package io.jenkins.test.fips;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.URL;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.attribute.FileAttribute;
import java.util.List;
import java.util.Properties;
import org.apache.commons.io.IOUtils;

/* loaded from: input_file:io/jenkins/test/fips/FIPS1402BC1x.class */
public class FIPS1402BC1x implements FIPSTestBundleProvider {
    public static final String VERSION = "fips-140_2-1.x";

    @Override // io.jenkins.test.fips.FIPSTestBundleProvider
    public String getVersion() {
        return "fips-140_2-1.x";
    }

    @Override // io.jenkins.test.fips.FIPSTestBundleProvider
    public List<String> getJavaOptions() throws IOException {
        return List.of("-Dsecurity.useSystemPropertiesFile=false", "-Djava.security.properties==" + writeFIPSJavaSecurityFile().toUri(), "-Dorg.bouncycastle.fips.approved_only=true", "-Djavax.net.ssl.trustStoreType=PKCS12", "-Djenkins.security.FIPS140.COMPLIANCE=true");
    }

    @Override // io.jenkins.test.fips.FIPSTestBundleProvider
    public List<File> getBootClasspathFiles() throws IOException {
        return List.of(extractJar("bc-fips.jar").toFile(), extractJar("bcpkix-fips.jar").toFile(), extractJar("bctls-fips.jar").toFile());
    }

    private Path extractJar(String str) throws IOException {
        URL resource = Thread.currentThread().getContextClassLoader().getResource("fips-140_2-1.x/" + str);
        Path createTempFile = Files.createTempFile(str, "jar", new FileAttribute[0]);
        createTempFile.toFile().deleteOnExit();
        OutputStream newOutputStream = Files.newOutputStream(createTempFile, new OpenOption[0]);
        try {
            IOUtils.copy(resource.openStream(), newOutputStream);
            if (newOutputStream != null) {
                newOutputStream.close();
            }
            return createTempFile;
        } catch (Throwable th) {
            if (newOutputStream != null) {
                try {
                    newOutputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private Path writeFIPSJavaSecurityFile() throws IOException {
        String property = System.getProperty("java.home");
        if (property == null) {
            throw new IllegalArgumentException("Cannot find java.home property");
        }
        Path path = Paths.get(property, "conf", "security", "java.security");
        Properties properties = new Properties();
        Path createTempFile = Files.createTempFile("java", ".security", new FileAttribute[0]);
        createTempFile.toFile().deleteOnExit();
        InputStream newInputStream = Files.newInputStream(path, new OpenOption[0]);
        try {
            OutputStream newOutputStream = Files.newOutputStream(createTempFile, new OpenOption[0]);
            try {
                properties.load(newInputStream);
                properties.keySet().removeIf(obj -> {
                    return ((String) obj).startsWith("security.provider");
                });
                properties.put("security.provider.1", "org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider C:HYBRID;ENABLE{All};");
                properties.put("security.provider.2", "org.bouncycastle.jsse.provider.BouncyCastleJsseProvider fips:BCFIPS");
                properties.put("security.provider.3", "sun.security.provider.Sun");
                properties.put("fips.provider.1", "org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider C:HYBRID;ENABLE{All};");
                properties.put("fips.provider.2", "org.bouncycastle.jsse.provider.BouncyCastleJsseProvider fips:BCFIPS");
                properties.put("keystore.type", "BCFKS");
                properties.put("ssl.KeyManagerFactory.algorithm", "PKIX");
                properties.put("fips.keystore.type", "BCFKS");
                properties.store(newOutputStream, "");
                if (newOutputStream != null) {
                    newOutputStream.close();
                }
                if (newInputStream != null) {
                    newInputStream.close();
                }
                return createTempFile;
            } finally {
            }
        } catch (Throwable th) {
            if (newInputStream != null) {
                try {
                    newInputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }
}
