package org.apache.geronimo.deployment.cli;

import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.util.Properties;
import javax.enterprise.deploy.spi.DeploymentManager;
import org.apache.geronimo.cli.deployer.CommandArgs;
import org.apache.geronimo.common.DeploymentException;
import org.apache.geronimo.deployment.plugin.jmx.RemoteDeploymentManager;
import org.apache.geronimo.gbean.AbstractName;
import org.apache.geronimo.gbean.AbstractNameQuery;
import org.apache.geronimo.kernel.GBeanNotFoundException;
import org.apache.geronimo.kernel.InternalKernelException;
import org.apache.geronimo.kernel.Kernel;
import org.apache.geronimo.kernel.NoSuchOperationException;

/* loaded from: input_file:lib/geronimo-deploy-tool-3.0.1.jar:org/apache/geronimo/deployment/cli/CommandUnlockKeystore.class */
public class CommandUnlockKeystore extends AbstractCommand {
    private static final String KEYSTORE_TRUSTSTORE_PASSWORD_FILE = "org.apache.geronimo.keyStoreTrustStorePasswordFile";
    private static final String GERONIMO_HOME = "org.apache.geronimo.home.dir";
    private static final String GERONIMO_SERVER = "org.apache.geronimo.server.dir";
    private static final String DEFAULT_KEYSTORE_TRUSTSTORE_PASSWORD_FILE = System.getProperty("org.apache.geronimo.server.dir") + "/var/config/config-substitutions.properties";

    @Override // org.apache.geronimo.deployment.cli.DeployCommand
    public void execute(ConsoleReader consoleReader, ServerConnection serverConnection, CommandArgs commandArgs) throws DeploymentException {
        String[] args = commandArgs.getArgs();
        if (args.length == 0) {
            throw new DeploymentException("Specify the key store name to be unlocked");
        }
        DeploymentManager deploymentManager = serverConnection.getDeploymentManager();
        Kernel kernel = deploymentManager instanceof RemoteDeploymentManager ? ((RemoteDeploymentManager) deploymentManager).getKernel() : null;
        try {
            kernel.invoke(kernel.listGBeans(new AbstractNameQuery("org.apache.geronimo.management.geronimo.KeystoreManager")).iterator().next(), "initializeKeystores");
            if (args.length >= 1) {
                try {
                    Properties loadTrustStorePasswordFile = loadTrustStorePasswordFile();
                    AbstractName keyStoreAbstractName = getKeyStoreAbstractName(kernel, args[0]);
                    unLockKeyStore(kernel, keyStoreAbstractName, loadTrustStorePasswordFile, args[0]);
                    emit(consoleReader, "Successfuly unlocked the keystore:: " + args[0]);
                    for (int i = 1; i < args.length; i++) {
                        unlockKeyAlias(kernel, keyStoreAbstractName, loadTrustStorePasswordFile, args[0], args[i]);
                        emit(consoleReader, "Successfuly unlocked the private key:: " + args[i]);
                    }
                } catch (FileNotFoundException e) {
                    throw new DeploymentException("Unable to read the keystore password from the specified file:: " + System.getProperty(KEYSTORE_TRUSTSTORE_PASSWORD_FILE, DEFAULT_KEYSTORE_TRUSTSTORE_PASSWORD_FILE), e);
                } catch (IOException e2) {
                    throw new DeploymentException("Unable to read the keystore password from the specified file:: " + System.getProperty(KEYSTORE_TRUSTSTORE_PASSWORD_FILE, DEFAULT_KEYSTORE_TRUSTSTORE_PASSWORD_FILE), e2);
                }
            }
        } catch (GBeanNotFoundException e3) {
            throw new DeploymentException("Unable to find the gbean associated with initializeKeystores");
        } catch (InternalKernelException e4) {
            throw new DeploymentException();
        } catch (NoSuchOperationException e5) {
            throw new DeploymentException("Operation initializeKeystores does not exist");
        } catch (Exception e6) {
            throw new DeploymentException();
        }
    }

    private Properties loadTrustStorePasswordFile() throws DeploymentException {
        Properties properties = new Properties();
        FileInputStream fileInputStream = null;
        try {
            try {
                fileInputStream = new FileInputStream(System.getProperty(KEYSTORE_TRUSTSTORE_PASSWORD_FILE, DEFAULT_KEYSTORE_TRUSTSTORE_PASSWORD_FILE));
                properties.load(fileInputStream);
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (Exception e) {
                    }
                }
                return properties;
            } catch (Throwable th) {
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (Exception e2) {
                    }
                }
                throw th;
            }
        } catch (FileNotFoundException e3) {
            throw new DeploymentException("Unable to read specified file:: " + System.getProperty(KEYSTORE_TRUSTSTORE_PASSWORD_FILE, DEFAULT_KEYSTORE_TRUSTSTORE_PASSWORD_FILE), e3);
        } catch (IOException e4) {
            throw new DeploymentException("Unable to read specified file:: " + System.getProperty(KEYSTORE_TRUSTSTORE_PASSWORD_FILE, DEFAULT_KEYSTORE_TRUSTSTORE_PASSWORD_FILE), e4);
        }
    }

    private String getKeyAliasPassword(Properties properties, String str, String str2, Kernel kernel) throws DeploymentException {
        String property = properties.getProperty(str2);
        if (property == null) {
            throw new DeploymentException("No alias with the name " + str2 + " exists in the keyStoreTruststore password properties file::" + System.getProperty(KEYSTORE_TRUSTSTORE_PASSWORD_FILE, DEFAULT_KEYSTORE_TRUSTSTORE_PASSWORD_FILE));
        }
        AbstractName next = kernel.listGBeans(new AbstractNameQuery("org.apache.geronimo.system.util.EncryptionManagerWrapperGBean")).iterator().next();
        try {
            return (String) kernel.invoke(next, "decrypt", new Object[]{property}, new String[]{"java.lang.String"});
        } catch (GBeanNotFoundException e) {
            throw new DeploymentException("Unable to find the gbean with the abstractname:: " + next, e);
        } catch (InternalKernelException e2) {
            throw new DeploymentException();
        } catch (NoSuchOperationException e3) {
            throw new DeploymentException("No method decrypt available with:: " + next, e3);
        } catch (Exception e4) {
            throw new DeploymentException();
        }
    }

    public AbstractName getKeyStoreAbstractName(Kernel kernel, String str) throws DeploymentException {
        for (AbstractName abstractName : kernel.listGBeans(new AbstractNameQuery("org.apache.geronimo.management.geronimo.KeystoreInstance"))) {
            try {
                if (str.equals((String) kernel.getAttribute(abstractName, "keystoreName"))) {
                    return abstractName;
                }
            } catch (Exception e) {
                throw new DeploymentException("No keystore exists with the name::" + str, e);
            }
        }
        throw new DeploymentException("No keystore exists with the name::" + str);
    }

    private String getKeyStorePassword(Properties properties, String str, Kernel kernel) throws DeploymentException {
        String property = properties.getProperty(str);
        if (property == null) {
            throw new DeploymentException("No keyStorePassword attribute named " + str + " exists in the keyStoreTruststore password properties file::" + System.getProperty(KEYSTORE_TRUSTSTORE_PASSWORD_FILE, DEFAULT_KEYSTORE_TRUSTSTORE_PASSWORD_FILE));
        }
        AbstractName next = kernel.listGBeans(new AbstractNameQuery("org.apache.geronimo.system.util.EncryptionManagerWrapperGBean")).iterator().next();
        try {
            return (String) kernel.invoke(next, "decrypt", new Object[]{property}, new String[]{"java.lang.String"});
        } catch (GBeanNotFoundException e) {
            throw new DeploymentException("Unable to find the gbean with the abstractname:: " + next, e);
        } catch (InternalKernelException e2) {
            throw new DeploymentException();
        } catch (NoSuchOperationException e3) {
            throw new DeploymentException("No method decrypt available with:: " + next, e3);
        } catch (Exception e4) {
            throw new DeploymentException();
        }
    }

    public boolean unlockKeyAlias(Kernel kernel, AbstractName abstractName, Properties properties, String str, String str2) throws DeploymentException, FileNotFoundException {
        char[] charArray = getKeyAliasPassword(properties, str, str2, kernel).toCharArray();
        char[] charArray2 = getKeyStorePassword(properties, str, kernel).toCharArray();
        try {
            kernel.invoke(abstractName, "unlockPrivateKey", new Object[]{str2, charArray2, charArray}, new String[]{str2.getClass().getName(), charArray2.getClass().getName(), charArray.getClass().getName()});
            return true;
        } catch (GBeanNotFoundException e) {
            throw new DeploymentException("Unable to find the gbean with the abstractname:: " + abstractName, e);
        } catch (NoSuchOperationException e2) {
            throw new DeploymentException("No such method unlockPrivateKey available with:: " + abstractName, e2);
        } catch (Exception e3) {
            throw new DeploymentException(e3);
        }
    }

    public void unLockKeyStore(Kernel kernel, AbstractName abstractName, Properties properties, String str) throws DeploymentException {
        char[] charArray = getKeyStorePassword(properties, str, kernel).toCharArray();
        try {
            kernel.invoke(abstractName, "unlockKeystore", new Object[]{charArray}, new String[]{charArray.getClass().getName()});
        } catch (GBeanNotFoundException e) {
            throw new DeploymentException("Unable to find the gbean with the abstractname:: " + abstractName, e);
        } catch (NoSuchOperationException e2) {
            throw new DeploymentException("No such method unlockPrivateKey available with:: " + abstractName, e2);
        } catch (Exception e3) {
            throw new DeploymentException(e3);
        }
    }
}
