package com.seeburger.provisioning.preferences.initializer.tasks;

import com.seeburger.provisioning.preferences.initializer.Activator;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Enumeration;
import org.eclipse.core.runtime.CoreException;
import org.eclipse.core.runtime.FileLocator;
import org.eclipse.core.runtime.IStatus;
import org.eclipse.core.runtime.Status;
import org.eclipse.jface.dialogs.MessageDialog;
import org.eclipse.swt.widgets.Display;

/* loaded from: input_file:com/seeburger/provisioning/preferences/initializer/tasks/KeystoreTask.class */
public class KeystoreTask extends AbstractInitializationTask {
    private static final String KEYSTORE_PASSWORD = "changeit";
    private static final String KEYSTORE_ALIAS = "*.seeburger.de";
    private File javaHome = new File(System.getProperty("java.home", ""));

    @Override // com.seeburger.provisioning.preferences.initializer.tasks.AbstractInitializationTask
    public IStatus internalExecute() throws CoreException {
        try {
            File trustStorePath = trustStorePath();
            if (!trustStorePath.isFile()) {
                return new Status(4, Activator.PLUGIN_ID, "could not find a truststore at: \n" + trustStorePath.getAbsolutePath());
            }
            X509Certificate loadSeeburgerCertificate = loadSeeburgerCertificate();
            KeyStore loadKeystore = loadKeystore(trustStorePath);
            if (findCertificateInKeystore(loadSeeburgerCertificate, loadKeystore)) {
                return new Status(0, Activator.PLUGIN_ID, "checked that your truststore is still up to date");
            }
            try {
                return modifyKeystore(loadKeystore, trustStorePath, loadSeeburgerCertificate);
            } catch (Exception e) {
                Display.getDefault().asyncExec(new Runnable() { // from class: com.seeburger.provisioning.preferences.initializer.tasks.KeystoreTask.1
                    @Override // java.lang.Runnable
                    public void run() {
                        MessageDialog.openWarning(Display.getDefault().getActiveShell(), "SSL Certificate import failed", "The SEEBURGER Infrastructure SSL certificate could not be imported into your JVM's trust store. Please note that accessing the SEEBURGER Infrastructure might fail due to SSL errors.");
                    }
                });
                throw e;
            }
        } catch (Exception e2) {
            return new Status(4, Activator.PLUGIN_ID, "failed to install the certifcate into your truststore", e2);
        }
    }

    private File trustStorePath() {
        return new File(this.javaHome, "/lib/security/cacerts");
    }

    private X509Certificate loadSeeburgerCertificate() throws Exception {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        InputStream openStream = FileLocator.find(new URL("platform:/plugin/com.seeburger.provisioning.preferences.initializer/resources/-.seeburger.de.crt")).openStream();
        try {
            return (X509Certificate) certificateFactory.generateCertificate(openStream);
        } finally {
            openStream.close();
        }
    }

    private KeyStore loadKeystore(File file) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        FileInputStream fileInputStream = new FileInputStream(file);
        try {
            keyStore.load(fileInputStream, KEYSTORE_PASSWORD.toCharArray());
            return keyStore;
        } finally {
            fileInputStream.close();
        }
    }

    private boolean findCertificateInKeystore(X509Certificate x509Certificate, KeyStore keyStore) throws Exception {
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            Certificate certificate = keyStore.getCertificate(aliases.nextElement());
            if ((certificate instanceof X509Certificate) && Arrays.equals(((X509Certificate) certificate).getSignature(), x509Certificate.getSignature())) {
                return true;
            }
        }
        return false;
    }

    private IStatus modifyKeystore(KeyStore keyStore, File file, Certificate certificate) throws Exception {
        try {
            modifyKeystoreDirectly(keyStore, file, certificate);
            return new Status(0, Activator.PLUGIN_ID, "installed the certificate into your java truststore");
        } catch (IOException e) {
            if (!System.getProperty("os.name", "").contains("Windows")) {
                throw e;
            }
            try {
                modifyKeystoreViaUAC(file, certificate);
                return new Status(2, Activator.PLUGIN_ID, "launched keytool for importing the certificate via UAC. no status information available.");
            } catch (Exception unused) {
                throw new IOException("Unable to modify " + file + " via keytool");
            }
        }
    }

    private void modifyKeystoreDirectly(KeyStore keyStore, File file, Certificate certificate) throws Exception {
        keyStore.setCertificateEntry(KEYSTORE_ALIAS, certificate);
        FileOutputStream fileOutputStream = new FileOutputStream(file);
        try {
            keyStore.store(fileOutputStream, KEYSTORE_PASSWORD.toCharArray());
        } finally {
            fileOutputStream.close();
        }
    }

    private void modifyKeystoreViaUAC(File file, Certificate certificate) throws Exception {
        File file2 = new File(this.javaHome, "bin/keytool.exe");
        if (!file2.canExecute()) {
            throw new IOException("keytool not executable");
        }
        File createTempFile = File.createTempFile("eclipse-updateKeystore", ".js");
        File createTempFile2 = File.createTempFile("eclipse-seeburger", ".crt");
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(createTempFile2);
            try {
                fileOutputStream.write(certificate.getEncoded());
                fileOutputStream.close();
                FileWriter fileWriter = new FileWriter(createTempFile);
                try {
                    fileWriter.write("var shell = new ActiveXObject(\"shell.application\");\n");
                    fileWriter.write("shell.ShellExecute(\"" + shellEscape(file2.getAbsolutePath()) + "\", '-importcert -noprompt -trustcacerts -keystore \"" + shellEscape(file.getAbsolutePath()) + "\" -file \"" + shellEscape(createTempFile2.getAbsolutePath()) + "\" -storepass \"" + KEYSTORE_PASSWORD + "\" -alias \"" + KEYSTORE_ALIAS + "\"','', 'runas', 0);\n");
                    fileWriter.close();
                    Process exec = Runtime.getRuntime().exec(new String[]{"cmd.exe", "/C", createTempFile.getAbsolutePath()});
                    exec.getInputStream().close();
                    exec.getOutputStream().close();
                    exec.getErrorStream().close();
                    if (exec.waitFor() != 0) {
                        throw new IOException("Error running keytool script");
                    }
                } catch (Throwable th) {
                    fileWriter.close();
                    throw th;
                }
            } catch (Throwable th2) {
                fileOutputStream.close();
                throw th2;
            }
        } finally {
            createTempFile.deleteOnExit();
            createTempFile2.deleteOnExit();
        }
    }

    private static String shellEscape(String str) {
        return str.replace("\\", "/");
    }
}
