package com.sun.cacao.agent.trust;

import com.sun.cacao.agent.JmxClient;
import com.sun.cacao.invocation.InvocationException;
import com.sun.cacao.invocation.InvocationStatus;
import com.sun.cacao.invocation.InvokeCommand;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.util.logging.Logger;
import sun.misc.BASE64Encoder;

/* loaded from: input_file:120676-02/SUNWcacao/reloc/SUNWcacao/lib/cacao_cacao.jar:com/sun/cacao/agent/trust/TrustUtils.class */
public class TrustUtils {
    private static Logger logger = Logger.getLogger("com.sun.cacao.agent.trust");
    private static final String RFC1421_HEADER = "-----BEGIN CERTIFICATE-----";
    private static final String RFC1421_FOOTER = "-----END CERTIFICATE-----";
    private static final String RFC1421_NEWLINE = "\r\n";

    public static KeyStore loadTrustStore() throws IOException, GeneralSecurityException {
        char[] charArray = JmxClient.getStringParameter(null, JmxClient.TRUSTSTORE_PASSWORD_KEY).toCharArray();
        KeyStore keyStore = KeyStore.getInstance("JKS");
        FileInputStream fileInputStream = null;
        try {
            fileInputStream = new FileInputStream(JmxClient.getStringParameter(null, JmxClient.TRUSTSTORE_FILE_KEY));
            keyStore.load(fileInputStream, charArray);
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            return keyStore;
        } catch (Throwable th) {
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            throw th;
        }
    }

    public static void saveTrustStore(KeyStore keyStore) throws IOException, GeneralSecurityException {
        InvocationStatus invocationStatus;
        char[] charArray = JmxClient.getStringParameter(null, JmxClient.TRUSTSTORE_PASSWORD_KEY).toCharArray();
        File createTempFile = File.createTempFile("cacao-truststore-", ".tmp");
        FileOutputStream fileOutputStream = new FileOutputStream(createTempFile);
        try {
            keyStore.store(fileOutputStream, charArray);
            fileOutputStream.close();
            try {
                try {
                    invocationStatus = InvokeCommand.execute(new String[]{"/bin/cp", createTempFile.getAbsolutePath(), JmxClient.getStringParameter(null, JmxClient.TRUSTSTORE_FILE_KEY)}, (String[]) null);
                    createTempFile.delete();
                } catch (InvocationException e) {
                    invocationStatus = e.getInvocationStatusArray()[0];
                    logger.info(new StringBuffer().append("truststore copy command failed : exception -> [").append(e.getMessage()).append("], ").append("stdout -> [").append(invocationStatus.getStdout()).append("], ").append("stderr -> [").append(invocationStatus.getStderr()).append("]").toString());
                    createTempFile.delete();
                }
                Integer exitValue = invocationStatus.getExitValue();
                if (exitValue == null || exitValue.intValue() != 0) {
                    throw new IOException(new StringBuffer().append("system command to replace truststore failed : stdout -> [").append(invocationStatus.getStdout()).append("], ").append("stderr -> [").append(invocationStatus.getStderr()).append("]").toString());
                }
            } catch (Throwable th) {
                createTempFile.delete();
                throw th;
            }
        } catch (Throwable th2) {
            fileOutputStream.close();
            throw th2;
        }
    }

    public static String encodeRFC1421(Certificate certificate) throws CertificateEncodingException {
        return new StringBuffer().append("-----BEGIN CERTIFICATE-----\r\n").append(encodeBase64(certificate)).append(RFC1421_NEWLINE).append(RFC1421_FOOTER).append(RFC1421_NEWLINE).toString();
    }

    private static String encodeBase64(Certificate certificate) throws CertificateEncodingException {
        return new BASE64Encoder().encode(certificate.getEncoded());
    }
}
