package com.sun.enterprise.security.store;

import com.hazelcast.config.replacer.AbstractPbeReplacer;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Enumeration;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.eclipse.persistence.internal.helper.Helper;

/* loaded from: input_file:com/sun/enterprise/security/store/PasswordAdapter.class */
public final class PasswordAdapter {
    public static final String PASSWORD_ALIAS_KEYSTORE = "domain-passwords";
    private KeyStore pwdStore;
    private final File keyFile;
    private char[] masterPassword;

    private char[] getMasterPassword() {
        return this.masterPassword;
    }

    private static String getDefaultKeyFileName() {
        return System.getProperty("com.sun.aas.instanceRoot") + File.separator + "config" + File.separator + "domain-passwords";
    }

    public PasswordAdapter(char[] cArr) throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException {
        this(getDefaultKeyFileName(), cArr);
    }

    public PasswordAdapter(String str, char[] cArr) throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException {
        File file = new File(str);
        this.pwdStore = loadKeyStore(file, cArr);
        this.keyFile = file;
        this.masterPassword = cArr;
    }

    private static KeyStore loadKeyStore(File file, char[] cArr) throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException {
        KeyStore keyStore = KeyStore.getInstance("JCEKS");
        if (file.exists()) {
            FileInputStream fileInputStream = new FileInputStream(file);
            Throwable th = null;
            try {
                try {
                    keyStore.load(fileInputStream, cArr);
                    if (fileInputStream != null) {
                        if (0 != 0) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                } finally {
                }
            } catch (Throwable th3) {
                if (fileInputStream != null) {
                    if (th != null) {
                        try {
                            fileInputStream.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        fileInputStream.close();
                    }
                }
                throw th3;
            }
        } else {
            keyStore.load(null, cArr);
        }
        return keyStore;
    }

    public synchronized String getPasswordForAlias(String str) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        String str2 = null;
        Key key = this.pwdStore.getKey(str, getMasterPassword());
        if (key != null) {
            str2 = new String(key.getEncoded());
        }
        return str2;
    }

    public synchronized SecretKey getPasswordSecretKeyForAlias(String str) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        return (SecretKey) this.pwdStore.getKey(str, getMasterPassword());
    }

    public synchronized boolean aliasExists(String str) throws KeyStoreException {
        return this.pwdStore.containsAlias(str);
    }

    public synchronized void removeAlias(String str) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
        this.pwdStore.deleteEntry(str);
        writeStore();
    }

    public synchronized Enumeration<String> getAliases() throws KeyStoreException {
        return this.pwdStore.aliases();
    }

    public void writeStore() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
        writeKeyStoreSafe(getMasterPassword());
    }

    public synchronized void setPasswordForAlias(String str, byte[] bArr) throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        this.pwdStore.setKeyEntry(str, new SecretKeySpec(bArr, AbstractPbeReplacer.DEFAULT_CIPHER_ALGORITHM), getMasterPassword(), null);
        writeStore();
    }

    private KeyStore duplicateKeyStore(char[] cArr) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
        char[] masterPassword = getMasterPassword();
        KeyStore keyStore = this.pwdStore;
        KeyStore keyStore2 = KeyStore.getInstance("JCEKS", this.pwdStore.getProvider());
        keyStore2.load(null, cArr);
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (!keyStore.isKeyEntry(nextElement)) {
                throw new IllegalArgumentException("Expecting keys only");
            }
            keyStore2.setKeyEntry(nextElement, keyStore.getKey(nextElement, masterPassword), cArr, null);
        }
        return keyStore2;
    }

    private static void writeKeyStoreToFile(KeyStore keyStore, File file, char[] cArr) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
        FileOutputStream fileOutputStream = new FileOutputStream(file);
        Throwable th = null;
        try {
            try {
                keyStore.store(fileOutputStream, cArr);
                if (fileOutputStream != null) {
                    if (0 == 0) {
                        fileOutputStream.close();
                        return;
                    }
                    try {
                        fileOutputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (Throwable th4) {
            if (fileOutputStream != null) {
                if (th != null) {
                    try {
                        fileOutputStream.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    fileOutputStream.close();
                }
            }
            throw th4;
        }
    }

    private synchronized void writeKeyStoreSafe(char[] cArr) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
        String str;
        if (this.keyFile.exists()) {
            KeyStore duplicateKeyStore = duplicateKeyStore(cArr);
            File file = new File(this.keyFile.toString() + ".save");
            if (!this.keyFile.renameTo(file)) {
                throw new IOException("Can't rename " + this.keyFile + " to " + file);
            }
            try {
                writeKeyStoreToFile(duplicateKeyStore, this.keyFile, cArr);
                this.pwdStore = duplicateKeyStore;
                this.masterPassword = cArr;
                try {
                    if (!file.delete()) {
                        throw new RuntimeException("Can't remove old KeyStore \"" + this.keyFile + Helper.DEFAULT_DATABASE_DELIMITER);
                    }
                } catch (Throwable th) {
                    throw new RuntimeException("Can't remove old KeyStore \"" + this.keyFile + Helper.DEFAULT_DATABASE_DELIMITER, th);
                }
            } catch (Throwable th2) {
                try {
                    if (file.renameTo(this.keyFile)) {
                        throw new RuntimeException("Can't write new KeyStore", th2);
                    }
                    throw new RuntimeException(str, th2);
                } finally {
                    RuntimeException runtimeException = new RuntimeException("Could not write new KeyStore, and cannot restore KeyStore to original state", th2);
                }
            }
        } else {
            writeKeyStoreToFile(this.pwdStore, this.keyFile, cArr);
        }
        loadKeyStore(this.keyFile, getMasterPassword());
    }

    public synchronized void changePassword(char[] cArr) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
        writeKeyStoreSafe(cArr);
    }
}
