderCfg, configChangeResult);
        getKeyStoreType(fileBasedKeyManagerProviderCfg, configChangeResult);
        getKeyStorePIN(fileBasedKeyManagerProviderCfg, configChangeResult);
        list.addAll(configChangeResult.getMessages());
        return size == list.size();
    }

    @Override // org.forgerock.opendj.config.server.ConfigurationChangeListener
    public ConfigChangeResult applyConfigurationChange(FileBasedKeyManagerProviderCfg fileBasedKeyManagerProviderCfg) {
        ConfigChangeResult configChangeResult = new ConfigChangeResult();
        String keyStoreFile = getKeyStoreFile(fileBasedKeyManagerProviderCfg, configChangeResult);
        String keyStoreType = getKeyStoreType(fileBasedKeyManagerProviderCfg, configChangeResult);
        char[] keyStorePIN = getKeyStorePIN(fileBasedKeyManagerProviderCfg, configChangeResult);
        if (configChangeResult.getResultCode() == ResultCode.SUCCESS) {
            this.currentConfig = fileBasedKeyManagerProviderCfg;
            this.keyStorePIN = keyStorePIN;
            this.keyStoreFile = keyStoreFile;
            this.keyStoreType = keyStoreType;
        }
        return configChangeResult;
    }

    private String getKeyStoreFile(FileBasedKeyManagerProviderCfg fileBasedKeyManagerProviderCfg, ConfigChangeResult configChangeResult) {
        String keyStoreFile = fileBasedKeyManagerProviderCfg.getKeyStoreFile();
        File fileForPath = StaticUtils.getFileForPath(keyStoreFile);
        if (!fileForPath.exists() || !fileForPath.isFile()) {
            configChangeResult.setResultCode(DirectoryServer.getCoreConfigManager().getServerErrorResultCode());
            configChangeResult.addMessage(ExtensionMessages.ERR_FILE_KEYMANAGER_NO_SUCH_FILE.get(keyStoreFile, fileBasedKeyManagerProviderCfg.dn()));
        }
        return keyStoreFile;
    }

    private String getKeyStoreType(FileBasedKeyManagerProviderCfg fileBasedKeyManagerProviderCfg, ConfigChangeResult configChangeResult) {
        if (fileBasedKeyManagerProviderCfg.getKeyStoreType() != null) {
            try {
                KeyStore.getInstance(fileBasedKeyManagerProviderCfg.getKeyStoreType());
                return fileBasedKeyManagerProviderCfg.getKeyStoreType();
            } catch (KeyStoreException e) {
                logger.traceException(e);
                configChangeResult.setResultCode(DirectoryServer.getCoreConfigManager().getServerErrorResultCode());
                configChangeResult.addMessage(ExtensionMessages.ERR_FILE_KEYMANAGER_INVALID_TYPE.get(fileBasedKeyManagerProviderCfg.getKeyStoreType(), fileBasedKeyManagerProviderCfg.dn(), StaticUtils.getExceptionMessage(e)));
            }
        }
        return KeyStore.getDefaultType();
    }

    private char[] getKeyStorePIN(FileBasedKeyManagerProviderCfg fileBasedKeyManagerProviderCfg, ConfigChangeResult configChangeResult) {
        try {
            return getKeyStorePIN(fileBasedKeyManagerProviderCfg.getKeyStorePinProperty(), fileBasedKeyManagerProviderCfg.getKeyStorePinEnvironmentVariable(), fileBasedKeyManagerProviderCfg.getKeyStorePinFile(), fileBasedKeyManagerProviderCfg.getKeyStorePin(), fileBasedKeyManagerProviderCfg.dn(), ExtensionMessages.ERR_FILE_KEYMANAGER_PIN_PROPERTY_NOT_SET, ExtensionMessages.ERR_FILE_KEYMANAGER_PIN_ENVAR_NOT_SET, ExtensionMessages.ERR_FILE_KEYMANAGER_PIN_NO_SUCH_FILE, ExtensionMessages.ERR_FILE_KEYMANAGER_PIN_FILE_CANNOT_READ, ExtensionMessages.ERR_FILE_KEYMANAGER_PIN_FILE_EMPTY);
        } catch (InitializationException e) {
            configChangeResult.setResultCode(DirectoryServer.getCoreConfigManager().getServerErrorResultCode());
            configChangeResult.addMessage(e.getMessageObject());
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static char[] getKeyStorePIN(String str, String str2, String str3, String str4, DN dn, LocalizableMessageDescriptor.Arg2<Object, Object> arg2, LocalizableMessageDescriptor.Arg2<Object, Object> arg22, LocalizableMessageDescriptor.Arg2<Object, Object> arg23, LocalizableMessageDescriptor.Arg3<Object, Object, Object> arg3, LocalizableMessageDescriptor.Arg2<Object, Object> arg24) throws InitializationException {
        if (str != null) {
            String property = System.getProperty(str);
            if (property == null) {
                throw new InitializationException(arg2.get(str, dn));
            }
            return property.toCharArray();
        }
        if (str2 != null) {
            String str5 = System.getenv(str2);
            if (str5 == null) {
                throw new InitializationException(arg22.get(str2, dn));
            }
            return str5.toCharArray();
        }
        if (str3 == null) {
            if (str4 != null) {
                return str4.toCharArray();
            }
            return null;
        }
        File fileForPath = StaticUtils.getFileForPath(str3);
        if (!fileForPath.exists()) {
            throw new InitializationException(arg23.get(str3, dn));
        }
        try {
            BufferedReader bufferedReader = new BufferedReader(new FileReader(fileForPath));
            Throwable th = null;
            try {
                try {
                    String readLine = bufferedReader.readLine();
                    if (bufferedReader != null) {
                        if (0 != 0) {
                            try {
                                bufferedReader.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            bufferedReader.close();
                        }
                    }
                    if (readLine == null) {
                        throw new InitializationException(arg24.get(str3, dn));
                    }
                    return readLine.toCharArray();
                } catch (Throwable th3) {
                    th = th3;
                    throw th3;
                }
            } finally {
            }
        } catch (IOException e) {
            throw new InitializationException(arg3.get(str3, dn, StaticUtils.getExceptionMessage(e)), e);
        }
    }

    @Override // org.opends.server.api.KeyManagerProvider
    public /* bridge */ /* synthetic */ boolean isConfigurationAcceptable(FileBasedKeyManagerProviderCfg fileBasedKeyManagerProviderCfg, List list) {
        return isConfigurationAcceptable2(fileBasedKeyManagerProviderCfg, (List<LocalizableMessage>) list);
    }

    @Override // org.forgerock.opendj.config.server.ConfigurationChangeListener
    public /* bridge */ /* synthetic */ boolean isConfigurationChangeAcceptable(FileBasedKeyManagerProviderCfg fileBasedKeyManagerProviderCfg, List list) {
        return isConfigurationChangeAcceptable2(fileBasedKeyManagerProviderCfg, (List<LocalizableMessage>) list);
    }
}
