package com.ibm.ws.ssl.commands.signerCertificates;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.cmdframework.CommandException;
import com.ibm.websphere.management.cmdframework.CommandLoadException;
import com.ibm.websphere.management.cmdframework.CommandNotFoundException;
import com.ibm.websphere.management.cmdframework.CommandValidationException;
import com.ibm.websphere.management.cmdframework.commanddata.CommandData;
import com.ibm.websphere.management.cmdframework.commandmetadata.TaskCommandMetadata;
import com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand;
import com.ibm.websphere.management.cmdframework.provider.TaskCommandResultImpl;
import com.ibm.websphere.management.configservice.ConfigService;
import com.ibm.websphere.management.configservice.ConfigServiceFactory;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import com.ibm.ws.ssl.commands.personalCertificates.PersonalCertificateHelper;
import com.ibm.ws.ssl.commands.utils.CommandConstants;
import com.ibm.ws.ssl.commands.utils.CommandHelper;
import com.ibm.ws.ssl.commands.utils.TraceNLSHelper;
import com.ibm.ws.ssl.config.WSKeyStoreRemotable;
import com.ibm.ws.ssl.model.KeyStoreInfo;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import javax.management.AttributeList;
import javax.management.ObjectName;

/* loaded from: input_file:ws_runtime.jar:com/ibm/ws/ssl/commands/signerCertificates/RetrieveSignerFromPort.class */
public class RetrieveSignerFromPort extends AbstractTaskCommand {
    private static TraceComponent tc;
    private String host;
    private Integer port;
    private String certificateAlias;
    private String keyStoreName;
    private String keyStoreScope;
    private String sslConfigName;
    private String sslConfigScopeName;
    private ObjectName sslCfgObjName;
    private KeyStoreInfo ksInfo;
    static Class class$com$ibm$ws$ssl$commands$signerCertificates$RetrieveSignerFromPort;

    public RetrieveSignerFromPort(TaskCommandMetadata taskCommandMetadata) throws CommandNotFoundException {
        super(taskCommandMetadata);
        this.host = null;
        this.port = null;
        this.certificateAlias = null;
        this.keyStoreName = null;
        this.keyStoreScope = null;
        this.sslConfigName = null;
        this.sslConfigScopeName = null;
        this.sslCfgObjName = null;
        this.ksInfo = null;
    }

    public RetrieveSignerFromPort(CommandData commandData) throws CommandNotFoundException, CommandLoadException {
        super(commandData);
        this.host = null;
        this.port = null;
        this.certificateAlias = null;
        this.keyStoreName = null;
        this.keyStoreScope = null;
        this.sslConfigName = null;
        this.sslConfigScopeName = null;
        this.sslCfgObjName = null;
        this.ksInfo = null;
    }

    @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand, com.ibm.websphere.management.cmdframework.provider.AbstractAdminCommand, com.ibm.websphere.management.cmdframework.AdminCommand
    public void validate() throws CommandValidationException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "validate");
        }
        super.validate();
        ObjectName objectName = null;
        try {
            ConfigService configService = ConfigServiceFactory.getConfigService();
            Session configSession = getConfigSession();
            ObjectName createObjectName = ConfigServiceHelper.createObjectName(null, "Security");
            ObjectName objectName2 = configService.resolve(configSession, "Cell=")[0];
            if (objectName2 != null) {
                objectName = configService.queryConfigObjects(configSession, objectName2, createObjectName, null)[0];
            }
            this.host = (String) getParameter(CommandConstants.HOST);
            this.port = (Integer) getParameter(CommandConstants.PORT);
            this.keyStoreName = (String) getParameter(CommandConstants.KEY_STORE_NAME);
            this.keyStoreScope = (String) getParameter(CommandConstants.KEY_STORE_SCOPE);
            this.certificateAlias = (String) getParameter(CommandConstants.CERTIFICATE_ALIAS);
            this.sslConfigName = (String) getParameter(CommandConstants.CONFIG_NAME);
            this.sslConfigScopeName = (String) getParameter(CommandConstants.SSL_CONFIG_SCOPE_NAME);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("host=").append(this.host).append(" port=").append(this.port).append(" certificateAlias=").append(this.certificateAlias).append(" sslConfigName=").append(this.sslConfigName).append(" sslConfigScopeName=").append(this.sslConfigScopeName).toString());
            }
            CommandHelper commandHelper = new CommandHelper();
            if (this.keyStoreScope == null) {
                this.keyStoreScope = commandHelper.defaultCellScope(objectName2);
                Tr.debug(tc, new StringBuffer().append("Default cell scopeName: ").append(this.keyStoreScope).toString());
            }
            this.ksInfo = PersonalCertificateHelper.getKsInfo(configSession, configService, this.keyStoreName, this.keyStoreScope);
            if (this.sslConfigName != null) {
                AttributeList attributeList = new AttributeList();
                if (this.sslConfigScopeName == null) {
                    this.sslConfigScopeName = commandHelper.defaultCellScope(objectName2);
                    Tr.debug(tc, new StringBuffer().append("Default cell scopeName: ").append(this.sslConfigScopeName).toString());
                }
                attributeList.clear();
                ConfigServiceHelper.setAttributeValue(attributeList, CommandConstants.ALIAS, this.sslConfigName);
                this.sslCfgObjName = commandHelper.getObjectName(configService, configSession, objectName, CommandConstants.REPERTOIRE, attributeList, this.sslConfigScopeName);
                if (this.sslCfgObjName == null) {
                    throw new CommandValidationException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.object.not.found.CWPKI0600E", new Object[]{this.sslConfigName, this.sslConfigScopeName}, new StringBuffer().append(this.sslConfigName).append(" does not exist within the management scope ").append(this.sslConfigScopeName).toString()));
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "validate");
            }
        } catch (Exception e) {
            throw new CommandValidationException(e.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand
    public void afterStepsExecuted() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "afterStepsExecuted");
        }
        super.afterStepsExecuted();
        TaskCommandResultImpl taskCommandResultImpl = (TaskCommandResultImpl) getTaskCommandResult();
        if (!taskCommandResultImpl.isSuccessful()) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "afterStepsExecuted");
                return;
            }
            return;
        }
        try {
            getSignerAndAddToKeyStore(this.host, this.port, this.sslConfigName, this.ksInfo);
            taskCommandResultImpl.setResult("Signer Certificate Successfully added to keyStore.");
        } catch (Exception e) {
            taskCommandResultImpl.setException(new CommandException(e, e.getMessage()));
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "afterStepsExecuted");
        }
    }

    public void getSignerAndAddToKeyStore(String str, Integer num, String str2, KeyStoreInfo keyStoreInfo) throws Exception {
        try {
            Certificate[] retrieveSigner = SignerCertificateHelper.retrieveSigner(this.host, num, str2);
            if (retrieveSigner == null) {
                throw new CommandValidationException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.cert.no.signer.CWPKI0661E", new Object[]{this.host, num}, new StringBuffer().append("Unable to get signer information from hostname \"").append(this.host).append("\" and port \"").append(num).append("\".  Verify hostname and port are correct.").toString()));
            }
            addCertToKeyStore((X509Certificate) retrieveSigner[0], this.certificateAlias, keyStoreInfo);
        } catch (Exception e) {
            e.printStackTrace();
            throw new Exception(e.getMessage());
        }
    }

    public void addCertToKeyStore(X509Certificate x509Certificate, String str, KeyStoreInfo keyStoreInfo) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "addCertToKeyStore");
        }
        WSKeyStoreRemotable wSKeyStoreRemotable = new WSKeyStoreRemotable(keyStoreInfo);
        try {
            if (((Boolean) wSKeyStoreRemotable.invokeKeyStoreCommand("containsAlias", new Object[]{str})[0]).booleanValue()) {
                throw new KeyStoreException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.cert.alias.already.exists.CWPKI0630E", new Object[]{str, keyStoreInfo.getName()}, new StringBuffer().append("Alias \"").append(str).append(" already exists in key store \"").append(keyStoreInfo.getName()).append("\".").toString()));
            }
            if (((Boolean) wSKeyStoreRemotable.invokeKeyStoreCommand("checkIfSignerAlreadyExists", new Object[]{x509Certificate})[0]).booleanValue()) {
                throw new KeyStoreException("Certificate already exists in key store.  May be under a different alias name.");
            }
            wSKeyStoreRemotable.invokeKeyStoreCommand("setCertificateEntry", new Object[]{str, x509Certificate});
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "addCertToKeyStore");
            }
        } catch (Exception e) {
            throw new Exception(e.getMessage());
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$com$ibm$ws$ssl$commands$signerCertificates$RetrieveSignerFromPort == null) {
            cls = class$("com.ibm.ws.ssl.commands.signerCertificates.RetrieveSignerFromPort");
            class$com$ibm$ws$ssl$commands$signerCertificates$RetrieveSignerFromPort = cls;
        } else {
            cls = class$com$ibm$ws$ssl$commands$signerCertificates$RetrieveSignerFromPort;
        }
        tc = Tr.register(cls, "SSL", "com.ibm.ws.ssl.commands.signerCertificates");
    }
}
