package org.openslx.bwlp.sat.util;

import java.io.BufferedReader;
import java.io.File;
import java.io.IOException;
import java.io.InputStreamReader;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.sql.SQLException;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.logging.log4j.core.net.ssl.SslConfigurationDefaults;
import org.openslx.bwlp.sat.database.mappers.DbConfiguration;
import org.openslx.util.QuickTimer;

/* loaded from: input_file:org/openslx/bwlp/sat/util/Identity.class */
public class Identity {
    private static final String ALIAS = "dozmod";
    private static final String PASSWORD = "donotchangeme";
    private static final Logger LOGGER = LogManager.getLogger((Class<?>) Identity.class);
    private static KeyStore currentKeyStore = null;

    public static KeyStore loadCertificate() {
        if (currentKeyStore != null) {
            return currentKeyStore;
        }
        KeyStore keyStore = null;
        try {
            keyStore = DbConfiguration.loadKeyStore(PASSWORD);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException | SQLException e) {
            LOGGER.error("Could not load existing keystore from database", e);
            LOGGER.info("Will generate a new temporary key. Please fix the existing key or delete it to permanently generate a new one");
        }
        if (keyStore == null) {
            if (!generateCertificate()) {
                LOGGER.error("Could not create certificate, encrypted connections not supported");
                return null;
            }
            try {
                keyStore = DbConfiguration.loadKeyStore(PASSWORD);
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException | SQLException e2) {
                LOGGER.error("Error loading key", e2);
            }
            if (keyStore == null) {
                LOGGER.error("Could not load freshly generated certificate back from db. Something's fishy.");
                return null;
            }
        }
        currentKeyStore = keyStore;
        return keyStore;
    }

    public static SSLContext getSSLContext() {
        if (loadCertificate() == null) {
            return null;
        }
        try {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(currentKeyStore, PASSWORD.toCharArray());
            try {
                SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
                try {
                    sSLContext.init(keyManagerFactory.getKeyManagers(), null, null);
                } catch (KeyManagementException e) {
                    LOGGER.warn("Could not find a suitable cert/key in the keystore. SSL unavailable", (Throwable) e);
                }
                return sSLContext;
            } catch (NoSuchAlgorithmException e2) {
                LOGGER.warn("Could not create a TLS1.2 context, SSL unavailable", (Throwable) e2);
                return null;
            }
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e3) {
            LOGGER.warn("Could not create a key manager factory, SSL unavailable", e3);
            return null;
        }
    }

    private static boolean generateCertificate() {
        try {
            File createTempFile = File.createTempFile("certfile", ".jks");
            createTempFile.delete();
            try {
                LOGGER.info("Generating certificate for this server...");
                try {
                    final Process exec = Runtime.getRuntime().exec(new String[]{"keytool", "-genkeypair", "-alias", ALIAS, "-keyalg", "rsa", "-validity", "3000", "-keypass", PASSWORD, "-storepass", PASSWORD, "-keystore", createTempFile.getAbsolutePath(), "-storetype", SslConfigurationDefaults.KEYSTORE_TYPE, "-dname", "CN=dozmodserver"});
                    QuickTimer.scheduleOnce(new QuickTimer.Task() { // from class: org.openslx.bwlp.sat.util.Identity.1
                        @Override // org.openslx.util.QuickTimer.Task
                        public void fire() {
                            try {
                                exec.exitValue();
                                exec.destroy();
                            } catch (IllegalThreadStateException e) {
                            }
                        }
                    }, 10000L);
                    try {
                        int waitFor = exec.waitFor();
                        if (waitFor == 0) {
                            LOGGER.info("Certificate successfully created!");
                            try {
                                DbConfiguration.saveKeyStore(createTempFile);
                                createTempFile.delete();
                                return true;
                            } catch (IOException | SQLException e) {
                                LOGGER.error("Could not import generated keystore to database", e);
                                createTempFile.delete();
                                return false;
                            }
                        }
                        LOGGER.warn("keytool returned exit code " + waitFor);
                        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(exec.getInputStream()));
                        while (true) {
                            try {
                                String readLine = bufferedReader.readLine();
                                if (null == readLine) {
                                    break;
                                }
                                LOGGER.info(readLine);
                            } catch (IOException e2) {
                                e2.printStackTrace();
                            }
                        }
                        createTempFile.delete();
                        return false;
                    } catch (InterruptedException e3) {
                        LOGGER.warn("Got interrupted while creating the certificate");
                        exec.destroy();
                        createTempFile.delete();
                        return false;
                    }
                } catch (IOException e4) {
                    LOGGER.error("Launching keytool failed", (Throwable) e4);
                    createTempFile.delete();
                    return false;
                }
            } catch (Throwable th) {
                createTempFile.delete();
                throw th;
            }
            createTempFile.delete();
            throw th;
        } catch (IOException e5) {
            LOGGER.error("Could not generate temp file for self-signed cert container", (Throwable) e5);
            return false;
        }
    }
}
