package com.sun.enterprise.admin.util;

import com.sun.enterprise.config.serverbeans.Domain;
import com.sun.enterprise.config.serverbeans.SecureAdmin;
import com.sun.enterprise.security.store.AsadminSecurityUtil;
import com.sun.enterprise.util.io.ServerDirs;
import java.io.File;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import org.glassfish.internal.api.Globals;
import org.jvnet.hk2.config.ConfigParser;

/* loaded from: input_file:MICRO-INF/runtime/admin-util.jar:com/sun/enterprise/admin/util/SecureAdminClientManager.class */
public class SecureAdminClientManager {
    private static final Logger logger = AdminLoggerInfo.getLogger();
    private static SecureAdminClientManager instance = null;
    private boolean isEnabled;
    private KeyManager[] keyManagers;
    private String configuredAdminIndicator;
    private Domain domain;
    private SecureAdmin secureAdmin;
    private String instanceAlias;

    public static KeyManager[] getKeyManagers() {
        if (instance == null) {
            return null;
        }
        return instance.keyManagers();
    }

    public static synchronized void initClientAuthentication(char[] cArr, boolean z, String str, String str2, String str3, File file) {
        if (instance == null) {
            instance = new SecureAdminClientManager(cArr, z, str, str2, str3, file);
        }
    }

    private SecureAdminClientManager(char[] cArr, boolean z, String str, String str2, String str3, File file) {
        this.keyManagers = null;
        this.configuredAdminIndicator = null;
        this.secureAdmin = null;
        this.instanceAlias = null;
        this.domain = prepareDomain(str, str2, str3, file);
        if (this.domain == null) {
            return;
        }
        this.secureAdmin = this.domain.getSecureAdmin();
        this.isEnabled = SecureAdmin.Util.isEnabled(this.secureAdmin);
        this.configuredAdminIndicator = SecureAdmin.Util.configuredAdminIndicator(this.secureAdmin);
        if (this.isEnabled) {
            this.instanceAlias = SecureAdmin.Util.instanceAlias(this.secureAdmin);
            logger.fine("SecureAdminClientManager: secure admin is enabled");
        } else {
            logger.fine("SecureAdminClientManager: secure admin is disabled");
        }
        this.configuredAdminIndicator = SecureAdmin.Util.configuredAdminIndicator(this.secureAdmin);
        if (this.isEnabled) {
            try {
                this.keyManagers = prepareKeyManagers(cArr, z);
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
    }

    public boolean isEnabled() {
        return this.isEnabled;
    }

    public KeyManager[] keyManagers() {
        return this.keyManagers;
    }

    public String configuredAdminIndicatorValue() {
        return this.configuredAdminIndicator;
    }

    private Domain prepareDomain(String str, String str2, String str3, File file) {
        String absolutePath;
        if (str == null && str2 == null && str3 == null) {
            return null;
        }
        if (str2 != null) {
            absolutePath = str2;
        } else {
            try {
                absolutePath = file.getAbsolutePath();
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
        ServerDirs dirs = ServerDirsSelector.getInstance(null, str, absolutePath, str3).dirs();
        if (dirs == null) {
            return null;
        }
        File domainXml = dirs.getDomainXml();
        if (!domainXml.exists()) {
            return null;
        }
        try {
            return (Domain) new ConfigParser(Globals.getStaticHabitat()).parse(domainXml.toURI().toURL()).getRoot().createProxy(Domain.class);
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }

    private KeyManager[] prepareKeyManagers(char[] cArr, boolean z) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, UnrecoverableKeyException {
        KeyStore instanceCertOnlyKS = instanceCertOnlyKS(getCertForConfiguredAlias(cArr, z));
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
        keyManagerFactory.init(instanceCertOnlyKS, new char[0]);
        return keyManagerFactory.getKeyManagers();
    }

    private KeyStore instanceCertOnlyKS(Certificate certificate) throws KeyStoreException {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.setCertificateEntry(this.instanceAlias, certificate);
        return keyStore;
    }

    private Certificate getCertForConfiguredAlias(char[] cArr, boolean z) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        Certificate certificate = AsadminSecurityUtil.getInstance(cArr, z).getAsadminKeystore().getCertificate(this.instanceAlias);
        if (certificate != null) {
            logger.log(Level.FINER, "Found matching cert in keystore for instance alias {0}", this.instanceAlias);
        } else {
            logger.log(Level.FINER, "Could not find matching cert in keystore for instance alias {0}", this.instanceAlias);
        }
        return certificate;
    }
}
