package defpackage;

import defpackage.Exceptions;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.Reader;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;

/* loaded from: input_file:UpdateCertificates.class */
public class UpdateCertificates {
    private char[] password;
    private String ksFilename;
    private KeyStore ks;
    private CertificateFactory certFactory;
    static final /* synthetic */ boolean $assertionsDisabled;

    public static void main(String[] strArr) throws IOException, GeneralSecurityException {
        String str = "changeit";
        if (strArr.length == 2 && strArr[0].equals("-storepass")) {
            str = strArr[1];
        } else if (strArr.length > 0) {
            System.err.println("Usage: java UpdateCertificates [-storepass <password>]");
            System.exit(1);
        }
        try {
            UpdateCertificates updateCertificates = new UpdateCertificates(str, "/etc/ssl/certs/java/cacerts");
            updateCertificates.processChanges(new InputStreamReader(System.in, "UTF8"));
            updateCertificates.writeKeyStore();
        } catch (Exceptions.InvalidKeystorePassword e) {
            e.printStackTrace(System.err);
            System.exit(1);
        } catch (Exceptions.UnableToSaveKeystore e2) {
            e2.printStackTrace(System.err);
            System.exit(1);
        }
    }

    public UpdateCertificates(String str, String str2) throws IOException, GeneralSecurityException, Exceptions.InvalidKeystorePassword {
        this.password = null;
        this.ksFilename = null;
        this.ks = null;
        this.certFactory = null;
        this.password = str.toCharArray();
        this.ksFilename = str2;
        this.ks = openKeyStore();
        this.certFactory = CertificateFactory.getInstance("X.509");
    }

    private KeyStore openKeyStore() throws GeneralSecurityException, IOException, Exceptions.InvalidKeystorePassword {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        File file = new File(this.ksFilename);
        FileInputStream fileInputStream = null;
        if (file.canRead()) {
            fileInputStream = new FileInputStream(file);
        }
        try {
            keyStore.load(fileInputStream, this.password);
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            return keyStore;
        } catch (IOException e) {
            throw new Exceptions.InvalidKeystorePassword("Cannot open Java keystore. Is the password correct?", e);
        }
    }

    protected void processChanges(Reader reader) throws IOException, GeneralSecurityException {
        BufferedReader bufferedReader = new BufferedReader(reader);
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                return;
            }
            try {
                parseLine(readLine);
            } catch (Exceptions.UnknownInput e) {
                System.err.println("Unknown input: " + readLine);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void parseLine(String str) throws GeneralSecurityException, IOException, Exceptions.UnknownInput {
        if (!$assertionsDisabled && this.ks == null) {
            throw new AssertionError();
        }
        String substring = str.substring(1);
        String substring2 = substring.substring(substring.lastIndexOf("/") + 1);
        String str2 = "debian:" + substring2;
        if (str.startsWith("+")) {
            Certificate loadCertificate = loadCertificate(substring);
            if (loadCertificate == null) {
                return;
            }
            addAlias(str2, loadCertificate);
            return;
        }
        if (!str.startsWith("-")) {
            throw new Exceptions.UnknownInput(str);
        }
        deleteAlias(str2);
        deleteAlias(substring2);
    }

    private void deleteAlias(String str) throws GeneralSecurityException {
        if (!$assertionsDisabled && this.ks == null) {
            throw new AssertionError();
        }
        if (contains(str)) {
            System.out.println("Removing " + str);
            this.ks.deleteEntry(str);
        }
    }

    private void addAlias(String str, Certificate certificate) throws KeyStoreException {
        if (!$assertionsDisabled && this.ks == null) {
            throw new AssertionError();
        }
        if (contains(str)) {
            System.out.println("Replacing " + str);
            this.ks.deleteEntry(str);
        } else {
            System.out.println("Adding " + str);
        }
        this.ks.setCertificateEntry(str, certificate);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean contains(String str) throws KeyStoreException {
        if ($assertionsDisabled || this.ks != null) {
            return this.ks.containsAlias(str);
        }
        throw new AssertionError();
    }

    private Certificate loadCertificate(String str) {
        if (!$assertionsDisabled && this.certFactory == null) {
            throw new AssertionError();
        }
        Certificate certificate = null;
        try {
            FileInputStream fileInputStream = new FileInputStream(str);
            certificate = this.certFactory.generateCertificate(fileInputStream);
            fileInputStream.close();
        } catch (Exception e) {
            System.err.println("Warning: there was a problem reading the certificate file " + str + ". Message:\n  " + e.getMessage());
        }
        return certificate;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void writeKeyStore() throws GeneralSecurityException, Exceptions.UnableToSaveKeystore {
        if (!$assertionsDisabled && this.ks == null) {
            throw new AssertionError();
        }
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(this.ksFilename);
            this.ks.store(fileOutputStream, this.password);
            fileOutputStream.close();
        } catch (IOException e) {
            throw new Exceptions.UnableToSaveKeystore("There was a problem saving the new Java keystore.", e);
        }
    }

    static {
        $assertionsDisabled = !UpdateCertificates.class.desiredAssertionStatus();
    }
}
