package net.stuff.servoy;

import java.io.ByteArrayOutputStream;
import java.io.Console;
import java.io.File;
import java.io.FileWriter;
import java.io.IOException;
import java.io.PrintStream;
import java.io.StringReader;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.Map;
import java.util.Scanner;
import net.stuff.servoy.signing.JarNameFilter;
import net.stuff.servoy.signing.utils.CertUtils;
import net.stuff.servoy.signing.utils.JarUnsigner;
import net.stuff.servoy.signing.utils.Repacker;
import sun.security.tools.JarSigner;

/* loaded from: input_file:net/stuff/servoy/CodeSignerHeadless.class */
public class CodeSignerHeadless {
    private static final String LF = System.getProperty("line.separator");
    private final File root;
    private final Map<String, String> preferences;
    private File keyStore;
    private String password;
    private String alias;
    private String codebase;
    private String appName;
    private String ignore;
    private String selection;
    private boolean useTSA = false;
    private String tsaURL = "https://timestamp.geotrust.com/tsa";
    private X509Certificate signCertificate;
    private PublicKey publicKey;
    private JarNameFilter filter;

    public CodeSignerHeadless(File file, Map<String, String> map) {
        this.root = file;
        this.preferences = map;
        setPreferences();
        promptForInfoIfNeeded();
        List<File> jars = getJars();
        if (jars == null || jars.size() <= 0) {
            System.out.println("No files to sign!");
            return;
        }
        System.out.println("Starting process");
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        System.setErr(new PrintStream(byteArrayOutputStream));
        System.setOut(new PrintStream(new ByteArrayOutputStream()));
        int length = this.root.getAbsolutePath().length();
        long currentTimeMillis = System.currentTimeMillis();
        System.err.println(MessageFormat.format("Signing process started on {0,date,dd MMM yyyy 'at' HH:mm:ss}", new Date()));
        System.err.println();
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("KeyStore: " + this.keyStore.getName() + LF);
        stringBuffer.append("Alias: " + this.alias + LF);
        String[] split = this.signCertificate.getSubjectX500Principal().getName().split(",");
        stringBuffer.append("Signature:" + LF);
        for (String str : split) {
            stringBuffer.append("\t" + str.trim() + LF);
        }
        stringBuffer.append(MessageFormat.format("Valid from {0,date,dd MMM yyyy HH:mm:ss} to {1,date,dd MMM yyyy HH:mm:ss}" + LF, this.signCertificate.getNotBefore(), this.signCertificate.getNotAfter()));
        stringBuffer.append("Manifest Attributes:" + LF);
        stringBuffer.append("\tPermissions: all-permissions" + LF);
        stringBuffer.append("\tCodebase: " + this.codebase + LF);
        stringBuffer.append("\tApplication-Name: " + this.appName);
        System.err.println(stringBuffer.toString());
        boolean equals = "different".equals(this.selection);
        boolean equals2 = "self-signed".equals(this.selection);
        int i = 0;
        for (int i2 = 0; i2 < jars.size(); i2++) {
            File file2 = jars.get(i2);
            if (!file2.isDirectory() && file2.renameTo(file2)) {
                boolean z = false;
                X509Certificate x509Certificate = null;
                try {
                    x509Certificate = CertUtils.readSignature(file2.getAbsolutePath());
                } catch (SecurityException e) {
                    z = e.getMessage().toLowerCase().contains("invalid");
                } catch (Exception e2) {
                }
                if (z) {
                    i++;
                    signFile(length, file2, 0);
                } else if (!CertUtils.checkValidity(x509Certificate) || !CertUtils.checkCertificateValidity(x509Certificate) || !CertUtils.checkAttributes(file2)) {
                    i++;
                    signFile(length, file2, 0);
                } else if (equals2 && CertUtils.checkSelfSigned(x509Certificate)) {
                    i++;
                    signFile(length, file2, 0);
                } else if (equals && !CertUtils.isIdentical(x509Certificate, this.publicKey)) {
                    i++;
                    signFile(length, file2, 0);
                }
            }
        }
        if (i == 0) {
            System.err.println();
            System.err.println("No jars to sign!");
        }
        System.err.println();
        System.err.println("Total process time: " + (System.currentTimeMillis() - currentTimeMillis) + "ms");
        if (0 > 0) {
            System.out.println(" 0 errors - check the log!");
        } else {
            if (i == 0) {
                System.out.println("There were no jars to sign!");
            }
            System.out.println("Done");
        }
        try {
            CertUtils.sink(new StringReader(byteArrayOutputStream.toString()), new FileWriter(String.valueOf(CodeSigner.class.getSimpleName()) + "-log.txt"));
        } catch (IOException e3) {
        }
    }

    private int signFile(int i, File file, int i2) {
        System.out.println("Processing " + file.getAbsolutePath().substring(i).replace('\\', '/'));
        try {
            long currentTimeMillis = System.currentTimeMillis();
            System.err.println();
            System.err.println(String.valueOf(file.getAbsolutePath()) + " start processing");
            X509Certificate certificate = CertUtils.getCertificate(file);
            String str = this.appName == null ? null : this.appName;
            if ("%%jarName%%".equalsIgnoreCase(this.appName)) {
                str = null;
            }
            File unsign = JarUnsigner.unsign(file, this.codebase, str);
            if (certificate != null) {
                System.err.println(String.valueOf(file.getAbsolutePath()) + " unsigned");
            }
            int i3 = 0;
            while (i3 < 2) {
                unsign = Repacker.repack(unsign);
                JarSigner jarSigner = new JarSigner();
                if (this.useTSA && CertUtils.isNotEmpty(this.tsaURL)) {
                    jarSigner.run(new String[]{"-keystore", this.keyStore.getAbsolutePath(), "-storepass", this.password, "-tsa", "https://timestamp.geotrust.com/tsa", unsign.getAbsolutePath(), this.alias});
                } else {
                    jarSigner.run(new String[]{"-keystore", this.keyStore.getAbsolutePath(), "-storepass", this.password, unsign.getAbsolutePath(), this.alias});
                }
                System.err.println(String.valueOf(unsign.getAbsolutePath()) + (i3 == 0 ? " first sign attempt" : " second sign attempt"));
                i3++;
            }
            X509Certificate certificate2 = CertUtils.getCertificate(unsign);
            if (certificate2 == null || !CertUtils.isIdentical(certificate2, this.publicKey)) {
                System.err.println(String.valueOf(unsign.getAbsolutePath()) + " NOT signed!");
            } else {
                System.err.println(String.valueOf(unsign.getAbsolutePath()) + " signed");
            }
            System.err.println("Jar file size: " + (unsign.length() / 1024) + "Kb");
            System.err.println("Process time: " + (System.currentTimeMillis() - currentTimeMillis) + "ms");
        } catch (Exception e) {
            e.printStackTrace(System.err);
            i2++;
        }
        return i2;
    }

    private List<File> getJars() {
        ArrayList arrayList = new ArrayList();
        this.filter = new JarNameFilter(this.ignore);
        getJars(this.root, arrayList);
        return arrayList;
    }

    private void getJars(File file, List<File> list) {
        if (!file.isDirectory()) {
            list.add(file);
            return;
        }
        File[] listFiles = file.listFiles(this.filter);
        if (listFiles == null || listFiles.length <= 0) {
            return;
        }
        for (File file2 : listFiles) {
            getJars(file2, list);
        }
    }

    private void promptForInfoIfNeeded() {
        String absolutePath;
        if (this.signCertificate == null) {
            if (this.keyStore == null) {
                absolutePath = readPrompt("Path to the keystore:");
                if (CertUtils.isNotEmpty(absolutePath)) {
                    File file = new File(absolutePath.trim());
                    if (!file.exists() || !file.canRead()) {
                        System.err.println("Cannot read from " + file.getAbsolutePath());
                        System.exit(1);
                    }
                }
            } else {
                absolutePath = this.keyStore.getAbsolutePath();
            }
            String str = this.password;
            if (CertUtils.isEmpty(this.password)) {
                str = readPassword("Keystore password:");
            }
            if (CertUtils.isNotEmpty(str)) {
                String trim = str.trim();
                try {
                    Map<String, X509Certificate> readKeyStoreCertificates = CertUtils.readKeyStoreCertificates(absolutePath, trim);
                    if (readKeyStoreCertificates != null) {
                        String str2 = this.alias;
                        if (CertUtils.isEmpty(this.alias)) {
                            str2 = readPrompt("Certificate alias:");
                        }
                        if (CertUtils.isNotEmpty(str2)) {
                            String trim2 = str2.trim();
                            X509Certificate x509Certificate = readKeyStoreCertificates.get(trim2);
                            if (x509Certificate != null) {
                                if (!CertUtils.checkValidity(x509Certificate)) {
                                    System.err.println("Certificate " + this.alias + " in keystore " + absolutePath + " has expired!");
                                    System.exit(1);
                                }
                                if (!CertUtils.checkCertificateValidity(x509Certificate)) {
                                    System.err.println("Certificate " + this.alias + " in keystore " + absolutePath + " is invalid!");
                                    System.exit(1);
                                }
                                if (CertUtils.checkSelfSigned(x509Certificate)) {
                                    System.err.println("Warning! You are using a self-signed certificate!");
                                }
                                this.signCertificate = x509Certificate;
                                this.keyStore = new File(absolutePath);
                                this.alias = trim2;
                                this.password = trim;
                            } else {
                                System.err.println("Cannot find certificate " + this.alias + " in keystore " + absolutePath);
                                System.exit(1);
                            }
                        }
                    } else {
                        System.err.println("Cannot read certificate from " + absolutePath + " with password " + trim);
                        System.exit(1);
                    }
                } catch (Exception e) {
                    e.printStackTrace(System.err);
                    System.exit(1);
                }
            }
        }
        String str3 = this.selection;
        if (CertUtils.isEmpty(this.selection)) {
            String readPrompt = readPrompt("Selection type 'Invalid' or 'Different' (I/D)");
            if (CertUtils.isNotEmpty(readPrompt)) {
                String lowerCase = readPrompt.trim().toLowerCase();
                if ("i".equals(lowerCase) || "invalid".equals(lowerCase)) {
                    this.selection = "invalid";
                } else if ("d".equals(lowerCase) || "different".equals(lowerCase)) {
                    this.selection = "different";
                }
            }
        }
        if (CertUtils.isEmpty(this.selection)) {
            System.err.println("No selection");
            System.exit(1);
        }
    }

    private String readPassword(String str) {
        System.out.println(str);
        Console console = System.console();
        return console != null ? new String(console.readPassword()) : new Scanner(System.in).nextLine();
    }

    private String readPrompt(String str) {
        System.out.println(str);
        return new Scanner(System.in).nextLine();
    }

    private void setPreferences() {
        String str = this.preferences.get("codebase");
        if (CertUtils.isNotEmpty(str)) {
            this.codebase = str.trim();
        }
        this.useTSA = CertUtils.getBoolean(this.preferences.get("useTimestamp"));
        String str2 = this.preferences.get("tsaURL");
        if (CertUtils.isNotEmpty(str2)) {
            this.tsaURL = str2.trim();
        }
        String str3 = this.preferences.get("appname");
        if (CertUtils.isNotEmpty(str3)) {
            this.appName = str3.trim();
        }
        String str4 = this.preferences.get("ignore");
        if (CertUtils.isNotEmpty(str4)) {
            this.ignore = str4.trim();
        }
        String str5 = this.preferences.get("keypass");
        if (CertUtils.isNotEmpty(str5)) {
            this.password = str5.trim();
        }
        String str6 = this.preferences.get("alias");
        if (CertUtils.isNotEmpty(str6)) {
            this.alias = str6.trim();
        }
        String str7 = this.preferences.get("keystore");
        if (CertUtils.isNotEmpty(str7) && CertUtils.isNotEmpty(this.password) && CertUtils.isNotEmpty(this.alias)) {
            try {
                String trim = str7.trim();
                File file = new File(trim);
                if (file.exists() && file.canRead()) {
                    this.keyStore = file;
                    Map<String, X509Certificate> readKeyStoreCertificates = CertUtils.readKeyStoreCertificates(trim, this.password);
                    if (readKeyStoreCertificates != null) {
                        X509Certificate x509Certificate = readKeyStoreCertificates.get(this.alias);
                        if (x509Certificate != null) {
                            this.signCertificate = x509Certificate;
                            this.publicKey = x509Certificate.getPublicKey();
                            boolean z = !CertUtils.checkValidity(this.signCertificate);
                            boolean checkCertificateValidity = CertUtils.checkCertificateValidity(this.signCertificate);
                            if (!z && !checkCertificateValidity) {
                                this.signCertificate = null;
                                this.publicKey = null;
                                this.password = null;
                                this.alias = null;
                            }
                        }
                    } else {
                        this.password = null;
                        this.alias = null;
                    }
                }
            } catch (Exception e) {
                e.printStackTrace(System.err);
                System.exit(1);
            }
        }
        String str8 = this.preferences.get("selection");
        if (CertUtils.isNotEmpty(str8)) {
            this.selection = str8.trim().toLowerCase();
        }
    }
}
