package org.wildfly.extension.elytron;

import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Enumeration;
import org.jboss.as.controller.DelegatingResourceDefinition;
import org.jboss.as.controller.OperationContext;
import org.jboss.as.controller.OperationFailedException;
import org.jboss.as.controller.ResourceDefinition;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.as.controller.SimpleOperationDefinitionBuilder;
import org.jboss.as.controller.descriptions.ResourceDescriptionResolver;
import org.jboss.as.controller.descriptions.StandardResourceDescriptionResolver;
import org.jboss.as.controller.registry.ManagementResourceRegistration;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;
import org.jboss.msc.service.ServiceController;
import org.jboss.msc.service.ServiceName;
import org.jboss.msc.service.ServiceRegistry;
import org.wildfly.common.Assert;
import org.wildfly.extension.elytron._private.ElytronSubsystemMessages;
import org.wildfly.security.keystore.PasswordEntry;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:m2repo/org/wildfly/core/wildfly-elytron-integration/10.0.3.Final/wildfly-elytron-integration-10.0.3.Final.jar:org/wildfly/extension/elytron/ModifiableKeyStoreDecorator.class */
public class ModifiableKeyStoreDecorator extends DelegatingResourceDefinition {

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:m2repo/org/wildfly/core/wildfly-elytron-integration/10.0.3.Final/wildfly-elytron-integration-10.0.3.Final.jar:org/wildfly/extension/elytron/ModifiableKeyStoreDecorator$ReadAliasHandler.class */
    public static class ReadAliasHandler extends ElytronRuntimeOnlyHandler {
        static final SimpleAttributeDefinition ALIAS = new SimpleAttributeDefinitionBuilder("alias", ModelType.STRING, false).setAllowExpression(false).build();

        ReadAliasHandler() {
        }

        static void register(ManagementResourceRegistration managementResourceRegistration, ResourceDescriptionResolver resourceDescriptionResolver) {
            managementResourceRegistration.registerOperationHandler(new SimpleOperationDefinitionBuilder(ElytronDescriptionConstants.READ_ALIAS, resourceDescriptionResolver).setParameters(ALIAS).setReadOnly().setRuntimeOnly().build(), new ReadAliasHandler());
        }

        @Override // org.jboss.as.controller.AbstractRuntimeOnlyHandler
        protected void executeRuntimeStep(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            String asString = ALIAS.resolveModelAttribute(operationContext, modelNode).asString();
            KeyStore keyStore = ModifiableKeyStoreDecorator.getKeyStore(operationContext);
            try {
                ModelNode result = operationContext.getResult();
                if (!keyStore.containsAlias(asString)) {
                    ElytronSubsystemMessages.ROOT_LOGGER.tracef("Alias [%s] does not exists in KeyStore", new Object[0]);
                    return;
                }
                result.get("alias").set(asString);
                result.get(ElytronDescriptionConstants.ENTRY_TYPE).set(getEntryType(keyStore, asString));
                Date creationDate = keyStore.getCreationDate(asString);
                if (creationDate != null) {
                    result.get("creation-date").set(new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSSZ").format(creationDate));
                }
                Certificate[] certificateChain = keyStore.getCertificateChain(asString);
                if (certificateChain == null) {
                    Certificate certificate = keyStore.getCertificate(asString);
                    if (certificate != null) {
                        CertificateChainAttributeDefinitions.writeCertificate(result.get("certificate"), certificate);
                    }
                } else {
                    CertificateChainAttributeDefinitions.writeCertificates(result.get(ElytronDescriptionConstants.CERTIFICATE_CHAIN), certificateChain);
                }
            } catch (KeyStoreException | NoSuchAlgorithmException | CertificateEncodingException e) {
                throw new OperationFailedException(e);
            }
        }

        private String getEntryType(KeyStore keyStore, String str) throws KeyStoreException {
            return keyStore.entryInstanceOf(str, KeyStore.PrivateKeyEntry.class) ? KeyStore.PrivateKeyEntry.class.getSimpleName() : keyStore.entryInstanceOf(str, KeyStore.SecretKeyEntry.class) ? KeyStore.SecretKeyEntry.class.getSimpleName() : keyStore.entryInstanceOf(str, KeyStore.TrustedCertificateEntry.class) ? KeyStore.TrustedCertificateEntry.class.getSimpleName() : keyStore.entryInstanceOf(str, PasswordEntry.class) ? PasswordEntry.class.getSimpleName() : "Other";
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:m2repo/org/wildfly/core/wildfly-elytron-integration/10.0.3.Final/wildfly-elytron-integration-10.0.3.Final.jar:org/wildfly/extension/elytron/ModifiableKeyStoreDecorator$ReadAliasesHandler.class */
    public static class ReadAliasesHandler extends ElytronRuntimeOnlyHandler {
        ReadAliasesHandler() {
        }

        static void register(ManagementResourceRegistration managementResourceRegistration, ResourceDescriptionResolver resourceDescriptionResolver) {
            managementResourceRegistration.registerOperationHandler(new SimpleOperationDefinitionBuilder(ElytronDescriptionConstants.READ_ALIASES, resourceDescriptionResolver).setReadOnly().setRuntimeOnly().build(), new ReadAliasesHandler());
        }

        @Override // org.jboss.as.controller.AbstractRuntimeOnlyHandler
        protected void executeRuntimeStep(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            KeyStore keyStore = ModifiableKeyStoreDecorator.getKeyStore(operationContext);
            try {
                ModelNode result = operationContext.getResult();
                Enumeration<String> aliases = keyStore.aliases();
                while (aliases.hasMoreElements()) {
                    result.add(aliases.nextElement());
                }
            } catch (KeyStoreException e) {
                throw new OperationFailedException(e);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:m2repo/org/wildfly/core/wildfly-elytron-integration/10.0.3.Final/wildfly-elytron-integration-10.0.3.Final.jar:org/wildfly/extension/elytron/ModifiableKeyStoreDecorator$RemoveAliasHandler.class */
    public static class RemoveAliasHandler extends ElytronRuntimeOnlyHandler {
        static final SimpleAttributeDefinition ALIAS = new SimpleAttributeDefinitionBuilder("alias", ModelType.STRING, false).setAllowExpression(false).build();

        RemoveAliasHandler() {
        }

        static void register(ManagementResourceRegistration managementResourceRegistration, ResourceDescriptionResolver resourceDescriptionResolver) {
            managementResourceRegistration.registerOperationHandler(new SimpleOperationDefinitionBuilder(ElytronDescriptionConstants.REMOVE_ALIAS, resourceDescriptionResolver).setParameters(ALIAS).setRuntimeOnly().build(), new RemoveAliasHandler());
        }

        @Override // org.jboss.as.controller.AbstractRuntimeOnlyHandler
        protected void executeRuntimeStep(OperationContext operationContext, ModelNode modelNode) throws OperationFailedException {
            try {
                ModifiableKeyStoreDecorator.getModifiableKeyStore(operationContext).deleteEntry(ALIAS.resolveModelAttribute(operationContext, modelNode).asString());
            } catch (KeyStoreException e) {
                throw new OperationFailedException(e);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ResourceDefinition wrap(ResourceDefinition resourceDefinition) {
        return new ModifiableKeyStoreDecorator(resourceDefinition);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ModifiableKeyStoreDecorator(ResourceDefinition resourceDefinition) {
        setDelegate(resourceDefinition);
    }

    @Override // org.jboss.as.controller.DelegatingResourceDefinition, org.jboss.as.controller.ResourceDefinition
    public void registerOperations(ManagementResourceRegistration managementResourceRegistration) {
        super.registerOperations(managementResourceRegistration);
        StandardResourceDescriptionResolver resourceDescriptionResolver = ElytronExtension.getResourceDescriptionResolver(ElytronDescriptionConstants.MODIFIABLE_KEY_STORE);
        ReadAliasesHandler.register(managementResourceRegistration, resourceDescriptionResolver);
        ReadAliasHandler.register(managementResourceRegistration, resourceDescriptionResolver);
        if (ElytronExtension.isServerOrHostController(managementResourceRegistration)) {
            RemoveAliasHandler.register(managementResourceRegistration, resourceDescriptionResolver);
        }
    }

    static KeyStore getKeyStore(OperationContext operationContext) throws OperationFailedException {
        return (KeyStore) Assert.assertNotNull(ElytronExtension.getRequiredService(operationContext.getServiceRegistry(true), Capabilities.KEY_STORE_RUNTIME_CAPABILITY.fromBaseCapability(operationContext.getCurrentAddress().getLastElement().getValue()).getCapabilityServiceName(), KeyStore.class).getValue());
    }

    static KeyStore getModifiableKeyStore(OperationContext operationContext) throws OperationFailedException {
        return getModifiableKeyStoreService(operationContext).getModifiableValue();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ModifiableKeyStoreService getModifiableKeyStoreService(OperationContext operationContext) throws OperationFailedException {
        ServiceRegistry serviceRegistry = operationContext.getServiceRegistry(true);
        ServiceName capabilityServiceName = Capabilities.KEY_STORE_RUNTIME_CAPABILITY.fromBaseCapability(operationContext.getCurrentAddress().getLastElement().getValue()).getCapabilityServiceName();
        ServiceController requiredService = ElytronExtension.getRequiredService(serviceRegistry, capabilityServiceName, KeyStore.class);
        ServiceController.State state = requiredService.getState();
        if (state != ServiceController.State.UP) {
            throw ElytronSubsystemMessages.ROOT_LOGGER.requiredServiceNotUp(capabilityServiceName, state);
        }
        return (ModifiableKeyStoreService) requiredService.getService();
    }
}
