package com.ibm.ws.ssl.commands.personalCertificates;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.cmdframework.CommandException;
import com.ibm.websphere.management.cmdframework.CommandLoadException;
import com.ibm.websphere.management.cmdframework.CommandNotFoundException;
import com.ibm.websphere.management.cmdframework.CommandValidationException;
import com.ibm.websphere.management.cmdframework.commanddata.CommandData;
import com.ibm.websphere.management.cmdframework.commandmetadata.TaskCommandMetadata;
import com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand;
import com.ibm.websphere.management.cmdframework.provider.TaskCommandResultImpl;
import com.ibm.websphere.management.configservice.ConfigService;
import com.ibm.websphere.management.configservice.ConfigServiceFactory;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ssl.commands.certificateRequests.CertificateRequestHelper;
import com.ibm.ws.ssl.commands.keyStores.KeyStoreHelper;
import com.ibm.ws.ssl.commands.utils.CommandConstants;
import com.ibm.ws.ssl.commands.utils.CommandHelper;
import com.ibm.ws.ssl.commands.utils.TraceNLSHelper;
import com.ibm.ws.ssl.config.KeyStoreManager;
import com.ibm.ws.ssl.config.WSKeyStoreRemotable;
import com.ibm.ws.ssl.model.KeyStoreInfo;
import java.security.cert.X509Certificate;
import javax.management.ObjectName;

/* loaded from: input_file:ws_runtime.jar:com/ibm/ws/ssl/commands/personalCertificates/ExportCertificate.class */
public class ExportCertificate extends AbstractTaskCommand {
    private static TraceComponent tc;
    private String keyStoreName;
    private String keyStorePassword;
    private String keyFilePath;
    private String keyFilePathExpanded;
    private String keyFilePassword;
    private String keyFileType;
    private String aliasInKeyStore;
    private String certAlias;
    private String keyStoreScope;
    private KeyStoreInfo ksInfo;
    static Class class$com$ibm$ws$ssl$commands$personalCertificates$ExportCertificate;

    public ExportCertificate(TaskCommandMetadata taskCommandMetadata) throws CommandNotFoundException {
        super(taskCommandMetadata);
        this.keyStoreName = null;
        this.keyStorePassword = null;
        this.keyFilePath = null;
        this.keyFilePathExpanded = null;
        this.keyFilePassword = null;
        this.keyFileType = null;
        this.aliasInKeyStore = null;
        this.certAlias = null;
        this.keyStoreScope = null;
        this.ksInfo = null;
    }

    public ExportCertificate(CommandData commandData) throws CommandNotFoundException, CommandLoadException {
        super(commandData);
        this.keyStoreName = null;
        this.keyStorePassword = null;
        this.keyFilePath = null;
        this.keyFilePathExpanded = null;
        this.keyFilePassword = null;
        this.keyFileType = null;
        this.aliasInKeyStore = null;
        this.certAlias = null;
        this.keyStoreScope = null;
        this.ksInfo = null;
    }

    @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand, com.ibm.websphere.management.cmdframework.provider.AbstractAdminCommand, com.ibm.websphere.management.cmdframework.AdminCommand
    public void validate() throws CommandValidationException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "validate");
        }
        super.validate();
        try {
            ConfigService configService = ConfigServiceFactory.getConfigService();
            Session configSession = getConfigSession();
            ObjectName objectName = configService.resolve(configSession, "Cell=")[0];
            ObjectName objectName2 = configService.resolve(configSession, "Cell=:Security=")[0];
            this.keyStoreName = (String) getParameter(CommandConstants.KEY_STORE_NAME);
            this.keyStorePassword = (String) getParameter(CommandConstants.KEY_STORE_PASSWORD);
            this.keyStoreScope = (String) getParameter(CommandConstants.KEY_STORE_SCOPE);
            this.keyFilePath = (String) getParameter(CommandConstants.KEY_FILE_PATH);
            this.keyFilePassword = (String) getParameter(CommandConstants.KEY_FILE_PASSWORD);
            this.keyFileType = (String) getParameter(CommandConstants.KEY_FILE_TYPE);
            this.certAlias = (String) getParameter(CommandConstants.CERT_ALIAS);
            this.aliasInKeyStore = (String) getParameter(CommandConstants.NEW_CERT_ALIAS);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("keyStoreName=").append(this.keyStoreName).append(" keyFileName=").append((String) null).append(" keyFileType=").append(this.keyFileType).append(" certAlias=").append(this.certAlias).append(" aliasInKeyStore=").append(this.aliasInKeyStore).toString());
            }
            CommandHelper commandHelper = new CommandHelper();
            if (this.keyStoreScope == null) {
                this.keyStoreScope = commandHelper.defaultCellScope(objectName);
                Tr.debug(tc, new StringBuffer().append("Default cell scopeName: ").append(this.keyStoreScope).toString());
            }
            this.ksInfo = PersonalCertificateHelper.getKsInfo(configSession, configService, this.keyStoreName, this.keyStoreScope);
            this.keyFilePathExpanded = KeyStoreManager.getInstance().expand(this.keyFilePath);
            if (KeyStoreHelper.checkKeyFile(this.keyFileType, this.keyFilePathExpanded, this.keyFilePassword) != 0) {
                throw new CommandValidationException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.keyStore.check.key.file.CWPKI0663E", new Object[]{this.keyFilePath}, new StringBuffer().append("Key store file \"").append(this.keyFilePath).append("\" did not verify, make sure the file exits, check key store type and password.").toString()));
            }
            if (KeyStoreHelper.checkKeyFile(this.ksInfo.getType(), this.ksInfo.getLocation(), this.keyStorePassword) != 0) {
                throw new CommandValidationException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.keyStore.check.key.file.CWPKI0663E", new Object[]{this.keyFilePath}, new StringBuffer().append("Key store file \"").append(this.ksInfo.getLocation()).append("\" did not verify, make sure the file exists, check key store type and password.").toString()));
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "validate");
            }
        } catch (Exception e) {
            throw new CommandValidationException(e.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand
    public void afterStepsExecuted() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "afterStepsExecuted");
        }
        super.afterStepsExecuted();
        TaskCommandResultImpl taskCommandResultImpl = (TaskCommandResultImpl) getTaskCommandResult();
        if (!taskCommandResultImpl.isSuccessful()) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "afterStepsExecuted");
                return;
            }
            return;
        }
        try {
            personalCertificateExport(this.ksInfo, this.keyFilePath, this.keyFileType, this.keyFilePassword, this.certAlias, this.aliasInKeyStore);
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.ssl.commands.ExportCertificate.afterStepsExecuted", "165", this);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception occurred.", new Object[]{e});
            }
            taskCommandResultImpl.setException(new CommandException(e, e.getMessage()));
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "afterStepsExecuted");
        }
    }

    public void personalCertificateExport(KeyStoreInfo keyStoreInfo, String str, String str2, String str3, String str4, String str5) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "personalCertificateExport");
        }
        WSKeyStoreRemotable wSKeyStoreRemotable = new WSKeyStoreRemotable(keyStoreInfo);
        String str6 = null;
        String expand = KeyStoreManager.getInstance().expand(str);
        if (str5 != null && !str5.trim().equals("")) {
            str6 = str5;
        }
        if (str6 == null) {
            str6 = str4;
        }
        try {
            if (CertificateRequestHelper.isKeyCertReq((X509Certificate) wSKeyStoreRemotable.invokeKeyStoreCommand("getCertificate", new Object[]{str4})[0], str4) != null) {
                throw new CommandValidationException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.not.personal.in.keystore.CWPKI0672E", new Object[]{str4, keyStoreInfo.getLocation()}, new StringBuffer().append("Alias \"").append(str4).append("\" is not a personal certificate in key store \"").append(keyStoreInfo.getLocation()).append("\".").toString()));
            }
            Object[] invokeKeyStoreCommand = wSKeyStoreRemotable.invokeKeyStoreCommand("getCertificateChain", new Object[]{str4});
            Object[] invokeKeyStoreCommand2 = wSKeyStoreRemotable.invokeKeyStoreCommand("getKey", new Object[]{str4, this.keyStorePassword.toCharArray()});
            if (invokeKeyStoreCommand[0] == null || invokeKeyStoreCommand2[0] == null) {
                throw new CommandValidationException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.not.personal.in.keystore.CWPKI0672E", new Object[]{str4, keyStoreInfo.getLocation()}, new StringBuffer().append("Alias \"").append(str4).append("\" is not a personal certificate in key store \"").append(keyStoreInfo.getLocation()).append("\".").toString()));
            }
            Object[] objArr = new Object[4];
            objArr[0] = expand;
            objArr[1] = str2;
            objArr[2] = str3 != null ? str3.toCharArray() : null;
            objArr[3] = str6;
            if (((Boolean) wSKeyStoreRemotable.invokeKeyStoreCommand("containsAliasFromUnManagedKeyStore", objArr)[0]).booleanValue()) {
                throw new CommandValidationException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.cert.alias.already.exists.CWPKI0630E", new Object[]{str6, str}, new StringBuffer().append("Alias \"").append(str6).append("\" already exists in key store \"").append(str).append("\".").toString()));
            }
            Object[] objArr2 = new Object[6];
            objArr2[0] = expand;
            objArr2[1] = str2;
            objArr2[2] = str3 != null ? str3.toCharArray() : null;
            objArr2[3] = str6;
            objArr2[4] = invokeKeyStoreCommand[0];
            objArr2[5] = invokeKeyStoreCommand2[0];
            wSKeyStoreRemotable.invokeKeyStoreCommand("setKeyEntryFromUnManagedKeyStore", objArr2);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "personalCertificateExport");
            }
        } catch (Exception e) {
            throw e;
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$com$ibm$ws$ssl$commands$personalCertificates$ExportCertificate == null) {
            cls = class$("com.ibm.ws.ssl.commands.personalCertificates.ExportCertificate");
            class$com$ibm$ws$ssl$commands$personalCertificates$ExportCertificate = cls;
        } else {
            cls = class$com$ibm$ws$ssl$commands$personalCertificates$ExportCertificate;
        }
        tc = Tr.register(cls, "SSL", "com.ibm.ws.ssl.commands.personalCertificates");
    }
}
