package org.openremote.manager.security;

import java.io.File;
import java.io.FileOutputStream;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.util.Optional;
import java.util.logging.Logger;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManagerFactory;
import org.openremote.agent.protocol.mqtt.CustomKeyManagerFactory;
import org.openremote.agent.protocol.mqtt.CustomX509TrustManagerFactory;
import org.openremote.container.persistence.PersistenceService;
import org.openremote.container.util.MapAccess;
import org.openremote.model.Container;
import org.openremote.model.security.KeyStoreService;

/* loaded from: input_file:org/openremote/manager/security/KeyStoreServiceImpl.class */
public class KeyStoreServiceImpl implements KeyStoreService {
    protected PersistenceService persistenceService;
    protected ManagerIdentityService identityService;
    private KeyStore keyStore = null;
    private KeyStore trustStore = null;
    private static final String OR_SSL_CLIENT_KEYSTORE_FILE = "OR_SSL_CLIENT_KEYSTORE_FILE";
    private static final String OR_SSL_CLIENT_TRUSTSTORE_FILE = "OR_SSL_CLIENT_TRUSTSTORE_FILE";
    private static final String OR_SSL_CLIENT_KEYSTORE_PASSWORD = "OR_SSL_CLIENT_KEYSTORE_PASSWORD";
    private static final String OR_SSL_CLIENT_TRUSTSTORE_PASSWORD = "OR_SSL_CLIENT_TRUSTSTORE_PASSWORD";
    private static final String OR_KEYSTORE_PASSWORD = "OR_KEYSTORE_PASSWORD";
    protected Path keyStorePath;
    protected Path trustStorePath;
    private String keyStorePassword;

    public int getPriority() {
        return -2147483528;
    }

    public void init(Container container) throws Exception {
        this.persistenceService = container.getService(PersistenceService.class);
        this.identityService = container.getService(ManagerIdentityService.class);
        this.keyStorePassword = MapAccess.getString(container.getConfig(), OR_KEYSTORE_PASSWORD, MapAccess.getString(container.getConfig(), "OR_ADMIN_PASSWORD", "secret"));
    }

    public void start(Container container) throws Exception {
        String string = MapAccess.getString(container.getConfig(), OR_SSL_CLIENT_KEYSTORE_FILE, (String) null);
        String string2 = MapAccess.getString(container.getConfig(), OR_SSL_CLIENT_TRUSTSTORE_FILE, (String) null);
        Optional of = string != null ? Optional.of(Paths.get(string, new String[0])) : Optional.empty();
        Optional of2 = string2 != null ? Optional.of(Paths.get(string2, new String[0])) : Optional.empty();
        String string3 = MapAccess.getString(container.getConfig(), OR_SSL_CLIENT_KEYSTORE_PASSWORD, String.valueOf(getKeyStorePassword()));
        String string4 = MapAccess.getString(container.getConfig(), OR_SSL_CLIENT_TRUSTSTORE_PASSWORD, String.valueOf(getKeyStorePassword()));
        if (of.isPresent()) {
            this.keyStore = KeyStore.getInstance(((Path) of.get()).toFile(), string3.toCharArray());
        } else {
            Path resolvePath = this.persistenceService.resolvePath(Paths.get("keystores", new String[0]).resolve("client_keystore.p12"));
            if (new File(resolvePath.toUri()).exists()) {
                this.keyStorePath = resolvePath;
                this.keyStore = KeyStore.getInstance(new File(resolvePath.toUri()), getKeyStorePassword());
            } else {
                this.keyStore = createKeyStore(resolvePath);
            }
            this.keyStorePath = resolvePath;
        }
        if (of2.isPresent()) {
            this.trustStore = KeyStore.getInstance(((Path) of2.get()).toFile(), string4.toCharArray());
            return;
        }
        Path resolvePath2 = this.persistenceService.resolvePath(Paths.get("keystores", new String[0]).resolve("client_truststore.p12"));
        if (new File(resolvePath2.toUri()).exists()) {
            this.trustStorePath = resolvePath2;
            this.trustStore = KeyStore.getInstance(new File(resolvePath2.toUri()), getKeyStorePassword());
        } else {
            this.trustStore = createKeyStore(resolvePath2);
        }
        this.trustStorePath = resolvePath2;
    }

    private KeyStore getKeyStore() {
        try {
            return KeyStore.getInstance(this.keyStorePath.toAbsolutePath().toFile(), getKeyStorePassword());
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private KeyStore getTrustStore() {
        try {
            return KeyStore.getInstance(this.trustStorePath.toAbsolutePath().toFile(), getKeyStorePassword());
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private void storeKeyStore(KeyStore keyStore) {
        try {
            this.keyStore = keyStore;
            keyStore.store(new FileOutputStream(this.keyStorePath.toFile()), getKeyStorePassword());
        } catch (Exception e) {
            getLogger().severe("Couldn't store KeyStore to Storage! " + e.getMessage());
        }
    }

    private void storeTrustStore(KeyStore keyStore) {
        try {
            this.trustStore = keyStore;
            keyStore.store(new FileOutputStream(this.trustStorePath.toFile()), getKeyStorePassword());
        } catch (Exception e) {
            getLogger().severe("Couldn't store TrustStore to Storage! " + e.getMessage());
        }
    }

    private char[] getKeyStorePassword() {
        return this.keyStorePassword.toCharArray();
    }

    public KeyManagerFactory getKeyManagerFactory(String str) throws Exception {
        CustomKeyManagerFactory customKeyManagerFactory = new CustomKeyManagerFactory(str);
        try {
            customKeyManagerFactory.init(this.keyStore, getKeyStorePassword());
            return customKeyManagerFactory;
        } catch (Exception e) {
            throw new Exception("Could not retrieve KeyManagerFactory: " + e.getMessage());
        }
    }

    public TrustManagerFactory getTrustManagerFactory() throws Exception {
        CustomX509TrustManagerFactory customX509TrustManagerFactory = new CustomX509TrustManagerFactory(new KeyStore[]{this.trustStore, (KeyStore) null});
        try {
            customX509TrustManagerFactory.init((KeyStore) null);
            return customX509TrustManagerFactory;
        } catch (Exception e) {
            throw new Exception("Could not retrieve KeyManagerFactory: " + e.getMessage());
        }
    }

    protected KeyStore createKeyStore(Path path) throws Exception {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, getKeyStorePassword());
        File file = path.toAbsolutePath().toFile();
        if (file.getParentFile() != null && !file.getParentFile().exists()) {
            file.getParentFile().mkdirs();
        }
        file.createNewFile();
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(file);
            try {
                keyStore.store(fileOutputStream, getKeyStorePassword());
                fileOutputStream.close();
                return keyStore;
            } finally {
            }
        } catch (Exception e) {
            getLogger().severe("Couldn't store KeyStore to Storage! " + e.getMessage());
            throw e;
        }
    }

    public void stop(Container container) throws Exception {
    }

    private Logger getLogger() {
        return LOG;
    }
}
