package com.orientechnologies.orient.server.network;

import com.orientechnologies.orient.server.security.OSelfSignedCertificate;
import com.orientechnologies.orient.server.security.SwitchToDefaultParamsException;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

/* loaded from: input_file:com/orientechnologies/orient/server/network/OServerSSLCertificateManager.class */
public class OServerSSLCertificateManager {
    private char[] keyStorePass;
    private File keyStoreFile;
    private KeyStore keyStore;
    private OServerSSLSocketFactory oSSLSocketInfo;
    private OSelfSignedCertificate oSelfSignedCertificate;
    private KeyStore trustStore;
    private char[] trustStorePass;
    private File trustStoreFile;

    private OServerSSLCertificateManager() {
        this.oSSLSocketInfo = null;
        this.oSelfSignedCertificate = null;
    }

    public OServerSSLCertificateManager(OServerSSLSocketFactory oServerSSLSocketFactory, KeyStore keyStore, File file, char[] cArr) {
        this.oSSLSocketInfo = null;
        this.oSelfSignedCertificate = null;
        this.oSSLSocketInfo = oServerSSLSocketFactory;
        this.keyStore = keyStore;
        this.keyStoreFile = file;
        this.keyStorePass = cArr;
    }

    public static OServerSSLCertificateManager getInstance() {
        return new OServerSSLCertificateManager();
    }

    public static OServerSSLCertificateManager getInstance(OServerSSLSocketFactory oServerSSLSocketFactory, KeyStore keyStore, File file, char[] cArr) {
        return new OServerSSLCertificateManager(oServerSSLSocketFactory, keyStore, file, cArr);
    }

    public void loadKeyStoreForSSLSocket() throws Exception {
        try {
            if (this.keyStoreFile.exists()) {
                loadKeyStore(this.keyStoreFile, this.keyStore, this.keyStorePass);
            } else {
                initKeyStore(this.keyStoreFile, this.keyStore, this.keyStorePass);
            }
            checkKeyStoreContentValidity();
        } catch (IOException e) {
            throw e;
        } catch (NoSuchAlgorithmException e2) {
            throw e2;
        } catch (CertificateException e3) {
            reactToCerificateLack();
        }
    }

    public void loadTrustStoreForSSLSocket(KeyStore keyStore, File file, char[] cArr) throws Exception {
        this.trustStore = keyStore;
        this.trustStoreFile = file;
        this.trustStorePass = cArr;
        try {
            try {
                if (file.exists()) {
                    loadKeyStore(file, keyStore, cArr);
                } else {
                    initKeyStore(file, keyStore, cArr);
                }
                if (this.oSelfSignedCertificate != null) {
                    trustCertificate(this.trustStoreFile, this.trustStore, this.trustStorePass, this.oSelfSignedCertificate.getCertificateName(), this.oSelfSignedCertificate.getCertificate());
                }
            } catch (IOException e) {
                throw e;
            } catch (CertificateException e2) {
                if (this.oSelfSignedCertificate != null) {
                    trustCertificate(this.trustStoreFile, this.trustStore, this.trustStorePass, this.oSelfSignedCertificate.getCertificateName(), this.oSelfSignedCertificate.getCertificate());
                }
            }
        } catch (Throwable th) {
            if (this.oSelfSignedCertificate != null) {
                trustCertificate(this.trustStoreFile, this.trustStore, this.trustStorePass, this.oSelfSignedCertificate.getCertificateName(), this.oSelfSignedCertificate.getCertificate());
            }
            throw th;
        }
    }

    public void checkKeyStoreContentValidity() throws CertificateException, KeyStoreException {
        if (!this.keyStore.aliases().hasMoreElements()) {
            throw new CertificateException("the KeyStore is empty");
        }
    }

    public void reactToCerificateLack() throws Exception {
        try {
            if (this.oSelfSignedCertificate == null) {
                initOSelfSignedCertificateParameters();
            }
            autoGenerateSelfSignedX509Cerificate(this.oSelfSignedCertificate);
            storeCertificate(this.oSelfSignedCertificate.getCertificate(), this.oSelfSignedCertificate.getPrivateKey(), this.oSelfSignedCertificate.getCertificateName(), this.keyStorePass, this.keyStoreFile, this.keyStore, this.keyStorePass);
        } catch (CertificateException e) {
            e.printStackTrace();
        } catch (Exception e2) {
            throw e2;
        }
    }

    private void initOSelfSignedCertificateParameters() {
        this.oSelfSignedCertificate = new OSelfSignedCertificate();
        this.oSelfSignedCertificate.setAlgorithm(OSelfSignedCertificate.DEFAULT_CERTIFICATE_ALGORITHM);
        this.oSelfSignedCertificate.setCertificateName(OSelfSignedCertificate.DEFAULT_CERTIFICATE_NAME);
        try {
            this.oSelfSignedCertificate.setCertificateSN(0L);
        } catch (SwitchToDefaultParamsException e) {
        }
        this.oSelfSignedCertificate.setCertificatePwd(null);
        this.oSelfSignedCertificate.setKey_size(2048);
        this.oSelfSignedCertificate.setOwnerFDN(OSelfSignedCertificate.DEFAULT_CERTIFICATE_OWNER);
        this.oSelfSignedCertificate.setValidity(OSelfSignedCertificate.DEFAULT_CERTIFICATE_VALIDITY);
    }

    public static OSelfSignedCertificate autoGenerateSelfSignedX509Cerificate(OSelfSignedCertificate oSelfSignedCertificate) throws SwitchToDefaultParamsException, NoSuchAlgorithmException, CertificateException, NoSuchProviderException, InvalidKeyException, SignatureException {
        oSelfSignedCertificate.generateCertificateKeyPair();
        oSelfSignedCertificate.composeSelfSignedCertificate();
        oSelfSignedCertificate.checkThisCertificate();
        return oSelfSignedCertificate;
    }

    public static void initKeyStore(File file, KeyStore keyStore, char[] cArr) throws IOException, CertificateException, NoSuchAlgorithmException {
        try {
            try {
                if (!file.exists()) {
                    keyStore.load(null, null);
                }
                throw new CertificateException("the KeyStore is empty");
            } catch (Exception e) {
                e.printStackTrace();
                throw e;
            }
        } catch (Throwable th) {
            throw new CertificateException("the KeyStore is empty");
        }
    }

    public static void loadKeyStore(File file, KeyStore keyStore, char[] cArr) throws IOException, CertificateException, NoSuchAlgorithmException {
        FileInputStream fileInputStream = null;
        try {
            try {
                fileInputStream = new FileInputStream(file);
                keyStore.load(fileInputStream, cArr);
                fileInputStream.close();
            } catch (FileNotFoundException e) {
                e.printStackTrace();
                throw e;
            }
        } catch (Throwable th) {
            fileInputStream.close();
            throw th;
        }
    }

    public static void storeCertificate(X509Certificate x509Certificate, PrivateKey privateKey, String str, char[] cArr, File file, KeyStore keyStore, char[] cArr2) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException {
        FileOutputStream fileOutputStream = null;
        try {
            try {
                fileOutputStream = new FileOutputStream(file, true);
                keyStore.setKeyEntry(str, privateKey, cArr, new Certificate[]{x509Certificate});
                keyStore.store(fileOutputStream, cArr2);
                fileOutputStream.close();
            } catch (FileNotFoundException e) {
                e.printStackTrace();
                throw e;
            }
        } catch (Throwable th) {
            fileOutputStream.close();
            throw th;
        }
    }

    public static void trustCertificate(File file, KeyStore keyStore, char[] cArr, String str, X509Certificate x509Certificate) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException {
        FileOutputStream fileOutputStream = null;
        try {
            try {
                fileOutputStream = new FileOutputStream(file, true);
                keyStore.setCertificateEntry(str, x509Certificate);
                keyStore.store(fileOutputStream, cArr);
                fileOutputStream.close();
            } catch (FileNotFoundException e) {
                e.printStackTrace();
                throw e;
            }
        } catch (Throwable th) {
            fileOutputStream.close();
            throw th;
        }
    }
}
