package com.ibm.ws.collective.utility.tasks;

import com.ibm.websphere.collective.controller.CollectiveRegistrationMBean;
import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.ws.collective.utility.ICollectiveRegistrationMBeanConnection;
import com.ibm.ws.collective.utility.IDynamicRoutingMBeanConnection;
import com.ibm.ws.collective.utility.IFileUtility;
import com.ibm.ws.collective.utility.TaskErrorException;
import com.ibm.ws.collective.utility.utils.ConsoleWrapper;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.PrintStream;
import java.net.ConnectException;
import java.net.UnknownHostException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.management.RuntimeMBeanException;
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import org.eclipse.osgi.framework.internal.reliablefile.ReliableFile;

/* loaded from: input_file:wlp/lib/com.ibm.ws.collective.utility_1.0.jar:com/ibm/ws/collective/utility/tasks/GenerateDynamicRoutingKeystoreTask.class */
public class GenerateDynamicRoutingKeystoreTask extends BaseCommandTask {
    private static final String PERSONAL_CERT_ALIAS = "default";
    private static final String CONTROLLER_CERT_ALIAS = "controllerRoot";
    private static final String MEMBER_CERT_ALIAS = "memberRoot";
    static final String MBEAN_NOT_PRESENT_MSG_ID = "CWWKX0217E";
    static final String PLUGIN_KEY_PREFIX = "plugin-key";
    static final String PKCS12_SUFFIX = ".p12";
    static final String JKS_SUFFIX = ".jks";
    static final String CMS_SUFFIX = ".kdb";
    static final String PLUGIN_KEY_PKCS12 = "plugin-key.p12";
    static final String PLUGIN_KEY_JKS = "plugin-key.jks";
    static final String PLUGIN_KEY_CMS = "plugin-key.kdb";
    static final String PKCS12_KEYSTORE_TYPE = "pkcs12";
    static final String JKS_KEYSTORE_TYPE = "jks";
    static final String CN = "CN=";
    static final String ARG_REQ_KEYSTORE_PASSWORD = "--keystorePassword";
    static final String ARG_OPT_KEYSTORE_TYPE = "--keystoreType";
    private static final TraceComponent tc = Tr.register(GenerateDynamicRoutingKeystoreTask.class);
    private final ICollectiveRegistrationMBeanConnection registrationMBean;
    private final IDynamicRoutingMBeanConnection dynamicRoutingMBean;

    public GenerateDynamicRoutingKeystoreTask(String str, IFileUtility iFileUtility, ICollectiveRegistrationMBeanConnection iCollectiveRegistrationMBeanConnection, IDynamicRoutingMBeanConnection iDynamicRoutingMBeanConnection) {
        super(tc, str, iFileUtility);
        this.registrationMBean = iCollectiveRegistrationMBeanConnection;
        this.dynamicRoutingMBean = iDynamicRoutingMBeanConnection;
        this.reqArgs.add("--host");
        this.reqArgs.add("--port");
        this.reqArgs.add("--user");
        this.reqArgs.add("--password");
        this.reqArgs.add(ARG_REQ_KEYSTORE_PASSWORD);
        this.promptableArgs.add("--password");
        this.confirmedArgs.add(ARG_REQ_KEYSTORE_PASSWORD);
        this.knownArgs.addAll(this.reqArgs);
        this.knownArgs.addAll(this.promptableArgs);
        this.knownArgs.addAll(this.confirmedArgs);
        this.knownArgs.add("--certificateSubject");
        this.knownArgs.add("--certificateValidity");
        this.knownArgs.add(ARG_OPT_KEYSTORE_TYPE);
    }

    @Override // com.ibm.ws.collective.utility.CollectiveUtilityTask
    public String getTaskName() {
        return "genKeystore";
    }

    @Override // com.ibm.ws.collective.utility.CollectiveUtilityTask
    public String getTaskUsage() {
        return getTaskUsage("genDynamicRoutingKeystore.usage.options");
    }

    @Override // com.ibm.ws.collective.utility.CollectiveUtilityTask
    public String getTaskHelp() {
        return getTaskHelp("genDynamicRoutingKeystore.desc", "genDynamicRoutingKeystore.usage.options", "connection.option-key.", "connection.option-desc.", null, buildScriptOptions("genKey.required-option-key.keystorePassword", "genKey.required-option-desc.keystorePassword") + buildScriptOptions("setupDynamicRouting.option-key.", "setupDynamicRouting.option-desc.") + buildScriptOptions("genDynamicRoutingKeystore.option-key.keystoreType", "genDynamicRoutingKeystore.option-desc.keystoreType") + NL + NL + getOption("sslTrust.autoAccept", ICollectiveRegistrationMBeanConnection.SYS_PROP_AUTO_ACCEPT), this.scriptName);
    }

    @Override // com.ibm.ws.collective.utility.CollectiveUtilityTask
    public String getTaskDescription() {
        return getOption("genDynamicRoutingKeystore.desc", new Object[0]);
    }

    @Override // com.ibm.ws.collective.utility.tasks.BaseCommandTask
    protected void abort(String str) throws TaskErrorException {
        this.stdout.println(getMessage("setupDynamicRouting.abort", new Object[0]));
        throw new TaskErrorException(str);
    }

    @Override // com.ibm.ws.collective.utility.tasks.BaseCommandTask
    protected void abortAndPerformCleanup(String str, File file) throws TaskErrorException {
        this.stdout.println(getMessage("setupDynamicRouting.abort", new Object[0]));
        if (!this.fileUtility.recurisveDelete(file)) {
            this.stdout.println(getMessage("setupDynamicRouting.cleanupFail", file));
        }
        throw new TaskErrorException(str);
    }

    protected void abortAndPerformCleanup(String str, List<File> list) throws TaskErrorException {
        this.stdout.println(getMessage("setupDynamicRouting.abort", new Object[0]));
        for (File file : list) {
            if (!this.fileUtility.recurisveDelete(file)) {
                this.stdout.println(getMessage("setupDynamicRouting.cleanupFail", file));
            }
        }
        throw new TaskErrorException(str);
    }

    @Override // com.ibm.ws.collective.utility.CollectiveUtilityTask
    public void handleTask(ConsoleWrapper consoleWrapper, PrintStream printStream, PrintStream printStream2, String[] strArr) throws TaskErrorException {
        this.stdin = consoleWrapper;
        this.stdout = printStream;
        this.stderr = printStream2;
        validateArgumentList(strArr, true);
        String argumentValue = getArgumentValue("--host", strArr, null);
        int intValue = Integer.valueOf(getArgumentValue("--port", strArr, null)).intValue();
        String argumentValue2 = getArgumentValue("--user", strArr, null);
        String argumentValue3 = getArgumentValue("--password", strArr, null);
        String argumentValue4 = getArgumentValue(ARG_REQ_KEYSTORE_PASSWORD, strArr, null);
        String argumentValue5 = getArgumentValue("--certificateSubject", strArr, CN + argumentValue2 + ",OU=client,O=ibm,C=us");
        Integer valueOf = Integer.valueOf(getArgumentValue("--certificateValidity", strArr, String.valueOf(1825)));
        String argumentValue6 = getArgumentValue(ARG_OPT_KEYSTORE_TYPE, strArr, JKS_KEYSTORE_TYPE);
        if (valueOf.intValue() < 365) {
            abort(getMessage("common.validityTooShort", "--certificateValidity"));
        }
        try {
            new LdapName(argumentValue5);
        } catch (InvalidNameException e) {
            abort(getMessage("common.invalidDN", "--certificateSubject", argumentValue5));
        }
        List<File> arrayList = new ArrayList<>();
        String subjectCN = getSubjectCN(argumentValue5);
        Map<String, Object> hashMap = new HashMap<>();
        hashMap.put(CollectiveRegistrationMBean.CERTIFICATE_SUBJECT, argumentValue5);
        hashMap.put(CollectiveRegistrationMBean.CERTIFICATE_VALIDITY, valueOf);
        String connectorClusterName = getConnectorClusterName(argumentValue, intValue, argumentValue2, argumentValue3);
        printStream.println(getMessage("genDynamicRoutingKeystore.startKeystore", new Object[0]));
        Map<String, byte[]> genKeystore = genKeystore(argumentValue, intValue, argumentValue2, argumentValue3, argumentValue4, hashMap, Boolean.TRUE.booleanValue());
        String str = PLUGIN_KEY_PREFIX;
        if (connectorClusterName != null && !"default".equalsIgnoreCase(connectorClusterName)) {
            str = "plugin-key-" + connectorClusterName;
        }
        if (PKCS12_KEYSTORE_TYPE.equalsIgnoreCase(argumentValue6)) {
            String str2 = str + PKCS12_SUFFIX;
            createKeystoreFile(new File(str2), argumentValue4, genKeystore.get("key.jks"), arrayList);
            printStream.println(getMessage("genKey.generatedKeystore", str2));
            printStream.println();
            printStream.println(getMessage("genDynamicRoutingKeystore.complete", str2, argumentValue5, subjectCN, argumentValue6));
            return;
        }
        String str3 = str + JKS_SUFFIX;
        createJKSFile(new File(str3), new File(str3 + ReliableFile.tmpExt), argumentValue4, genKeystore.get("key.jks"), arrayList);
        printStream.println(getMessage("genKey.generatedKeystore", str3));
        printStream.println();
        printStream.println(getMessage("genDynamicRoutingKeystore.complete", str3, argumentValue5, subjectCN, JKS_KEYSTORE_TYPE));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void createJKSFile(File file, File file2, String str, byte[] bArr, List<File> list) throws TaskErrorException {
        if (!this.fileUtility.writeBytesToFile(this.stderr, bArr, file2)) {
            abortAndPerformCleanup(getMessage("genKey.writeKeystoreFail", file2.getAbsolutePath()), file2);
        }
        if (this.fileUtility.exists(file)) {
            File findAvailableBackupFile = findAvailableBackupFile(file);
            this.stdout.println(getMessage("setupDynamicRouting.exists", file.getAbsolutePath(), findAvailableBackupFile.getAbsolutePath()));
            if (!this.fileUtility.renameFile(file, findAvailableBackupFile)) {
                abortAndPerformCleanup(getMessage("common.renameFailed", file.getAbsolutePath(), findAvailableBackupFile.getAbsolutePath()), file2);
            }
        }
        if (this.fileUtility.renameFile(file2, file)) {
            return;
        }
        abortAndPerformCleanup(getMessage("common.renameFailed", file2.getAbsolutePath(), file.getAbsolutePath()), file2);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void createKeystoreFile(File file, String str, byte[] bArr, List<File> list) throws TaskErrorException {
        FileOutputStream fileOutputStream = null;
        ByteArrayInputStream byteArrayInputStream = null;
        char[] cArr = new char[str.length()];
        str.getChars(0, str.length(), cArr, 0);
        KeyStore keyStore = null;
        try {
            try {
                try {
                    KeyStore keyStore2 = KeyStore.getInstance(JKS_KEYSTORE_TYPE);
                    byteArrayInputStream = new ByteArrayInputStream(bArr);
                    keyStore2.load(byteArrayInputStream, cArr);
                    Certificate certificate = keyStore2.getCertificate("memberRoot");
                    Certificate certificate2 = keyStore2.getCertificate("controllerRoot");
                    keyStore = KeyStore.getInstance(PKCS12_KEYSTORE_TYPE);
                    keyStore.load(null, cArr);
                    keyStore.setCertificateEntry("memberRoot", certificate);
                    keyStore.setCertificateEntry("controllerRoot", certificate2);
                    keyStore.setKeyEntry("default", keyStore2.getKey("default", cArr), cArr, keyStore2.getCertificateChain("default"));
                    if (byteArrayInputStream != null) {
                        try {
                            byteArrayInputStream.close();
                        } catch (IOException e) {
                        }
                    }
                } catch (Throwable th) {
                    if (byteArrayInputStream != null) {
                        try {
                            byteArrayInputStream.close();
                        } catch (IOException e2) {
                        }
                    }
                    throw th;
                }
            } catch (Exception e3) {
                if (tc.isEventEnabled()) {
                    Tr.event(tc, "Unexpected Exception while creating keystore: " + e3.getMessage(), e3);
                }
                this.stderr.println(getMessage("error", e3.getMessage()));
                abortAndPerformCleanup(getMessage("setupDynamicRouting.createKeystoreFail", file.getAbsolutePath()), list);
                if (byteArrayInputStream != null) {
                    try {
                        byteArrayInputStream.close();
                    } catch (IOException e4) {
                    }
                }
            }
        } catch (IOException e5) {
            if (tc.isEventEnabled()) {
                Tr.event(tc, "IOException while creating keystore: " + e5.getMessage(), e5);
            }
            this.stderr.println(getMessage("error", e5.getMessage()));
            abortAndPerformCleanup(getMessage("setupDynamicRouting.createKeystoreFail", file.getAbsolutePath()), list);
            if (byteArrayInputStream != null) {
                try {
                    byteArrayInputStream.close();
                } catch (IOException e6) {
                }
            }
        } catch (GeneralSecurityException e7) {
            if (tc.isEventEnabled()) {
                Tr.event(tc, "Security exception while creating keystore: " + e7.getMessage(), e7);
            }
            this.stderr.println(getMessage("error", e7.getMessage()));
            abortAndPerformCleanup(getMessage("setupDynamicRouting.createKeystoreFail", file.getAbsolutePath()), list);
            if (byteArrayInputStream != null) {
                try {
                    byteArrayInputStream.close();
                } catch (IOException e8) {
                }
            }
        }
        try {
            try {
                try {
                    File file2 = null;
                    if (this.fileUtility.exists(file)) {
                        file2 = findAvailableBackupFile(file);
                        this.stdout.println(getMessage("setupDynamicRouting.exists", file.getAbsolutePath(), file2.getAbsolutePath()));
                        if (!this.fileUtility.renameFile(file, file2)) {
                            abortAndPerformCleanup(getMessage("common.renameFailed", file.getAbsolutePath(), file2.getAbsolutePath()), list);
                        }
                    }
                    if (!file.createNewFile() && tc.isEventEnabled()) {
                        Tr.event(tc, "Unexpected - " + file.getAbsolutePath() + " should not exist as it was moved to " + file2.getAbsolutePath(), new Object[0]);
                    }
                    fileOutputStream = new FileOutputStream(file);
                    keyStore.store(fileOutputStream, cArr);
                    list.add(file);
                    if (fileOutputStream != null) {
                        try {
                            fileOutputStream.close();
                        } catch (IOException e9) {
                        }
                    }
                } catch (Throwable th2) {
                    if (fileOutputStream != null) {
                        try {
                            fileOutputStream.close();
                        } catch (IOException e10) {
                        }
                    }
                    throw th2;
                }
            } catch (IOException e11) {
                if (tc.isEventEnabled()) {
                    Tr.event(tc, "IOException while writing keystore to disk: " + e11.getMessage(), e11);
                }
                this.stderr.println(getMessage("error", e11.getMessage()));
                abortAndPerformCleanup(getMessage("setupDynamicRouting.writeKeystoreFail", file.getAbsolutePath()), list);
                if (fileOutputStream != null) {
                    try {
                        fileOutputStream.close();
                    } catch (IOException e12) {
                    }
                }
            }
        } catch (GeneralSecurityException e13) {
            if (tc.isEventEnabled()) {
                Tr.event(tc, "Security exception while writing keystore to disk: " + e13.getMessage(), e13);
            }
            this.stderr.println(getMessage("error", e13.getMessage()));
            abortAndPerformCleanup(getMessage("setupDynamicRouting.writeKeystoreFail", file.getAbsolutePath()), list);
            if (fileOutputStream != null) {
                try {
                    fileOutputStream.close();
                } catch (IOException e14) {
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getConnectorClusterName(String str, int i, String str2, String str3) throws TaskErrorException {
        try {
            return this.dynamicRoutingMBean.getConnectorClusterName(str, i, str2, str3);
        } catch (ConnectException e) {
            if (tc.isEventEnabled()) {
                Tr.event(tc, "ConnectException while invoking the MBean: " + e.getMessage(), e);
            }
            abort(getMessage("common.portError", String.valueOf(i)));
            return null;
        } catch (RuntimeMBeanException e2) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Caught RuntimeMBeanException, this may be expected, but here's the stack incase it helps.", e2);
            }
            if (e2.getCause() instanceof IllegalArgumentException) {
                abort(getMessage("common.connectionError", e2.getMessage()));
                return null;
            }
            if (tc.isEventEnabled()) {
                Tr.event(tc, "Unexpected RuntimeMBeanException while invoking the MBean: " + e2.getMessage(), e2);
            }
            this.stderr.println(getMessage("error", e2.getMessage()));
            abort(getMessage("common.connectionError", e2.getMessage()));
            return null;
        } catch (UnknownHostException e3) {
            if (tc.isEventEnabled()) {
                Tr.event(tc, "UnknownHostException while invoking the MBean: " + e3.getMessage(), e3);
            }
            abort(getMessage("common.hostError", str));
            return null;
        } catch (IOException e4) {
            if (tc.isEventEnabled()) {
                Tr.event(tc, "IOException while invoking the MBean: " + e4.getMessage(), e4);
            }
            abort(getMessage("common.connectionError", e4.getMessage()));
            return null;
        } catch (Exception e5) {
            if (tc.isEventEnabled()) {
                Tr.event(tc, "Unexpected Exception while invoking the MBean: " + e5.getMessage(), e5);
            }
            this.stderr.println(getMessage("error", e5.getMessage()));
            abort(getMessage("common.connectionError", e5.getMessage()));
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Map<String, byte[]> genKeystore(String str, int i, String str2, String str3, String str4, Map<String, Object> map, boolean z) throws TaskErrorException {
        try {
            Map<String, byte[]> genKey = this.registrationMBean.genKey(str, i, str2, str3, str4, map, z);
            this.stdout.println(getMessage("genKey.mbeanComplete", new Object[0]));
            return genKey;
        } catch (ConnectException e) {
            if (tc.isEventEnabled()) {
                Tr.event(tc, "ConnectException while invoking the MBean: " + e.getMessage(), e);
            }
            abort(getMessage("common.portError", String.valueOf(i)));
            return null;
        } catch (UnknownHostException e2) {
            if (tc.isEventEnabled()) {
                Tr.event(tc, "UnknownHostException while invoking the MBean: " + e2.getMessage(), e2);
            }
            abort(getMessage("common.hostError", str));
            return null;
        } catch (IOException e3) {
            if (tc.isEventEnabled()) {
                Tr.event(tc, "IOException while invoking the MBean: " + e3.getMessage(), e3);
            }
            abort(getMessage("common.connectionError", e3.getMessage()));
            return null;
        } catch (Exception e4) {
            if (tc.isEventEnabled()) {
                Tr.event(tc, "Unexpected Exception while invoking the MBean: " + e4.getMessage(), e4);
            }
            this.stderr.println(getMessage("error", e4.getMessage()));
            abort(getMessage("common.connectionError", e4.getMessage()));
            return null;
        } catch (RuntimeMBeanException e5) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Caught RuntimeMBeanException, this may be expected, but here's the stack incase it helps.", e5);
            }
            if (e5.getCause() instanceof IllegalArgumentException) {
                abort(getMessage("common.connectionError", e5.getMessage()));
                return null;
            }
            if (tc.isEventEnabled()) {
                Tr.event(tc, "Unexpected RuntimeMBeanException while invoking the MBean: " + e5.getMessage(), e5);
            }
            this.stderr.println(getMessage("error", e5.getMessage()));
            abort(getMessage("common.connectionError", e5.getMessage()));
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getSubjectCN(String str) {
        String str2 = str;
        int indexOf = str.indexOf(CN);
        if (indexOf >= 0) {
            String substring = str.substring(indexOf + CN.length());
            int indexOf2 = substring.indexOf(",");
            str2 = indexOf2 > 0 ? substring.substring(0, indexOf2) : substring;
        }
        return str2;
    }
}
