package org.jboss.as.domain.management.security;

import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.util.function.Consumer;
import java.util.function.Supplier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import org.jboss.as.domain.management.logging.DomainManagementLogger;
import org.jboss.msc.Service;
import org.jboss.msc.service.ServiceBuilder;
import org.jboss.msc.service.ServiceName;
import org.jboss.msc.service.StartContext;
import org.jboss.msc.service.StartException;
import org.jboss.msc.service.StopContext;
import org.wildfly.common.function.ExceptionSupplier;
import org.wildfly.security.credential.source.CredentialSource;
import org.wildfly.security.password.interfaces.ClearPassword;

/* loaded from: input_file:org/jboss/as/domain/management/security/AbstractKeyManagerService.class */
abstract class AbstractKeyManagerService implements Service {
    private volatile char[] keystorePassword;
    private volatile char[] keyPassword;
    private final Consumer<AbstractKeyManagerService> keyManagerServiceConsumer;
    private final ExceptionSupplier<CredentialSource, Exception> keyCredentialSourceSupplier;
    private final ExceptionSupplier<CredentialSource, Exception> keystoreCredentialSourceSupplier;

    /* loaded from: input_file:org/jboss/as/domain/management/security/AbstractKeyManagerService$ServiceUtil.class */
    static final class ServiceUtil {
        private static final String SERVICE_SUFFIX = "key-manager";

        ServiceUtil() {
        }

        public static ServiceName createServiceName(ServiceName serviceName) {
            return serviceName.append(SERVICE_SUFFIX);
        }

        public static Supplier<AbstractKeyManagerService> requires(ServiceBuilder<?> serviceBuilder, ServiceName serviceName) {
            return serviceBuilder.requires(createServiceName(serviceName));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public AbstractKeyManagerService(Consumer<AbstractKeyManagerService> consumer, ExceptionSupplier<CredentialSource, Exception> exceptionSupplier, ExceptionSupplier<CredentialSource, Exception> exceptionSupplier2, char[] cArr, char[] cArr2) {
        this.keyManagerServiceConsumer = consumer;
        this.keyCredentialSourceSupplier = exceptionSupplier;
        this.keystoreCredentialSourceSupplier = exceptionSupplier2;
        this.keystorePassword = cArr;
        this.keyPassword = cArr2;
    }

    public char[] getKeystorePassword() {
        return this.keystorePassword;
    }

    public void setKeystorePassword(char[] cArr) {
        this.keystorePassword = cArr;
    }

    public char[] getKeyPassword() {
        return this.keyPassword;
    }

    public void setKeyPassword(char[] cArr) {
        this.keyPassword = cArr;
    }

    @Override // org.jboss.msc.Service
    public void start(StartContext startContext) throws StartException {
        try {
            createKeyManagers(true);
            this.keyManagerServiceConsumer.accept(this);
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            throw DomainManagementLogger.ROOT_LOGGER.unableToStart(e);
        }
    }

    @Override // org.jboss.msc.Service
    public void stop(StopContext stopContext) {
        this.keyManagerServiceConsumer.accept(null);
    }

    public KeyManager[] getKeyManagers() {
        try {
            return createKeyManagers(false);
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            throw new RuntimeException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public abstract boolean isLazy();

    protected KeyManager[] createKeyManagers(boolean z) throws NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException {
        KeyStore loadKeyStore = loadKeyStore(z);
        if (loadKeyStore == null && z) {
            return null;
        }
        char[] resolveKeyPassword = resolveKeyPassword();
        if (resolveKeyPassword == null) {
            resolveKeyPassword = resolveKeystorePassword();
        }
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(loadKeyStore, resolveKeyPassword);
        return keyManagerFactory.getKeyManagers();
    }

    protected abstract KeyStore loadKeyStore(boolean z);

    /* JADX INFO: Access modifiers changed from: protected */
    public char[] resolveKeyPassword() {
        return resolvePassword(this.keyCredentialSourceSupplier, this.keyPassword);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public char[] resolveKeystorePassword() {
        return resolvePassword(this.keystoreCredentialSourceSupplier, this.keystorePassword);
    }

    private char[] resolvePassword(ExceptionSupplier<CredentialSource, Exception> exceptionSupplier, char[] cArr) {
        org.wildfly.security.credential.PasswordCredential passwordCredential;
        ClearPassword clearPassword;
        if (exceptionSupplier == null) {
            return cArr;
        }
        try {
            CredentialSource credentialSource = exceptionSupplier.get();
            if (credentialSource != null && (passwordCredential = (org.wildfly.security.credential.PasswordCredential) credentialSource.getCredential(org.wildfly.security.credential.PasswordCredential.class)) != null && (clearPassword = (ClearPassword) passwordCredential.getPassword(ClearPassword.class)) != null) {
                return clearPassword.getPassword();
            }
            return cArr;
        } catch (Exception e) {
            return cArr;
        }
    }
}
