package org.ow2.petals.cli.shell.command;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.UnknownHostException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import jline.console.completer.FileNameCompleter;
import org.apache.commons.cli.CommandLine;
import org.apache.commons.cli.DefaultParser;
import org.apache.commons.cli.MissingArgumentException;
import org.apache.commons.cli.MissingOptionException;
import org.apache.commons.cli.Option;
import org.apache.commons.cli.Options;
import org.apache.commons.cli.ParseException;
import org.apache.commons.cli.UnrecognizedOptionException;
import org.ow2.petals.admin.api.exception.DuplicatedServiceException;
import org.ow2.petals.admin.api.exception.MissingServiceException;
import org.ow2.petals.cli.api.command.AbstractCommand;
import org.ow2.petals.cli.api.command.CommandUtil;
import org.ow2.petals.cli.api.command.exception.CommandBadArgumentNumberException;
import org.ow2.petals.cli.api.command.exception.CommandException;
import org.ow2.petals.cli.api.command.exception.CommandInvalidArgumentException;
import org.ow2.petals.cli.api.command.exception.CommandInvalidException;
import org.ow2.petals.cli.api.command.exception.CommandMissingArgumentException;
import org.ow2.petals.cli.api.command.exception.CommandMissingOptionsException;
import org.ow2.petals.cli.api.command.exception.CommandTooManyArgumentsException;

/* loaded from: input_file:org/ow2/petals/cli/shell/command/CheckSSLHandshake.class */
public class CheckSSLHandshake extends AbstractCommand {
    public static final String HOST_SHORT_OPTION = "h";
    public static final String PORT_SHORT_OPTION = "p";
    public static final String KEYSTORE_PASS_SHORT_OPTION = "u";
    protected static final String CHECK_OK_MESSAGE = "No errors, certificate configuration is ok !";
    private static final String DEFAULT_HOST = "localhost";
    private static final int DEFAULT_PORT = 443;
    public static final String HOST_LONG_OPTION = "host";
    protected static final Option HOST_OPTION = Option.builder("h").numberOfArgs(1).argName(HOST_LONG_OPTION).longOpt(HOST_LONG_OPTION).desc("Hostname to connect. Default value used: localhost").build();
    public static final String PORT_LONG_OPTION = "port";
    protected static final Option PORT_OPTION = Option.builder("p").numberOfArgs(1).argName(PORT_LONG_OPTION).longOpt(PORT_LONG_OPTION).desc("Port on host to connect. Default value used: 443 (HTTPS)").build();
    public static final String KEYSTORE_FILE_SHORT_OPTION = "k";
    public static final String KEYSTORE_FILE_LONG_OPTION = "keystore-file";
    protected static final Option KEYSTORE_FILE_OPTION = Option.builder(KEYSTORE_FILE_SHORT_OPTION).numberOfArgs(1).argName(KEYSTORE_FILE_LONG_OPTION).longOpt(KEYSTORE_FILE_LONG_OPTION).desc("Keystore file containing certificates. Default keystore: the JVM one").build();
    public static final String KEYSTORE_PASS_LONG_OPTION = "keystore-passphrase";
    protected static final Option KEYSTORE_PASS_OPTION = Option.builder("u").numberOfArgs(1).argName(KEYSTORE_FILE_LONG_OPTION).longOpt(KEYSTORE_PASS_LONG_OPTION).desc("Passphrase to open the keystore containing certificates.").build();
    public static final String TRUST_ALL_CERTS_LONG_OPTION = "trust-all-certificates";
    protected static final Option TRUST_ALL_CERTS_OPTION = Option.builder().numberOfArgs(0).longOpt(TRUST_ALL_CERTS_LONG_OPTION).desc("Trust all certificates. Certificate validation is disabled.").build();

    public CheckSSLHandshake() {
        super("check-ssl-handshake");
        setUsage(CommandUtil.formatCommandUsage(this));
        setDescription("Check SSL handshake to a given server.");
        setOptionsDescription(CommandUtil.formatCommandOptionsDescription(this));
        this.completers.put(KEYSTORE_FILE_SHORT_OPTION, new FileNameCompleter());
    }

    public void doExecute(String[] strArr) throws CommandException {
        String str;
        int i;
        File file;
        String str2;
        boolean z;
        try {
            CommandLine parse = new DefaultParser().parse(getOptions(), strArr);
            if (!parse.hasOption("h")) {
                str = DEFAULT_HOST;
            } else {
                if (!checkArguments(strArr, 2, 8)) {
                    throw new CommandTooManyArgumentsException(this, strArr);
                }
                str = parse.getOptionValue("h");
            }
            if (!parse.hasOption("p")) {
                i = DEFAULT_PORT;
            } else {
                if (!checkArguments(strArr, 2, 8)) {
                    throw new CommandTooManyArgumentsException(this, strArr);
                }
                String optionValue = parse.getOptionValue("p");
                try {
                    i = Integer.parseInt(optionValue);
                } catch (NumberFormatException e) {
                    throw new CommandInvalidArgumentException(this, PORT_OPTION, optionValue, e);
                }
            }
            if (parse.hasOption(KEYSTORE_FILE_SHORT_OPTION)) {
                if (!checkArguments(strArr, 2, 8)) {
                    throw new CommandTooManyArgumentsException(this, strArr);
                }
                file = new File(parse.getOptionValue(KEYSTORE_FILE_SHORT_OPTION));
                if (!parse.hasOption("u")) {
                    throw new CommandMissingOptionsException(this, Arrays.asList("u"));
                }
                str2 = parse.getOptionValue("u");
            } else {
                if (parse.hasOption("u")) {
                    throw new CommandMissingOptionsException(this, Arrays.asList(KEYSTORE_FILE_SHORT_OPTION));
                }
                file = null;
                str2 = null;
            }
            if (!parse.hasOption(TRUST_ALL_CERTS_LONG_OPTION)) {
                z = false;
            } else {
                if (file != null) {
                    throw new CommandTooManyArgumentsException(this, new String[]{TRUST_ALL_CERTS_LONG_OPTION, KEYSTORE_FILE_SHORT_OPTION});
                }
                z = true;
            }
            tryConnection(str, i, file, str2, z);
        } catch (ParseException e2) {
            throw new CommandInvalidException(this, e2);
        } catch (MissingArgumentException e3) {
            throw new CommandMissingArgumentException(this, e3.getOption(), e3);
        } catch (DuplicatedServiceException | MissingServiceException e4) {
            throw new CommandException(this, e4);
        } catch (MissingOptionException e5) {
            throw new CommandMissingOptionsException(this, e5.getMissingOptions(), e5);
        } catch (UnrecognizedOptionException e6) {
            throw new CommandBadArgumentNumberException(this, e6);
        }
    }

    public Options createOptions() {
        Options options = new Options();
        options.addOption(HOST_OPTION);
        options.addOption(PORT_OPTION);
        options.addOption(KEYSTORE_FILE_OPTION);
        options.addOption(KEYSTORE_PASS_OPTION);
        options.addOption(TRUST_ALL_CERTS_OPTION);
        return options;
    }

    public boolean isConnectionRequired() {
        return false;
    }

    private void tryConnection(String str, int i, File file, String str2, boolean z) throws CommandException {
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, loadOrCreateTrustManagers(file, str2, z), null);
            SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
            getShell().getPrintStream().println(String.format("Opening connection to %s:%d...", str, Integer.valueOf(i)));
            try {
                SSLSocket sSLSocket = (SSLSocket) socketFactory.createSocket(str, i);
                Throwable th = null;
                try {
                    try {
                        sSLSocket.setSoTimeout(10000);
                        executeSSLHandshake(sSLSocket);
                        if (sSLSocket != null) {
                            if (0 != 0) {
                                try {
                                    sSLSocket.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                sSLSocket.close();
                            }
                        }
                    } finally {
                    }
                } catch (Throwable th3) {
                    if (sSLSocket != null) {
                        if (th != null) {
                            try {
                                sSLSocket.close();
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                            }
                        } else {
                            sSLSocket.close();
                        }
                    }
                    throw th3;
                }
            } catch (IllegalArgumentException e) {
                throw new CommandInvalidArgumentException(this, PORT_OPTION, String.valueOf(i), e);
            } catch (UnknownHostException e2) {
                throw new CommandInvalidArgumentException(this, HOST_OPTION, str, e2);
            } catch (IOException e3) {
                throw new CommandException(this, e3);
            }
        } catch (GeneralSecurityException e4) {
            throw new CommandException(this, e4);
        }
    }

    private TrustManager[] loadOrCreateTrustManagers(File file, String str, boolean z) throws CommandException {
        if (z) {
            return new TrustManager[]{new X509TrustManager() { // from class: org.ow2.petals.cli.shell.command.CheckSSLHandshake.1
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str2) throws CertificateException {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str2) throws CertificateException {
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }
            }};
        }
        if (file == null) {
            return null;
        }
        try {
            KeyStore loadKeyStore = loadKeyStore(file, str);
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(loadKeyStore);
            return trustManagerFactory.getTrustManagers();
        } catch (GeneralSecurityException e) {
            throw new CommandException(this, e);
        }
    }

    private KeyStore loadKeyStore(File file, String str) throws CommandInvalidArgumentException {
        try {
            FileInputStream fileInputStream = new FileInputStream(file);
            Throwable th = null;
            try {
                try {
                    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                    keyStore.load(fileInputStream, str.toCharArray());
                    if (fileInputStream != null) {
                        if (0 != 0) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                    return keyStore;
                } finally {
                }
            } finally {
            }
        } catch (IOException | GeneralSecurityException e) {
            throw new CommandInvalidArgumentException(this, KEYSTORE_FILE_OPTION, file.getAbsolutePath(), e);
        }
    }

    private void executeSSLHandshake(SSLSocket sSLSocket) throws CommandException {
        try {
            getShell().getPrintStream().println("Starting SSL handshake...");
            sSLSocket.startHandshake();
            getShell().getPrintStream().println();
            getShell().getPrintStream().println(CHECK_OK_MESSAGE);
        } catch (IOException e) {
            getShell().getErrorStream().println();
            e.printStackTrace(getShell().getErrorStream());
            throw new CommandException(this, e);
        }
    }
}
