package oracle.pgx.config;

import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import oracle.pgx.common.util.ErrorMessages;
import oracle.pgx.config.ServerConfig;
import oracle.pgx.vfs.VirtualFile;
import oracle.pgx.vfs.VirtualFileManager;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.IOUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:oracle/pgx/config/AbstractServerConfig.class */
public abstract class AbstractServerConfig extends AbstractConfig {
    private static final String PKCS8_PRIV_KEY_START_MARKER = "-----BEGIN PRIVATE KEY-----\n";
    private static final String PKCS8_PRIV_KEY_END_MARKER = "-----END PRIVATE KEY-----";
    private static final Logger LOG = LoggerFactory.getLogger(AbstractServerConfig.class);
    private static final VirtualFileManager VFM = VirtualFileManager.getInstance();

    public static ServerConfig parse(String str) throws IOException {
        VirtualFile resolve = VFM.resolve(str);
        InputStream inputStream = resolve.getInputStream();
        Throwable th = null;
        try {
            try {
                ServerConfig parse = ServerConfig.parse(inputStream, true, resolve.getParent());
                if (inputStream != null) {
                    if (0 != 0) {
                        try {
                            inputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        inputStream.close();
                    }
                }
                return parse;
            } finally {
            }
        } catch (Throwable th3) {
            if (inputStream != null) {
                if (th != null) {
                    try {
                        inputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    inputStream.close();
                }
            }
            throw th3;
        }
    }

    public static String removeScheme(String str) {
        return str.startsWith("file://") ? str.substring("file://".length()) : str;
    }

    public abstract Boolean isEnableTls();

    public abstract List<String> getCaCerts();

    public abstract String getServerCert();

    public abstract String getServerPrivateKey();

    public abstract String getAuthorization();

    public void validate() {
        if (isEnableTls().booleanValue()) {
            validateReadable(getAuthorization());
            require(getServerCert(), ServerConfig.Field.SERVER_CERT);
            require(getServerPrivateKey(), ServerConfig.Field.SERVER_PRIVATE_KEY);
            validateReadable(getServerPrivateKey());
            validateReadable(getServerPrivateKey());
            Iterator<String> it = getCaCerts().iterator();
            while (it.hasNext()) {
                validateReadable(it.next());
            }
        }
    }

    public ServerAuthConfig parseAuthConfig() throws IOException {
        VirtualFile resolve = VFM.resolve(getAuthorization());
        InputStream inputStream = VFM.getInputStream(getAuthorization());
        Throwable th = null;
        try {
            try {
                ServerAuthConfig parse = ServerAuthConfig.parse(inputStream, true, resolve.getParent());
                if (inputStream != null) {
                    if (0 != 0) {
                        try {
                            inputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        inputStream.close();
                    }
                }
                return parse;
            } finally {
            }
        } catch (Throwable th3) {
            if (inputStream != null) {
                if (th != null) {
                    try {
                        inputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    inputStream.close();
                }
            }
            throw th3;
        }
    }

    public KeyStore createKeyStore(String str, String str2, String str3) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, InvalidKeySpecException {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null, null);
        LinkedList linkedList = new LinkedList();
        Iterator<String> it = getCaCerts().iterator();
        while (it.hasNext()) {
            linkedList.addAll(readCertificates(it.next()));
        }
        for (int i = 0; i < linkedList.size(); i++) {
            keyStore.setCertificateEntry("ca_cert_" + (i + 1), (Certificate) linkedList.get(i));
        }
        List<Certificate> readCertificates = readCertificates(getServerCert());
        if (readCertificates.size() != 1) {
            throw new IllegalArgumentException("expected " + getServerCert() + " to contain one certificate. Found " + readCertificates.size() + ".");
        }
        keyStore.setCertificateEntry("server_cert", readCertificates.get(0));
        keyStore.setKeyEntry(str2, readPrivateKey(getServerPrivateKey()), str3.toCharArray(), new Certificate[]{readCertificates.get(0)});
        FileOutputStream openOutputStream = FileUtils.openOutputStream(new File(str));
        Throwable th = null;
        try {
            try {
                keyStore.store(openOutputStream, str3.toCharArray());
                if (openOutputStream != null) {
                    if (0 != 0) {
                        try {
                            openOutputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        openOutputStream.close();
                    }
                }
                return keyStore;
            } finally {
            }
        } catch (Throwable th3) {
            if (openOutputStream != null) {
                if (th != null) {
                    try {
                        openOutputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    openOutputStream.close();
                }
            }
            throw th3;
        }
    }

    private PrivateKey readPrivateKey(String str) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
        InputStream inputStream = VFM.getInputStream(str);
        Throwable th = null;
        try {
            String iOUtils = IOUtils.toString(inputStream);
            int indexOf = iOUtils.indexOf(PKCS8_PRIV_KEY_START_MARKER);
            if (indexOf < 0) {
                throw new IllegalArgumentException("unrecognized private server key format. Couldn't find string -----BEGIN PRIVATE KEY-----\n in " + getServerPrivateKey());
            }
            int indexOf2 = iOUtils.indexOf(PKCS8_PRIV_KEY_END_MARKER);
            if (indexOf2 < 0) {
                throw new IllegalArgumentException("unrecognized private server key format. Couldn't find string -----END PRIVATE KEY----- in " + getServerPrivateKey());
            }
            PrivateKey generatePrivate = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.decodeBase64(iOUtils.substring(indexOf + PKCS8_PRIV_KEY_START_MARKER.length(), indexOf2))));
            if (inputStream != null) {
                if (0 != 0) {
                    try {
                        inputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    inputStream.close();
                }
            }
            return generatePrivate;
        } catch (Throwable th3) {
            if (inputStream != null) {
                if (0 != 0) {
                    try {
                        inputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    inputStream.close();
                }
            }
            throw th3;
        }
    }

    private List<Certificate> readCertificates(String str) throws CertificateException, IOException {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        LinkedList linkedList = new LinkedList();
        InputStream inputStream = VFM.getInputStream(str);
        Throwable th = null;
        while (inputStream.available() > 0) {
            try {
                try {
                    Certificate generateCertificate = certificateFactory.generateCertificate(inputStream);
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("found certificate in {}:{} {}", new Object[]{str, System.lineSeparator(), generateCertificate.toString()});
                    }
                    linkedList.add(generateCertificate);
                } catch (Throwable th2) {
                    if (inputStream != null) {
                        if (th != null) {
                            try {
                                inputStream.close();
                            } catch (Throwable th3) {
                                th.addSuppressed(th3);
                            }
                        } else {
                            inputStream.close();
                        }
                    }
                    throw th2;
                }
            } finally {
            }
        }
        if (inputStream != null) {
            if (0 != 0) {
                try {
                    inputStream.close();
                } catch (Throwable th4) {
                    th.addSuppressed(th4);
                }
            } else {
                inputStream.close();
            }
        }
        return linkedList;
    }

    private static void require(String str, ServerConfig.Field field) {
        if (str == null) {
            throw new IllegalArgumentException(ErrorMessages.getMessage("FIELD_REQUIRED", new Object[]{field.toKey()}));
        }
    }

    private static void validateReadable(String str) {
        if (str == null) {
            throw new IllegalArgumentException(ErrorMessages.getMessage("FILE_NOT_FOUND", new Object[]{str}));
        }
        File file = new File(removeScheme(str));
        if (!file.exists() || !file.canRead()) {
            throw new IllegalArgumentException(ErrorMessages.getMessage("FILE_NOT_READABLE", new Object[]{str}));
        }
    }
}
