package net.shibboleth.utilities.java.support.security;

import com.beust.jcommander.JCommander;
import com.beust.jcommander.Parameter;
import com.beust.jcommander.converters.BaseConverter;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.KeyException;
import java.security.KeyStore;
import java.util.Properties;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.crypto.KeyGenerator;
import net.shibboleth.utilities.java.support.annotation.constraint.NotEmpty;
import net.shibboleth.utilities.java.support.annotation.constraint.Positive;
import net.shibboleth.utilities.java.support.logic.Constraint;
import net.shibboleth.utilities.java.support.primitive.StringSupport;
import org.cryptacular.bean.KeyStoreFactoryBean;
import org.opensaml.security.crypto.JCAConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.propertyeditors.CustomBooleanEditor;

/* loaded from: input_file:lib/java-support-7.5.1.jar:net/shibboleth/utilities/java/support/security/BasicKeystoreKeyStrategyTool.class */
public class BasicKeystoreKeyStrategyTool {

    @Nonnull
    private Logger log = LoggerFactory.getLogger((Class<?>) BasicKeystoreKeyStrategyTool.class);

    @Nonnull
    private final CommandLineArgs args = new CommandLineArgs();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:lib/java-support-7.5.1.jar:net/shibboleth/utilities/java/support/security/BasicKeystoreKeyStrategyTool$CommandLineArgs.class */
    public static class CommandLineArgs {

        @NotEmpty
        @Nonnull
        public static final String HELP = "--help";

        @NotEmpty
        @Nonnull
        public static final String KEY_TYPE = "--type";

        @NotEmpty
        @Nonnull
        public static final String KEY_SIZE = "--size";

        @NotEmpty
        @Nonnull
        public static final String KEY_ALIAS = "--alias";

        @NotEmpty
        @Nonnull
        public static final String KEY_COUNT = "--count";

        @NotEmpty
        @Nonnull
        public static final String STORE_TYPE = "--storetype";

        @NotEmpty
        @Nonnull
        public static final String STORE_FILE = "--storefile";

        @NotEmpty
        @Nonnull
        public static final String STORE_PASS = "--storepass";

        @NotEmpty
        @Nonnull
        public static final String VERSION_FILE = "--versionfile";

        @Parameter(names = {"--help"}, description = "Display program usage", help = true)
        private boolean help;

        @NotEmpty
        @Nonnull
        @Parameter(names = {"--type"}, description = "Type of key to generate (default: AES)")
        private String keyType;

        @Positive
        @Parameter(names = {"--size"}, description = "Size of key to generate (default: 128)")
        private int keySize;

        @Nullable
        @Parameter(names = {KEY_ALIAS}, required = true, description = "Base name of key alias")
        private String keyAlias;

        @Positive
        @Parameter(names = {KEY_COUNT}, description = "Number of keys to maintain (default: 30)")
        private int keyCount;

        @NotEmpty
        @Nonnull
        @Parameter(names = {"--storetype"}, description = "Type of keystore to generate (default: JCEKS)")
        private String keystoreType;

        @Nullable
        @Parameter(names = {"--storefile"}, required = true, converter = FileConverter.class, description = "Path to keystore")
        private File keystoreFile;

        @Nullable
        @Parameter(names = {"--storepass"}, required = true, description = "Password for keystore")
        private String keystorePassword;

        @Nullable
        @Parameter(names = {VERSION_FILE}, required = true, converter = FileConverter.class, description = "Path to key versioning file")
        private File versionFile;

        private CommandLineArgs() {
            this.keyType = JCAConstants.KEY_ALGO_AES;
            this.keySize = 128;
            this.keyCount = 30;
            this.keystoreType = KeyStoreFactoryBean.DEFAULT_TYPE;
        }
    }

    /* loaded from: input_file:lib/java-support-7.5.1.jar:net/shibboleth/utilities/java/support/security/BasicKeystoreKeyStrategyTool$FileConverter.class */
    public static class FileConverter extends BaseConverter<File> {
        public FileConverter(String str) {
            super(str);
        }

        /* renamed from: convert, reason: merged with bridge method [inline-methods] */
        public File m2632convert(String str) {
            return new File(str);
        }
    }

    public void setKeyType(@NotEmpty @Nonnull String str) {
        this.args.keyType = (String) Constraint.isNotNull(StringSupport.trimOrNull(str), "Key type cannot be null or empty");
    }

    public void setKeySize(@Positive int i) {
        Constraint.isGreaterThan(0L, i, "Key size must be greater than 0");
        this.args.keySize = i;
    }

    public void setKeyAlias(@NotEmpty @Nonnull String str) {
        this.args.keyAlias = (String) Constraint.isNotNull(StringSupport.trimOrNull(str), "Key alias base cannot be null or empty");
    }

    public void setKeyCount(@Positive int i) {
        Constraint.isGreaterThan(0L, i, "Key count must be greater than 0");
        this.args.keyCount = i;
    }

    public void setKeystoreType(@NotEmpty @Nonnull String str) {
        this.args.keystoreType = (String) Constraint.isNotNull(StringSupport.trimOrNull(str), "Keystore type cannot be null or empty");
    }

    public void setKeystoreFile(@Nonnull File file) {
        this.args.keystoreFile = (File) Constraint.isNotNull(file, "Keystore file cannot be null");
    }

    public void setKeystorePassword(@Nullable String str) {
        this.args.keystorePassword = str;
    }

    public void setVersionFile(@Nonnull File file) {
        this.args.versionFile = (File) Constraint.isNotNull(file, "Key versioning file cannot be null");
    }

    public void changeKey() throws Exception {
        KeyStore keyStore = KeyStore.getInstance(this.args.keystoreType);
        FileInputStream fileInputStream = this.args.keystoreFile.exists() ? new FileInputStream(this.args.keystoreFile) : null;
        Throwable th = null;
        try {
            try {
                keyStore.load(fileInputStream, this.args.keystorePassword.toCharArray());
                if (fileInputStream != null) {
                    if (0 != 0) {
                        try {
                            fileInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        fileInputStream.close();
                    }
                }
                Properties properties = new Properties();
                if (this.args.versionFile.exists()) {
                    FileInputStream fileInputStream2 = new FileInputStream(this.args.versionFile);
                    Throwable th3 = null;
                    try {
                        properties.load(fileInputStream2);
                        if (fileInputStream2 != null) {
                            if (0 != 0) {
                                try {
                                    fileInputStream2.close();
                                } catch (Throwable th4) {
                                    th3.addSuppressed(th4);
                                }
                            } else {
                                fileInputStream2.close();
                            }
                        }
                    } catch (Throwable th5) {
                        if (fileInputStream2 != null) {
                            if (0 != 0) {
                                try {
                                    fileInputStream2.close();
                                } catch (Throwable th6) {
                                    th3.addSuppressed(th6);
                                }
                            } else {
                                fileInputStream2.close();
                            }
                        }
                        throw th5;
                    }
                }
                int parseInt = Integer.parseInt(properties.getProperty(BasicKeystoreKeyStrategy.CURRENT_VERSION_PROP, CustomBooleanEditor.VALUE_0));
                if (parseInt == 0) {
                    this.log.info("No existing versioning property, initializing...");
                } else {
                    this.log.info("Incrementing key version from {} to {}", Integer.valueOf(parseInt), Integer.valueOf(parseInt + 1));
                }
                int i = parseInt + 1;
                String str = this.args.keyAlias + Integer.toString(i);
                if (keyStore.containsAlias(str)) {
                    this.log.error("Keystore already contains an entry named {}, exiting", str);
                    throw new KeyException("Entry for new key already exists");
                }
                KeyGenerator keyGenerator = KeyGenerator.getInstance(this.args.keyType);
                keyGenerator.init(this.args.keySize);
                keyStore.setKeyEntry(str, keyGenerator.generateKey(), this.args.keystorePassword.toCharArray(), null);
                for (int i2 = i - this.args.keyCount; i2 > 0; i2--) {
                    String str2 = this.args.keyAlias + Integer.toString(i2);
                    if (!keyStore.containsAlias(str2)) {
                        break;
                    }
                    this.log.info("Deleting old key: {}", str2);
                    keyStore.deleteEntry(str2);
                }
                FileOutputStream fileOutputStream = new FileOutputStream(this.args.keystoreFile);
                Throwable th7 = null;
                try {
                    try {
                        keyStore.store(fileOutputStream, this.args.keystorePassword.toCharArray());
                        if (fileOutputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileOutputStream.close();
                                } catch (Throwable th8) {
                                    th7.addSuppressed(th8);
                                }
                            } else {
                                fileOutputStream.close();
                            }
                        }
                        fileOutputStream = new FileOutputStream(this.args.versionFile);
                        Throwable th9 = null;
                        try {
                            try {
                                properties.setProperty(BasicKeystoreKeyStrategy.CURRENT_VERSION_PROP, Integer.toString(i));
                                properties.store(fileOutputStream, (String) null);
                                if (fileOutputStream != null) {
                                    if (0 == 0) {
                                        fileOutputStream.close();
                                        return;
                                    }
                                    try {
                                        fileOutputStream.close();
                                    } catch (Throwable th10) {
                                        th9.addSuppressed(th10);
                                    }
                                }
                            } catch (Throwable th11) {
                                th9 = th11;
                                throw th11;
                            }
                        } finally {
                        }
                    } catch (Throwable th12) {
                        th7 = th12;
                        throw th12;
                    }
                } finally {
                }
            } catch (Throwable th13) {
                th = th13;
                throw th13;
            }
        } catch (Throwable th14) {
            if (fileInputStream != null) {
                if (th != null) {
                    try {
                        fileInputStream.close();
                    } catch (Throwable th15) {
                        th.addSuppressed(th15);
                    }
                } else {
                    fileInputStream.close();
                }
            }
            throw th14;
        }
    }

    public static void main(@Nonnull String[] strArr) throws Exception {
        BasicKeystoreKeyStrategyTool basicKeystoreKeyStrategyTool = new BasicKeystoreKeyStrategyTool();
        JCommander jCommander = new JCommander(basicKeystoreKeyStrategyTool.args, strArr);
        if (!basicKeystoreKeyStrategyTool.args.help) {
            basicKeystoreKeyStrategyTool.changeKey();
        } else {
            jCommander.setProgramName("BasicKeystoreKeyStrategyTool");
            jCommander.usage();
        }
    }
}
