package org.wildfly.security.credential.source;

import java.io.BufferedReader;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.lang.ProcessBuilder;
import java.lang.reflect.UndeclaredThrowableException;
import java.nio.charset.Charset;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.GeneralSecurityException;
import java.security.PrivilegedActionException;
import java.security.Provider;
import java.security.spec.AlgorithmParameterSpec;
import java.util.function.BiConsumer;
import java.util.function.Consumer;
import java.util.function.Function;
import java.util.function.Supplier;
import org.apache.activemq.artemis.utils.DefaultSensitiveStringCodec;
import org.wildfly.common.Assert;
import org.wildfly.security.SecurityFactory;
import org.wildfly.security._private.ElytronMessages;
import org.wildfly.security.auth.SupportLevel;
import org.wildfly.security.credential.Credential;
import org.wildfly.security.credential.PasswordCredential;
import org.wildfly.security.manager.WildFlySecurityManager;
import org.wildfly.security.password.PasswordFactory;
import org.wildfly.security.password.interfaces.ClearPassword;
import org.wildfly.security.x500.cert.acme.Acme;

/* loaded from: input_file:org/wildfly/security/credential/source/CommandCredentialSource.class */
public final class CommandCredentialSource implements CredentialSource {
    private static final File NULL_FILE;
    private final Function<ProcessBuilder, ProcessBuilder> builderProcessor;
    private final PasswordFactory passwordFactory;
    private final AccessControlContext context = AccessController.getContext();
    private final Charset outputCharset;

    /* loaded from: input_file:org/wildfly/security/credential/source/CommandCredentialSource$Builder.class */
    public static final class Builder {
        Charset outputCharset = Charset.defaultCharset();
        SecurityFactory<PasswordFactory> passwordFactoryFactory = () -> {
            return PasswordFactory.getInstance(ClearPassword.ALGORITHM_CLEAR);
        };
        Function<ProcessBuilder, ProcessBuilder> builderProcessor = Function.identity();

        Builder() {
        }

        public Builder addCommand(String str) {
            Assert.checkNotNullParam("commandString", str);
            Assert.checkNotEmptyParam("commandString", str);
            this.builderProcessor = this.builderProcessor.andThen(processBuilder -> {
                processBuilder.command().add(str);
                return processBuilder;
            });
            return this;
        }

        public Builder addCommand(Supplier<String> supplier) {
            Assert.checkNotNullParam("commandString", supplier);
            this.builderProcessor = this.builderProcessor.andThen(processBuilder -> {
                String str = (String) supplier.get();
                if (str != null && !str.isEmpty()) {
                    processBuilder.command().add(str);
                }
                return processBuilder;
            });
            return this;
        }

        public Builder addCommand(Consumer<Consumer<String>> consumer) {
            Assert.checkNotNullParam("commandString", consumer);
            this.builderProcessor = this.builderProcessor.andThen(processBuilder -> {
                consumer.accept(str -> {
                    processBuilder.command().add(Assert.checkNotEmptyParam("string", (String) Assert.checkNotNullParam("string", str)));
                });
                return processBuilder;
            });
            return this;
        }

        public Builder addEnvironment(String str, String str2) {
            Assert.checkNotNullParam(DefaultSensitiveStringCodec.BLOWFISH_KEY, str);
            Assert.checkNotEmptyParam(DefaultSensitiveStringCodec.BLOWFISH_KEY, str);
            Assert.checkNotNullParam(Acme.VALUE, str2);
            Assert.checkNotEmptyParam(Acme.VALUE, str2);
            this.builderProcessor = this.builderProcessor.andThen(processBuilder -> {
                processBuilder.environment().put(str, str2);
                return processBuilder;
            });
            return this;
        }

        public Builder addEnvironment(Consumer<BiConsumer<String, String>> consumer) {
            Assert.checkNotNullParam("consumer", consumer);
            this.builderProcessor = this.builderProcessor.andThen(processBuilder -> {
                consumer.accept((str, str2) -> {
                    processBuilder.environment().put(Assert.checkNotEmptyParam(DefaultSensitiveStringCodec.BLOWFISH_KEY, (String) Assert.checkNotNullParam(DefaultSensitiveStringCodec.BLOWFISH_KEY, str)), Assert.checkNotEmptyParam(Acme.VALUE, (String) Assert.checkNotNullParam(Acme.VALUE, str2)));
                });
                return processBuilder;
            });
            return this;
        }

        public Builder removeEnvironment(String str) {
            Assert.checkNotNullParam(DefaultSensitiveStringCodec.BLOWFISH_KEY, str);
            Assert.checkNotEmptyParam(DefaultSensitiveStringCodec.BLOWFISH_KEY, str);
            this.builderProcessor = this.builderProcessor.andThen(processBuilder -> {
                processBuilder.environment().remove(str);
                return processBuilder;
            });
            return this;
        }

        public Builder setWorkingDirectory(File file) {
            Assert.checkNotNullParam("directory", file);
            this.builderProcessor = this.builderProcessor.andThen(processBuilder -> {
                return processBuilder.directory(file);
            });
            return this;
        }

        public Builder setPasswordFactoryProvider(Provider provider) {
            Assert.checkNotNullParam("provider", provider);
            this.passwordFactoryFactory = () -> {
                return PasswordFactory.getInstance(ClearPassword.ALGORITHM_CLEAR, provider);
            };
            return this;
        }

        public Builder setOutputCharset(Charset charset) {
            Assert.checkNotNullParam("charset", charset);
            this.outputCharset = charset;
            return this;
        }

        public CommandCredentialSource build() throws GeneralSecurityException {
            return new CommandCredentialSource(this);
        }
    }

    CommandCredentialSource(Builder builder) throws GeneralSecurityException {
        this.builderProcessor = builder.builderProcessor;
        this.passwordFactory = builder.passwordFactoryFactory.create();
        this.outputCharset = builder.outputCharset;
    }

    @Override // org.wildfly.security.credential.source.CredentialSource
    public SupportLevel getCredentialAcquireSupport(Class<? extends Credential> cls, String str, AlgorithmParameterSpec algorithmParameterSpec) throws IOException {
        return cls == PasswordCredential.class ? SupportLevel.SUPPORTED : SupportLevel.UNSUPPORTED;
    }

    /* JADX WARN: Failed to calculate best type for var: r14v2 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Failed to calculate best type for var: r15v0 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.RegisterArg.getSVar()" because the return value of "jadx.core.dex.nodes.InsnNode.getResult()" is null
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.collectRelatedVars(AbstractTypeConstraint.java:31)
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.<init>(AbstractTypeConstraint.java:19)
    	at jadx.core.dex.visitors.typeinference.TypeSearch$1.<init>(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeMoveConstraint(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeConstraint(TypeSearch.java:361)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.collectConstraints(TypeSearch.java:341)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.run(TypeSearch.java:60)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.runMultiVariableSearch(FixTypesVisitor.java:116)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Not initialized variable reg: 14, insn: 0x011d: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r14 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:88:0x011d */
    /* JADX WARN: Not initialized variable reg: 15, insn: 0x0122: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r15 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:90:0x0122 */
    /* JADX WARN: Type inference failed for: r14v2, types: [java.io.InputStream] */
    /* JADX WARN: Type inference failed for: r15v0, types: [java.lang.Throwable] */
    @Override // org.wildfly.security.credential.source.CredentialSource
    public <C extends Credential> C getCredential(Class<C> cls, String str, AlgorithmParameterSpec algorithmParameterSpec) throws IOException {
        if (cls != PasswordCredential.class) {
            return null;
        }
        ProcessBuilder apply = this.builderProcessor.apply(new ProcessBuilder(new String[0]));
        apply.redirectOutput(ProcessBuilder.Redirect.PIPE);
        apply.redirectError(NULL_FILE);
        try {
            apply.getClass();
            Process process = (Process) AccessController.doPrivileged(apply::start);
            try {
                try {
                    process.getOutputStream().close();
                    InputStream inputStream = process.getInputStream();
                    Throwable th = null;
                    BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream, this.outputCharset));
                    Throwable th2 = null;
                    try {
                        try {
                            String readLine = bufferedReader.readLine();
                            if (bufferedReader != null) {
                                if (0 != 0) {
                                    try {
                                        bufferedReader.close();
                                    } catch (Throwable th3) {
                                        th2.addSuppressed(th3);
                                    }
                                } else {
                                    bufferedReader.close();
                                }
                            }
                            if (inputStream != null) {
                                if (0 != 0) {
                                    try {
                                        inputStream.close();
                                    } catch (Throwable th4) {
                                        th.addSuppressed(th4);
                                    }
                                } else {
                                    inputStream.close();
                                }
                            }
                            try {
                                int waitFor = process.waitFor();
                                if (ElytronMessages.log.isTraceEnabled()) {
                                    ElytronMessages.log.tracef("Exit code from password command = %d", Integer.valueOf(waitFor));
                                }
                                if (readLine == null) {
                                    process.destroyForcibly();
                                    return null;
                                }
                                C cast = cls.cast(new PasswordCredential(ClearPassword.createRaw(ClearPassword.ALGORITHM_CLEAR, readLine.toCharArray())));
                                process.destroyForcibly();
                                return cast;
                            } catch (InterruptedException e) {
                                process.destroyForcibly();
                                while (process.isAlive()) {
                                    try {
                                        process.waitFor();
                                    } catch (InterruptedException e2) {
                                    }
                                }
                                Thread.currentThread().interrupt();
                                throw ElytronMessages.log.credentialCommandInterrupted();
                            }
                        } finally {
                        }
                    } catch (Throwable th5) {
                        if (bufferedReader != null) {
                            if (th2 != null) {
                                try {
                                    bufferedReader.close();
                                } catch (Throwable th6) {
                                    th2.addSuppressed(th6);
                                }
                            } else {
                                bufferedReader.close();
                            }
                        }
                        throw th5;
                    }
                } finally {
                }
            } catch (Throwable th7) {
                process.destroyForcibly();
                throw th7;
            }
        } catch (PrivilegedActionException e3) {
            try {
                throw e3.getCause();
            } catch (IOException | Error | RuntimeException e4) {
                throw e4;
            } catch (Throwable th8) {
                throw new UndeclaredThrowableException(th8);
            }
        }
    }

    public static Builder builder() {
        return new Builder();
    }

    static {
        NULL_FILE = new File((WildFlySecurityManager.isChecking() ? (String) AccessController.doPrivileged(() -> {
            return System.getProperty("os.name");
        }) : System.getProperty("os.name")).startsWith("Windows") ? "NUL" : "/dev/null");
    }
}
