package oracle.kv.impl.security.wallet;

import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.IOException;
import java.io.PrintStream;
import java.util.Collection;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import oracle.kv.impl.security.PasswordStore;
import oracle.kv.impl.security.PasswordStoreException;
import oracle.kv.impl.security.util.SecurityUtils;
import oracle.security.pki.OracleSecretStore;
import oracle.security.pki.OracleSecretStoreException;
import oracle.security.pki.OracleWallet;

/* loaded from: input_file:oracle/kv/impl/security/wallet/WalletStore.class */
public class WalletStore implements PasswordStore {
    private final File storeLocation;
    private OracleWallet wallet = null;
    private OracleSecretStore sstore = null;
    private boolean autoLogin = false;
    private boolean modified = false;
    private static final String LOGIN_PREFIX = "oracle.security.client.";
    private static final String LOGIN_CONNECT_PREFIX = "oracle.security.client.connect_string";
    private static final String LOGIN_USER_PREFIX = "oracle.security.client.username";
    private static final String LOGIN_PW_PREFIX = "oracle.security.client.password";
    private static final Object openWalletLock = new Object();

    /* loaded from: input_file:oracle/kv/impl/security/wallet/WalletStore$OutputCapture.class */
    private final class OutputCapture {
        private PrintStream systemOut;
        private final ByteArrayOutputStream baosOut;
        private final PrintStream printOut;
        private boolean capturing;

        private OutputCapture() {
            this.systemOut = null;
            this.baosOut = new ByteArrayOutputStream();
            this.printOut = new PrintStream(this.baosOut);
            this.capturing = false;
            start();
        }

        private void start() {
            if (this.capturing) {
                return;
            }
            this.systemOut = System.out;
            System.setOut(this.printOut);
            this.capturing = true;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void restore() {
            if (this.capturing) {
                this.capturing = false;
                System.setOut(this.systemOut);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public WalletStore(File file) {
        this.storeLocation = file;
    }

    @Override // oracle.kv.impl.security.PasswordStore
    public boolean create(char[] cArr) throws IOException {
        assertNotInitialized();
        OracleWallet oracleWallet = new OracleWallet();
        try {
            if (cArr != null) {
                oracleWallet.create(cArr);
            } else {
                oracleWallet.createSSO();
            }
            oracleWallet.saveAs(this.storeLocation.getPath());
            this.autoLogin = cArr == null;
            if (!SecurityUtils.makeOwnerAccessOnly(findWalletFile(false))) {
                throw new PasswordStoreException("Unable to set access permissions for file. Correct manually before using the password store");
            }
            try {
                this.sstore = oracleWallet.getSecretStore();
                this.autoLogin = cArr == null;
                this.wallet = oracleWallet;
                return true;
            } catch (OracleSecretStoreException e) {
                throw new PasswordStoreException("Error retrieving secret store from wallet", e);
            }
        } catch (IOException e2) {
            if (exceptionContains(e2, "PKI-01002")) {
                throw new PasswordStoreException("The specified passphrase is not valid", e2);
            }
            if (exceptionContains(e2, "PKI-02009")) {
                throw new PasswordStoreException("Unable to create the wallet directory", e2);
            }
            if (exceptionContains(e2, "Permission denied")) {
                throw new PasswordStoreException("Unable to create the wallet file", e2);
            }
            if (exceptionContains(e2, "PKI-")) {
                throw new PasswordStoreException("Error creating the wallet", e2);
            }
            throw e2;
        }
    }

    @Override // oracle.kv.impl.security.PasswordStore
    public boolean open(char[] cArr) throws IOException {
        assertNotInitialized();
        OracleWallet oracleWallet = new OracleWallet();
        try {
            synchronized (openWalletLock) {
                oracleWallet.open(this.storeLocation.getPath(), cArr);
            }
            try {
                this.sstore = oracleWallet.getSecretStore();
                this.autoLogin = cArr == null;
                this.wallet = oracleWallet;
                return true;
            } catch (OracleSecretStoreException e) {
                throw new IOException("Error retrieving secret store from wallet", e);
            }
        } catch (IOException e2) {
            if (exceptionContains(e2, "PKI-02002")) {
                throw new PasswordStoreException("Error accessing the wallet.  Check your passphrase", e2);
            }
            if (exceptionContains(e2, "PKI-")) {
                throw new PasswordStoreException("Error accessing the wallet.", e2);
            }
            throw e2;
        }
    }

    @Override // oracle.kv.impl.security.PasswordStore
    public Collection<String> getSecretAliases() throws IOException {
        assertInitialized();
        HashSet hashSet = new HashSet();
        try {
            Enumeration internalAliases = this.sstore.internalAliases();
            while (internalAliases.hasMoreElements()) {
                String str = (String) internalAliases.nextElement();
                if (!str.startsWith(LOGIN_PREFIX)) {
                    hashSet.add(str);
                }
            }
            return hashSet;
        } catch (OracleSecretStoreException e) {
            throw new PasswordStoreException("Error retrieving secret store from wallet", e);
        }
    }

    @Override // oracle.kv.impl.security.PasswordStore
    public char[] getSecret(String str) throws IOException {
        assertInitialized();
        try {
            return this.sstore.getSecret(str);
        } catch (OracleSecretStoreException e) {
            throw new PasswordStoreException("error retrieving secret from wallet", e);
        }
    }

    @Override // oracle.kv.impl.security.PasswordStore
    public boolean setSecret(String str, char[] cArr) throws IOException {
        assertInitialized();
        try {
            boolean containsAlias = this.sstore.containsAlias(str);
            this.sstore.setSecret(str, cArr);
            this.modified = true;
            return containsAlias;
        } catch (OracleSecretStoreException e) {
            throw new PasswordStoreException("error modifying secret store", e);
        }
    }

    @Override // oracle.kv.impl.security.PasswordStore
    public boolean deleteSecret(String str) throws IOException {
        assertInitialized();
        try {
            if (!this.sstore.containsAlias(str)) {
                return false;
            }
            this.sstore.deleteSecret(str);
            this.modified = true;
            return true;
        } catch (OracleSecretStoreException e) {
            throw new PasswordStoreException("error modifying secret store", e);
        }
    }

    @Override // oracle.kv.impl.security.PasswordStore
    public Collection<PasswordStore.LoginId> getLogins() throws IOException {
        assertInitialized();
        HashSet hashSet = new HashSet();
        try {
            Enumeration internalAliases = this.sstore.internalAliases();
            while (internalAliases.hasMoreElements()) {
                String str = (String) internalAliases.nextElement();
                if (str.startsWith(LOGIN_CONNECT_PREFIX)) {
                    hashSet.add(new PasswordStore.LoginId(new String(this.sstore.getSecret(str)), new String(this.sstore.getSecret(LOGIN_USER_PREFIX + str.substring(LOGIN_CONNECT_PREFIX.length())))));
                }
            }
            return hashSet;
        } catch (OracleSecretStoreException e) {
            throw new PasswordStoreException("error retrieving secret store from wallet", e);
        }
    }

    @Override // oracle.kv.impl.security.PasswordStore
    public boolean setLogin(PasswordStore.LoginId loginId, char[] cArr) throws IOException {
        assertInitialized();
        try {
            PasswordStore.LoginId loginId2 = null;
            Iterator<PasswordStore.LoginId> it = getLogins().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                PasswordStore.LoginId next = it.next();
                if (databasesEqual(next.getDatabase(), loginId.getDatabase())) {
                    loginId2 = next;
                    break;
                }
            }
            OutputCapture outputCapture = new OutputCapture();
            try {
                if (loginId2 != null) {
                    this.sstore.modifyCredential(loginId.getDatabase().toCharArray(), loginId.getUser().toCharArray(), cArr);
                } else {
                    this.sstore.createCredential(loginId.getDatabase().toCharArray(), loginId.getUser().toCharArray(), cArr);
                }
                outputCapture.restore();
                this.modified = true;
                return loginId2 != null;
            } catch (Throwable th) {
                outputCapture.restore();
                throw th;
            }
        } catch (OracleSecretStoreException e) {
            throw new PasswordStoreException("error modifying secret store", e);
        }
    }

    @Override // oracle.kv.impl.security.PasswordStore
    public PasswordStore.LoginId getLoginId(String str) throws IOException {
        assertInitialized();
        for (PasswordStore.LoginId loginId : getLogins()) {
            if (databasesEqual(loginId.getDatabase(), str)) {
                return loginId;
            }
        }
        return null;
    }

    @Override // oracle.kv.impl.security.PasswordStore
    public char[] getLoginSecret(String str) throws IOException {
        assertInitialized();
        try {
            Enumeration internalAliases = this.sstore.internalAliases();
            while (internalAliases.hasMoreElements()) {
                String str2 = (String) internalAliases.nextElement();
                if (str2.startsWith(LOGIN_CONNECT_PREFIX) && databasesEqual(new String(this.sstore.getSecret(str2)), str)) {
                    return this.sstore.getSecret(LOGIN_PW_PREFIX + str2.substring(LOGIN_CONNECT_PREFIX.length()));
                }
            }
            return null;
        } catch (OracleSecretStoreException e) {
            throw new PasswordStoreException("Error accessing secret store", e);
        }
    }

    @Override // oracle.kv.impl.security.PasswordStore
    public boolean deleteLogin(String str) {
        assertInitialized();
        try {
            OutputCapture outputCapture = new OutputCapture();
            try {
                this.sstore.deleteCredential(str.toCharArray());
                outputCapture.restore();
                this.modified = true;
                return true;
            } catch (Throwable th) {
                outputCapture.restore();
                throw th;
            }
        } catch (OracleSecretStoreException e) {
            return false;
        }
    }

    @Override // oracle.kv.impl.security.PasswordStore
    public boolean setPassphrase(char[] cArr) throws IOException {
        assertInitialized();
        if (cArr == null && this.autoLogin) {
            return true;
        }
        File findWalletFile = findWalletFile(false);
        OracleWallet oracleWallet = new OracleWallet();
        if (this.autoLogin) {
            oracleWallet.create(cArr);
        } else if (cArr == null) {
            oracleWallet.createSSO();
        } else {
            oracleWallet.create(cArr);
            findWalletFile = null;
        }
        try {
            OracleSecretStore secretStore = oracleWallet.getSecretStore();
            try {
                Enumeration internalAliases = this.sstore.internalAliases();
                while (internalAliases.hasMoreElements()) {
                    String str = (String) internalAliases.nextElement();
                    secretStore.setSecret(str, this.sstore.getSecret(str));
                }
                try {
                    oracleWallet.setSecretStore(secretStore);
                    if (findWalletFile != null) {
                        findWalletFile.delete();
                    }
                    oracleWallet.saveAs(this.storeLocation.getPath());
                    this.modified = false;
                    this.sstore = secretStore;
                    this.wallet = oracleWallet;
                    this.autoLogin = cArr == null;
                    if (SecurityUtils.makeOwnerAccessOnly(findWalletFile(false))) {
                        return true;
                    }
                    throw new PasswordStoreException("Unable to set access permissions for file. Correct manually before using the password store");
                } catch (OracleSecretStoreException e) {
                    throw new PasswordStoreException("Error modifying secret store", e);
                }
            } catch (OracleSecretStoreException e2) {
                throw new IOException("error transferring secrets", e2);
            }
        } catch (OracleSecretStoreException e3) {
            throw new IOException("error retrieving secret store from wallet", e3);
        }
    }

    @Override // oracle.kv.impl.security.PasswordStore
    public void save() throws IOException {
        assertInitialized();
        if (this.wallet == null) {
            throw new IllegalStateException("wallet has not been initialized");
        }
        if (this.modified) {
            try {
                this.wallet.setSecretStore(this.sstore);
                this.wallet.saveAs(this.storeLocation.getPath());
                this.modified = false;
            } catch (OracleSecretStoreException e) {
                throw new PasswordStoreException("Error saving secret store", e);
            }
        }
    }

    @Override // oracle.kv.impl.security.PasswordStore
    public void discard() {
        this.wallet = null;
        this.sstore = null;
    }

    @Override // oracle.kv.impl.security.PasswordStore
    public boolean requiresPassphrase() throws IOException {
        return this.wallet != null ? !this.autoLogin : !findWalletFile(true).getName().endsWith(".sso");
    }

    @Override // oracle.kv.impl.security.PasswordStore
    public boolean isValidPassphrase(char[] cArr) {
        return OracleWallet.isValidPassword(cArr);
    }

    @Override // oracle.kv.impl.security.PasswordStore
    public boolean exists() throws IOException {
        return findWalletFile(true) != null;
    }

    private File findWalletFile(boolean z) throws IOException {
        if (!this.storeLocation.exists()) {
            return null;
        }
        if (!this.storeLocation.isDirectory()) {
            throw new IOException("Wallet location is not a directory");
        }
        File[] listFiles = this.storeLocation.listFiles();
        if (listFiles == null) {
            throw new IOException("Unable to access wallet. Check access permissions.");
        }
        for (File file : listFiles) {
            if (((z || this.autoLogin) && file.getName().endsWith(".sso")) || ((z || !this.autoLogin) && file.getName().endsWith(".p12"))) {
                return file;
            }
        }
        return null;
    }

    private static boolean exceptionContains(Exception exc, String str) {
        String message = exc.getMessage();
        if (message == null) {
            return false;
        }
        return message.contains(str);
    }

    private boolean databasesEqual(String str, String str2) {
        return str.equals(str2);
    }

    private void assertNotInitialized() {
        if (this.wallet != null) {
            throw new IllegalStateException("wallet already initialized");
        }
    }

    private void assertInitialized() {
        if (this.wallet == null) {
            throw new IllegalStateException("wallet not yet initialized");
        }
    }
}
