package com.acuity.iot.dsa.dslink.sys.cert;

import java.io.File;
import org.iot.dsa.node.DSBool;
import org.iot.dsa.node.DSInfo;
import org.iot.dsa.node.DSNode;
import org.iot.dsa.node.DSString;
import org.iot.dsa.security.DSPasswordAes;

/* loaded from: input_file:com/acuity/iot/dsa/dslink/sys/cert/SysCertManager.class */
public class SysCertManager extends DSNode {
    private static final String ALLOW_CLIENTS = "Allow_Anonymous_Clients";
    private static final String ALLOW_SERVERS = "Allow_Anonymous_Servers";
    private static final String CERTFILE = "Cert_File";
    private static final String CERTFILE_PASS = "Cert_File_Pass";
    private static final String CERTFILE_TYPE = "Cert_File_Type";
    private DSInfo allowClients = getInfo(ALLOW_CLIENTS);
    private DSInfo allowServers = getInfo(ALLOW_SERVERS);
    private DSInfo keystore = getInfo(CERTFILE);
    private DSInfo keystorePass = getInfo(CERTFILE_PASS);
    private DSInfo keystoreType = getInfo(CERTFILE_TYPE);

    public boolean allowAnonymousClients() {
        return this.allowClients.getElement().toBoolean();
    }

    public boolean allowAnonymousServers() {
        return this.allowServers.getElement().toBoolean();
    }

    @Override // org.iot.dsa.node.DSNode
    public void declareDefaults() {
        declareDefault(ALLOW_CLIENTS, DSBool.FALSE);
        declareDefault(ALLOW_SERVERS, DSBool.TRUE);
        declareDefault(CERTFILE, DSString.valueOf("dslink.jks"));
        declareDefault(CERTFILE_TYPE, DSString.valueOf("JKS"));
        declareDefault(CERTFILE_PASS, DSPasswordAes.valueOf("dsarocks"));
    }

    private String getCertFilePass() {
        return ((DSPasswordAes) this.keystorePass.getObject()).decode();
    }

    private void keytoolGenkey() {
        try {
            String certFilePass = getCertFilePass();
            new ProcessBuilder(new String[0]).command("keytool", "-genkey", "-keystore", this.keystore.getElement().toString(), "-storepass", certFilePass, "-keypass", certFilePass, "-alias", "dsa", "-keyalg", "RSA", "-validity", "18000", "-dname", "\"CN=dslink-java-v2, O=DSA, C=US\"").start().waitFor();
        } catch (Exception e) {
            error(getPath(), e);
        }
    }

    @Override // org.iot.dsa.node.DSNode
    public void onStarted() {
        AnonymousTrustFactory.init(this);
        String dSElement = this.keystore.getElement().toString();
        if (!new File(dSElement).exists()) {
            keytoolGenkey();
        }
        try {
            System.setProperty("javax.net.ssl.keyStore", dSElement);
            System.setProperty("javax.net.ssl.keyStoreType", this.keystoreType.getElement().toString());
            System.setProperty("javax.net.ssl.keyStorePassword", getCertFilePass());
        } catch (Exception e) {
            error(getParent(), e);
        }
    }
}
