package de.contecon.picapport.security.utils;

import com.orientechnologies.common.io.OIOUtils;
import com.orientechnologies.orient.core.sql.OCommandExecutorSQLUpdate;
import com.sun.jna.platform.win32.WinPerf;
import com.sun.net.httpserver.HttpExchange;
import com.sun.net.httpserver.HttpHandler;
import com.sun.net.httpserver.HttpServer;
import de.contecon.picapport.KeyValueList;
import java.beans.PropertyEditor;
import java.beans.PropertyEditorManager;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.FileReader;
import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.lang.annotation.Annotation;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
import java.lang.reflect.Field;
import java.net.InetSocketAddress;
import java.nio.charset.Charset;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.text.DateFormat;
import java.util.Date;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Properties;
import java.util.concurrent.Executor;
import net.essc.util.GenLog;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.logging.log4j.core.net.ssl.SslConfigurationDefaults;
import org.apache.logging.log4j.util.ProcessIdUtil;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.eclipse.jetty.util.StringUtil;
import org.shredzone.acme4j.Account;
import org.shredzone.acme4j.AccountBuilder;
import org.shredzone.acme4j.Authorization;
import org.shredzone.acme4j.Order;
import org.shredzone.acme4j.Session;
import org.shredzone.acme4j.Status;
import org.shredzone.acme4j.challenge.Http01Challenge;
import org.shredzone.acme4j.exception.AcmeException;
import org.shredzone.acme4j.util.CSRBuilder;
import org.shredzone.acme4j.util.KeyPairUtils;

/*  JADX ERROR: NullPointerException in pass: ClassModifier
    java.lang.NullPointerException
    */
/* loaded from: input_file:de/contecon/picapport/security/utils/LetsEncryptService.class */
public class LetsEncryptService {
    private final File serviceDirectory;
    private final File serviceKeyPairFile;
    private final File keystoreFile;
    private final File domainKeyPairFile;
    private final String keyStoreType;
    private final char[] keystorePass;
    private final String domain;
    private final int challengeHttpServerPort;
    private final Config config;
    private volatile Thread thread = null;
    private volatile long nextScan = 0;
    private final boolean staging;
    private static final String URL_STAGING = "acme://letsencrypt.org/staging";
    private static final String URL_PRODUCTION = "acme://letsencrypt.org";
    private HttpServer httpServer;
    private final Runnable onComplete;
    private final State state;
    public static final Logger log4j = LogManager.getFormatterLogger((Class<?>) LetsEncryptService.class);
    private static volatile LetsEncryptService instance = null;

    /* renamed from: de.contecon.picapport.security.utils.LetsEncryptService$1 */
    /* loaded from: input_file:de/contecon/picapport/security/utils/LetsEncryptService$1.class */
    public class AnonymousClass1 implements Runnable {
        final /* synthetic */ boolean val$scanOnStart;

        AnonymousClass1(boolean z) {
            r5 = z;
        }

        @Override // java.lang.Runnable
        public void run() {
            while (true) {
                try {
                    try {
                        try {
                            if (r5) {
                                LetsEncryptService.this.log("scanning");
                                LetsEncryptService.this.scan();
                            }
                            long nextDelay = LetsEncryptService.this.getNextDelay();
                            State.access$602(LetsEncryptService.this.state, System.currentTimeMillis() + nextDelay);
                            LetsEncryptService.this.log("waiting before " + new Date(System.currentTimeMillis() + nextDelay));
                            Thread.sleep(nextDelay);
                        } catch (Exception e) {
                            LetsEncryptService.this.error(e, "ERROR");
                            LetsEncryptService.this.thread = null;
                            State.access$902(LetsEncryptService.this.state, 0L);
                            return;
                        }
                    } catch (InterruptedException e2) {
                        LetsEncryptService.this.log("service interrupted");
                        LetsEncryptService.this.thread = null;
                        State.access$902(LetsEncryptService.this.state, 0L);
                        return;
                    }
                } catch (Throwable th) {
                    LetsEncryptService.this.thread = null;
                    State.access$902(LetsEncryptService.this.state, 0L);
                    throw th;
                }
            }
        }
    }

    /* renamed from: de.contecon.picapport.security.utils.LetsEncryptService$2 */
    /* loaded from: input_file:de/contecon/picapport/security/utils/LetsEncryptService$2.class */
    public class AnonymousClass2 implements HttpHandler {
        final /* synthetic */ Http01Challenge val$challenge;

        AnonymousClass2(Http01Challenge http01Challenge) {
            r5 = http01Challenge;
        }

        public void handle(HttpExchange httpExchange) throws IOException {
            LetsEncryptService.this.log("request on http server: " + httpExchange);
            httpExchange.sendResponseHeaders(200, r5.getAuthorization().length());
            OutputStream responseBody = httpExchange.getResponseBody();
            Throwable th = null;
            try {
                try {
                    responseBody.write(r5.getAuthorization().getBytes());
                    if (responseBody != null) {
                        if (0 == 0) {
                            responseBody.close();
                            return;
                        }
                        try {
                            responseBody.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                } catch (Throwable th3) {
                    th = th3;
                    throw th3;
                }
            } catch (Throwable th4) {
                if (responseBody != null) {
                    if (th != null) {
                        try {
                            responseBody.close();
                        } catch (Throwable th5) {
                            th.addSuppressed(th5);
                        }
                    } else {
                        responseBody.close();
                    }
                }
                throw th4;
            }
        }
    }

    /* loaded from: input_file:de/contecon/picapport/security/utils/LetsEncryptService$Config.class */
    public static class Config extends Configuration {
        public float intervalUpdateInPercent = 0.1f;
        public int keySize = WinPerf.PERF_TYPE_ZERO;
        public long delayBeforeRestartChallengeHttpServer = 1000;
        public int pollChallengeToCompleteCount = 10;
        public long pollChallengeToCompleteDelay = 3000;
        public int pollOrderToCompleteCount = 10;
        public long pollOrderToCompleteDelay = 3000;

        @Configuration.TypeInterval
        public long delayToNextTryingIfError = toInterval("12h").longValue();
    }

    /* loaded from: input_file:de/contecon/picapport/security/utils/LetsEncryptService$Configuration.class */
    public static class Configuration {

        /* loaded from: input_file:de/contecon/picapport/security/utils/LetsEncryptService$Configuration$Interval.class */
        public enum Interval {
            y(OIOUtils.YEAR),
            M(2592000000L),
            w(OIOUtils.WEEK),
            d(86400000),
            h(OIOUtils.HOUR),
            m(OIOUtils.MINUTE),
            s(1000);

            public final long multiplicator;

            Interval(long j) {
                this.multiplicator = j;
            }
        }

        @Target({ElementType.FIELD})
        @Retention(RetentionPolicy.RUNTIME)
        /* loaded from: input_file:de/contecon/picapport/security/utils/LetsEncryptService$Configuration$TypeInterval.class */
        public @interface TypeInterval {
        }

        private boolean containsAnnotation(Annotation[] annotationArr, Class<? extends Annotation> cls) {
            for (Annotation annotation : annotationArr) {
                if (annotation.annotationType().equals(cls)) {
                    return true;
                }
            }
            return false;
        }

        /* JADX WARN: Multi-variable type inference failed */
        public <T extends Configuration> T load(File file) throws IOException {
            Properties properties = new Properties();
            if (file.exists()) {
                InputStreamReader inputStreamReader = new InputStreamReader(new FileInputStream(file), Charset.forName(StringUtil.__UTF8));
                Throwable th = null;
                try {
                    try {
                        properties.load(inputStreamReader);
                        if (inputStreamReader != null) {
                            if (0 != 0) {
                                try {
                                    inputStreamReader.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                inputStreamReader.close();
                            }
                        }
                    } finally {
                    }
                } catch (Throwable th3) {
                    if (inputStreamReader != null) {
                        if (th != null) {
                            try {
                                inputStreamReader.close();
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                            }
                        } else {
                            inputStreamReader.close();
                        }
                    }
                    throw th3;
                }
            }
            for (String str : properties.keySet()) {
                Object property = properties.getProperty(str);
                try {
                    Field field = getClass().getField(str);
                    if (containsAnnotation(field.getAnnotations(), TypeInterval.class)) {
                        property = toInterval((String) property);
                    } else if (!field.getType().equals(String.class)) {
                        PropertyEditor findEditor = PropertyEditorManager.findEditor(field.getType());
                        findEditor.setAsText((String) property);
                        property = findEditor.getValue();
                    }
                    field.set(this, property);
                } catch (Exception e) {
                    LetsEncryptService.log4j.warn(str + " can not be initialized: " + e.toString());
                }
            }
            return this;
        }

        public static Long toInterval(String str) {
            if (str == null) {
                return null;
            }
            try {
                long j = 0;
                String str2 = "";
                for (char c : str.toCharArray()) {
                    if (c >= '0' && c < ':') {
                        str2 = str2 + c;
                    } else if (str2.length() > 0) {
                        j += Long.parseLong(str2) * Interval.valueOf(Character.toString(c)).multiplicator;
                        str2 = "";
                    }
                }
                if (str2.length() > 0) {
                    j += Long.parseLong(str2);
                }
                return Long.valueOf(j);
            } catch (Exception e) {
                LetsEncryptService.log4j.error(e.toString(), (Throwable) e);
                return null;
            }
        }
    }

    /* loaded from: input_file:de/contecon/picapport/security/utils/LetsEncryptService$State.class */
    public class State {
        private long started = 0;
        private long lastUpdate = 0;
        private long nextUpdate = 0;
        private String lastState = "ok";

        public State() {
        }

        public long getStarted() {
            return this.started;
        }

        public long getLastUpdate() {
            return this.lastUpdate;
        }

        public long getNextUpdate() {
            return this.nextUpdate;
        }

        public boolean isActive() {
            return LetsEncryptService.this.isRunning();
        }

        public String getDomain() {
            return LetsEncryptService.this.domain;
        }

        public int getHttpChallengePort() {
            return LetsEncryptService.this.challengeHttpServerPort;
        }

        public String getLastState() {
            return this.lastState;
        }

        public String toString() {
            DateFormat dateTimeInstance = DateFormat.getDateTimeInstance();
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("Let's Encrypt Service").append("\n");
            stringBuffer.append("\tDomain: ").append(getDomain()).append("\n");
            stringBuffer.append("\tHttp challenge port: ").append(getHttpChallengePort()).append("\n");
            if (isActive()) {
                stringBuffer.append("\tActive since: " + dateTimeInstance.format(Long.valueOf(this.started))).append("\n");
            } else {
                stringBuffer.append("\tNot active").append("\n");
            }
            stringBuffer.append("\tState: ").append(this.lastState).append("\n");
            stringBuffer.append("\tLast update: ").append(this.lastUpdate == 0 ? "unknown" : dateTimeInstance.format(Long.valueOf(this.lastUpdate))).append("\n");
            stringBuffer.append("\tNext update: ").append(this.nextUpdate == 0 ? "unknown" : dateTimeInstance.format(Long.valueOf(this.nextUpdate))).append("\n");
            return stringBuffer.toString();
        }

        /*  JADX ERROR: Failed to decode insn: 0x0002: MOVE_MULTI, method: de.contecon.picapport.security.utils.LetsEncryptService.State.access$602(de.contecon.picapport.security.utils.LetsEncryptService$State, long):long
            java.lang.ArrayIndexOutOfBoundsException: arraycopy: source index -1 out of bounds for object array[6]
            	at java.base/java.lang.System.arraycopy(Native Method)
            	at jadx.plugins.input.java.data.code.StackState.insert(StackState.java:49)
            	at jadx.plugins.input.java.data.code.CodeDecodeState.insert(CodeDecodeState.java:118)
            	at jadx.plugins.input.java.data.code.JavaInsnsRegister.dup2x1(JavaInsnsRegister.java:313)
            	at jadx.plugins.input.java.data.code.JavaInsnData.decode(JavaInsnData.java:46)
            	at jadx.core.dex.instructions.InsnDecoder.lambda$process$0(InsnDecoder.java:54)
            	at jadx.plugins.input.java.data.code.JavaCodeReader.visitInstructions(JavaCodeReader.java:81)
            	at jadx.core.dex.instructions.InsnDecoder.process(InsnDecoder.java:50)
            	at jadx.core.dex.nodes.MethodNode.load(MethodNode.java:156)
            	at jadx.core.dex.nodes.ClassNode.load(ClassNode.java:443)
            	at jadx.core.dex.nodes.ClassNode.load(ClassNode.java:449)
            	at jadx.core.ProcessClass.process(ProcessClass.java:70)
            	at jadx.core.ProcessClass.generateCode(ProcessClass.java:118)
            	at jadx.core.dex.nodes.ClassNode.generateClassCode(ClassNode.java:400)
            	at jadx.core.dex.nodes.ClassNode.decompile(ClassNode.java:388)
            	at jadx.core.dex.nodes.ClassNode.getCode(ClassNode.java:338)
            */
        static /* synthetic */ long access$602(de.contecon.picapport.security.utils.LetsEncryptService.State r6, long r7) {
            /*
                r0 = r6
                r1 = r7
                // decode failed: arraycopy: source index -1 out of bounds for object array[6]
                r0.nextUpdate = r1
                return r-1
            */
            throw new UnsupportedOperationException("Method not decompiled: de.contecon.picapport.security.utils.LetsEncryptService.State.access$602(de.contecon.picapport.security.utils.LetsEncryptService$State, long):long");
        }

        /*  JADX ERROR: Failed to decode insn: 0x0002: MOVE_MULTI, method: de.contecon.picapport.security.utils.LetsEncryptService.State.access$902(de.contecon.picapport.security.utils.LetsEncryptService$State, long):long
            java.lang.ArrayIndexOutOfBoundsException: arraycopy: source index -1 out of bounds for object array[6]
            	at java.base/java.lang.System.arraycopy(Native Method)
            	at jadx.plugins.input.java.data.code.StackState.insert(StackState.java:49)
            	at jadx.plugins.input.java.data.code.CodeDecodeState.insert(CodeDecodeState.java:118)
            	at jadx.plugins.input.java.data.code.JavaInsnsRegister.dup2x1(JavaInsnsRegister.java:313)
            	at jadx.plugins.input.java.data.code.JavaInsnData.decode(JavaInsnData.java:46)
            	at jadx.core.dex.instructions.InsnDecoder.lambda$process$0(InsnDecoder.java:54)
            	at jadx.plugins.input.java.data.code.JavaCodeReader.visitInstructions(JavaCodeReader.java:81)
            	at jadx.core.dex.instructions.InsnDecoder.process(InsnDecoder.java:50)
            	at jadx.core.dex.nodes.MethodNode.load(MethodNode.java:156)
            	at jadx.core.dex.nodes.ClassNode.load(ClassNode.java:443)
            	at jadx.core.dex.nodes.ClassNode.load(ClassNode.java:449)
            	at jadx.core.ProcessClass.process(ProcessClass.java:70)
            	at jadx.core.ProcessClass.generateCode(ProcessClass.java:118)
            	at jadx.core.dex.nodes.ClassNode.generateClassCode(ClassNode.java:400)
            	at jadx.core.dex.nodes.ClassNode.decompile(ClassNode.java:388)
            	at jadx.core.dex.nodes.ClassNode.getCode(ClassNode.java:338)
            */
        static /* synthetic */ long access$902(de.contecon.picapport.security.utils.LetsEncryptService.State r6, long r7) {
            /*
                r0 = r6
                r1 = r7
                // decode failed: arraycopy: source index -1 out of bounds for object array[6]
                r0.started = r1
                return r-1
            */
            throw new UnsupportedOperationException("Method not decompiled: de.contecon.picapport.security.utils.LetsEncryptService.State.access$902(de.contecon.picapport.security.utils.LetsEncryptService$State, long):long");
        }

        /*  JADX ERROR: Failed to decode insn: 0x0002: MOVE_MULTI, method: de.contecon.picapport.security.utils.LetsEncryptService.State.access$1102(de.contecon.picapport.security.utils.LetsEncryptService$State, long):long
            java.lang.ArrayIndexOutOfBoundsException: arraycopy: source index -1 out of bounds for object array[6]
            	at java.base/java.lang.System.arraycopy(Native Method)
            	at jadx.plugins.input.java.data.code.StackState.insert(StackState.java:49)
            	at jadx.plugins.input.java.data.code.CodeDecodeState.insert(CodeDecodeState.java:118)
            	at jadx.plugins.input.java.data.code.JavaInsnsRegister.dup2x1(JavaInsnsRegister.java:313)
            	at jadx.plugins.input.java.data.code.JavaInsnData.decode(JavaInsnData.java:46)
            	at jadx.core.dex.instructions.InsnDecoder.lambda$process$0(InsnDecoder.java:54)
            	at jadx.plugins.input.java.data.code.JavaCodeReader.visitInstructions(JavaCodeReader.java:81)
            	at jadx.core.dex.instructions.InsnDecoder.process(InsnDecoder.java:50)
            	at jadx.core.dex.nodes.MethodNode.load(MethodNode.java:156)
            	at jadx.core.dex.nodes.ClassNode.load(ClassNode.java:443)
            	at jadx.core.dex.nodes.ClassNode.load(ClassNode.java:449)
            	at jadx.core.ProcessClass.process(ProcessClass.java:70)
            	at jadx.core.ProcessClass.generateCode(ProcessClass.java:118)
            	at jadx.core.dex.nodes.ClassNode.generateClassCode(ClassNode.java:400)
            	at jadx.core.dex.nodes.ClassNode.decompile(ClassNode.java:388)
            	at jadx.core.dex.nodes.ClassNode.getCode(ClassNode.java:338)
            */
        static /* synthetic */ long access$1102(de.contecon.picapport.security.utils.LetsEncryptService.State r6, long r7) {
            /*
                r0 = r6
                r1 = r7
                // decode failed: arraycopy: source index -1 out of bounds for object array[6]
                r0.lastUpdate = r1
                return r-1
            */
            throw new UnsupportedOperationException("Method not decompiled: de.contecon.picapport.security.utils.LetsEncryptService.State.access$1102(de.contecon.picapport.security.utils.LetsEncryptService$State, long):long");
        }
    }

    /* loaded from: input_file:de/contecon/picapport/security/utils/LetsEncryptService$Utils.class */
    public static class Utils {
        public Utils() {
        }

        public static KeyPair createKeyPair(int i) throws NoSuchAlgorithmException {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(i);
            return keyPairGenerator.generateKeyPair();
        }

        /* JADX WARN: Failed to calculate best type for var: r7v1 ??
        java.lang.NullPointerException
         */
        /* JADX WARN: Failed to calculate best type for var: r8v1 ??
        java.lang.NullPointerException
         */
        /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException
         */
        /* JADX WARN: Not initialized variable reg: 7, insn: 0x00bc: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r7 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:84:0x00bc */
        /* JADX WARN: Not initialized variable reg: 8, insn: 0x00c0: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r8 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:86:0x00c0 */
        /* JADX WARN: Type inference failed for: r7v1, types: [java.io.FileReader] */
        /* JADX WARN: Type inference failed for: r8v1, types: [java.lang.Throwable] */
        public static KeyPair createOrLoadKeyPair(File file, int i) throws IOException, NoSuchAlgorithmException {
            KeyPair createKeyPair;
            FileWriter fileWriter;
            if (file.exists()) {
                try {
                    try {
                        FileReader fileReader = new FileReader(file);
                        Throwable th = null;
                        PEMParser pEMParser = new PEMParser(fileReader);
                        Throwable th2 = null;
                        try {
                            try {
                                createKeyPair = new JcaPEMKeyConverter().getKeyPair((PEMKeyPair) pEMParser.readObject());
                                if (pEMParser != null) {
                                    if (0 != 0) {
                                        try {
                                            pEMParser.close();
                                        } catch (Throwable th3) {
                                            th2.addSuppressed(th3);
                                        }
                                    } else {
                                        pEMParser.close();
                                    }
                                }
                                if (fileReader != null) {
                                    if (0 != 0) {
                                        try {
                                            fileReader.close();
                                        } catch (Throwable th4) {
                                            th.addSuppressed(th4);
                                        }
                                    } else {
                                        fileReader.close();
                                    }
                                }
                            } finally {
                            }
                        } catch (Throwable th5) {
                            if (pEMParser != null) {
                                if (th2 != null) {
                                    try {
                                        pEMParser.close();
                                    } catch (Throwable th6) {
                                        th2.addSuppressed(th6);
                                    }
                                } else {
                                    pEMParser.close();
                                }
                            }
                            throw th5;
                        }
                    } finally {
                    }
                } catch (Exception e) {
                    LetsEncryptService.log4j.error(e.toString(), (Throwable) e);
                    createKeyPair = createKeyPair(i);
                    fileWriter = new FileWriter(file);
                    Throwable th7 = null;
                    try {
                        try {
                            KeyPairUtils.writeKeyPair(createKeyPair, fileWriter);
                            if (fileWriter != null) {
                                if (0 != 0) {
                                    try {
                                        fileWriter.close();
                                    } catch (Throwable th8) {
                                        th7.addSuppressed(th8);
                                    }
                                } else {
                                    fileWriter.close();
                                }
                            }
                        } finally {
                        }
                    } finally {
                    }
                }
            } else {
                createKeyPair = createKeyPair(i);
                fileWriter = new FileWriter(file);
                Throwable th9 = null;
                try {
                    try {
                        KeyPairUtils.writeKeyPair(createKeyPair, fileWriter);
                        if (fileWriter != null) {
                            if (0 != 0) {
                                try {
                                    fileWriter.close();
                                } catch (Throwable th10) {
                                    th9.addSuppressed(th10);
                                }
                            } else {
                                fileWriter.close();
                            }
                        }
                    } finally {
                    }
                } finally {
                }
            }
            return createKeyPair;
        }

        public static KeyStore loadKeystore(File file, char[] cArr) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
            KeyStore keyStore = KeyStore.getInstance(SslConfigurationDefaults.KEYSTORE_TYPE);
            FileInputStream fileInputStream = new FileInputStream(file);
            Throwable th = null;
            try {
                try {
                    keyStore.load(fileInputStream, cArr);
                    if (fileInputStream != null) {
                        if (0 != 0) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                    return keyStore;
                } finally {
                }
            } catch (Throwable th3) {
                if (fileInputStream != null) {
                    if (th != null) {
                        try {
                            fileInputStream.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        fileInputStream.close();
                    }
                }
                throw th3;
            }
        }

        public static void saveKeystore(File file, KeyStore keyStore, char[] cArr) throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException {
            FileOutputStream fileOutputStream = new FileOutputStream(file);
            Throwable th = null;
            try {
                try {
                    keyStore.store(fileOutputStream, cArr);
                    if (fileOutputStream != null) {
                        if (0 == 0) {
                            fileOutputStream.close();
                            return;
                        }
                        try {
                            fileOutputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                } catch (Throwable th3) {
                    th = th3;
                    throw th3;
                }
            } catch (Throwable th4) {
                if (fileOutputStream != null) {
                    if (th != null) {
                        try {
                            fileOutputStream.close();
                        } catch (Throwable th5) {
                            th.addSuppressed(th5);
                        }
                    } else {
                        fileOutputStream.close();
                    }
                }
                throw th4;
            }
        }
    }

    public LetsEncryptService(File file, File file2, String str, char[] cArr, String str2, int i, boolean z, Config config, Runnable runnable) {
        if (instance != null) {
            throw new RuntimeException("Only one instance of " + getClass().getName() + " allowed.");
        }
        instance = this;
        log("initializing");
        this.serviceDirectory = file;
        this.keystoreFile = file2;
        this.keyStoreType = str;
        this.keystorePass = cArr;
        this.domain = str2;
        this.challengeHttpServerPort = i;
        this.staging = z;
        this.config = config;
        this.onComplete = runnable;
        this.serviceKeyPairFile = new File(file, "service.key");
        this.domainKeyPairFile = new File(file, "domain.key");
        if (!file.exists()) {
            file.mkdirs();
        }
        this.state = new State();
    }

    public static synchronized LetsEncryptService getInstance() {
        return instance;
    }

    public void start() {
        start(true);
    }

    public void start(boolean z) {
        log("starting service");
        if (this.thread == null) {
            this.thread = new Thread(new Runnable() { // from class: de.contecon.picapport.security.utils.LetsEncryptService.1
                final /* synthetic */ boolean val$scanOnStart;

                AnonymousClass1(boolean z2) {
                    r5 = z2;
                }

                @Override // java.lang.Runnable
                public void run() {
                    while (true) {
                        try {
                            try {
                                try {
                                    if (r5) {
                                        LetsEncryptService.this.log("scanning");
                                        LetsEncryptService.this.scan();
                                    }
                                    long nextDelay = LetsEncryptService.this.getNextDelay();
                                    State.access$602(LetsEncryptService.this.state, System.currentTimeMillis() + nextDelay);
                                    LetsEncryptService.this.log("waiting before " + new Date(System.currentTimeMillis() + nextDelay));
                                    Thread.sleep(nextDelay);
                                } catch (Exception e) {
                                    LetsEncryptService.this.error(e, "ERROR");
                                    LetsEncryptService.this.thread = null;
                                    State.access$902(LetsEncryptService.this.state, 0L);
                                    return;
                                }
                            } catch (InterruptedException e2) {
                                LetsEncryptService.this.log("service interrupted");
                                LetsEncryptService.this.thread = null;
                                State.access$902(LetsEncryptService.this.state, 0L);
                                return;
                            }
                        } catch (Throwable th) {
                            LetsEncryptService.this.thread = null;
                            State.access$902(LetsEncryptService.this.state, 0L);
                            throw th;
                        }
                    }
                }
            });
            State.access$902(this.state, System.currentTimeMillis());
            this.thread.start();
        }
    }

    public void stop() {
        if (this.thread != null) {
            this.thread.interrupt();
        }
        try {
            long currentTimeMillis = System.currentTimeMillis() + (Math.max(this.config.pollChallengeToCompleteCount, this.config.pollOrderToCompleteCount) * Math.max(this.config.pollChallengeToCompleteDelay, this.config.pollOrderToCompleteDelay));
            while (this.thread != null && System.currentTimeMillis() < currentTimeMillis) {
                Thread.sleep(11L);
            }
        } catch (InterruptedException e) {
        }
    }

    public boolean isRunning() {
        return this.thread != null;
    }

    public long getNextDelay() {
        if (System.currentTimeMillis() > this.nextScan) {
            return 1L;
        }
        return this.nextScan - System.currentTimeMillis();
    }

    private long getNextUpdateForCertificate(X509Certificate x509Certificate) {
        return x509Certificate.getNotBefore().getTime() + (((float) (x509Certificate.getNotAfter().getTime() - r0)) * this.config.intervalUpdateInPercent);
    }

    public void scan() {
        try {
            if (this.keystoreFile.exists()) {
                KeyStore loadKeystore = Utils.loadKeystore(this.keystoreFile, this.keystorePass);
                Enumeration<String> aliases = loadKeystore.aliases();
                while (aliases.hasMoreElements()) {
                    X509Certificate x509Certificate = (X509Certificate) loadKeystore.getCertificate(aliases.nextElement());
                    if (("CN=" + this.domain).equalsIgnoreCase(x509Certificate.getSubjectDN().getName())) {
                        if (x509Certificate.getNotBefore() == null || x509Certificate.getNotAfter() == null) {
                            log("certificate expired." + x509Certificate.getNotBefore() + ProcessIdUtil.DEFAULT_PROCESSID + x509Certificate.getNotAfter(), OCommandExecutorSQLUpdate.KEYWORD_UPDATE);
                        } else {
                            long time = x509Certificate.getNotBefore().getTime();
                            long time2 = x509Certificate.getNotAfter().getTime();
                            long nextUpdateForCertificate = getNextUpdateForCertificate(x509Certificate);
                            if ((System.currentTimeMillis() < nextUpdateForCertificate && System.currentTimeMillis() < time2) || System.currentTimeMillis() - time < 86400000) {
                                this.nextScan = nextUpdateForCertificate;
                                log("valid certificate found. No renew necessary.", "OK");
                                return;
                            }
                            log("certificate expired." + x509Certificate.getNotBefore() + ProcessIdUtil.DEFAULT_PROCESSID + x509Certificate.getNotAfter(), OCommandExecutorSQLUpdate.KEYWORD_UPDATE);
                        }
                    }
                }
                log("no matched entries in keystore found", OCommandExecutorSQLUpdate.KEYWORD_UPDATE);
            } else {
                log("no keystore found", OCommandExecutorSQLUpdate.KEYWORD_UPDATE);
            }
        } catch (Exception e) {
            error(e);
        }
        renew();
    }

    public void log(String str) {
        log(str, null);
    }

    private void log(String str, String str2) {
        log4j.debug(str);
        if (str2 != null) {
            this.state.lastState = str2 + ": " + str;
            GenLog.dumpFormattedMessage(getClass().getName() + ":: " + str2 + ": " + str);
        }
    }

    private void error(Exception exc) {
        error(exc, null);
    }

    public void error(Exception exc, String str) {
        log4j.error(exc.toString(), (Throwable) exc);
        if (str != null) {
            this.state.lastState = str + ": " + exc.toString();
            GenLog.dumpErrorMessage(getClass().getName() + ":: " + str + ": " + exc.toString());
        }
    }

    private void renew() {
        try {
            try {
                State.access$1102(this.state, System.currentTimeMillis());
                log("starting renew", OCommandExecutorSQLUpdate.KEYWORD_UPDATE);
                log("loading/creating service keypair");
                KeyPair createOrLoadKeyPair = Utils.createOrLoadKeyPair(this.serviceKeyPairFile, this.config.keySize);
                log("creating session");
                Session session = new Session(this.staging ? URL_STAGING : URL_PRODUCTION);
                log("creating account");
                Account create = new AccountBuilder().agreeToTermsOfService().useKeyPair(createOrLoadKeyPair).create(session);
                log("creating order");
                Order create2 = create.newOrder().domains(this.domain).create();
                Iterator<Authorization> it = create2.getAuthorizations().iterator();
                while (it.hasNext()) {
                    authorize(it.next());
                }
                log("challenge accepted", OCommandExecutorSQLUpdate.KEYWORD_UPDATE);
                X509Certificate completeChallenge = completeChallenge(create2);
                if (this.onComplete != null) {
                    this.onComplete.run();
                }
                log("challenge has been completed", "OK");
                this.nextScan = getNextUpdateForCertificate(completeChallenge);
                if (this.httpServer != null) {
                    log("stopping http server");
                    this.httpServer.stop(0);
                }
            } catch (Exception e) {
                error(e, "ERROR");
                this.nextScan = System.currentTimeMillis() + this.config.delayToNextTryingIfError;
                if (this.httpServer != null) {
                    log("stopping http server");
                    this.httpServer.stop(0);
                }
            }
        } catch (Throwable th) {
            if (this.httpServer != null) {
                log("stopping http server");
                this.httpServer.stop(0);
            }
            throw th;
        }
    }

    private void authorize(Authorization authorization) throws IOException, AcmeException, InterruptedException {
        log("authorization for domain " + authorization.getIdentifier().getDomain());
        if (authorization.getStatus() == Status.VALID) {
            log("The authorization is already valid. No need to process a challenge.");
            return;
        }
        log("finding Http01Challenge");
        Http01Challenge http01Challenge = (Http01Challenge) authorization.findChallenge(Http01Challenge.TYPE);
        if (http01Challenge.getStatus() == Status.VALID) {
            log("The challenge is already valid. No need to process a challenge.");
            return;
        }
        log("starting challenge", OCommandExecutorSQLUpdate.KEYWORD_UPDATE);
        startWebServer(authorization.getIdentifier().getDomain(), http01Challenge);
        log("trigger the challenge");
        try {
            http01Challenge.trigger();
        } catch (AcmeException e) {
            error(e);
        }
        log("poll for the challenge to complete");
        for (int i = 0; http01Challenge.getStatus() != Status.VALID && i < this.config.pollChallengeToCompleteCount; i++) {
            if (http01Challenge.getStatus() == Status.INVALID) {
                throw new AcmeException("challenge failed: " + http01Challenge.getError());
            }
            Thread.sleep(this.config.pollChallengeToCompleteDelay);
            http01Challenge.update();
        }
        if (http01Challenge.getStatus() != Status.VALID) {
            throw new AcmeException("failed to pass the challenge for domain");
        }
    }

    private void startWebServer(String str, Http01Challenge http01Challenge) throws IOException, InterruptedException {
        if (this.httpServer != null) {
            log("stopping old http server");
            this.httpServer.stop(0);
            Thread.sleep(this.config.delayBeforeRestartChallengeHttpServer);
        }
        log("initializing new http server");
        this.httpServer = HttpServer.create(new InetSocketAddress(this.challengeHttpServerPort), 0);
        log("http server started on " + this.httpServer.getAddress());
        this.httpServer.createContext("/.well-known/acme-challenge/" + http01Challenge.getToken(), new HttpHandler() { // from class: de.contecon.picapport.security.utils.LetsEncryptService.2
            final /* synthetic */ Http01Challenge val$challenge;

            AnonymousClass2(Http01Challenge http01Challenge2) {
                r5 = http01Challenge2;
            }

            public void handle(HttpExchange httpExchange) throws IOException {
                LetsEncryptService.this.log("request on http server: " + httpExchange);
                httpExchange.sendResponseHeaders(200, r5.getAuthorization().length());
                OutputStream responseBody = httpExchange.getResponseBody();
                Throwable th = null;
                try {
                    try {
                        responseBody.write(r5.getAuthorization().getBytes());
                        if (responseBody != null) {
                            if (0 == 0) {
                                responseBody.close();
                                return;
                            }
                            try {
                                responseBody.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        }
                    } catch (Throwable th3) {
                        th = th3;
                        throw th3;
                    }
                } catch (Throwable th4) {
                    if (responseBody != null) {
                        if (th != null) {
                            try {
                                responseBody.close();
                            } catch (Throwable th5) {
                                th.addSuppressed(th5);
                            }
                        } else {
                            responseBody.close();
                        }
                    }
                    throw th4;
                }
            }
        });
        this.httpServer.setExecutor((Executor) null);
        log("starting http server");
        this.httpServer.start();
    }

    private X509Certificate completeChallenge(Order order) throws IOException, NoSuchAlgorithmException, AcmeException, InterruptedException, KeyStoreException, CertificateException {
        log("compliting challenge");
        log("creating/loading domain keypair");
        KeyPair createOrLoadKeyPair = Utils.createOrLoadKeyPair(this.domainKeyPairFile, this.config.keySize);
        CSRBuilder cSRBuilder = new CSRBuilder();
        cSRBuilder.addDomains(this.domain);
        cSRBuilder.sign(createOrLoadKeyPair);
        log("start order");
        order.execute(cSRBuilder.getEncoded());
        log("poll for the order to complete");
        for (int i = 0; order.getStatus() != Status.VALID && i < this.config.pollOrderToCompleteCount; i++) {
            if (order.getStatus() == Status.INVALID) {
                throw new AcmeException("order failed");
            }
            Thread.sleep(this.config.pollOrderToCompleteDelay);
            order.update();
        }
        log("order has been completed");
        log("download certificate");
        order.getCertificate().download();
        X509Certificate certificate = order.getCertificate().getCertificate();
        X509Certificate[] x509CertificateArr = (X509Certificate[]) order.getCertificate().getCertificateChain().toArray(new X509Certificate[0]);
        X509Certificate[] x509CertificateArr2 = new X509Certificate[x509CertificateArr.length + 1];
        x509CertificateArr2[0] = certificate;
        System.arraycopy(x509CertificateArr, 0, x509CertificateArr2, 1, x509CertificateArr.length);
        log("creating new keystore");
        KeyStore keyStore = KeyStore.getInstance(this.keyStoreType);
        keyStore.load(null);
        keyStore.setKeyEntry(this.domain, createOrLoadKeyPair.getPrivate(), this.keystorePass, x509CertificateArr2);
        Utils.saveKeystore(this.keystoreFile, keyStore, this.keystorePass);
        return certificate;
    }

    public State getState() {
        return this.state;
    }

    public void check() {
        if (!isRunning()) {
            scan();
        } else {
            stop();
            start();
        }
    }

    public void update() {
        if (!isRunning()) {
            renew();
            return;
        }
        stop();
        renew();
        start(false);
    }

    public void startstop() {
        if (isRunning()) {
            stop();
        } else {
            start();
        }
    }

    public void addToKeyValueList(KeyValueList keyValueList) {
        State state = getState();
        keyValueList.add("letsencrypt.status", "initialized");
        keyValueList.add("letsencrypt.domain", state.getDomain());
        keyValueList.addLink("letsencrypt.domaincheck.url", "https://tools.letsdebug.net/cert-search?m=domain&q=" + state.getDomain());
        keyValueList.add("letsencrypt.httpChallengePort", Integer.valueOf(state.getHttpChallengePort()));
        if (state.isActive()) {
            keyValueList.addTimestamp("letsencrypt.activeSince", Long.valueOf(state.getStarted()));
        } else {
            keyValueList.add("letsencrypt.activeSince", "not active");
        }
        String lastState = state.getLastState();
        keyValueList.add("letsencrypt.laststate", lastState).setPaClass(lastState.toLowerCase().startsWith("error") ? KeyValueList.PACLASS_RED : null);
        keyValueList.addTimestamp("letsencrypt.lastUpdate", Long.valueOf(state.getLastUpdate()));
        keyValueList.addTimestamp("letsencrypt.nextUpdate", Long.valueOf(state.getNextUpdate()));
    }

    static {
    }
}
