package hu.perit.spvitamin.spring.keystore;

import hu.perit.spvitamin.core.crypto.CryptoException;
import hu.perit.spvitamin.core.crypto.CryptoUtil;
import hu.perit.spvitamin.spring.config.JwtProperties;
import hu.perit.spvitamin.spring.config.ServerProperties;
import hu.perit.spvitamin.spring.config.SysConfig;
import hu.perit.spvitamin.spring.environment.SpringEnvironment;
import hu.perit.spvitamin.spring.exception.InvalidInputException;
import hu.perit.spvitamin.spring.keystore.KeystoreEntry;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.time.ZoneId;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.Optional;
import java.util.jar.JarFile;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.env.Environment;

/* loaded from: input_file:hu/perit/spvitamin/spring/keystore/KeystoreUtils.class */
public class KeystoreUtils {
    private static final Logger log = LoggerFactory.getLogger(KeystoreUtils.class);
    private static final String SERVER_SSL_KEYSTORE = "server.ssl.key-store";
    private static final String SERVER_SSL_TRUSTSTORE = "server.ssl.trust-store";

    private KeystoreUtils() {
        throw new IllegalStateException("Utility class");
    }

    public static void locateJksStores() {
        Environment environment = SpringEnvironment.getInstance().get();
        if (Boolean.parseBoolean(environment.getProperty("server.ssl.enabled"))) {
            String property = environment.getProperty(SERVER_SSL_KEYSTORE);
            if (StringUtils.isBlank(property)) {
                throw new InvalidInputException("server.ssl.key-store must be defined when ssl is enabled!");
            }
            File designatedFileLocation = getDesignatedFileLocation(property);
            log.debug(String.format("'%s' => '%s'", property, designatedFileLocation.getAbsolutePath()));
            System.setProperty(SERVER_SSL_KEYSTORE, designatedFileLocation.getAbsolutePath());
            String property2 = environment.getProperty(SERVER_SSL_TRUSTSTORE);
            File designatedFileLocation2 = getDesignatedFileLocation(property2);
            log.debug(String.format("'%s' => '%s'", property2, designatedFileLocation2.getAbsolutePath()));
            System.setProperty(SERVER_SSL_TRUSTSTORE, designatedFileLocation2.getAbsolutePath());
            System.setProperty("javax.net.ssl.trustStore", designatedFileLocation2.getAbsolutePath());
        }
    }

    public static KeyStore getServerKeyStore() {
        try {
            ServerProperties serverProperties = SysConfig.getServerProperties();
            String keyStore = serverProperties.getSsl().getKeyStore();
            String keyStorePassword = serverProperties.getSsl().getKeyStorePassword();
            KeyStore keyStore2 = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore2.load(new FileInputStream(getDesignatedFileLocation(keyStore)), keyStorePassword.toCharArray());
            return keyStore2;
        } catch (Exception e) {
            throw new CryptoException(e);
        }
    }

    public static KeyStore getServerTrustStore() {
        try {
            ServerProperties serverProperties = SysConfig.getServerProperties();
            String trustStore = serverProperties.getSsl().getTrustStore();
            String trustStorePassword = serverProperties.getSsl().getTrustStorePassword();
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(new FileInputStream(getDesignatedFileLocation(trustStore)), trustStorePassword.toCharArray());
            return keyStore;
        } catch (Exception e) {
            throw new CryptoException(e);
        }
    }

    public static Key getPrivateKey() {
        JwtProperties jwtProperties = SysConfig.getJwtProperties();
        try {
            Key key = getServerKeyStore().getKey(jwtProperties.getPrivateKeyAlias(), new CryptoUtil().decrypt(SysConfig.getCryptoProperties().getSecret(), jwtProperties.getPrivateKeyEncryptedPassword()).toCharArray());
            if (key == null) {
                throw new InvalidInputException(String.format("'%s' not found in keystore '%s'!", jwtProperties.getPrivateKeyAlias(), System.getProperty(SERVER_SSL_KEYSTORE)));
            }
            return key;
        } catch (Exception e) {
            throw new CryptoException(e);
        }
    }

    public static Key getPublicKey() {
        JwtProperties jwtProperties = SysConfig.getJwtProperties();
        try {
            Certificate certificate = getServerTrustStore().getCertificate(jwtProperties.getPublicKeyAlias());
            if (certificate == null) {
                throw new InvalidInputException(String.format("'%s' not found in truststore '%s'!", jwtProperties.getPublicKeyAlias(), System.getProperty(SERVER_SSL_TRUSTSTORE)));
            }
            return certificate.getPublicKey();
        } catch (Exception e) {
            throw new CryptoException(e);
        }
    }

    public static List<KeystoreEntry> getSslKeys(KeyStore keyStore) throws KeyStoreException, UnrecoverableEntryException, NoSuchAlgorithmException {
        ArrayList arrayList = new ArrayList();
        ServerProperties serverProperties = SysConfig.getServerProperties();
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            KeystoreEntry keystoreEntry = new KeystoreEntry();
            keystoreEntry.setAlias(nextElement);
            String keyAlias = serverProperties.getSsl().getKeyAlias();
            if (keyAlias != null) {
                keystoreEntry.setInUse(keyAlias.equalsIgnoreCase(nextElement));
            }
            Certificate[] certificateChain = keyStore.getCertificateChain(nextElement);
            if (certificateChain != null) {
                for (Certificate certificate : certificateChain) {
                    keystoreEntry.getChain().add(getInfoFromCertificate(certificate));
                    keystoreEntry.setType(KeystoreEntry.EntryType.PRIVATE_KEY_ENTRY);
                }
            } else {
                KeyStore.Entry entry = keyStore.getEntry(nextElement, null);
                if (entry instanceof KeyStore.TrustedCertificateEntry) {
                    keystoreEntry.getChain().add(getInfoFromCertificate(((KeyStore.TrustedCertificateEntry) entry).getTrustedCertificate()));
                    keystoreEntry.setType(KeystoreEntry.EntryType.TRUSTED_CERTIFICATE_ENTRY);
                }
            }
            Collections.sort(arrayList);
            arrayList.add(keystoreEntry);
        }
        return arrayList;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v11, types: [java.time.LocalDateTime] */
    /* JADX WARN: Type inference failed for: r1v6, types: [java.time.LocalDateTime] */
    public static CertInfo getInfoFromCertificate(Certificate certificate) {
        CertInfo certInfo = new CertInfo();
        if (certificate.getType().equalsIgnoreCase("X.509")) {
            X509Certificate x509Certificate = (X509Certificate) certificate;
            certInfo.setValidFrom(x509Certificate.getNotBefore().toInstant().atZone(ZoneId.systemDefault()).toLocalDateTime());
            certInfo.setValidTo(x509Certificate.getNotAfter().toInstant().atZone(ZoneId.systemDefault()).toLocalDateTime());
            certInfo.setIssuer(x509Certificate.getIssuerDN().getName());
            certInfo.setSubject(x509Certificate.getSubjectDN().getName());
        }
        return certInfo;
    }

    public static File getDesignatedFileLocation(String str) {
        File searchInClasspath;
        String nameWithoutClasspathPrefix = getNameWithoutClasspathPrefix(str);
        File file = new File(nameWithoutClasspathPrefix);
        if (file.isAbsolute()) {
            log.debug(String.format("'%s' is absolute, no further processing", nameWithoutClasspathPrefix));
            return file;
        }
        File file2 = new File(System.getProperty("user.dir"), nameWithoutClasspathPrefix);
        if (!file2.exists() && (searchInClasspath = searchInClasspath(nameWithoutClasspathPrefix)) != null && searchInClasspath.exists()) {
            file2 = searchInClasspath;
        }
        if (file2.exists()) {
            return file2;
        }
        throw new InvalidInputException(String.format("'%s' could not be found!", file2.toString()));
    }

    private static String getNameWithoutClasspathPrefix(String str) {
        return str.startsWith("classpath:") ? str.substring("classpath:".length()) : str;
    }

    private static File searchInClasspath(String str) {
        return searchInClasspath(extractClassPathes(System.getProperty("java.class.path")), str);
    }

    private static File searchInClasspath(List<String> list, String str) {
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            File file = new File(it.next(), str);
            if (file.exists()) {
                return file;
            }
        }
        return null;
    }

    private static List<String> extractClassPathes(String str) {
        Optional<String> classPathFromManifest = getClassPathFromManifest(str);
        return classPathFromManifest.isPresent() ? (List) Stream.of((Object[]) classPathFromManifest.get().split("file:/")).map((v0) -> {
            return v0.strip();
        }).filter(str2 -> {
            return (str2.endsWith(".jar") || str2.isBlank()) ? false : true;
        }).collect(Collectors.toList()) : (List) Stream.of((Object[]) str.split(File.pathSeparator)).map((v0) -> {
            return v0.strip();
        }).filter(str3 -> {
            return (str3.endsWith(".jar") || str3.isBlank()) ? false : true;
        }).collect(Collectors.toList());
    }

    private static Optional<String> getClassPathFromManifest(String str) {
        if (str.split(";").length != 1 || !str.strip().endsWith(".jar")) {
            return Optional.empty();
        }
        try {
            JarFile jarFile = new JarFile(str);
            try {
                Optional<String> ofNullable = Optional.ofNullable(jarFile.getManifest().getMainAttributes().getValue("Class-Path"));
                jarFile.close();
                return ofNullable;
            } finally {
            }
        } catch (IOException e) {
            return Optional.empty();
        }
    }

    public static void removeEntryFromKeystore(KeyStore keyStore, String str) throws KeyStoreException {
        keyStore.deleteEntry(str);
    }
}
