package com.ibm.ws.crypto.commands.aes;

import com.ibm.ISecurityUtilityImpl.aes.DefaultEncryptionKeyManager;
import com.ibm.ISecurityUtilityImpl.aes.EncryptionKeyManagerFactory;
import com.ibm.ISecurityUtilityImpl.aes.PropertyManager;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.cmdframework.CommandException;
import com.ibm.websphere.management.cmdframework.CommandLoadException;
import com.ibm.websphere.management.cmdframework.CommandNotFoundException;
import com.ibm.websphere.management.cmdframework.CommandValidationException;
import com.ibm.websphere.management.cmdframework.commanddata.CommandData;
import com.ibm.websphere.management.cmdframework.commandmetadata.TaskCommandMetadata;
import com.ibm.websphere.management.cmdframework.provider.TaskCommandResultImpl;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ssl.commands.utils.TraceNLSHelper;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;

/* loaded from: input_file:wasJars/com.ibm.ws.admin.client_9.0.jar:com/ibm/ws/crypto/commands/aes/DeletePasswordEncryptionKey.class */
public class DeletePasswordEncryptionKey extends AbstractPasswordUtilTaskCommand {
    private static TraceComponent tc = Tr.register((Class<?>) DeletePasswordEncryptionKey.class, "PasswordUtil", "com.ibm.ws.crypto.commands.aes");
    private String aesAlias;

    public DeletePasswordEncryptionKey(TaskCommandMetadata taskCommandMetadata) throws CommandNotFoundException {
        super(taskCommandMetadata);
        this.aesAlias = null;
    }

    public DeletePasswordEncryptionKey(CommandData commandData) throws CommandNotFoundException, CommandLoadException {
        super(commandData);
        this.aesAlias = null;
    }

    @Override // com.ibm.ws.crypto.commands.aes.AbstractPasswordUtilTaskCommand, com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand, com.ibm.websphere.management.cmdframework.provider.AbstractAdminCommand, com.ibm.websphere.management.cmdframework.AdminCommand
    public void validate() throws CommandValidationException {
        List<String> scanAesPasswords;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "validate");
        }
        super.validate();
        this.aesAlias = (String) getParameter("aesAlias");
        dumpParameters();
        if (this.aesAlias != null) {
            this.aesAlias = this.aesAlias.toLowerCase(Locale.ENGLISH);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "the value of aesAlias is converted to all lowercase : " + this.aesAlias);
            }
        }
        if (!this.existsPropFile && !this.existsPropFileInWS) {
            throw new CommandValidationException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.aes.ExceptionFileDoesNotExist", new Object[]{this.fqPropFile}, "CWPKI0772E:  The " + this.fqPropFile + " file does not exist. Ensure that the location is correct, and then retry the operation."));
        }
        Session configSession = getConfigSession();
        initilizeWorkspacePathForValidate(configSession, this.fqLocation);
        String propLocation = getPropLocation();
        if (existCustomKeyManager(propLocation)) {
            throw new CommandValidationException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.aes.NoOpCustomKeyManager", null, "CWPKI0779E:  The deleteEncryptionKey command and the regenEncryptionKey command are disabled because the custom EncryptionKeyManager class is used."));
        }
        this.aesKeystore = getKeystoreLocation(propLocation);
        initializeKeystoreLocation();
        if (!this.existsKeystoreFile && !this.existsKeystoreFileInWS) {
            throw new CommandValidationException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.aes.ExceptionFileDoesNotExist", new Object[]{this.fqKeystoreFile}, "CWPKI0772E:  The " + this.fqKeystoreFile + " file does not exist. Ensure that the location is correct, and then retry the operation."));
        }
        validateDeletionForDefaultKeyManager(getFileForValidate(configSession, this.existsKeystoreFileInWS, this.fqKeystoreFile), propLocation, this.aesAlias);
        String property = System.getProperty("user.install.root");
        if (property == null || (scanAesPasswords = scanAesPasswords(configSession, this.aesAlias, property + "/config")) == null) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "validate");
            }
        } else {
            StringBuffer stringBuffer = new StringBuffer();
            Iterator<String> it = scanAesPasswords.iterator();
            while (it.hasNext()) {
                stringBuffer.append(it.next()).append(" ");
            }
            throw new CommandValidationException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.aes.AliasUsedEncryption", new Object[]{this.aesAlias, stringBuffer.toString()}, "CWPKI0789E:  The " + this.aesAlias + " value of the aesAlias parameter is currently used for encrypting the password in the " + stringBuffer.toString() + " file. The key was not removed from the keystore file."));
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand
    public void afterStepsExecuted() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "afterStepsExecuted");
        }
        super.afterStepsExecuted();
        TaskCommandResultImpl taskCommandResultImpl = (TaskCommandResultImpl) getTaskCommandResult();
        if (!taskCommandResultImpl.isSuccessful()) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "afterStepsExecuted TaskCommandResult indicates failure.");
                return;
            }
            return;
        }
        Session configSession = getConfigSession();
        try {
            if (this.existsPropFile || this.existsPropFileInWS) {
                extractToWS(configSession, this.fqPropFile);
            }
            if (this.existsKeystoreFile || this.existsKeystoreFileInWS) {
                extractToWS(configSession, this.fqKeystoreFile);
            }
            this.workspacePath = fixupLocation(configSession, this.fqLocation);
            PropertyManager propertyManager = new PropertyManager(this.workspacePath + PropertyManager.PROP_FILE_NAME);
            String fixupLocation = fixupLocation(configSession, this.fqKeystoreFile);
            DefaultEncryptionKeyManager createDefaultEncryptionKeyManager = EncryptionKeyManagerFactory.createDefaultEncryptionKeyManager(fixupLocation, propertyManager.getPassword(), propertyManager);
            createDefaultEncryptionKeyManager.deleteKey(this.aesAlias);
            createDefaultEncryptionKeyManager.storeToFile(fixupLocation);
            notifyWS(configSession, this.fqKeystoreFile, 1);
        } catch (Throwable th) {
            FFDCFilter.processException(th, "com.ibm.ws.crypto.commands.aes.DeletePasswordEncryptionKey.afterStepsExecuted", "154", this);
            Throwable rootCause = getRootCause(th);
            String formattedMessage = TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.aes.ExceptionAesAdminTask", new Object[]{"deletePasswordEncryptionKey", rootCause.getMessage()}, "CWPKI0763E:  The deletePasswordEncryptionKey command did not complete. The error message is " + rootCause.getMessage());
            taskCommandResultImpl.addWarnings(formattedMessage);
            taskCommandResultImpl.setResult(new Boolean(false));
            taskCommandResultImpl.setException(new CommandException(formattedMessage));
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "afterStepsExecuted");
        }
    }

    private void dumpParameters() {
        if (tc.isDebugEnabled()) {
            StringBuffer stringBuffer = new StringBuffer("validate : parameters :");
            stringBuffer.append(" location : ").append(this.location);
            stringBuffer.append(", aesAlias : ").append(this.aesAlias);
            Tr.debug(tc, stringBuffer.toString());
        }
    }

    private void validateDeletionForDefaultKeyManager(String str, String str2, String str3) throws CommandValidationException {
        if (str3 != null) {
            boolean z = false;
            boolean z2 = false;
            try {
                PropertyManager propertyManager = getPropertyManager(str2);
                DefaultEncryptionKeyManager createDefaultEncryptionKeyManager = EncryptionKeyManagerFactory.createDefaultEncryptionKeyManager(str, propertyManager.getPassword(), propertyManager);
                boolean z3 = !existAlias(createDefaultEncryptionKeyManager, str3);
                if (str3.equals(createDefaultEncryptionKeyManager.getActiveEncryptionKeyAlias())) {
                    z2 = true;
                }
                List<String> allKeyAliases = createDefaultEncryptionKeyManager.getAllKeyAliases();
                if (allKeyAliases != null) {
                    if (allKeyAliases.size() == 1) {
                        z = true;
                    }
                }
                if (z3) {
                    throw new CommandValidationException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.aes.NotExistKeyAlias", new Object[]{str3, str}, "CWPKI0778E:  The " + str3 + " value of the aesAlias parameter was not found in the " + str + " keystore file."));
                }
                if (z2) {
                    throw new CommandValidationException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.aes.AliasUsedCurrent", new Object[]{str3, this.location}, "CWPKI0781E:  The " + str3 + " value of the aesAlias parameter is set as the current alias. The key was not removed from the keystore file."));
                }
                if (z) {
                    throw new CommandValidationException(TraceNLSHelper.getInstance().getFormattedMessage("LastKey", new Object[]{str}, "CWPKI0782E:  Since the " + str + " keystore file contains only one key, the key was not removed from the keystore file."));
                }
            } catch (Throwable th) {
                FFDCFilter.processException(th, "com.ibm.ws.crypto.commands.aes.DeletePasswordEncryptionKey.validateDeletionForDefaultKeyManager", "202", this);
                Throwable rootCause = getRootCause(th);
                throw new CommandValidationException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.aes.ExceptionAesAdminTask", new Object[]{"validate", rootCause.getMessage()}, "CWPKI0763E:  The validate command did not complete. The error message is " + rootCause.getMessage()));
            }
        }
    }
}
