package weblogic.nodemanager.client;

import java.io.IOException;
import java.security.AccessController;
import java.util.Properties;
import javax.net.ssl.SSLSocket;
import weblogic.logging.Severities;
import weblogic.management.internal.BootStrapConstants;
import weblogic.nodemanager.NodeManagerException;
import weblogic.nodemanager.internal.NodeManagerDebug;
import weblogic.nodemanager.internal.NodeManagerHelper;
import weblogic.security.SSL.SSLContext;
import weblogic.security.SSL.SSLSocketFactory;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.service.PrivilegedActions;
import weblogic.security.service.SSLManager;
import weblogic.security.service.SecurityService;
import weblogic.security.service.SecurityServiceManager;
import weblogic.security.utils.SSLCertUtility;
import weblogic.security.utils.SSLContextWrapper;

/* loaded from: input_file:weblogic.jar:weblogic/nodemanager/client/SecureCommandInvoker.class */
class SecureCommandInvoker extends CommandInvoker {
    private static SSLContext sslContext = null;
    private boolean debugEnabled;
    private String commandCopy;
    private SSLSocket secureSocket;
    private SSLSocketFactory factory;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecureCommandInvoker(String str, int i, Properties properties) {
        super(str, i, properties);
        this.debugEnabled = false;
        this.commandCopy = null;
        this.secureSocket = null;
        this.factory = null;
        String property = properties.getProperty("nodemanager.debugEnabled");
        if (property == null || !property.equals("true")) {
            this.debugEnabled = false;
        } else {
            this.debugEnabled = true;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // weblogic.nodemanager.client.CommandInvoker
    public void init() throws NodeManagerException {
        this.commandCopy = new StringBuffer().append(this.commandDescriptor.getProperty("command")).append(" ").append(this.commandDescriptor.getProperty(BootStrapConstants.SERVER_NAME_PROP)).toString();
        super.init();
        try {
            this.factory = getSSLContext().getSocketFactoryJSSE();
        } catch (Exception e) {
            throw new NodeManagerException(new StringBuffer().append("SecureCommandInvoker: Could not create SSL Socket Factory, reason - ").append(e.toString()).toString());
        }
    }

    private SSLContext getSSLContext() throws Exception {
        if (sslContext == null) {
            sslContext = setupSSLContext();
        }
        return sslContext;
    }

    @Override // weblogic.nodemanager.client.CommandInvoker
    public void createSocket() throws NodeManagerException {
        try {
            this.secureSocket = (SSLSocket) this.factory.createSocket(this.hostname, this.port);
            this.socket = this.secureSocket;
            if (this.debugEnabled) {
                NodeManagerDebug.log(NodeManagerHelper.formatMessage(new StringBuffer().append("SecureCommandInvoker: Created socket '").append(this.socket).append("' to host '").append(this.hostname).append(":").append(this.port).append("'").toString(), Severities.INFO_TEXT));
            }
        } catch (IOException e) {
            throw new NodeManagerException(new StringBuffer().append("SecureCommandInvoker: Could not create a socket to the NodeManager running on host '").append(this.hostname).append(":").append(this.port).append("' to execute command '").append(this.commandCopy).append("', reason: ").append(e.getMessage()).append(". Ensure that the NodeManager on host '").append(this.hostname).append("' is configured to listen on port '").append(this.port).append("' and that it is actively listening").toString(), e);
        } catch (Exception e2) {
            e2.printStackTrace();
            throw new NodeManagerException(new StringBuffer().append("SecureCommandInvoker: Could not create a socket to the NodeManager running on host '").append(this.hostname).append(":").append(this.port).append("' to execute command '").append(this.commandCopy).append("', reason: ").append(e2.getMessage()).toString());
        }
    }

    private SSLContext setupSSLContext() throws Exception {
        NodeManagerDebug.log("> SecureCommandInvoker::setupSSLContext(5)");
        SSLContext sSLContext = SSLContext.getInstance("https");
        SSLContextWrapper sSLContextWrapper = SSLContextWrapper.getInstance();
        SSLManager sSLManager = getSSLManager();
        sSLContext.loadLocalIdentity(SSLCertUtility.toJavaX509(sSLManager.getServerCertificate(sSLContextWrapper)), sSLManager.getServerPrivateKey(sSLContextWrapper));
        NodeManagerDebug.log("< SecureCommandInvoker::setupSSLContext(40)");
        return sSLContext;
    }

    private SSLManager getSSLManager() throws Exception {
        if (SecurityServiceManager.isSecurityServiceInitialized()) {
            return (SSLManager) SecurityServiceManager.getSecurityService(getKernelID(), SecurityServiceManager.defaultRealmName, SecurityService.ServiceType.SSLMANAGER);
        }
        throw new Exception("Internal Error: SecurityService not yet initialized");
    }

    private AuthenticatedSubject getKernelID() {
        return (AuthenticatedSubject) AccessController.doPrivileged(PrivilegedActions.getKernelIdentityAction());
    }
}
