package weblogic.nodemanager.server;

import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Properties;
import java.util.logging.Level;
import weblogic.nodemanager.NodeManagerTextTextFormatter;
import weblogic.nodemanager.common.Config;
import weblogic.nodemanager.common.ConfigException;
import weblogic.security.utils.KeyStoreConfiguration;
import weblogic.security.utils.KeyStoreConfigurationHelper;
import weblogic.security.utils.KeyStoreConstants;
import weblogic.security.utils.KeyStoreInfo;
import weblogic.security.utils.SSLCertUtility;
import weblogic.security.utils.SSLContextWrapper;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:weblogic/nodemanager/server/SSLConfig.class */
public class SSLConfig extends Config {
    private String keyStores;
    private String customIdentityKeyStoreFileName;
    private String customIdentityKeyStoreType;
    private String customIdentityKeyStorePassPhrase;
    private String customIdentityAlias;
    private String customIdentityPrivateKeyPassPhrase;
    private String cipherSuite;
    private String keyFile;
    private String keyPassword;
    private String certificateFile;
    private PrivateKey privateKey;
    private X509Certificate[] certChain;
    private Encryptor encryptor;
    public static final String KEY_STORES_PROP = "KeyStores";
    public static final String CUSTOM_IDENTITY_KEY_STORE_FILE_NAME_PROP = "CustomIdentityKeyStoreFileName";
    public static final String CUSTOM_IDENTITY_KEY_STORE_TYPE_PROP = "CustomIdentityKeyStoreType";
    public static final String CUSTOM_IDENTITY_KEY_STORE_PASS_PHRASE_PROP = "CustomIdentityKeyStorePassPhrase";
    public static final String CUSTOM_IDENTITY_ALIAS_PROP = "CustomIdentityAlias";
    public static final String CUSTOM_IDENTITY_PRIVATE_KEY_PASS_PHRASE_PROP = "CustomIdentityPrivateKeyPassPhrase";
    public static final String CUSTOM_TRUST_KEY_STORE_PASS_PHRASE_PROP = "CustomTrustKeyStorePassPhrase";
    public static final String JAVA_STANDARD_TRUST_KEY_STORE_PASS_PHRASE_PROP = "JavaStandardTrustKeyStorePassPhrase";
    public static final String CIPHER_SUITE_PROP = "CipherSuite";
    public static final String KEY_FILE_PROP = "keyFile";
    public static final String KEY_PASSWORD_PROP = "keyPassword";
    public static final String CERTIFICATE_FILE_PROP = "certificateFile";
    public static final String DEMO_IDENTITY = "DemoIdentity";
    public static final String CUSTOM_IDENTITY = "CustomIdentity";
    private static final NodeManagerTextTextFormatter nmText = NodeManagerTextTextFormatter.getInstance();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:weblogic/nodemanager/server/SSLConfig$KeyStoreConfig.class */
    public class KeyStoreConfig implements KeyStoreConfiguration {
        private KeyStoreConfig() {
        }

        @Override // weblogic.security.utils.KeyStoreConfiguration
        public String getKeyStores() {
            return SSLConfig.this.keyStores;
        }

        @Override // weblogic.security.utils.KeyStoreConfiguration
        public String getCustomIdentityKeyStoreFileName() {
            return SSLConfig.this.customIdentityKeyStoreFileName;
        }

        @Override // weblogic.security.utils.KeyStoreConfiguration
        public String getCustomIdentityKeyStoreType() {
            return SSLConfig.this.customIdentityKeyStoreType;
        }

        @Override // weblogic.security.utils.KeyStoreConfiguration
        public String getCustomIdentityKeyStorePassPhrase() {
            return SSLConfig.this.encryptor.decrypt(SSLConfig.this.customIdentityKeyStorePassPhrase);
        }

        @Override // weblogic.security.utils.KeyStoreConfiguration
        public String getCustomIdentityAlias() {
            return SSLConfig.this.customIdentityAlias;
        }

        @Override // weblogic.security.utils.KeyStoreConfiguration
        public String getCustomIdentityPrivateKeyPassPhrase() {
            return SSLConfig.this.encryptor.decrypt(SSLConfig.this.customIdentityPrivateKeyPassPhrase);
        }

        @Override // weblogic.security.utils.KeyStoreConfiguration
        public String getCustomTrustKeyStoreFileName() {
            return null;
        }

        @Override // weblogic.security.utils.KeyStoreConfiguration
        public String getCustomTrustKeyStoreType() {
            return null;
        }

        @Override // weblogic.security.utils.KeyStoreConfiguration
        public String getCustomTrustKeyStorePassPhrase() {
            return null;
        }

        @Override // weblogic.security.utils.KeyStoreConfiguration
        public String getJavaStandardTrustKeyStorePassPhrase() {
            return null;
        }

        @Override // weblogic.security.utils.KeyStoreConfiguration
        public String getOutboundPrivateKeyAlias() {
            return null;
        }

        @Override // weblogic.security.utils.KeyStoreConfiguration
        public String getOutboundPrivateKeyPassPhrase() {
            return null;
        }
    }

    public SSLConfig(Properties properties, Encryptor encryptor) throws IOException, ConfigException {
        super(properties);
        this.keyStores = KeyStoreConstants.DEMO_IDENTITY_AND_DEMO_TRUST;
        this.keyFile = "config/demokey.pm";
        this.keyPassword = "password";
        this.certificateFile = "config/democert.pm";
        this.encryptor = encryptor;
        loadProperties();
        properties.remove(CUSTOM_IDENTITY_KEY_STORE_PASS_PHRASE_PROP);
        properties.remove(CUSTOM_IDENTITY_PRIVATE_KEY_PASS_PHRASE_PROP);
        if (this.keyFile == null || this.keyPassword == null || this.certificateFile == null) {
            loadKeyStoreConfig();
        } else {
            loadCompatibilityConfig();
        }
    }

    private void loadProperties() {
        this.keyStores = getProperty("KeyStores", this.keyStores);
        if ("DemoIdentity".equals(this.keyStores)) {
            this.keyStores = KeyStoreConstants.DEMO_IDENTITY_AND_DEMO_TRUST;
        } else if (CUSTOM_IDENTITY.equals(this.keyStores)) {
            this.keyStores = KeyStoreConstants.CUSTOM_IDENTITY_AND_CUSTOM_TRUST;
        }
        this.customIdentityKeyStoreFileName = getProperty(CUSTOM_IDENTITY_KEY_STORE_FILE_NAME_PROP);
        this.customIdentityKeyStoreType = getProperty(CUSTOM_IDENTITY_KEY_STORE_TYPE_PROP);
        this.customIdentityAlias = getProperty(CUSTOM_IDENTITY_ALIAS_PROP);
        this.customIdentityKeyStorePassPhrase = this.encryptor.encrypt(getProperty(CUSTOM_IDENTITY_KEY_STORE_PASS_PHRASE_PROP));
        this.customIdentityPrivateKeyPassPhrase = this.encryptor.encrypt(getProperty(CUSTOM_IDENTITY_PRIVATE_KEY_PASS_PHRASE_PROP));
        this.cipherSuite = getProperty(CIPHER_SUITE_PROP);
        this.keyFile = getProperty(KEY_FILE_PROP);
        this.keyPassword = getProperty("keyPassword");
        this.certificateFile = getProperty(CERTIFICATE_FILE_PROP);
    }

    private void loadKeyStoreConfig() throws IOException, ConfigException {
        FileInputStream fileInputStream;
        KeyStoreConfigurationHelper keyStoreConfigurationHelper = new KeyStoreConfigurationHelper(new KeyStoreConfig());
        KeyStoreInfo identityKeyStore = keyStoreConfigurationHelper.getIdentityKeyStore();
        NMServer.nmLog.info(nmText.getLoadingIDStore(identityKeyStore.toString()));
        try {
            KeyStore keyStore = KeyStore.getInstance(identityKeyStore.getType());
            try {
                try {
                    fileInputStream = new FileInputStream(identityKeyStore.getFileName());
                    try {
                        keyStore.load(fileInputStream, identityKeyStore.getPassPhrase());
                        String identityAlias = keyStoreConfigurationHelper.getIdentityAlias();
                        try {
                            this.privateKey = (PrivateKey) keyStore.getKey(identityAlias, keyStoreConfigurationHelper.getIdentityPrivateKeyPassPhrase());
                            if (this.privateKey == null) {
                                throw new ConfigException(nmText.getUnknownKeyStoreID(identityAlias));
                            }
                            try {
                                Certificate[] certificateChain = keyStore.getCertificateChain(identityAlias);
                                if (certificateChain == null || certificateChain.length == 0) {
                                    throw new ConfigException(nmText.getNoCertificate(identityAlias));
                                }
                                this.certChain = SSLCertUtility.toJavaX5092(certificateChain);
                                if (this.certChain == null) {
                                    throw new ConfigException(nmText.getNoX509());
                                }
                            } catch (KeyStoreException e) {
                                throw new IllegalStateException(nmText.getIdentityStoreNotInit());
                            }
                        } catch (KeyStoreException e2) {
                            throw new InternalError("Identity key store not initialized");
                        } catch (NoSuchAlgorithmException e3) {
                            throw new ConfigException(nmText.getIDAlgorithmNotFound(), e3);
                        } catch (UnrecoverableKeyException e4) {
                            throw new ConfigException(nmText.getIncorrectIDPassword());
                        }
                    } catch (NoSuchAlgorithmException e5) {
                        throw new ConfigException(nmText.getIDAlgorithmNotFound(), e5);
                    } catch (CertificateException e6) {
                        throw new ConfigException(nmText.getCertificatesNotLoaded());
                    }
                } catch (FileNotFoundException e7) {
                    throw new ConfigException(nmText.getIDStoreNotFound(identityKeyStore.getFileName()));
                }
            } finally {
                fileInputStream.close();
            }
        } catch (KeyStoreException e8) {
            throw new ConfigException(nmText.getUnknownIDStoreType(identityKeyStore.getType().toString()));
        }
    }

    private void loadCompatibilityConfig() throws IOException, ConfigException {
        try {
            SSLContextWrapper sSLContextWrapper = SSLContextWrapper.getInstance();
            try {
                try {
                    try {
                        this.certChain = sSLContextWrapper.inputCertChain(new FileInputStream(this.certificateFile));
                        try {
                            FileInputStream fileInputStream = new FileInputStream(this.keyFile);
                            try {
                                try {
                                    char[] cArr = null;
                                    if (this.keyPassword != null && this.keyPassword.length() > 0) {
                                        cArr = this.keyPassword.toCharArray();
                                    }
                                    this.privateKey = sSLContextWrapper.inputPrivateKey(fileInputStream, cArr);
                                } finally {
                                }
                            } catch (KeyManagementException e) {
                                throw ((ConfigException) new ConfigException(nmText.getInvalidKeyFile(this.keyFile.toString())).initCause(e));
                            }
                        } catch (FileNotFoundException e2) {
                            throw new ConfigException(nmText.getKeyFileNotFound(this.keyFile.toString()));
                        }
                    } catch (KeyManagementException e3) {
                        throw ((ConfigException) new ConfigException(nmText.getInvalidCertFile(this.certificateFile.toString())).initCause(e3));
                    }
                } finally {
                }
            } catch (FileNotFoundException e4) {
                throw new ConfigException(nmText.getCertificateFileNF(this.certificateFile.toString()));
            }
        } catch (Exception e5) {
            throw ((InternalError) new InternalError("Could not instantiate SSLContextWrapper").initCause(e5));
        }
    }

    public PrivateKey getIdentityPrivateKey() {
        return this.privateKey;
    }

    public X509Certificate[] getIdentityCertificateChain() {
        return this.certChain;
    }

    public String getCipherSuite() {
        return this.cipherSuite;
    }

    public static boolean checkUpgrade(Properties properties, Encryptor encryptor, boolean z) {
        boolean z2 = false;
        String property = properties.getProperty(CUSTOM_IDENTITY_KEY_STORE_PASS_PHRASE_PROP);
        String property2 = properties.getProperty(CUSTOM_IDENTITY_PRIVATE_KEY_PASS_PHRASE_PROP);
        String property3 = properties.getProperty("CustomTrustKeyStorePassPhrase");
        String property4 = properties.getProperty("JavaStandardTrustKeyStorePassPhrase");
        String encrypt = encryptor.encrypt(property);
        String encrypt2 = encryptor.encrypt(property2);
        if (property != null && !property.equals(encrypt)) {
            properties.setProperty(CUSTOM_IDENTITY_KEY_STORE_PASS_PHRASE_PROP, encrypt);
            if (z) {
                Upgrader.log(Level.INFO, nmText.getEncryptingProp(CUSTOM_IDENTITY_KEY_STORE_PASS_PHRASE_PROP));
            }
            z2 = true;
        }
        if (property2 != null && !property2.equals(encrypt2)) {
            properties.setProperty(CUSTOM_IDENTITY_PRIVATE_KEY_PASS_PHRASE_PROP, encrypt2);
            if (z) {
                Upgrader.log(Level.INFO, nmText.getEncryptingProp(CUSTOM_IDENTITY_PRIVATE_KEY_PASS_PHRASE_PROP));
            }
            z2 = true;
        }
        if (property3 != null) {
            properties.remove("CustomTrustKeyStorePassPhrase");
            if (z) {
                Upgrader.log(Level.INFO, nmText.getRemovingProp("CustomTrustKeyStorePassPhrase"));
            }
            z2 = true;
        }
        if (property4 != null) {
            properties.remove("JavaStandardTrustKeyStorePassPhrase");
            if (z) {
                Upgrader.log(Level.INFO, nmText.getRemovingProp("JavaStandardTrustKeyStorePassPhrase"));
            }
            z2 = true;
        }
        return z2;
    }
}
