package com.ibm.ws.collective.utility.tasks;

import com.ibm.websphere.collective.controller.CollectiveRegistrationMBean;
import com.ibm.ws.collective.member.HostAuthConfig;
import com.ibm.ws.collective.member.internal.ssh.SSHKeyGenerator;
import com.ibm.ws.collective.member.internal.ssh.SSHKeyUtility;
import com.ibm.ws.collective.utility.ICollectiveRegistrationMBeanConnection;
import com.ibm.ws.collective.utility.IFileUtility;
import com.ibm.ws.collective.utility.TaskErrorException;
import com.ibm.ws.collective.utility.utils.ConsoleWrapper;
import com.ibm.ws.collective.utility.utils.Trlog;
import com.ibm.ws.collective.utils.PasswordMaskUtil;
import java.io.File;
import java.io.IOException;
import java.io.PrintStream;
import java.io.UnsupportedEncodingException;
import java.net.ConnectException;
import java.net.UnknownHostException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.management.RuntimeMBeanException;
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import org.eclipse.osgi.framework.internal.reliablefile.ReliableFile;
import org.eclipse.osgi.internal.location.EquinoxLocations;

/* loaded from: input_file:wlp/lib/com.ibm.ws.collective.utility_1.0.21.jar:com/ibm/ws/collective/utility/tasks/ReplicateTask.class */
public class ReplicateTask extends BaseCommandTask {
    private final SSHKeyGenerator sshKeyGen;
    private final SSHKeyUtility sshKeyUtil;
    private File collectiveResourcesDir;
    private final ICollectiveRegistrationMBeanConnection registrationMBean;
    private boolean usingDefaults;
    private static final String className = ReplicateTask.class.getName();
    private static final Integer DEFAULT_REPLICA_PORT = 10010;

    public ReplicateTask(String str, IFileUtility iFileUtility, SSHKeyGenerator sSHKeyGenerator, SSHKeyUtility sSHKeyUtility, ICollectiveRegistrationMBeanConnection iCollectiveRegistrationMBeanConnection) {
        super(str, iFileUtility);
        this.sshKeyGen = sSHKeyGenerator;
        this.sshKeyUtil = sSHKeyUtility;
        this.registrationMBean = iCollectiveRegistrationMBeanConnection;
        this.usingDefaults = false;
        this.reqArgs.add("--keystorePassword");
        this.reqConnectArgs.add("--host");
        this.reqConnectArgs.add("--port");
        this.reqConnectArgs.add("--user");
        this.reqConnectArgs.add("--password");
        this.promptableArgs.add("--password");
        this.confirmedArgs.add("--keystorePassword");
        this.confirmedArgs.add("--serverIdentityKeystorePassword");
        this.confirmedArgs.add("--collectiveTrustKeystorePassword");
        this.confirmedArgs.add("--httpsKeystorePassword");
        this.confirmedArgs.add("--httpsTruststorePassword");
        this.flagArgs.add("--createConfigFile");
        this.flagArgs.add("--useHostCredentials");
        this.flagArgs.add("--trace");
        this.flagArgs.add("--controller");
        this.knownArgs.addAll(this.reqArgs);
        this.knownArgs.addAll(this.reqConnectArgs);
        this.knownArgs.addAll(this.promptableArgs);
        this.knownArgs.addAll(this.confirmedArgs);
        this.knownArgs.addAll(this.promptableArgs);
        this.knownArgs.addAll(this.flagArgs);
        this.knownArgs.add("--serverIdentityCertificateValidity");
        this.knownArgs.add("--httpsCertificateSubject");
        this.knownArgs.add("--httpsCertificateValidity");
        this.knownArgs.add("--hostName");
        this.knownArgs.add("--encoding");
        this.knownArgs.add("--key");
        addHostAuthInfoArgs(false);
        addAutoAcceptArgument();
    }

    @Override // com.ibm.ws.collective.utility.CollectiveUtilityTask
    public String getTaskName() {
        return "replicate";
    }

    @Override // com.ibm.ws.collective.utility.CollectiveUtilityTask
    public String getTaskUsage() {
        return getTaskUsage("replicate.usage.options");
    }

    @Override // com.ibm.ws.collective.utility.CollectiveUtilityTask
    public String getTaskHelp() {
        return getTaskHelp("replicate.desc", "replicate.usage.options", "connection.option-key.", "connection.option-desc.", null, buildScriptOptions("keystore.option-key.", "keystore.option-desc.") + buildScriptOptions("certProps.option-key.", "certProps.option-desc.") + buildScriptOptions("replicate.option-key.", "replicate.option-desc.") + buildScriptOptions("encoding.option-key.", "encoding.option-desc.") + buildScriptOptions("common.option-key.", "common.option-desc.") + buildScriptOptions("hostAuthInfo.option-key.", "hostAuthInfo.option-desc."), this.scriptName);
    }

    @Override // com.ibm.ws.collective.utility.CollectiveUtilityTask
    public String getTaskDescription() {
        return getOption("replicate.desc", new Object[0]);
    }

    @Override // com.ibm.ws.collective.utility.tasks.BaseCommandTask
    protected void abort(String str) throws TaskErrorException {
        this.stdout.println(getMessage("replicate.abort", new Object[0]));
        throw new TaskErrorException(str);
    }

    private void abort(String str, String str2) throws TaskErrorException {
        Trlog.exit(className, str2, str);
        this.stdout.println(getMessage("replicate.abort", new Object[0]));
        throw new TaskErrorException(str);
    }

    @Override // com.ibm.ws.collective.utility.tasks.BaseCommandTask
    protected void abortAndPerformCleanup(String str, File file) throws TaskErrorException {
        this.stdout.println(getMessage("replicate.abort", new Object[0]));
        if (!this.fileUtility.recurisveDelete(file)) {
            this.stdout.println(getMessage("replicate.cleanupFail", file));
        }
        throw new TaskErrorException(str);
    }

    protected void abortAndPerformCleanup(String str, File file, File file2, String str2) throws TaskErrorException {
        Trlog.exit(className, str2, str);
        this.stdout.println(getMessage("replicate.abort", new Object[0]));
        if (!this.fileUtility.recurisveDelete(file)) {
            this.stdout.println(getMessage("replicate.cleanupFail", file));
        }
        if (!this.fileUtility.recurisveDelete(file2)) {
            this.stdout.println(getMessage("replicate.cleanupFail", file2));
        }
        throw new TaskErrorException(str);
    }

    private Map<String, byte[]> replicate(String str, int i, String str2, String str3, String str4, String str5, String str6, String str7, String str8, Map<String, Object> map, Map<String, Object> map2) throws TaskErrorException {
        Trlog.enter(className, "replicate", new Object[]{str, Integer.valueOf(i), str2, str3.replaceAll(".", "*"), str4, str5, str6, str7});
        try {
            Map<String, byte[]> replicate = this.registrationMBean.replicate(str, i, str2, str3, str4, str5, str6, str7, str8, map, map2);
            this.stdout.println(getMessage("replicate.mbeanComplete", new Object[0]));
            Trlog.exit(className, "replicate", "Successfully completed MBean request to the controller.");
            return replicate;
        } catch (ConnectException e) {
            abortAndPerformCleanup(getMessage("common.portError", String.valueOf(i)), this.collectiveResourcesDir, null, "replicate");
            Trlog.exit(className, "replicate", "return null");
            return null;
        } catch (UnknownHostException e2) {
            abortAndPerformCleanup(getMessage("common.hostError", str), this.collectiveResourcesDir, null, "replicate");
            Trlog.exit(className, "replicate", "return null");
            return null;
        } catch (IOException e3) {
            abortAndPerformCleanup(getMessage("common.connectionError", e3.getMessage()), this.collectiveResourcesDir, null, "replicate");
            Trlog.exit(className, "replicate", "return null");
            return null;
        } catch (Exception e4) {
            this.stderr.println(getMessage("error", e4.getMessage()));
            abortAndPerformCleanup(getMessage("common.connectionError", e4.getMessage()), this.collectiveResourcesDir, null, "replicate");
            Trlog.exit(className, "replicate", "return null");
            return null;
        } catch (RuntimeMBeanException e5) {
            Trlog.debug(className, "replicate", "Caught RuntimeMBeanException, this may be expected, but here's the stack incase it helps.", (Throwable) e5);
            if (e5.getCause() instanceof IllegalStateException) {
                abortAndPerformCleanup(getMessage("replicate.registeredAlready", str6), this.collectiveResourcesDir, null, "replicate");
            } else if (e5.getCause() instanceof IllegalArgumentException) {
                abortAndPerformCleanup(getMessage("common.connectionError", e5.getMessage()), this.collectiveResourcesDir, null, "replicate");
            } else {
                this.stderr.println(getMessage("error", e5.getMessage()));
                abortAndPerformCleanup(getMessage("common.connectionError", e5.getMessage()), this.collectiveResourcesDir, null, "replicate");
            }
            Trlog.exit(className, "replicate", "return null");
            return null;
        }
    }

    @Override // com.ibm.ws.collective.utility.CollectiveUtilityTask
    public void handleTask(ConsoleWrapper consoleWrapper, PrintStream printStream, PrintStream printStream2, String[] strArr) throws TaskErrorException {
        Map<String, Object> buildHostAuthInfo;
        setupTrace(strArr, className, this.fileUtility);
        Trlog.enter(className, "handleTask");
        this.stdin = consoleWrapper;
        this.stdout = printStream;
        this.stderr = printStream2;
        validateArgumentList(strArr, false);
        boolean z = false;
        String taskTarget = getTaskTarget(strArr);
        String userDir = this.fileUtility.getUserDir();
        String installDir = this.fileUtility.getInstallDir();
        String str = userDir + "servers/" + taskTarget + "/";
        if (!this.fileUtility.exists(str)) {
            userDir = this.fileUtility.resolvePath(userDir);
            abort(getMessage("serverNotFound", taskTarget, userDir), "handleTask");
        }
        this.collectiveResourcesDir = new File(str + "resources/collective");
        if (this.fileUtility.exists(this.collectiveResourcesDir) && !this.fileUtility.isDirectoryEmpty(this.collectiveResourcesDir)) {
            abort(getMessage("replicate.errorAlreadyHasResources", new Object[0]), "handleTask");
        }
        handleAutoAcceptArgument(strArr);
        if (isConfigFileInDropins(strArr, true)) {
            abort(getMessage("create.configLocationInDefaults", new Object[0]), "handleTask");
        }
        String controllerHost = getControllerHost(strArr);
        int intValue = Integer.valueOf(getControllerPort(strArr)).intValue();
        String controllerUser = getControllerUser(strArr);
        String controllerPassword = getControllerPassword(strArr);
        String argumentValue = getArgumentValue("--hostName", strArr, getHostName());
        String str2 = "CN=" + argumentValue + ",OU=" + taskTarget + ",O=ibm,C=us";
        String argumentValue2 = getArgumentValue("--keystorePassword", strArr, null);
        String argumentValue3 = getArgumentValue("--serverIdentityKeystorePassword", strArr, argumentValue2);
        Integer valueOf = Integer.valueOf(getArgumentValue("--serverIdentityCertificateValidity", strArr, String.valueOf(1825)));
        String argumentValue4 = getArgumentValue("--collectiveTrustKeystorePassword", strArr, argumentValue2);
        String argumentValue5 = getArgumentValue("--httpsKeystorePassword", strArr, argumentValue2);
        String argumentValue6 = getArgumentValue("--httpsCertificateSubject", strArr, str2);
        Integer valueOf2 = Integer.valueOf(getArgumentValue("--httpsCertificateValidity", strArr, String.valueOf(1825)));
        String argumentValue7 = getArgumentValue("--httpsTruststorePassword", strArr, argumentValue2);
        if (valueOf.intValue() < 365) {
            abort(getMessage("common.validityTooShort", "--serverIdentityCertificateValidity"), "handleTask");
        }
        if (valueOf2.intValue() < 365) {
            abort(getMessage("common.validityTooShort", "--httpsCertificateValidity"), "handleTask");
        }
        try {
            new LdapName(argumentValue6);
        } catch (InvalidNameException e) {
            abort(getMessage("common.invalidDN", "--httpsCertificateSubject", argumentValue6), "handleTask");
        }
        String argumentValue8 = getArgumentValue("--encoding", strArr, "xor");
        String argumentValue9 = getArgumentValue("--key", strArr, null);
        validateEncoding(argumentValue8, argumentValue9);
        List<String> asList = Arrays.asList(strArr);
        Boolean valueOf3 = Boolean.valueOf(asList.contains("--useHostCredentials"));
        Boolean valueOf4 = Boolean.valueOf(asList.contains("--useCollectiveSSHKey"));
        validateUseHostCredentialsOverrides(asList, valueOf3.booleanValue());
        validateUseSSHKeyOverrides(asList, valueOf4.booleanValue());
        if (valueOf3.booleanValue()) {
            buildHostAuthInfo = new HashMap<>();
            buildHostAuthInfo.put("useHostCredentials", Boolean.TRUE);
            buildHostAuthInfo.put("collectiveSSHKeySupported", Boolean.TRUE);
        } else {
            buildHostAuthInfo = buildHostAuthInfo(strArr, this.sshKeyGen, this.sshKeyUtil, this.registrationMBean, this.collectiveResourcesDir, controllerHost, intValue, controllerUser, controllerPassword, argumentValue, true, true, taskTarget, str);
        }
        Trlog.debug(className, "handleTask", "Resulting hostAuthInfo:\n" + PasswordMaskUtil.maskPasswordsInMap(buildHostAuthInfo));
        if (encodePassword(argumentValue2, "--keystorePassword", argumentValue8, argumentValue9) == null) {
            abort("encodedKeystorePassword is null", "handleTask");
        }
        String encodePassword = encodePassword(argumentValue3, "--serverIdentityKeystorePassword", argumentValue8, argumentValue9);
        String encodePassword2 = encodePassword(argumentValue4, "--collectiveTrustKeystorePassword", argumentValue8, argumentValue9);
        String encodePassword3 = encodePassword(argumentValue5, "--httpsKeystorePassword", argumentValue8, argumentValue9);
        String encodePassword4 = encodePassword(argumentValue7, "--httpsTruststorePassword", argumentValue8, argumentValue9);
        if (encodePassword == null || encodePassword2 == null || encodePassword3 == null || encodePassword4 == null) {
            abort(null, "handleTask");
        }
        Map<String, Object> hashMap = new HashMap<>();
        hashMap.put(CollectiveRegistrationMBean.SERVER_IDENTITY_KEYSTORE_PASSWORD, encodePassword);
        hashMap.put(CollectiveRegistrationMBean.SERVER_IDENTITY_CERTIFICATE_VALIDITY, valueOf);
        hashMap.put(CollectiveRegistrationMBean.COLLECTIVE_TRUST_KEYSTORE_PASSWORD, encodePassword2);
        hashMap.put(CollectiveRegistrationMBean.HTTPS_KEYSTORE_PASSWORD, encodePassword3);
        hashMap.put(CollectiveRegistrationMBean.HTTPS_CERTIFICATE_SUBJECT, argumentValue6);
        hashMap.put(CollectiveRegistrationMBean.HTTPS_CERTIFICATE_VALIDITY, valueOf2);
        hashMap.put(CollectiveRegistrationMBean.HTTPS_TRUSTSTORE_PASSWORD, encodePassword4);
        File file = new File(str + "resources/collective/serverIdentity.jks");
        File file2 = new File(str + "resources/collective/collectiveTrust.jks");
        File file3 = new File(str + "resources/collective/rootKeys.jks");
        File file4 = new File(str + "resources/collective/collective.uuid");
        File file5 = new File(str + "resources/collective/collective.name");
        File file6 = new File(str + "resources/security/key.jks");
        File file7 = new File(str + "resources/security/key.jks" + ReliableFile.tmpExt);
        if (file6.exists()) {
            Trlog.debug(className, "handleTask", "Regenerates the certificate as the default HTTPS keystore file exists at " + file6.getAbsolutePath());
            printStream.println(getMessage("common.regenerateKey", file6.getAbsolutePath()));
        }
        File file8 = new File(str + "resources/security/trust.jks");
        File file9 = new File(str + "resources/security/trust.jks" + ReliableFile.tmpExt);
        if (file8.exists()) {
            Trlog.debug(className, "handleTask", "Regenerates the certificate as the default HTTPS truststore file exists at " + file8.getAbsolutePath());
            printStream.println(getMessage("common.regenerateTrust", file8.getAbsolutePath()));
        }
        if (!this.fileUtility.createParentDirectory(printStream, file)) {
            abortAndPerformCleanup(null, this.collectiveResourcesDir, null, "handleTask");
        }
        if (!this.fileUtility.createParentDirectory(printStream, file2)) {
            abortAndPerformCleanup(null, this.collectiveResourcesDir, null, "handleTask");
        }
        if (!this.fileUtility.createParentDirectory(printStream, file3)) {
            abortAndPerformCleanup(null, this.collectiveResourcesDir, null, "handleTask");
        }
        if (!this.fileUtility.createParentDirectory(printStream, file4)) {
            abortAndPerformCleanup(null, this.collectiveResourcesDir, null, "handleTask");
        }
        if (!this.fileUtility.createParentDirectory(printStream, file5)) {
            abortAndPerformCleanup(null, this.collectiveResourcesDir, null, "handleTask");
        }
        if (!this.fileUtility.createParentDirectory(printStream, file6)) {
            abortAndPerformCleanup(null, this.collectiveResourcesDir, null, "handleTask");
        }
        if (!this.fileUtility.createParentDirectory(printStream, file7)) {
            abortAndPerformCleanup(null, this.collectiveResourcesDir, null, "handleTask");
        }
        if (!this.fileUtility.createParentDirectory(printStream, file8)) {
            abortAndPerformCleanup(null, this.collectiveResourcesDir, null, "handleTask");
        }
        if (!this.fileUtility.createParentDirectory(printStream, file9)) {
            abortAndPerformCleanup(null, this.collectiveResourcesDir, null, "handleTask");
        }
        printStream.println(getMessage("replicate.start", controllerHost, String.valueOf(intValue)));
        Map<String, byte[]> replicate = replicate(controllerHost, intValue, controllerUser, controllerPassword, argumentValue, userDir, taskTarget, installDir, argumentValue2, hashMap, buildHostAuthInfo);
        if (!this.fileUtility.writeBytesToFile(printStream2, replicate.get(CollectiveRegistrationMBean.KEYSTORE_SERVER_IDENTITY_JKS), file)) {
            abortAndPerformCleanup(getMessage("replicate.writeKeystoreFail", file.getAbsolutePath()), this.collectiveResourcesDir, null, "handleTask");
        }
        if (!this.fileUtility.writeBytesToFile(printStream2, replicate.get(CollectiveRegistrationMBean.KEYSTORE_COLLECTIVE_TRUST_JKS), file2)) {
            abortAndPerformCleanup(getMessage("replicate.writeKeystoreFail", file2.getAbsolutePath()), this.collectiveResourcesDir, null, "handleTask");
        }
        if (!this.fileUtility.writeBytesToFile(printStream2, replicate.get(CollectiveRegistrationMBean.KEYSTORE_ROOT_KEYS_JKS), file3)) {
            abortAndPerformCleanup(getMessage("replicate.writeKeystoreFail", file3.getAbsolutePath()), this.collectiveResourcesDir, null, "handleTask");
        }
        if (!this.fileUtility.writeBytesToFile(printStream2, replicate.get(CollectiveRegistrationMBean.FILE_COLLECTIVE_UUID), file4)) {
            abortAndPerformCleanup(getMessage("replicate.writeFileFail", file4.getAbsolutePath()), this.collectiveResourcesDir, null, "handleTask");
        }
        byte[] bArr = replicate.get(CollectiveRegistrationMBean.FILE_COLLECTIVE_NAME);
        if (bArr == null) {
            Trlog.debug(className, "handleTask", "it looks that we try to replica controller with version 8.5.5.3 or below");
            try {
                bArr = "defaultCollective".getBytes("UTF-8");
            } catch (UnsupportedEncodingException e2) {
                Trlog.debug(className, "handleTask", "Caught UnsupportedEncodingException while calling \"defaultCollective\".getBytes(\"UTF-8\")");
            }
        }
        if (bArr == null || !this.fileUtility.writeBytesToFile(printStream2, replicate.get("key.jks"), file7)) {
            abortAndPerformCleanup(getMessage("replicate.writeKeystoreFail", file7.getAbsolutePath()), this.collectiveResourcesDir, null, "handleTask");
        }
        if (!this.fileUtility.writeBytesToFile(printStream2, replicate.get("key.jks"), file7)) {
            abortAndPerformCleanup(getMessage("replicate.writeKeystoreFail", file7.getAbsolutePath()), this.collectiveResourcesDir, null, "handleTask");
        }
        if (!this.fileUtility.writeBytesToFile(printStream2, replicate.get(CollectiveRegistrationMBean.KEYSTORE_TRUST_JKS), file9)) {
            abortAndPerformCleanup(getMessage("replicate.writeKeystoreFail", file9.getAbsolutePath()), this.collectiveResourcesDir, null, "handleTask");
        }
        updateExistingSSLKeys(file6, file7, file8, file9, this.collectiveResourcesDir);
        if (replicate.get("safKeyring") != null) {
            z = verifySAFSSHKeys(new String(replicate.get("safKeyring")), new String(replicate.get("safCertificateLabel")), null, false, this.collectiveResourcesDir).booleanValue();
        }
        copySSHKeys(replicate, str);
        Trlog.debug(className, "handleTask", "Successfully replicated the controller as server " + taskTarget);
        printStream.println();
        printStream.println(getMessage("replicate.success", taskTarget));
        handleConfigXML(printStream, strArr, str, getConfigXML(strArr, replicate, controllerHost, argumentValue, argumentValue8, argumentValue9, encodePassword, encodePassword2, encodePassword3, encodePassword4, str, z));
        printStream.println(getMessage("replicate.configureSecurity", new Object[0]));
        Trlog.exit(className, "handleTask");
    }

    private void copySSHKeys(Map<String, byte[]> map, String str) throws TaskErrorException {
        Trlog.enter(className, "copySSHKeys");
        String str2 = null;
        File file = new File(str + "resources/security/ssh/id_rsa");
        File file2 = new File(str + "resources/security/ssh/id_rsa.pub");
        File file3 = new File(str + "resources/security");
        byte[] bArr = map.get(CollectiveRegistrationMBean.SSH_PUBLIC_KEY);
        if (bArr != null) {
            str2 = new String(bArr);
        }
        if (map.get(CollectiveRegistrationMBean.SSH_PRIVATE_KEY) != null && str2 != null) {
            this.stdout.println("About to copy SSH Keys to new server");
            this.usingDefaults = true;
            try {
                this.sshKeyUtil.writeKeyToFile(new String(map.get(CollectiveRegistrationMBean.SSH_PRIVATE_KEY)), file);
                this.sshKeyUtil.writeKeyToFile(str2, file2);
            } catch (IOException e) {
                this.stdout.println(getMessage("replicate.writeSSHKeyFail", new Object[0]));
                abortAndPerformCleanup(getMessage("replicate.writeSSHKeyFail", e.toString()), file3, this.collectiveResourcesDir, "copySSHKeys");
            }
        } else if (map.get("safKeyring") != null) {
            this.stdout.println(getMessage("replicate.usingSAFKeys", new Object[0]));
        } else {
            Trlog.debug(className, "copySSHKeys", "Default Keys are not being used so keys will not be copied");
        }
        if (str2 != null) {
            try {
                this.sshKeyUtil.updateAuthorizedKeys(System.getProperty(EquinoxLocations.PROP_USER_HOME), str2);
            } catch (IOException e2) {
                abortAndPerformCleanup(getMessage("replicate.saveAuthorizedKeys", e2.toString()), file3, this.collectiveResourcesDir, "copySSHKeys");
            }
        }
        Trlog.exit(className, "copySSHKeys");
    }

    protected String insertCollectiveHostAuthInfo(Map<String, byte[]> map, boolean z, String str) {
        StringBuffer stringBuffer = new StringBuffer();
        String str2 = null;
        String str3 = null;
        String str4 = null;
        String str5 = null;
        String str6 = null;
        String str7 = null;
        String str8 = null;
        byte[] bArr = map.get(HostAuthConfig.CFG_KEY_SSH_PRIVATE_KEY_PATH);
        if (bArr != null) {
            str2 = new String(bArr);
        }
        byte[] bArr2 = map.get(HostAuthConfig.CFG_KEY_SSH_PUBLIC_KEY_PATH);
        if (bArr2 != null) {
            str3 = new String(bArr2);
        }
        byte[] bArr3 = map.get("defaultSSHPrivateKeyPath");
        if (bArr3 != null) {
            new String(bArr3);
        }
        byte[] bArr4 = map.get("defaultSSHPublicKeyPath");
        if (bArr4 != null) {
            str4 = new String(bArr4);
        }
        byte[] bArr5 = map.get("safKeyring");
        if (bArr5 != null) {
            str5 = new String(bArr5);
        }
        byte[] bArr6 = map.get("safCertificateLabel");
        if (bArr6 != null) {
            str6 = new String(bArr6);
        }
        byte[] bArr7 = map.get("sshPrivateKeyPassword");
        if (bArr7 != null) {
            str8 = new String(bArr7);
        }
        stringBuffer.append("    <collectiveHostAuthInfo");
        stringBuffer.append(NL);
        if (str6 != null && str6.length() > 0) {
            if (!z) {
                stringBuffer.append("      <!--");
                stringBuffer.append(NL);
                stringBuffer.append(getMessage("replicate.checkSAFKeys", new Object[0]));
                stringBuffer.append(NL);
                stringBuffer.append("      -->");
                stringBuffer.append(NL);
            }
            stringBuffer.append("       safCertificateLabel=\"");
            stringBuffer.append(str6);
            stringBuffer.append("\"");
            stringBuffer.append(NL);
            stringBuffer.append("       safKeyRing=\"");
            stringBuffer.append(str5);
            stringBuffer.append("\"");
            stringBuffer.append(NL);
            if (0 != 0 && str7.length() > 0) {
                stringBuffer.append("       safKeystoreKeyRecoverPassword=\"");
                stringBuffer.append((String) null);
                stringBuffer.append("\"");
                stringBuffer.append(NL);
            }
            stringBuffer.append("     />");
        } else if (str3 == null || str3.length() <= 0) {
            stringBuffer = new StringBuffer();
        } else {
            if (str3.equals(str4)) {
                str3 = str + "resources/security/ssh/id_rsa.pub";
                str2 = str + "resources/security/ssh/id_rsa";
            } else {
                stringBuffer.append("      <!--");
                stringBuffer.append(NL);
                stringBuffer.append(getMessage("replicate.checkKeyPaths", new Object[0]));
                stringBuffer.append(NL);
                stringBuffer.append("      -->");
                stringBuffer.append(NL);
            }
            stringBuffer.append("       sshPrivateKeyPath=\"");
            stringBuffer.append(str2);
            stringBuffer.append("\"");
            stringBuffer.append(NL);
            stringBuffer.append("       sshPublicKeyPath=\"");
            stringBuffer.append(str3);
            stringBuffer.append("\"");
            stringBuffer.append(NL);
            if (str8 != null && str8.length() > 0) {
                stringBuffer.append("       sshPrivateKeyPassWord=\"");
                stringBuffer.append("\"");
                stringBuffer.append(NL);
            }
            stringBuffer.append("     />");
            stringBuffer.append(NL);
        }
        return stringBuffer.toString();
    }

    private String getConfigXML(String[] strArr, Map<String, byte[]> map, String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9, boolean z) {
        Integer integer = Integer.getInteger("controller_1.replica", DEFAULT_REPLICA_PORT);
        return "    <featureManager>" + NL + "        <feature>collectiveController-1.0</feature>" + NL + "    </featureManager>" + NL + NL + insertHostNameVariable(str2) + NL + insertHostAuthInfo(strArr) + "    <!-- Configuration of the collective controller replica." + NL + "         TODO: If this replica is on the same host as the original controller," + NL + "               change the replicaPort." + NL + "         TODO: If the target controller's replica port is not " + integer + NL + "               (the default) change the value in replicaSet. -->" + NL + "    <collectiveController replicaPort=\"" + integer + "\"" + NL + "                          replicaSet=\"" + str + ":" + integer + "\"" + NL + "                          isInitialReplicaSet=\"false\" />" + NL + NL + (this.usingDefaults ? "" : insertCollectiveHostAuthInfo(map, z, str9)) + NL + "    <!-- TODO: Define the security configuration exactly as defined in the" + NL + "               target controller from which this was replicated. -->" + NL + "    <quickStartSecurity userName=\"\" userPassword=\"\" />" + NL + NL + insertEncodingKey(str3, str4) + "    <!-- clientAuthenticationSupported set to enable bidirectional trust -->" + NL + "    <ssl id=\"defaultSSLConfig\"" + NL + "         keyStoreRef=\"defaultKeyStore\"" + NL + "         trustStoreRef=\"defaultTrustStore\"" + NL + "         clientAuthenticationSupported=\"true\" />" + NL + NL + "    <!-- inbound (HTTPS) keystore -->" + NL + "    <keyStore id=\"defaultKeyStore\" password=\"" + str7 + "\"" + NL + "              location=\"${server.config.dir}/resources/security/key.jks\" />" + NL + NL + "    <!-- inbound (HTTPS) truststore -->" + NL + "    <keyStore id=\"defaultTrustStore\" password=\"" + str8 + "\"" + NL + "              location=\"${server.config.dir}/resources/security/trust.jks\" />" + NL + NL + "    <!-- server identity keystore -->" + NL + "    <keyStore id=\"serverIdentity\" password=\"" + str5 + "\"" + NL + "              location=\"${server.config.dir}/resources/collective/serverIdentity.jks\" />" + NL + NL + "    <!-- collective truststore -->" + NL + "    <keyStore id=\"collectiveTrust\" password=\"" + str6 + "\"" + NL + "              location=\"${server.config.dir}/resources/collective/collectiveTrust.jks\" />" + NL + NL + "    <!-- collective root signers keystore" + NL + "         TODO: set password to the collectiveRootKeys password in the" + NL + "         original controller -->" + NL + "    <keyStore id=\"collectiveRootKeys\" password=\"\"" + NL + "              location=\"${server.config.dir}/resources/collective/rootKeys.jks\" />" + NL;
    }
}
