package edu.utexas.tacc.tapis.sharedapi.utils;

import edu.utexas.tacc.tapis.shared.i18n.MsgUtils;
import edu.utexas.tacc.tapis.sharedapi.keys.KeyManager;
import io.jsonwebtoken.impl.Base64UrlCodec;
import java.io.Console;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:edu/utexas/tacc/tapis/sharedapi/utils/CreateKey.class */
public class CreateKey {
    private static final Logger _log = LoggerFactory.getLogger(CreateKey.class);
    private final CreateKeyParameters _parms;

    public CreateKey(CreateKeyParameters createKeyParameters) {
        if (createKeyParameters != null) {
            this._parms = createKeyParameters;
        } else {
            String msg = MsgUtils.getMsg("TAPIS_NULL_PARAMETER", new Object[]{"CreateKey", "parms"});
            _log.error(msg);
            throw new IllegalArgumentException(msg);
        }
    }

    public static void main(String[] strArr) throws Exception {
        new CreateKey(new CreateKeyParameters(strArr)).exec();
    }

    public void exec() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, UnrecoverableKeyException, InterruptedException, RuntimeException, InvalidKeyException, NoSuchProviderException, SignatureException {
        KeyManager keyManager = new KeyManager(null, this._parms.keyStorefile);
        keyManager.load(this._parms.password);
        if (keyManager.getPrivateKey(this._parms.alias, this._parms.password) != null && !confirmKeyReplace()) {
            _log.info(MsgUtils.getMsg("TAPIS_TERMINATE_NO_CHANGES", new Object[]{CreateKey.class.getSimpleName()}));
            return;
        }
        createKey(keyManager.getStorePath());
        keyManager.load(this._parms.password);
        retrieveKeys(keyManager);
    }

    private void createKey(String str) throws IOException, InterruptedException, RuntimeException {
        ArrayList arrayList = new ArrayList(16);
        arrayList.add("keytool");
        arrayList.add("-keystore");
        arrayList.add(str);
        arrayList.add("-genkeypair");
        arrayList.add("-keyalg");
        arrayList.add("RSA");
        arrayList.add("-alias");
        arrayList.add(this._parms.alias);
        arrayList.add("-keysize");
        arrayList.add("4096");
        arrayList.add("-storetype");
        arrayList.add("PKCS12");
        arrayList.add("-dname");
        arrayList.add("CN=" + this._parms.user + ", OU=Texas Advanced Computing Center, O=University of Texas at Austin, L=Austin, ST=Texas, C=US");
        arrayList.add("-storepass");
        arrayList.add(this._parms.password);
        System.out.println("Calling keytool to create \"" + this._parms.alias + "\" key pair in " + str + ".");
        ProcessBuilder processBuilder = new ProcessBuilder(arrayList);
        processBuilder.redirectErrorStream(true);
        processBuilder.inheritIO();
        int waitFor = processBuilder.start().waitFor();
        if (waitFor != 0) {
            String msg = MsgUtils.getMsg("TAPIS_EXTERNAL_PROCESS_FAILURE", new Object[]{"keytool", Integer.valueOf(waitFor)});
            _log.error(msg);
            throw new RuntimeException(msg);
        }
    }

    private void retrieveKeys(KeyManager keyManager) throws UnrecoverableKeyException, KeyStoreException, NoSuchAlgorithmException, InvalidKeyException, CertificateException, NoSuchProviderException, SignatureException {
        System.out.println("Retrieving private key and certificate containing public key.");
        PrivateKey privateKey = keyManager.getPrivateKey(this._parms.alias, this._parms.password);
        Certificate certificate = keyManager.getCertificate(this._parms.alias);
        PublicKey publicKey = certificate.getPublicKey();
        System.out.println("Verifying the certificate.");
        certificate.verify(publicKey);
        KeyPair keyPair = new KeyPair(publicKey, privateKey);
        Base64UrlCodec base64UrlCodec = new Base64UrlCodec();
        System.out.println("**** Public Key Information (base64url encoded)");
        System.out.println("  algorithm: " + keyPair.getPublic().getAlgorithm());
        System.out.println("  format   : " + keyPair.getPublic().getFormat());
        System.out.println("  key      : " + base64UrlCodec.encode(keyPair.getPublic().getEncoded()));
        System.out.println("**** End Public Key Information");
        System.out.println("**** Private Key Information (base64url encoded)");
        System.out.println("  algorithm: " + keyPair.getPrivate().getAlgorithm());
        System.out.println("  format   : " + keyPair.getPrivate().getFormat());
        System.out.println("  key      : " + base64UrlCodec.encode(keyPair.getPrivate().getEncoded()));
        System.out.println("**** End Private Key Information\n");
    }

    private boolean confirmKeyReplace() {
        String str = "A key with the name " + this._parms.alias + " already exists.\nDo you want to replace it? [y/N]: ";
        Console console = System.console();
        if (console != null) {
            console.printf("%s", str);
            String readLine = console.readLine();
            if (!StringUtils.isBlank(readLine)) {
                return readLine.toLowerCase().equals("y");
            }
        }
        System.out.print(str);
        byte[] bArr = new byte[256];
        try {
            System.in.read(bArr);
            String str2 = new String(bArr);
            if (StringUtils.isBlank(str2)) {
                return false;
            }
            return str2.toLowerCase().equals("y");
        } catch (IOException e) {
            return false;
        }
    }
}
