package blended.security.scep.standalone;

import blended.security.ssl.MemoryKeystore;
import blended.security.ssl.internal.PasswordHasher;
import blended.util.logging.Logger;
import blended.util.logging.Logger$;
import de.tototec.cmdoption.CmdlineParser;
import de.tototec.cmdoption.CmdlineParserException;
import java.io.File;
import java.io.FileReader;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.openssl.PEMEncryptedKeyPair;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import scala.Console$;
import scala.MatchError;
import scala.Option;
import scala.Option$;
import scala.Predef$;
import scala.Predef$ArrowAssoc$;
import scala.Some;
import scala.Tuple2;
import scala.collection.ArrayOps$;
import scala.collection.IterableOnceOps;
import scala.collection.immutable.Seq;
import scala.collection.immutable.Seq$;
import scala.concurrent.Await$;
import scala.concurrent.ExecutionContext$;
import scala.concurrent.duration.Duration;
import scala.concurrent.duration.Duration$;
import scala.reflect.ClassTag$;
import scala.runtime.BoxedUnit;
import scala.runtime.ScalaRunTime$;
import scala.util.Failure;
import scala.util.Success;
import scala.util.Try;
import scala.util.control.NonFatal$;

/* compiled from: ScepClientApp.scala */
/* loaded from: input_file:blended/security/scep/standalone/ScepClientApp$.class */
public final class ScepClientApp$ {
    public static final ScepClientApp$ MODULE$ = new ScepClientApp$();
    private static final Logger log = Logger$.MODULE$.apply(ClassTag$.MODULE$.apply(ScepClientApp$.class));

    public void main(String[] strArr) {
        try {
            run(strArr);
        } catch (Throwable th) {
            if (th instanceof ExitAppException) {
                ExitAppException exitAppException = (ExitAppException) th;
                exitAppException.errMsg().foreach(str -> {
                    $anonfun$main$1(str);
                    return BoxedUnit.UNIT;
                });
                Logger apply = Logger$.MODULE$.apply(ClassTag$.MODULE$.apply(ScepClientApp$.class));
                apply.debug(exitAppException, apply.debug$default$2(), () -> {
                    return new StringBuilder(51).append("About to exit VM from main-method with exit code [").append(exitAppException.exitCode()).append("]").toString();
                });
                System.exit(exitAppException.exitCode().code());
                BoxedUnit boxedUnit = BoxedUnit.UNIT;
                return;
            }
            if (th != null) {
                Option unapply = NonFatal$.MODULE$.unapply(th);
                if (!unapply.isEmpty()) {
                    Throwable th2 = (Throwable) unapply.get();
                    Logger apply2 = Logger$.MODULE$.apply(ClassTag$.MODULE$.apply(ScepClientApp$.class));
                    apply2.error(th2, apply2.error$default$2(), () -> {
                        return new StringBuilder(38).append("An unexepected error occured.\nReason: ").append(th2.getMessage()).toString();
                    });
                    System.exit(ExitCode$InternalError$.MODULE$.code());
                    BoxedUnit boxedUnit2 = BoxedUnit.UNIT;
                    return;
                }
            }
            throw th;
        }
    }

    public void run(String[] strArr) {
        Cmdline cmdline = new Cmdline();
        CmdlineParser cmdlineParser = new CmdlineParser(new Object[]{cmdline});
        cmdlineParser.setProgramName("java -jar scep-client.jar");
        cmdlineParser.setAboutLine("Standalone SCEP client, which can create and update Java key stores from a remote SCEP server.");
        try {
            cmdlineParser.parse(strArr);
            if (cmdline.help() || ArrayOps$.MODULE$.isEmpty$extension(Predef$.MODULE$.refArrayOps(strArr))) {
                cmdlineParser.usage();
                throw new ExitAppException(ExitCode$Ok$.MODULE$, ExitAppException$.MODULE$.$lessinit$greater$default$2(), ExitAppException$.MODULE$.$lessinit$greater$default$3());
            }
            String str = (String) cmdline.salt().getOrElse(() -> {
                return "scep-client";
            });
            cmdline.password().foreach(str2 -> {
                $anonfun$run$2(str, str2);
                return BoxedUnit.UNIT;
            });
            cmdline.infoFile().foreach(str3 -> {
                $anonfun$run$3(str3);
                return BoxedUnit.UNIT;
            });
            cmdline.csrFile().foreach(str4 -> {
                $anonfun$run$4(str4);
                return BoxedUnit.UNIT;
            });
            if (cmdline.refreshCerts()) {
                refreshCert(str, Duration$.MODULE$.apply(cmdline.timeout(), TimeUnit.SECONDS), new File((String) cmdline.baseDir().getOrElse(() -> {
                    return ".";
                })).getAbsoluteFile(), cmdline.expectRefresh());
            }
        } catch (CmdlineParserException e) {
            throw new ExitAppException(ExitCode$InvalidCmdline$.MODULE$, Option$.MODULE$.apply(e.getLocalizedMessage()), e);
        }
    }

    public void readInfoFile(String str) {
        File absoluteFile = new File(str).getAbsoluteFile();
        if (!absoluteFile.exists() || !absoluteFile.isFile()) {
            throw new RuntimeException(new StringBuilder(22).append("File does not exists: ").append(absoluteFile).toString());
        }
        log.debug(() -> {
            return new StringBuilder(20).append("About to parse file ").append(absoluteFile).toString();
        });
        Object readObject = new PEMParser(new FileReader(absoluteFile)).readObject();
        log.debug(() -> {
            return new StringBuilder(16).append("Parsed object [").append(readObject).append("]").toString();
        });
        if (readObject instanceof PEMEncryptedKeyPair) {
            log.debug(() -> {
                return "Got an encrypted key pair - need a password to decrypt";
            });
            BoxedUnit boxedUnit = BoxedUnit.UNIT;
            return;
        }
        if (readObject instanceof PEMKeyPair) {
            log.debug(() -> {
                return "Got an (unencrypted) key pair - no password needed";
            });
            BoxedUnit boxedUnit2 = BoxedUnit.UNIT;
        } else if (readObject instanceof X509CertificateHolder) {
            X509CertificateHolder x509CertificateHolder = (X509CertificateHolder) readObject;
            log.debug(() -> {
                return new StringBuilder(64).append("Got an certificate holder. subject [").append(x509CertificateHolder.getSubject()).append("], version [").append(x509CertificateHolder.getVersionNumber()).append("], extensions [").append(x509CertificateHolder.getExtensions()).append("]").toString();
            });
            BoxedUnit boxedUnit3 = BoxedUnit.UNIT;
        } else {
            if (!(readObject instanceof PKCS10CertificationRequest)) {
                throw new MatchError(readObject);
            }
            PKCS10CertificationRequest pKCS10CertificationRequest = (PKCS10CertificationRequest) readObject;
            log.debug(() -> {
                return new StringBuilder(0).append(new StringBuilder(23).append("Got a CSR. subject [").append(pKCS10CertificationRequest.getSubject()).append("], ").toString()).append(new StringBuilder(13).append("attributes [").append(Predef$.MODULE$.wrapRefArray((Object[]) ArrayOps$.MODULE$.map$extension(Predef$.MODULE$.refArrayOps(pKCS10CertificationRequest.getAttributes()), attribute -> {
                    return new StringBuilder(29).append("Attribute(type [").append(attribute.getAttrType()).append("], values [").append(attribute.getAttrValues()).append("])").toString();
                }, ClassTag$.MODULE$.apply(String.class))).mkString(", ")).append("]").toString()).toString();
            });
            BoxedUnit boxedUnit4 = BoxedUnit.UNIT;
        }
    }

    public void readCsrFile(String str) {
        File absoluteFile = new File(str).getAbsoluteFile();
        if (!absoluteFile.exists() || !absoluteFile.isFile()) {
            throw new RuntimeException(new StringBuilder(21).append("File does not exist: ").append(absoluteFile).toString());
        }
        log.debug(() -> {
            return new StringBuilder(20).append("About to parse file ").append(absoluteFile).toString();
        });
        Object readObject = new PEMParser(new FileReader(absoluteFile)).readObject();
        log.debug(() -> {
            return new StringBuilder(16).append("Parsed object [").append(readObject).append("]").toString();
        });
        if (!(readObject instanceof PKCS10CertificationRequest)) {
            String sb = new StringBuilder(40).append("File [").append(str).append("] has no supported CSR file format").toString();
            log.error(() -> {
                return sb;
            });
            throw new ExitAppException(ExitCode$Error$.MODULE$, new Some(sb), ExitAppException$.MODULE$.$lessinit$greater$default$3());
        }
        PKCS10CertificationRequest pKCS10CertificationRequest = (PKCS10CertificationRequest) readObject;
        SubjectPublicKeyInfo subjectPublicKeyInfo = pKCS10CertificationRequest.getSubjectPublicKeyInfo();
        Seq apply = Seq$.MODULE$.apply(ScalaRunTime$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("subject"), pKCS10CertificationRequest.getSubject()), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("attributes"), Predef$.MODULE$.wrapRefArray(pKCS10CertificationRequest.getAttributes()).toList()), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("signature"), Predef$.MODULE$.wrapByteArray(pKCS10CertificationRequest.getSignature()).toList()), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("signatureAlgorithm"), pKCS10CertificationRequest.getSignatureAlgorithm()), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("subjectPublicKeyInfo"), subjectPublicKeyInfo), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("subjectPublicKeyInfo.algorithm"), subjectPublicKeyInfo.getAlgorithm()), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("subjectPublicKeyInfo.algorithm.algorithm"), subjectPublicKeyInfo.getAlgorithm().getAlgorithm()), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("subjectPublicKeyInfo.algorithm.parameters"), subjectPublicKeyInfo.getAlgorithm().getParameters()), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("subjectPublicKeyInfo.publicKeyData"), subjectPublicKeyInfo.getPublicKeyData())}));
        log.debug(() -> {
            return new StringBuilder(19).append("Got a CSR. Info:\n  ").append(((IterableOnceOps) apply.map(tuple2 -> {
                return new StringBuilder(2).append(tuple2._1()).append(": ").append(tuple2._2()).toString();
            })).mkString("\n  ")).toString();
        });
        BoxedUnit boxedUnit = BoxedUnit.UNIT;
    }

    public void refreshCert(String str, Duration duration, File file, boolean z) {
        CertRefresher certRefresher = new CertRefresher(str, file, ExecutionContext$.MODULE$.global());
        try {
            Success success = (Try) Await$.MODULE$.ready(certRefresher.checkCert(), duration).value().get();
            if (!(success instanceof Success)) {
                if (!(success instanceof Failure)) {
                    throw new MatchError(success);
                }
                Throwable exception = ((Failure) success).exception();
                certRefresher.stop();
                throw new ExitAppException(ExitCode$Error$.MODULE$, new Some(new StringBuilder(73).append("Error: Could not refresh certificates.\nReason: ").append(exception.getMessage()).append("\nSee log file for details.").toString()), exception);
            }
            MemoryKeystore memoryKeystore = (MemoryKeystore) success.value();
            log.debug(() -> {
                return "Successfully gathered certificates";
            });
            certRefresher.stop();
            if (!z || !memoryKeystore.changedAliases().isEmpty()) {
                throw new ExitAppException(ExitCode$Ok$.MODULE$, new Some("Successfully refreshed certificates"), ExitAppException$.MODULE$.$lessinit$greater$default$3());
            }
            throw new ExitAppException(ExitCode$NoCertsRefreshed$.MODULE$, new Some("Successfully gathered unchanged certificates."), ExitAppException$.MODULE$.$lessinit$greater$default$3());
        } catch (TimeoutException e) {
            certRefresher.stop();
            throw new ExitAppException(ExitCode$Timeout$.MODULE$, new Some(new StringBuilder(89).append("Error: Could not refresh certificates.\nReason: Timeout after [").append(duration).append("]\nSee log file for details.").toString()), e);
        }
    }

    public static final /* synthetic */ void $anonfun$main$1(String str) {
        Console$.MODULE$.err().println(str);
    }

    public static final /* synthetic */ void $anonfun$run$2(String str, String str2) {
        Predef$.MODULE$.println(new PasswordHasher(str).password(str2));
    }

    public static final /* synthetic */ void $anonfun$run$3(String str) {
        MODULE$.readInfoFile(str);
    }

    public static final /* synthetic */ void $anonfun$run$4(String str) {
        MODULE$.readCsrFile(str);
    }

    private ScepClientApp$() {
    }
}
