package com.synopsys.integration.blackduck.installer.configure;

import com.synopsys.integration.blackduck.installer.dockerswarm.deploy.AlertDockerManager;
import com.synopsys.integration.blackduck.installer.exception.BlackDuckInstallerException;
import com.synopsys.integration.blackduck.installer.exception.IntegrationKeyStoreException;
import com.synopsys.integration.blackduck.installer.keystore.CertificateRequest;
import com.synopsys.integration.blackduck.installer.keystore.KeyStoreManager;
import com.synopsys.integration.blackduck.installer.keystore.KeyStoreRequest;
import com.synopsys.integration.blackduck.installer.keystore.OpenSslRunner;
import com.synopsys.integration.log.IntLogger;
import java.io.File;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.KeyStore;
import java.security.KeyStoreException;
import org.apache.commons.io.FileUtils;

/* loaded from: input_file:BOOT-INF/classes/com/synopsys/integration/blackduck/installer/configure/UpdateKeyStoreService.class */
public class UpdateKeyStoreService {
    private final IntLogger intLogger;
    private final KeyStoreManager keyStoreManager;
    private final KeyStoreRequest keyStoreRequest;
    private final boolean keyStoreUpdate;
    private final boolean keyStoreUpdateForce;
    private final String host;
    private final int port;
    private final String aliasNamespace;
    private final String serverLabel;
    private final OpenSslRunner openSslRunner;

    public static UpdateKeyStoreService createForBlackDuck(IntLogger intLogger, KeyStoreManager keyStoreManager, KeyStoreRequest keyStoreRequest, boolean z, boolean z2, String str, int i, OpenSslRunner openSslRunner) {
        return new UpdateKeyStoreService(intLogger, keyStoreManager, keyStoreRequest, z, z2, str, i, "blackduck", "Black Duck", openSslRunner);
    }

    public static UpdateKeyStoreService createForAlert(IntLogger intLogger, KeyStoreManager keyStoreManager, KeyStoreRequest keyStoreRequest, boolean z, boolean z2, String str, int i, OpenSslRunner openSslRunner) {
        return new UpdateKeyStoreService(intLogger, keyStoreManager, keyStoreRequest, z, z2, str, i, AlertDockerManager.ALERT_SERVICE_NAME, "Alert", openSslRunner);
    }

    public UpdateKeyStoreService(IntLogger intLogger, KeyStoreManager keyStoreManager, KeyStoreRequest keyStoreRequest, boolean z, boolean z2, String str, int i, String str2, String str3, OpenSslRunner openSslRunner) {
        this.intLogger = intLogger;
        this.keyStoreManager = keyStoreManager;
        this.keyStoreRequest = keyStoreRequest;
        this.keyStoreUpdate = z;
        this.keyStoreUpdateForce = z2;
        this.host = str;
        this.port = i;
        this.aliasNamespace = str2;
        this.serverLabel = str3;
        this.openSslRunner = openSslRunner;
    }

    public boolean canAttemptKeyStoreUpdate() {
        return this.keyStoreUpdate;
    }

    public boolean updateKeyStoreWithCertificate(File file) throws BlackDuckInstallerException, IntegrationKeyStoreException {
        if (!this.keyStoreUpdate) {
            this.intLogger.warn("The keystore can not be automatically updated unless update.keystore=true.");
            return false;
        }
        String str = this.host + "_" + this.aliasNamespace;
        KeyStore createKeyStore = this.keyStoreManager.createKeyStore(this.keyStoreRequest);
        try {
            if (createKeyStore.containsAlias(str)) {
                if (!this.keyStoreUpdateForce) {
                    this.intLogger.error(String.format("The keystore already has an entry for the alias %s - if this is an outdated entry, you can set update.keystore.force=true.", str));
                    return false;
                }
                this.intLogger.info(String.format("The keystore already has an entry for the alias %s, but since update.keystore.force=true, it will be replaced.", str));
                createKeyStore.deleteEntry(str);
            }
            String createCertificateContents = this.openSslRunner.createCertificateContents(this.host, this.port);
            File file2 = new File(file, String.format("%s_%s_cert.pem", this.host, this.aliasNamespace));
            try {
                FileUtils.write(file2, createCertificateContents, StandardCharsets.UTF_8);
                this.keyStoreManager.addCertificateToKeyStore(createKeyStore, this.keyStoreRequest, new CertificateRequest(file2, str, "X.509"));
                return true;
            } catch (IOException e) {
                throw new IntegrationKeyStoreException("Could not write the certificate file: " + e.getMessage(), e);
            }
        } catch (KeyStoreException e2) {
            throw new IntegrationKeyStoreException(String.format("Could not check the keystore for alias %s: %s", str, e2.getMessage()), e2);
        }
    }

    public void handleSSLHandshakeException(File file) throws BlackDuckInstallerException {
        this.intLogger.info(String.format("The %s server is responding, but its certificate is not in the java keystore.", this.serverLabel));
        if (!canAttemptKeyStoreUpdate()) {
            this.intLogger.error("Since keystore.update=false, no automatic update of the keystore will be attempted.");
            throw new BlackDuckInstallerException(String.format("The keystore is not setup properly (either add the certificate manually, or set keystore.update=true) - %s can not be configured.", this.serverLabel));
        }
        this.intLogger.info("Since keystore.update=true, an automatic update of the keystore will be attempted.");
        try {
            updateKeyStoreWithCertificate(file);
            this.intLogger.info("Couldn't check the version because of a missing certificate - the next check should work.");
        } catch (BlackDuckInstallerException | IntegrationKeyStoreException e) {
            throw new BlackDuckInstallerException(String.format("The keystore could not be updated successfully - %s can not be configured.", this.serverLabel), e);
        }
    }
}
