package com.sun.enterprise.security.store;

import com.sun.appserv.management.util.misc.StringUtil;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Enumeration;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:com/sun/enterprise/security/store/PasswordAdapter.class */
public final class PasswordAdapter {
    public static final String PASSWORD_ALIAS_KEYSTORE = "domain-passwords";
    private KeyStore _pwdStore;
    private final File _keyFile;
    private char[] _masterPassword;

    private char[] getMasterPassword() {
        return this._masterPassword;
    }

    private void setMasterPassword(char[] cArr) {
        this._masterPassword = cArr;
    }

    private static String getDefaultKeyFileName() {
        return System.getProperty("com.sun.aas.instanceRoot") + File.separator + "config" + File.separator + "domain-passwords";
    }

    public PasswordAdapter(char[] cArr) throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException {
        this(getDefaultKeyFileName(), cArr);
    }

    public PasswordAdapter(String str, char[] cArr) throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException {
        File file = new File(str);
        this._pwdStore = loadKeyStore(file, cArr);
        this._keyFile = file;
        this._masterPassword = cArr;
    }

    private static KeyStore loadKeyStore(File file, char[] cArr) throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException {
        KeyStore keyStore = KeyStore.getInstance("JCEKS");
        if (file.exists()) {
            FileInputStream fileInputStream = new FileInputStream(file);
            try {
                keyStore.load(fileInputStream, cArr);
                fileInputStream.close();
            } catch (Throwable th) {
                fileInputStream.close();
                throw th;
            }
        } else {
            keyStore.load(null, cArr);
        }
        return keyStore;
    }

    public synchronized String getPasswordForAlias(String str) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        String str2 = null;
        Key key = this._pwdStore.getKey(str, getMasterPassword());
        if (key != null) {
            str2 = new String(key.getEncoded());
        }
        return str2;
    }

    public synchronized SecretKey getPasswordSecretKeyForAlias(String str) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        return (SecretKey) this._pwdStore.getKey(str, getMasterPassword());
    }

    public synchronized boolean aliasExists(String str) throws KeyStoreException {
        return this._pwdStore.containsAlias(str);
    }

    public synchronized void removeAlias(String str) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
        this._pwdStore.deleteEntry(str);
        writeStore();
    }

    public synchronized Enumeration<String> getAliases() throws KeyStoreException {
        return this._pwdStore.aliases();
    }

    public void writeStore() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
        writeKeyStoreSafe(getMasterPassword());
    }

    public synchronized void setPasswordForAlias(String str, byte[] bArr) throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        this._pwdStore.setKeyEntry(str, new SecretKeySpec(bArr, "AES"), getMasterPassword(), null);
        writeStore();
    }

    private KeyStore duplicateKeyStore(char[] cArr) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
        char[] masterPassword = getMasterPassword();
        KeyStore keyStore = this._pwdStore;
        KeyStore keyStore2 = KeyStore.getInstance("JCEKS", this._pwdStore.getProvider());
        keyStore2.load(null, cArr);
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (!keyStore.isKeyEntry(nextElement)) {
                throw new IllegalArgumentException("Expecting keys only");
            }
            keyStore2.setKeyEntry(nextElement, keyStore.getKey(nextElement, masterPassword), cArr, null);
        }
        return keyStore2;
    }

    private static void writeKeyStoreToFile(KeyStore keyStore, File file, char[] cArr) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
        FileOutputStream fileOutputStream = new FileOutputStream(file);
        try {
            keyStore.store(fileOutputStream, cArr);
            fileOutputStream.close();
        } catch (Throwable th) {
            fileOutputStream.close();
            throw th;
        }
    }

    private synchronized void writeKeyStoreSafe(char[] cArr) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
        if (this._keyFile.exists()) {
            KeyStore keyStore = this._pwdStore;
            KeyStore duplicateKeyStore = duplicateKeyStore(cArr);
            File file = new File(this._keyFile.toString() + ".save");
            if (!this._keyFile.renameTo(file)) {
                throw new IOException("Can't rename " + this._keyFile + " to " + file);
            }
            try {
                writeKeyStoreToFile(duplicateKeyStore, this._keyFile, cArr);
                this._pwdStore = duplicateKeyStore;
                this._masterPassword = cArr;
                try {
                    file.delete();
                } catch (Throwable th) {
                    throw new RuntimeException("Can't remove old KeyStore \"" + this._keyFile + StringUtil.QUOTE, th);
                }
            } catch (Throwable th2) {
                try {
                    file.renameTo(this._keyFile);
                    throw new RuntimeException("Can't write new KeyStore", th2);
                } catch (Throwable th3) {
                    throw new RuntimeException("Could not write new KeyStore, and cannot restore KeyStore to original state", th3);
                }
            }
        } else {
            writeKeyStoreToFile(this._pwdStore, this._keyFile, cArr);
        }
        loadKeyStore(this._keyFile, getMasterPassword());
    }

    public synchronized void changePassword(char[] cArr) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
        getMasterPassword();
        writeKeyStoreSafe(cArr);
    }
}
