package com.sun.server.realm.certificate;

import com.sun.server.realm.BadRealmException;
import com.sun.server.realm.InUseException;
import com.sun.server.realm.NoSuchAclException;
import com.sun.server.realm.NoSuchGroupException;
import com.sun.server.realm.NoSuchRealmException;
import com.sun.server.realm.NoSuchUserException;
import com.sun.server.realm.Realm;
import com.sun.server.realm.User;
import com.sun.server.util.diskcache.CacheConstants;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.net.URL;
import java.security.Principal;
import java.security.acl.Acl;
import java.security.acl.Group;
import java.util.Enumeration;
import java.util.Properties;
import sun.security.pkcs.PKCS7;
import sun.security.x509.X500Name;
import sun.security.x509.X509Cert;
import sun.tools.jar.JarVerifierStream;

/* loaded from: input_file:com/sun/server/realm/certificate/CertificateRealm.class */
public final class CertificateRealm extends Realm {
    private Class certClass;
    private String depository = "certificates";
    private boolean initted = false;
    private CertificateAclInfo aclInfo = new CertificateAclInfo(this);

    /* loaded from: input_file:com/sun/server/realm/certificate/CertificateRealm$GroupEnum.class */
    class GroupEnum implements Enumeration {
        private final CertificateRealm this$0;

        @Override // java.util.Enumeration
        public boolean hasMoreElements() {
            return false;
        }

        @Override // java.util.Enumeration
        public Object nextElement() {
            return null;
        }

        GroupEnum(CertificateRealm certificateRealm) {
            this.this$0 = certificateRealm;
            this.this$0 = certificateRealm;
        }
    }

    @Override // com.sun.server.realm.Realm
    public Acl getAcl() throws BadRealmException {
        return this.aclInfo.getAcl();
    }

    @Override // com.sun.server.realm.Realm
    public Enumeration getAclNames() throws BadRealmException {
        return this.aclInfo.getAclNames();
    }

    @Override // com.sun.server.realm.Realm
    public Acl getAcl(String str) throws NoSuchAclException, BadRealmException {
        return this.aclInfo.getAcl(str);
    }

    @Override // com.sun.server.realm.Realm
    public Acl addAcl(String str, Principal principal) throws BadRealmException {
        return this.aclInfo.makeAcl(str, principal);
    }

    @Override // com.sun.server.realm.Realm
    public void removeAcl(String str) throws NoSuchAclException, BadRealmException {
        this.aclInfo.deleteAcl(str);
    }

    @Override // com.sun.server.realm.Realm
    public synchronized void init(Properties properties) throws BadRealmException, NoSuchRealmException {
        if (this.initted) {
            throw new IllegalArgumentException("already initialized");
        }
        this.initted = true;
        super.init(properties);
        String property = properties.getProperty("certclassname");
        try {
            this.certClass = Class.forName(property);
        } catch (ClassNotFoundException unused) {
            throw new BadRealmException(new StringBuffer("bad certclassname: ").append(property).toString());
        }
    }

    @Override // com.sun.server.realm.Realm
    public Enumeration getUserNames() {
        return new CertificateEnumeration(new File(getRealmDir(), this.depository).list());
    }

    @Override // com.sun.server.realm.Realm
    public User getUser(String str) throws NoSuchUserException {
        File file = new File(getRealmDir(), new StringBuffer(String.valueOf(this.depository)).append(File.separator).append(str).toString());
        if (!file.exists()) {
            throw new NoSuchUserException(new StringBuffer("no such user: ").append(str).toString());
        }
        try {
            FileInputStream fileInputStream = new FileInputStream(file);
            X509Cert x509Cert = (X509Cert) this.certClass.newInstance();
            x509Cert.decode(fileInputStream);
            fileInputStream.close();
            return new CertificateUser(this, str, x509Cert);
        } catch (Exception unused) {
            throw new NoSuchUserException(new StringBuffer("Error while getting user \"").append(str).append("\"").toString());
        }
    }

    public User getUser(X509Cert x509Cert) throws NoSuchUserException {
        Enumeration userNames = getUserNames();
        while (userNames.hasMoreElements()) {
            CertificateUser certificateUser = (CertificateUser) getUser((String) userNames.nextElement());
            if (certificateUser.getCertificate().equals(x509Cert)) {
                return certificateUser;
            }
        }
        throw new NoSuchUserException("User doesn't exist");
    }

    public User getUser(X500Name x500Name) throws NoSuchUserException {
        Enumeration userNames = getUserNames();
        while (userNames.hasMoreElements()) {
            CertificateUser certificateUser = (CertificateUser) getUser((String) userNames.nextElement());
            if (certificateUser.getCertificate().getSubjectName().equals(x500Name)) {
                return certificateUser;
            }
        }
        throw new NoSuchUserException("User doesn't exist");
    }

    public void createUser(String str, X509Cert x509Cert) throws InUseException {
        try {
            getUser(str);
            throw new InUseException(new StringBuffer("There is already a user named \"").append(str).append("\"").toString());
        } catch (NoSuchUserException unused) {
            try {
                getUser(x509Cert);
                throw new InUseException("There is already a user with the same certificate");
            } catch (NoSuchUserException unused2) {
                try {
                    FileOutputStream fileOutputStream = new FileOutputStream(new File(getRealmDir(), new StringBuffer(String.valueOf(this.depository)).append(File.separator).append(str).toString()));
                    x509Cert.encode(fileOutputStream);
                    fileOutputStream.close();
                } catch (Exception unused3) {
                    throw new IllegalArgumentException(new StringBuffer("Cannot create new user \"").append(str).append("\"").toString());
                }
            }
        }
    }

    @Override // com.sun.server.realm.Realm
    public void deleteUser(String str) throws NoSuchUserException, BadRealmException, InUseException {
        verifyNotInPolicies(getUser(str));
        if (!new File(getRealmDir(), new StringBuffer(String.valueOf(this.depository)).append(File.separator).append(str).toString()).delete()) {
            throw new InUseException("Cannot delete certificate file");
        }
    }

    @Override // com.sun.server.realm.Realm
    public Principal getDefaultAclOwner() throws BadRealmException {
        try {
            return getUser("admin");
        } catch (NoSuchUserException unused) {
            String stringBuffer = new StringBuffer("Can't find 'admin' user in realm ").append(getName()).toString();
            Realm.logError(stringBuffer);
            throw new BadRealmException(stringBuffer);
        }
    }

    public static X509Cert extractRemoteCertificate(String str) throws IOException {
        JarVerifierStream jarVerifierStream = new JarVerifierStream(new URL(str).openStream());
        byte[] bArr = new byte[CacheConstants.DEFAULT_TABLE_SIZE];
        while (jarVerifierStream.getNextEntry() != null) {
            do {
            } while (jarVerifierStream.read(bArr, 0, CacheConstants.DEFAULT_TABLE_SIZE) != -1);
            jarVerifierStream.closeEntry();
        }
        Enumeration blocks = jarVerifierStream.getBlocks();
        jarVerifierStream.close();
        if (blocks.hasMoreElements()) {
            return ((PKCS7) blocks.nextElement()).getCertificates()[0];
        }
        return null;
    }

    @Override // com.sun.server.realm.Realm
    public Enumeration getGroupNames() throws BadRealmException {
        return new GroupEnum(this);
    }

    @Override // com.sun.server.realm.Realm
    public Group getGroup(String str) throws BadRealmException, NoSuchGroupException {
        throw new NoSuchGroupException(str);
    }

    @Override // com.sun.server.realm.Realm
    public Group addGroup(String str) throws BadRealmException, InUseException {
        throw new IllegalArgumentException("Creating groups in certificateRealm is not supported");
    }

    @Override // com.sun.server.realm.Realm
    public boolean removeGroup(String str) throws BadRealmException, NoSuchGroupException, InUseException {
        throw new NoSuchGroupException(str);
    }
}
