package at.gv.egiz.bku.webstart;

import iaik.asn1.CodingException;
import iaik.utils.StreamCopier;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.BufferedWriter;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStream;
import java.net.URI;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.UUID;
import java.util.jar.Attributes;
import java.util.jar.Manifest;
import java.util.zip.ZipEntry;
import java.util.zip.ZipFile;
import java.util.zip.ZipOutputStream;
import org.apache.log4j.LogManager;
import org.apache.log4j.PropertyConfigurator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:at/gv/egiz/bku/webstart/Configurator.class */
public class Configurator {
    public static final String MIN_CONFIG_VERSION = "1.3.4-SNAPSHOT";
    public static final String UPDATE_CONFIG_VERSION = "1.3.9-SNAPSHOT";
    public static final String BKU_USER_DIR = ".mocca/";
    public static final String CONFIG_DIR = ".mocca/conf/";
    public static final String CERTS_DIR = ".mocca/certs/";
    public static final String VERSION_FILE = ".version";
    public static final String UNKOWN_VERSION = "unknown";
    public static final String CONF_TEMPLATE_FILE = "conf-tmp.zip";
    public static final String CONF_TEMPLATE_RESOURCE = "at/gv/egiz/bku/webstart/conf/conf.zip";
    public static final String CERTIFICATES_PKG = "at/gv/egiz/bku/certs";
    public static final String KEYSTORE_FILE = "keystore.ks";
    public static final String PASSWD_FILE = ".secret";
    private static final Logger log = LoggerFactory.getLogger(Configurator.class);
    private String version;
    private String certsVersion;
    private boolean certRenewed = false;

    public void ensureConfiguration() throws IOException, CodingException, GeneralSecurityException {
        File file = new File(System.getProperty("user.home") + '/' + CONFIG_DIR);
        if (!file.exists()) {
            initConfig(file);
        } else {
            if (file.isFile()) {
                log.error("invalid config directory: " + file);
                throw new IOException("invalid config directory: " + file);
            }
            this.version = readVersion(new File(file, VERSION_FILE));
            if (log.isDebugEnabled()) {
                log.debug("config directory " + file + ", version " + this.version);
            }
            if (updateRequired(this.version, MIN_CONFIG_VERSION)) {
                File parentFile = file.getParentFile();
                File file2 = new File(parentFile, "conf-" + this.version + ".zip");
                ZipOutputStream zipOutputStream = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(file2)));
                log.info("backup configuration to " + file2);
                backup(file, parentFile.toURI(), zipOutputStream, true);
                zipOutputStream.close();
                initConfig(file);
            } else if (updateRequired(this.version, UPDATE_CONFIG_VERSION)) {
                File parentFile2 = file.getParentFile();
                File file3 = new File(parentFile2, "conf-" + this.version + ".zip");
                ZipOutputStream zipOutputStream2 = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(file3)));
                log.info("backup configuration to " + file3);
                backup(file, parentFile2.toURI(), zipOutputStream2, false);
                zipOutputStream2.close();
                updateConfig(file);
            }
            if (caCertificateUpdateRequired()) {
                log.info("Creating new CA certificate");
                createKeyStore(file);
                this.certRenewed = true;
            }
        }
        String str = file.getPath() + File.separatorChar + LogManager.DEFAULT_CONFIGURATION_FILE;
        log.debug("Reconfiguring logging with " + str);
        PropertyConfigurator.configureAndWatch(str);
    }

    public void ensureCertificates() throws IOException {
        File file = new File(System.getProperty("user.home") + '/' + CERTS_DIR);
        if (!file.exists()) {
            String certificatesVersion = getCertificatesVersion();
            createCerts(file, certificatesVersion);
            this.certsVersion = certificatesVersion;
            return;
        }
        if (file.isFile()) {
            log.error("invalid certificate store directory: " + file);
            throw new IOException("invalid config directory: " + file);
        }
        this.certsVersion = readVersion(new File(file, VERSION_FILE));
        if (log.isDebugEnabled()) {
            log.debug("certificate-store directory " + file + ", version " + this.certsVersion);
        }
        String certificatesVersion2 = getCertificatesVersion();
        if (updateRequired(this.certsVersion, certificatesVersion2)) {
            File parentFile = file.getParentFile();
            File file2 = new File(parentFile, "certs-" + this.certsVersion + ".zip");
            ZipOutputStream zipOutputStream = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(file2)));
            log.info("backup certificates to " + file2);
            backup(file, parentFile.toURI(), zipOutputStream, true);
            zipOutputStream.close();
            createCerts(file, certificatesVersion2);
            this.certsVersion = certificatesVersion2;
        }
    }

    public boolean isCertRenewed() {
        return this.certRenewed;
    }

    /* JADX WARN: Code restructure failed: missing block: B:16:0x003c, code lost:
    
        at.gv.egiz.bku.webstart.Configurator.log.trace("configuration version from " + r6 + ": " + r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:19:0x0063, code lost:
    
        r7.close();
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    protected static java.lang.String readVersion(java.io.File r6) {
        /*
            r0 = r6
            boolean r0 = r0.exists()
            if (r0 == 0) goto Lae
            r0 = r6
            boolean r0 = r0.canRead()
            if (r0 == 0) goto Lae
            r0 = 0
            r7 = r0
            java.io.BufferedReader r0 = new java.io.BufferedReader     // Catch: java.io.IOException -> L78 java.lang.Throwable -> La0
            r1 = r0
            java.io.FileReader r2 = new java.io.FileReader     // Catch: java.io.IOException -> L78 java.lang.Throwable -> La0
            r3 = r2
            r4 = r6
            r3.<init>(r4)     // Catch: java.io.IOException -> L78 java.lang.Throwable -> La0
            r1.<init>(r2)     // Catch: java.io.IOException -> L78 java.lang.Throwable -> La0
            r7 = r0
        L20:
            r0 = r7
            java.lang.String r0 = r0.readLine()     // Catch: java.io.IOException -> L78 java.lang.Throwable -> La0
            java.lang.String r0 = r0.trim()     // Catch: java.io.IOException -> L78 java.lang.Throwable -> La0
            r1 = r0
            r8 = r1
            if (r0 == 0) goto L6d
            r0 = r8
            int r0 = r0.length()     // Catch: java.io.IOException -> L78 java.lang.Throwable -> La0
            if (r0 <= 0) goto L20
            r0 = r8
            java.lang.String r1 = "#"
            boolean r0 = r0.startsWith(r1)     // Catch: java.io.IOException -> L78 java.lang.Throwable -> La0
            if (r0 != 0) goto L20
            org.slf4j.Logger r0 = at.gv.egiz.bku.webstart.Configurator.log     // Catch: java.io.IOException -> L78 java.lang.Throwable -> La0
            java.lang.StringBuilder r1 = new java.lang.StringBuilder     // Catch: java.io.IOException -> L78 java.lang.Throwable -> La0
            r2 = r1
            r2.<init>()     // Catch: java.io.IOException -> L78 java.lang.Throwable -> La0
            java.lang.String r2 = "configuration version from "
            java.lang.StringBuilder r1 = r1.append(r2)     // Catch: java.io.IOException -> L78 java.lang.Throwable -> La0
            r2 = r6
            java.lang.StringBuilder r1 = r1.append(r2)     // Catch: java.io.IOException -> L78 java.lang.Throwable -> La0
            java.lang.String r2 = ": "
            java.lang.StringBuilder r1 = r1.append(r2)     // Catch: java.io.IOException -> L78 java.lang.Throwable -> La0
            r2 = r8
            java.lang.StringBuilder r1 = r1.append(r2)     // Catch: java.io.IOException -> L78 java.lang.Throwable -> La0
            java.lang.String r1 = r1.toString()     // Catch: java.io.IOException -> L78 java.lang.Throwable -> La0
            r0.trace(r1)     // Catch: java.io.IOException -> L78 java.lang.Throwable -> La0
            r0 = r8
            r9 = r0
            r0 = r7
            r0.close()     // Catch: java.io.IOException -> L69
            goto L6b
        L69:
            r10 = move-exception
        L6b:
            r0 = r9
            return r0
        L6d:
            r0 = r7
            r0.close()     // Catch: java.io.IOException -> L74
            goto Lae
        L74:
            r8 = move-exception
            goto Lae
        L78:
            r8 = move-exception
            org.slf4j.Logger r0 = at.gv.egiz.bku.webstart.Configurator.log     // Catch: java.lang.Throwable -> La0
            java.lang.StringBuilder r1 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> La0
            r2 = r1
            r2.<init>()     // Catch: java.lang.Throwable -> La0
            java.lang.String r2 = "failed to read configuration version from "
            java.lang.StringBuilder r1 = r1.append(r2)     // Catch: java.lang.Throwable -> La0
            r2 = r6
            java.lang.StringBuilder r1 = r1.append(r2)     // Catch: java.lang.Throwable -> La0
            java.lang.String r1 = r1.toString()     // Catch: java.lang.Throwable -> La0
            r2 = r8
            r0.error(r1, r2)     // Catch: java.lang.Throwable -> La0
            r0 = r7
            r0.close()     // Catch: java.io.IOException -> L9c
            goto Lae
        L9c:
            r8 = move-exception
            goto Lae
        La0:
            r11 = move-exception
            r0 = r7
            r0.close()     // Catch: java.io.IOException -> La9
            goto Lab
        La9:
            r12 = move-exception
        Lab:
            r0 = r11
            throw r0
        Lae:
            org.slf4j.Logger r0 = at.gv.egiz.bku.webstart.Configurator.log
            java.lang.String r1 = "unknown configuration version"
            r0.debug(r1)
            java.lang.String r0 = "unknown"
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: at.gv.egiz.bku.webstart.Configurator.readVersion(java.io.File):java.lang.String");
    }

    private static String getCertificatesVersion() throws IOException {
        String str = null;
        URL resource = Configurator.class.getClassLoader().getResource(CERTIFICATES_PKG);
        if (resource == null) {
            log.error("Failed to retrieve certificates resource at/gv/egiz/bku/certs");
            throw new IOException("Failed to retrieve certificates resource at/gv/egiz/bku/certs");
        }
        StringBuilder sb = new StringBuilder(resource.toExternalForm());
        StringBuilder replace = sb.replace(sb.length() - CERTIFICATES_PKG.length(), sb.length(), "META-INF/MANIFEST.MF");
        log.trace("retrieve certificates resource version from " + ((Object) replace));
        Attributes mainAttributes = new Manifest(new URL(replace.toString()).openStream()).getMainAttributes();
        if (mainAttributes != null) {
            str = mainAttributes.getValue("Implementation-Version");
            log.debug("certs resource version: " + str);
        }
        return str;
    }

    protected static boolean updateRequired(String str, String str2) {
        log.debug("comparing " + str + " to " + str2);
        if (str == null || UNKOWN_VERSION.equals(str)) {
            log.debug("no old version, update required");
            return true;
        }
        if (str2 == null || UNKOWN_VERSION.equals(str2)) {
            log.debug("unknown minimum version, do not update");
            return false;
        }
        int i = 0;
        while (true) {
            int i2 = i;
            int indexOf = str.indexOf(46, i2);
            if (indexOf <= 0) {
                boolean z = true;
                int indexOf2 = str.indexOf("-SNAPSHOT");
                if (indexOf2 < 0) {
                    z = false;
                    indexOf2 = str.lastIndexOf(45);
                    if (indexOf2 < 0) {
                        indexOf2 = str.length();
                    }
                }
                boolean z2 = false;
                int indexOf3 = str2.indexOf("-SNAPSHOT");
                if (indexOf3 < 0) {
                    z2 = true;
                    indexOf3 = str2.lastIndexOf(45);
                    if (indexOf3 < 0) {
                        indexOf3 = str2.length();
                    }
                }
                try {
                    int intValue = Integer.valueOf(str.substring(i2, indexOf2)).intValue();
                    boolean z3 = true;
                    int indexOf4 = str2.indexOf(46, i2);
                    if (indexOf4 < 0) {
                        z3 = false;
                        indexOf4 = indexOf3;
                    }
                    int intValue2 = Integer.valueOf(str2.substring(i2, indexOf4)).intValue();
                    if (intValue2 > intValue) {
                        log.debug("update required");
                        return true;
                    }
                    if (intValue2 < intValue) {
                        log.debug("installed version newer than minimum required");
                        return false;
                    }
                    if (z3) {
                        log.debug("update required (newer minor version required)");
                        return true;
                    }
                    if (z && z2) {
                        log.debug("pre-release installed but release required");
                        return true;
                    }
                    log.debug("exact match, no updated required");
                    return false;
                } catch (NumberFormatException e) {
                    log.warn("{} seems to be a branch version, do not update", str);
                    log.debug(e.getMessage(), (Throwable) e);
                    return false;
                }
            }
            int indexOf5 = str2.indexOf(46, i2);
            if (indexOf5 < 0) {
                log.debug("installed version newer than minimum required (newer minor version)");
            }
            int intValue3 = Integer.valueOf(str.substring(i2, indexOf)).intValue();
            int intValue4 = Integer.valueOf(str2.substring(i2, indexOf5)).intValue();
            if (intValue4 > intValue3) {
                log.debug("update required");
                return true;
            }
            if (intValue4 < intValue3) {
                log.debug("installed version newer than minimum required");
                return false;
            }
            i = indexOf + 1;
        }
    }

    private static boolean caCertificateUpdateRequired() {
        String str = System.getProperty("user.home") + '/' + CONFIG_DIR;
        try {
            try {
                ((X509Certificate) Container.getCACertificate(new File(str, KEYSTORE_FILE), Container.readPassword(new File(str, PASSWD_FILE)).toCharArray())).checkValidity();
                return false;
            } catch (CertificateExpiredException e) {
                log.warn("CA Certificate expired");
                return true;
            } catch (CertificateNotYetValidException e2) {
                log.error("CA Certificate not yet valid");
                return true;
            }
        } catch (IOException e3) {
            log.error("Error reading password file", (Throwable) e3);
            return true;
        }
    }

    protected static void backup(File file, URI uri, ZipOutputStream zipOutputStream, boolean z) throws IOException {
        if (!file.isDirectory()) {
            zipOutputStream.putNextEntry(new ZipEntry(uri.relativize(file.toURI()).toString()));
            BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(file));
            new StreamCopier(bufferedInputStream, zipOutputStream).copyStream();
            bufferedInputStream.close();
            zipOutputStream.closeEntry();
            if (z) {
                file.delete();
                return;
            }
            return;
        }
        for (File file2 : file.listFiles()) {
            backup(file2, uri, zipOutputStream, z);
            if (z) {
                file2.delete();
            }
        }
    }

    protected void updateConfig(File file) throws IOException {
        createConfig(file, Launcher.version);
        this.version = Launcher.version;
    }

    protected void initConfig(File file) throws IOException, GeneralSecurityException, CodingException {
        updateConfig(file);
        createKeyStore(file);
        this.certRenewed = true;
    }

    private static void createConfig(File file, String str) throws IOException {
        if (log.isDebugEnabled()) {
            log.debug("creating configuration version " + Launcher.version + " in " + file);
        }
        file.mkdirs();
        File file2 = new File(file, CONF_TEMPLATE_FILE);
        InputStream resourceAsStream = Configurator.class.getClassLoader().getResourceAsStream(CONF_TEMPLATE_RESOURCE);
        BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(new FileOutputStream(file2));
        new StreamCopier(resourceAsStream, bufferedOutputStream).copyStream();
        bufferedOutputStream.close();
        unzip(file2, file);
        file2.delete();
        writeVersionFile(new File(file, VERSION_FILE), str);
    }

    private static void createCerts(File file, String str) throws IOException {
        if (log.isDebugEnabled()) {
            log.debug("creating certificate-store " + file + ", version " + str);
        }
        URL resource = Configurator.class.getClassLoader().getResource(CERTIFICATES_PKG);
        if (resource == null) {
            log.error("Failed to retrieve certificates resource at/gv/egiz/bku/certs");
            throw new IOException("Failed to retrieve certificates resource at/gv/egiz/bku/certs");
        }
        StringBuilder sb = new StringBuilder(resource.toExternalForm());
        StringBuilder replace = sb.replace(sb.length() - CERTIFICATES_PKG.length(), sb.length(), "META-INF/MANIFEST.MF");
        log.trace("retrieve certificate resource names from " + ((Object) replace));
        Manifest manifest = new Manifest(new URL(replace.toString()).openStream());
        file.mkdirs();
        for (String str2 : manifest.getEntries().keySet()) {
            if (str2.startsWith(CERTIFICATES_PKG)) {
                String substring = str2.substring(CERTIFICATES_PKG.length());
                new File(file, substring.substring(0, substring.lastIndexOf(47))).mkdirs();
                BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(new FileOutputStream(new File(file, substring)));
                log.debug(substring);
                new StreamCopier(Configurator.class.getClassLoader().getResourceAsStream(str2), bufferedOutputStream).copyStream();
                bufferedOutputStream.close();
            } else {
                log.trace("ignore " + str2);
            }
        }
        writeVersionFile(new File(file, VERSION_FILE), str);
    }

    private static void unzip(File file, File file2) throws IOException {
        ZipFile zipFile = new ZipFile(file);
        Enumeration<? extends ZipEntry> entries = zipFile.entries();
        while (entries.hasMoreElements()) {
            ZipEntry nextElement = entries.nextElement();
            File file3 = new File(file2, nextElement.getName());
            if (nextElement.isDirectory()) {
                file3.mkdirs();
            } else {
                new File(file3.getParent()).mkdirs();
                new StreamCopier(zipFile.getInputStream(nextElement), new FileOutputStream(file3)).copyStream();
            }
        }
        zipFile.close();
    }

    private static void writeVersionFile(File file, String str) throws IOException {
        BufferedWriter bufferedWriter = new BufferedWriter(new FileWriter(file));
        bufferedWriter.write("# MOCCA Web Start configuration version\n");
        bufferedWriter.write("# DO NOT MODIFY THIS FILE\n\n");
        bufferedWriter.write(str);
        bufferedWriter.close();
    }

    private static void createKeyStore(File file) throws IOException, GeneralSecurityException, CodingException {
        char[] charArray = UUID.randomUUID().toString().toCharArray();
        File file2 = new File(file, PASSWD_FILE);
        FileWriter fileWriter = new FileWriter(file2);
        fileWriter.write(charArray);
        fileWriter.close();
        if (!file2.setReadable(false, false) || !file2.setReadable(true, true)) {
            log.error("failed to make " + file2 + " owner readable only (certain file-systems do not support owner's permissions)");
        }
        KeyStore generateKeyStore = new TLSServerCA().generateKeyStore(charArray);
        FileOutputStream fileOutputStream = new FileOutputStream(new File(file, KEYSTORE_FILE));
        generateKeyStore.store(fileOutputStream, charArray);
        fileOutputStream.close();
    }
}
