package com.ibm.ws.scripting.types;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import com.ibm.websphere.management.exception.AdminException;
import com.ibm.websphere.management.exception.ConnectorException;
import com.ibm.ws.scripting.AbstractShell;
import com.ibm.ws.scripting.AdminConfigClient;
import com.ibm.ws.scripting.ConfigNameCache;
import com.ibm.ws.scripting.ScriptingException;
import java.util.ArrayList;
import java.util.Hashtable;
import javax.management.Attribute;
import javax.management.AttributeList;
import javax.management.AttributeNotFoundException;
import javax.management.ObjectName;
import org.eclipse.emf.ecore.xmi.impl.EMOFExtendedMetaData;

/* loaded from: input_file:wasJars/com.ibm.ws.admin.services.jar:com/ibm/ws/scripting/types/SecurityTSHelper.class */
public class SecurityTSHelper extends FIPSTSHelper {
    private static TraceComponent tc = Tr.register((Class<?>) SecurityTSHelper.class, "Scripting", "com.ibm.ws.scripting.resources.wscpMessage");
    public static final int FIPS_NOT_SET = 0;
    public static final int FIPS_TRUE = 1;
    public static final int FIPS_FALSE = 2;
    private int foundUseFIPS;

    public SecurityTSHelper(AdminConfigClient adminConfigClient, AbstractShell abstractShell, Hashtable hashtable, ConfigNameCache configNameCache) {
        super(adminConfigClient, abstractShell, hashtable, configNameCache);
        this.foundUseFIPS = 1;
    }

    @Override // com.ibm.ws.scripting.types.FIPSTSHelper
    public void reset() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "reset");
        }
        this.msgId = "SECURITY_NONFIPS_PROVIDER";
        this.validationType = "com.ibm.ssl.contextProvider";
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "reset");
        }
    }

    @Override // com.ibm.ws.scripting.types.BaseTSHelper, com.ibm.ws.scripting.types.TypeSpecificHelper
    public AttributeList attributeListUpdate(AttributeList attributeList, ObjectName objectName, boolean z) throws ScriptingException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "attributeListUpdate");
        }
        try {
            validate(attributeList, objectName);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "attributeListUpdate");
            }
            return attributeList;
        } catch (AdminException e) {
            this._shell.setLastException(e);
            throw new ScriptingException(e.toString());
        } catch (ConnectorException e2) {
            this._shell.setLastException(e2);
            throw new ScriptingException(e2.toString());
        }
    }

    @Override // com.ibm.ws.scripting.types.FIPSTSHelper
    protected boolean validate(AttributeList attributeList, ObjectName objectName) throws ScriptingException, AdminException, ConnectorException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "validate - " + objectName);
        }
        boolean z = false;
        ArrayList arrayList = null;
        int validateFIPSProperty = validateFIPSProperty(attributeList, objectName);
        if (validateFIPSProperty == 0 || validateFIPSProperty == 1) {
            try {
                arrayList = (ArrayList) ConfigServiceHelper.getAttributeValue(attributeList, "repertoire");
            } catch (AttributeNotFoundException e) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Ex - " + e.toString());
                }
            }
            if (arrayList != null) {
                SSLConfigTSHelper sSLConfigTSHelper = (SSLConfigTSHelper) getTSHelper("SSLConfig");
                sSLConfigTSHelper.setMessageId(this.msgId);
                sSLConfigTSHelper.setValidationType(this.validationType);
                for (int i = 0; i < arrayList.size(); i++) {
                    AttributeList attributeList2 = null;
                    Object obj = arrayList.get(i);
                    if (obj instanceof ObjectName) {
                        AttributeList attributeListFromON = getAttributeListFromON((ObjectName) obj);
                        if (attributeListFromON != null) {
                            attributeList2 = attributeListFromON;
                        }
                    } else if (obj instanceof AttributeList) {
                        attributeList2 = (AttributeList) obj;
                    }
                    z = sSLConfigTSHelper.validate(attributeList2, objectName);
                    if (z) {
                        break;
                    }
                }
                sSLConfigTSHelper.reset();
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "validate - " + z);
        }
        return z;
    }

    protected int validateFIPSProperty(AttributeList attributeList, ObjectName objectName) throws ScriptingException, AdminException, ConnectorException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "validateFIPSProperty - " + objectName);
        }
        ArrayList arrayList = null;
        int i = 0;
        try {
            arrayList = (ArrayList) ConfigServiceHelper.getAttributeValue(attributeList, "properties");
        } catch (AttributeNotFoundException e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Ex - " + e.toString());
            }
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "arlist: " + arrayList);
        }
        if (arrayList != null) {
            PropertyTSHelper propertyTSHelper = (PropertyTSHelper) getTSHelper(EMOFExtendedMetaData.EMOF_PROPERTY_CLASS_NAME);
            for (int i2 = 0; i2 < arrayList.size(); i2++) {
                AttributeList attributeList2 = null;
                Object obj = arrayList.get(i2);
                if (obj instanceof ObjectName) {
                    AttributeList attributeListFromON = getAttributeListFromON((ObjectName) obj);
                    if (attributeListFromON != null) {
                        attributeList2 = attributeListFromON;
                    }
                } else if (obj instanceof AttributeList) {
                    attributeList2 = (AttributeList) obj;
                }
                i = checkFIPSProperty(attributeList2);
                if (i != 0) {
                    break;
                }
            }
            if (i == this.foundUseFIPS) {
                propertyTSHelper.setMessageId("SECURITY_NONFIPS_SSL");
                propertyTSHelper.setValidationType("com.ibm.ssl.contextProvider");
                propertyTSHelper.setSkipFIPSCheck(true);
                boolean matchSSLConfig = propertyTSHelper.matchSSLConfig("lookThroughAllSSLConfig", objectName);
                propertyTSHelper.setSkipFIPSCheck(false);
                propertyTSHelper.reset();
                if (!matchSSLConfig && objectName != null && getConfigPath(objectName).indexOf("/servers/") == -1) {
                    checkServerSSLConfig(objectName);
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "validateFIPSProperty - " + i);
        }
        return i;
    }

    public int checkFIPSProperty(AttributeList attributeList) throws ScriptingException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "checkFIPSProperty");
        }
        int i = 0;
        String str = new String();
        String str2 = new String();
        for (int i2 = 0; i2 < attributeList.size(); i2++) {
            String name = ((Attribute) attributeList.get(i2)).getName();
            Object value = ((Attribute) attributeList.get(i2)).getValue();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "name: " + name);
            }
            if (name.equals("name")) {
                str = (String) value;
            }
            if (name.equals("value")) {
                str2 = (String) value;
            }
        }
        if (str.equals("com.ibm.security.useFIPS")) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "found matching useFIPS property, value: " + str2);
            }
            i = str2.equals("true") ? 1 : 2;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "checkFIPSProperty - " + i);
        }
        return i;
    }

    public boolean checkServerSSLConfig(ObjectName objectName) throws ScriptingException, AdminException, ConnectorException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "checkServerSSLConfig");
        }
        boolean z = false;
        ObjectName[] objectNameListForType = getObjectNameListForType("Server", null);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "serverList: " + objectNameListForType);
        }
        if (objectNameListForType != null) {
            for (int i = 0; i < objectNameListForType.length; i++) {
                ObjectName[] objectNameListForType2 = getObjectNameListForType("Security", objectNameListForType[i]);
                if (objectNameListForType2 != null) {
                    for (ObjectName objectName2 : objectNameListForType2) {
                        z = validate(getAttributeListFromON(objectName2), objectNameListForType2[i]);
                        if (z) {
                            break;
                        }
                    }
                }
                if (z) {
                    break;
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "checkServerSSLConfig - " + z);
        }
        return z;
    }
}
