package hu.perit.spvitamin.spring.rest.session;

import hu.perit.spvitamin.core.StackTracer;
import hu.perit.spvitamin.core.connectablecontext.ActivityLock;
import hu.perit.spvitamin.core.connectablecontext.ConnectableContext;
import hu.perit.spvitamin.spring.config.ServerProperties;
import hu.perit.spvitamin.spring.config.SysConfig;
import hu.perit.spvitamin.spring.keystore.KeystoreEntry;
import hu.perit.spvitamin.spring.keystore.KeystoreUtils;
import hu.perit.spvitamin.spring.rest.api.KeystoreApi;
import hu.perit.spvitamin.spring.rest.model.CertificateFile;
import hu.perit.spvitamin.spring.rest.model.ImportCertificateRequest;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.file.Paths;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.Base64;
import java.util.List;
import org.apache.commons.io.FileUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:hu/perit/spvitamin/spring/rest/session/KeystoreSession.class */
public class KeystoreSession extends ConnectableContext implements KeystoreApi {
    private static final Logger log = LoggerFactory.getLogger(KeystoreSession.class);
    private static final int IDLETIMESEC = 30;
    private KeyStore serverKeystore = KeystoreUtils.getServerKeyStore();
    private KeyStore serverTruststore = KeystoreUtils.getServerTrustStore();

    protected long getIdleTimeout() {
        return 30L;
    }

    @Override // hu.perit.spvitamin.spring.rest.api.KeystoreApi
    public List<KeystoreEntry> retrieveKeystoreEntriesUsingGET() throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException {
        ActivityLock activityLock = new ActivityLock(this);
        try {
            List<KeystoreEntry> sslKeys = KeystoreUtils.getSslKeys(this.serverKeystore);
            activityLock.close();
            return sslKeys;
        } catch (Throwable th) {
            try {
                activityLock.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Override // hu.perit.spvitamin.spring.rest.api.KeystoreApi
    public List<KeystoreEntry> readEntriesFromCertificateFileUsingPOST(CertificateFile certificateFile) throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableEntryException {
        ActivityLock activityLock = new ActivityLock(this);
        try {
            byte[] decode = Base64.getDecoder().decode(certificateFile.getContent());
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            try {
                keyStore.load(new ByteArrayInputStream(decode), certificateFile.getPassword().toCharArray());
            } catch (IOException e) {
                Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(decode));
                keyStore.load(null, null);
                keyStore.setCertificateEntry(KeystoreUtils.getInfoFromCertificate(generateCertificate).getSubjectCN(), generateCertificate);
            }
            List<KeystoreEntry> sslKeys = KeystoreUtils.getSslKeys(keyStore);
            activityLock.close();
            return sslKeys;
        } catch (Throwable th) {
            try {
                activityLock.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Override // hu.perit.spvitamin.spring.rest.api.KeystoreApi
    public List<KeystoreEntry> importCertificateIntoKeystoreUsingPOST(ImportCertificateRequest importCertificateRequest) throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableEntryException {
        ActivityLock activityLock = new ActivityLock(this);
        try {
            byte[] decode = Base64.getDecoder().decode(importCertificateRequest.getCertificateFile().getContent());
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(new ByteArrayInputStream(decode), importCertificateRequest.getCertificateFile().getPassword().toCharArray());
            Key key = keyStore.getKey(importCertificateRequest.getAlias(), importCertificateRequest.getCertificateFile().getPassword().toCharArray());
            if (key == null) {
                throw new RuntimeException(String.format("'%s' is not a private key, cannot be imported into the keystore!", importCertificateRequest.getAlias()));
            }
            Certificate[] certificateChain = keyStore.getCertificateChain(importCertificateRequest.getAlias());
            this.serverKeystore.setKeyEntry(KeystoreUtils.getInfoFromCertificate(certificateChain[0]).getSubjectCN(), key, SysConfig.getServerProperties().getSsl().getKeyStorePassword().toCharArray(), certificateChain);
            saveKeystore();
            List<KeystoreEntry> sslKeys = KeystoreUtils.getSslKeys(this.serverKeystore);
            activityLock.close();
            return sslKeys;
        } catch (Throwable th) {
            try {
                activityLock.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private void saveKeystore() throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException {
        if (this.serverKeystore == null) {
            throw new RuntimeException("There is no keystore configured in this server!");
        }
        ServerProperties serverProperties = SysConfig.getServerProperties();
        String keyStore = serverProperties.getSsl().getKeyStore();
        String keyStorePassword = serverProperties.getSsl().getKeyStorePassword();
        File designatedFileLocation = KeystoreUtils.getDesignatedFileLocation(keyStore);
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(designatedFileLocation);
            try {
                this.serverKeystore.store(fileOutputStream, keyStorePassword.toCharArray());
                log.info(String.format("Kestore successfully saved to: '%s'", designatedFileLocation.toString()));
                fileOutputStream.close();
            } finally {
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            log.error(StackTracer.toString(e));
            throw e;
        }
    }

    @Override // hu.perit.spvitamin.spring.rest.api.KeystoreApi
    public List<KeystoreEntry> removeCertificateFromKeystoreUsingDELETE(String str) throws UnrecoverableEntryException, NoSuchAlgorithmException, KeyStoreException, CertificateException, IOException {
        ActivityLock activityLock = new ActivityLock(this);
        try {
            KeystoreUtils.removeEntryFromKeystore(this.serverKeystore, str);
            saveKeystore();
            List<KeystoreEntry> sslKeys = KeystoreUtils.getSslKeys(this.serverKeystore);
            activityLock.close();
            return sslKeys;
        } catch (Throwable th) {
            try {
                activityLock.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Override // hu.perit.spvitamin.spring.rest.api.KeystoreApi
    public List<KeystoreEntry> retrieveTruststoreEntriesUsingGET() throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException {
        ActivityLock activityLock = new ActivityLock(this);
        try {
            if (this.serverTruststore == null) {
                throw new RuntimeException("There is no truststore configured in this server!");
            }
            List<KeystoreEntry> sslKeys = KeystoreUtils.getSslKeys(this.serverTruststore);
            activityLock.close();
            return sslKeys;
        } catch (Throwable th) {
            try {
                activityLock.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Override // hu.perit.spvitamin.spring.rest.api.KeystoreApi
    public List<KeystoreEntry> importCertificateIntoTruststoreUsingPOST(ImportCertificateRequest importCertificateRequest) throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableEntryException {
        ActivityLock activityLock = new ActivityLock(this);
        try {
            if (this.serverTruststore == null) {
                throw new RuntimeException("There is no truststore configured in this server!");
            }
            byte[] decode = Base64.getDecoder().decode(importCertificateRequest.getCertificateFile().getContent());
            try {
                KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore.load(new ByteArrayInputStream(decode), importCertificateRequest.getCertificateFile().getPassword().toCharArray());
                this.serverTruststore.setCertificateEntry(importCertificateRequest.getAlias(), keyStore.getCertificate(importCertificateRequest.getAlias()));
            } catch (IOException e) {
                this.serverTruststore.setCertificateEntry(importCertificateRequest.getAlias(), CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(decode)));
            }
            saveTruststore();
            List<KeystoreEntry> sslKeys = KeystoreUtils.getSslKeys(this.serverTruststore);
            activityLock.close();
            return sslKeys;
        } catch (Throwable th) {
            try {
                activityLock.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private void saveTruststore() throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException {
        if (this.serverTruststore == null) {
            throw new RuntimeException("There is no truststore configured in this server!");
        }
        ServerProperties serverProperties = SysConfig.getServerProperties();
        String trustStore = serverProperties.getSsl().getTrustStore();
        String trustStorePassword = serverProperties.getSsl().getTrustStorePassword();
        File designatedFileLocation = KeystoreUtils.getDesignatedFileLocation(trustStore);
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(designatedFileLocation);
            try {
                this.serverTruststore.store(fileOutputStream, trustStorePassword.toCharArray());
                log.info(String.format("Truststore successfully saved to: '%s'", designatedFileLocation.toString()));
                fileOutputStream.close();
            } finally {
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            log.error(StackTracer.toString(e));
            throw e;
        }
    }

    @Override // hu.perit.spvitamin.spring.rest.api.KeystoreApi
    public List<KeystoreEntry> removeCertificateFromTruststoreUsingDELETE(String str) throws UnrecoverableEntryException, NoSuchAlgorithmException, KeyStoreException, CertificateException, IOException {
        ActivityLock activityLock = new ActivityLock(this);
        try {
            if (this.serverTruststore == null) {
                throw new RuntimeException("There is no truststore configured in this server!");
            }
            KeystoreUtils.removeEntryFromKeystore(this.serverTruststore, str);
            saveTruststore();
            List<KeystoreEntry> sslKeys = KeystoreUtils.getSslKeys(this.serverTruststore);
            activityLock.close();
            return sslKeys;
        } catch (Throwable th) {
            try {
                activityLock.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private File getTempDir() {
        return new File(Paths.get(System.getProperty("user.dir"), "temp", getContextName()).toString());
    }

    public void disconnect() {
        super.disconnect();
        try {
            File tempDir = getTempDir();
            if (tempDir.exists()) {
                log.debug(String.format("DEL '%s'", tempDir.getAbsolutePath()));
                FileUtils.deleteDirectory(tempDir);
            }
        } catch (IOException e) {
            log.error(StackTracer.toString(e));
        }
    }
}
