package com.redhat.installer.asconfiguration.keystore.validator;

import com.izforge.izpack.installer.AutomatedInstallData;
import com.izforge.izpack.installer.DataValidator;
import java.io.EOFException;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.cert.CertificateException;
import org.jboss.as.cli.impl.aesh.cmd.security.model.ElytronUtil;

/* loaded from: input_file:com/redhat/installer/asconfiguration/keystore/validator/KeystoreValidator.class */
public abstract class KeystoreValidator implements DataValidator {
    private static final String PKCS12_AUTH_ERROR = "Given final block not properly padded";
    private static final String JCEKS_AUTH_ERROR = "Keystore was tampered with, or password was incorrect";
    private static final String JKS_AUTH_ERROR = "Password verification failed";
    private static final String IBM_PKCS12_TYPE_ERROR = "Keystore type is not PKCS12";
    private static final String PKCS12_TYPE_ERROR = "DerInputStream.getLength(): lengthTag=";
    private static final String JCEKS_JKS_TYPE_ERROR = "Invalid keystore format";
    protected String error;
    protected String message;
    private static String lastSuccessfulAlgorithm = ElytronUtil.JKS;

    public DataValidator.Status validateData(AutomatedInstallData automatedInstallData) {
        DataValidator.Status status = DataValidator.Status.OK;
        String keystorePath = getKeystorePath();
        if (keystorePath.contains("${jboss.home.dir}")) {
            keystorePath = keystorePath.replace("${jboss.home.dir}", AutomatedInstallData.getInstance().getInstallPath());
        }
        char[] keystorePassword = getKeystorePassword();
        int i = 0;
        if (getCondition()) {
            boolean z = false;
            if (!isJKSValid()) {
                i = isValidKeystore(keystorePath, keystorePassword, new String[]{ElytronUtil.JKS});
                z = true;
            }
            i = (z && i == 0) ? 7 : isValidKeystore(keystorePath, keystorePassword, getSupportedFormats());
        }
        switch (i) {
            case 1:
                setError("keystore.validator.authentication.failure");
                setMessage(String.format(automatedInstallData.langpack.getString("keystore.validator.authentication.failure"), new Object[0]));
                status = DataValidator.Status.WARNING;
                break;
            case 2:
                setError("keystore.validator.file.does.not.exist");
                setMessage(String.format(automatedInstallData.langpack.getString("keystore.validator.file.does.not.exist"), new Object[0]));
                status = DataValidator.Status.ERROR;
                break;
            case 3:
                setError("keystore.validator.jvm.cannot.read");
                setMessage(String.format(automatedInstallData.langpack.getString("keystore.validator.jvm.cannot.read"), new Object[0]));
                status = DataValidator.Status.WARNING;
                break;
            case 4:
            case 5:
                setError("keystore.validator.invalid.url");
                setMessage(String.format(automatedInstallData.langpack.getString("keystore.validator.invalid.url"), new Object[0]));
                status = DataValidator.Status.WARNING;
                break;
            case 6:
                setError("keystore.validator.file.is.empty");
                setMessage(String.format(automatedInstallData.langpack.getString("keystore.validator.file.is.empty"), new Object[0]));
                status = DataValidator.Status.ERROR;
                break;
            case 7:
                setError("keystore.validator.not.supported");
                setMessage(String.format(automatedInstallData.langpack.getString("keystore.validator.not.supported"), new Object[0]));
                status = DataValidator.Status.ERROR;
                break;
        }
        if (i != 0) {
            if (hasAdditionalChecksOnFail()) {
                return performAdditionalChecksOnFail(i);
            }
        } else if (hasAdditionalChecksOnSuccess()) {
            return performAdditionalChecksOnSuccess(lastSuccessfulAlgorithm);
        }
        setVariable();
        return status;
    }

    public static int isValidKeystore(String str, char[] cArr, String[] strArr) {
        int i;
        int i2 = 0;
        if (!isValidReadableFile(str) && !isValidAccessibleUrl(str)) {
            return 2;
        }
        for (String str2 : strArr) {
            if (!Security.getAlgorithms("KeyStore").contains(str2.toUpperCase()) || str2.equalsIgnoreCase("WINDOWS-ROOT") || str2.equalsIgnoreCase("WINDOWS-MY")) {
                i = 7;
            } else {
                try {
                    KeyStore keyStore = KeyStore.getInstance(str2);
                    if (isValidAccessibleUrl(str)) {
                        keyStore.load(new URI(str).toURL().openStream(), cArr);
                    } else {
                        FileInputStream fileInputStream = new FileInputStream(new File(str));
                        keyStore.load(fileInputStream, cArr);
                        fileInputStream.close();
                    }
                    i2 = 0;
                    lastSuccessfulAlgorithm = str2;
                    break;
                } catch (EOFException e) {
                    i = 6;
                } catch (FileNotFoundException e2) {
                    i = 2;
                } catch (IOException e3) {
                    String message = e3.getMessage();
                    String message2 = e3.getCause() != null ? e3.getCause().getMessage() : "";
                    if (message.equals(JCEKS_JKS_TYPE_ERROR) || message.startsWith(PKCS12_TYPE_ERROR) || message.equals(IBM_PKCS12_TYPE_ERROR)) {
                        i = 7;
                    } else {
                        if (message.equals(JCEKS_AUTH_ERROR) || message2.equals(PKCS12_AUTH_ERROR) || message2.equals(JKS_AUTH_ERROR)) {
                            return 1;
                        }
                        i = 3;
                    }
                } catch (IllegalArgumentException e4) {
                    return 5;
                } catch (URISyntaxException e5) {
                    i = 4;
                } catch (KeyStoreException e6) {
                    i = 3;
                } catch (NoSuchAlgorithmException e7) {
                    i = 3;
                } catch (CertificateException e8) {
                    i = 3;
                }
            }
            i2 = i;
        }
        return i2;
    }

    public static boolean isValidReadableFile(String str) {
        File file = new File(str);
        return file.exists() && file.canRead() && !file.isDirectory();
    }

    public static boolean isValidAccessibleUrl(String str) {
        try {
            new URL(str).openConnection().connect();
            return true;
        } catch (MalformedURLException e) {
            return false;
        } catch (IOException e2) {
            return false;
        }
    }

    private boolean isJKSValid() {
        String[] supportedFormats = getSupportedFormats();
        for (int i = 0; i <= supportedFormats.length - 1; i++) {
            if (supportedFormats[i].toUpperCase().equals(ElytronUtil.JKS)) {
                return true;
            }
        }
        return false;
    }

    public abstract String getKeystorePath();

    public abstract String getEncryptedDirPath();

    public abstract String[] getSupportedFormats();

    public abstract char[] getKeystorePassword();

    public abstract boolean hasAdditionalChecksOnFail();

    public abstract DataValidator.Status performAdditionalChecksOnFail(int i);

    public abstract void setVariable();

    public abstract DataValidator.Status getFailureStatus();

    protected abstract DataValidator.Status performAdditionalChecksOnSuccess(String str);

    protected abstract boolean hasAdditionalChecksOnSuccess();

    public String getLangpackKey() {
        return "ssl.password.incorrect";
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setError(String str) {
        this.error = str;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setMessage(String str) {
        this.message = str;
    }

    public String getErrorMessageId() {
        return this.error;
    }

    public String getWarningMessageId() {
        return this.error;
    }

    public String getFormattedMessage() {
        return this.message;
    }

    public boolean getDefaultAnswer() {
        return false;
    }

    protected abstract boolean getCondition();
}
