package psiprobe.controllers.certificates;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.InvocationTargetException;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.management.ObjectName;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.catalina.connector.Connector;
import org.apache.commons.beanutils.BeanUtils;
import org.apache.commons.lang3.reflect.MethodUtils;
import org.apache.coyote.ProtocolHandler;
import org.apache.coyote.http11.AbstractHttp11JsseProtocol;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.ModelAndView;
import psiprobe.beans.ResourceResolverBean;
import psiprobe.controllers.AbstractTomcatContainerController;
import psiprobe.model.certificates.Cert;
import psiprobe.model.certificates.CertificateInfo;
import psiprobe.model.certificates.ConnectorInfo;
import psiprobe.model.certificates.OldConnectorInfo;
import psiprobe.model.certificates.SslHostConfigInfo;

@Controller
/* loaded from: input_file:psiprobe/controllers/certificates/ListCertificatesController.class */
public class ListCertificatesController extends AbstractTomcatContainerController {
    private static final Logger logger = LoggerFactory.getLogger(ListCertificatesController.class);

    @RequestMapping(path = {"/certificates.htm"})
    public ModelAndView handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        return super.handleRequest(httpServletRequest, httpServletResponse);
    }

    protected ModelAndView handleRequestInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        ModelAndView modelAndView = new ModelAndView(getViewName());
        try {
            List<ConnectorInfo> connectorInfos = getConnectorInfos(getContainerWrapper().getTomcatContainer().findConnectors());
            Iterator<ConnectorInfo> it = connectorInfos.iterator();
            while (it.hasNext()) {
                for (SslHostConfigInfo sslHostConfigInfo : it.next().getSslHostConfigInfos()) {
                    if (sslHostConfigInfo.getTruststoreFile() != null) {
                        sslHostConfigInfo.setTrustStoreCerts(getCertificates(sslHostConfigInfo.getTruststoreType(), sslHostConfigInfo.getTruststoreFile(), sslHostConfigInfo.getTruststorePassword()));
                    }
                    for (CertificateInfo certificateInfo : sslHostConfigInfo.getCertificateInfos()) {
                        if (certificateInfo.getCertificateKeystoreFile() != null) {
                            certificateInfo.setKeyStoreCerts(getCertificates(certificateInfo.getCertificateKeystoreType(), certificateInfo.getCertificateKeystoreFile(), certificateInfo.getCertificateKeystorePassword()));
                        }
                    }
                }
            }
            modelAndView.addObject("connectors", connectorInfos);
        } catch (Exception e) {
            logger.error("There was an exception listing certificates", e);
        }
        return modelAndView;
    }

    public List<Cert> getCertificates(String str, String str2, String str3) throws Exception {
        KeyStore keyStore = str != null ? KeyStore.getInstance(str) : KeyStore.getInstance(KeyStore.getDefaultType());
        char[] charArray = str3 != null ? str3.toCharArray() : null;
        try {
            InputStream storeInputStream = getStoreInputStream(str2);
            Throwable th = null;
            try {
                try {
                    keyStore.load(storeInputStream, charArray);
                    if (storeInputStream != null) {
                        if (0 != 0) {
                            try {
                                storeInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            storeInputStream.close();
                        }
                    }
                    ArrayList arrayList = new ArrayList();
                    Iterator it = Collections.list(keyStore.aliases()).iterator();
                    while (it.hasNext()) {
                        String str4 = (String) it.next();
                        Certificate[] certificateChain = keyStore.getCertificateChain(str4);
                        if (certificateChain != null) {
                            for (Certificate certificate : certificateChain) {
                                addToStore(arrayList, str4, (X509Certificate) certificate);
                            }
                        } else {
                            addToStore(arrayList, str4, (X509Certificate) keyStore.getCertificate(str4));
                        }
                    }
                    return arrayList;
                } finally {
                }
            } finally {
            }
        } catch (IOException e) {
            logger.error("Error loading store file {}", str2, e);
            return null;
        }
    }

    private List<ConnectorInfo> getConnectorInfos(List<Connector> list) throws IllegalAccessException, InvocationTargetException {
        ArrayList arrayList = new ArrayList();
        for (Connector connector : list) {
            if (connector.getSecure()) {
                ProtocolHandler protocolHandler = connector.getProtocolHandler();
                if (protocolHandler instanceof AbstractHttp11JsseProtocol) {
                    AbstractHttp11JsseProtocol<?> abstractHttp11JsseProtocol = (AbstractHttp11JsseProtocol) protocolHandler;
                    if (abstractHttp11JsseProtocol.getSecure()) {
                        arrayList.add(toConnectorInfo(abstractHttp11JsseProtocol));
                    }
                }
            }
        }
        return arrayList;
    }

    private InputStream getStoreInputStream(String str) throws IOException {
        File file = new File(str);
        if (file.exists()) {
            return Files.newInputStream(file.toPath(), new OpenOption[0]);
        }
        File file2 = new File(System.getProperty("catalina.base"));
        File file3 = new File(file2, str);
        return file3.exists() ? Files.newInputStream(file3.toPath(), new OpenOption[0]) : file2.toURI().resolve(str).toURL().openConnection().getInputStream();
    }

    private ConnectorInfo toConnectorInfo(AbstractHttp11JsseProtocol<?> abstractHttp11JsseProtocol) throws IllegalAccessException, InvocationTargetException {
        Object invokeMethod;
        ConnectorInfo connectorInfo = new ConnectorInfo();
        connectorInfo.setName(ObjectName.unquote(abstractHttp11JsseProtocol.getName()));
        try {
            invokeMethod = MethodUtils.invokeMethod(abstractHttp11JsseProtocol, "getDefaultSSLHostConfigName");
        } catch (NoSuchMethodException e) {
            logger.trace(ResourceResolverBean.DEFAULT_GLOBAL_RESOURCE_PREFIX, e);
            OldConnectorInfo oldConnectorInfo = new OldConnectorInfo();
            BeanUtils.copyProperties(oldConnectorInfo, abstractHttp11JsseProtocol);
            connectorInfo.setDefaultSslHostConfigName("_default_");
            connectorInfo.setSslHostConfigInfos(oldConnectorInfo.getSslHostConfigInfos());
        }
        if (invokeMethod == null) {
            logger.error("Cannot determine defaultSslHostConfigName");
            return connectorInfo;
        }
        connectorInfo.setDefaultSslHostConfigName(String.valueOf(invokeMethod));
        new SslHostConfigHelper(abstractHttp11JsseProtocol, connectorInfo);
        return connectorInfo;
    }

    private void addToStore(List<Cert> list, String str, X509Certificate x509Certificate) {
        Cert cert = new Cert();
        cert.setAlias(str);
        cert.setSubjectDistinguishedName(x509Certificate.getSubjectDN().toString());
        cert.setNotBefore(x509Certificate.getNotBefore());
        cert.setNotAfter(x509Certificate.getNotAfter());
        cert.setIssuerDistinguishedName(x509Certificate.getIssuerDN().toString());
        list.add(cert);
    }

    @Override // psiprobe.controllers.AbstractTomcatContainerController
    @Value("certificates")
    public void setViewName(String str) {
        super.setViewName(str);
    }
}
