package com.ibm.ws.security.admintask.audit.signing;

import com.ibm.ejs.ras.ManagerAdmin;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.cmdframework.AdminCommand;
import com.ibm.websphere.management.cmdframework.CommandException;
import com.ibm.websphere.management.cmdframework.CommandLoadException;
import com.ibm.websphere.management.cmdframework.CommandMgr;
import com.ibm.websphere.management.cmdframework.CommandNotFoundException;
import com.ibm.websphere.management.cmdframework.CommandResult;
import com.ibm.websphere.management.cmdframework.CommandValidationException;
import com.ibm.websphere.management.cmdframework.commanddata.CommandData;
import com.ibm.websphere.management.cmdframework.commandmetadata.TaskCommandMetadata;
import com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand;
import com.ibm.websphere.management.cmdframework.provider.TaskCommandResultImpl;
import com.ibm.websphere.management.configservice.ConfigDataId;
import com.ibm.websphere.management.configservice.ConfigService;
import com.ibm.websphere.management.configservice.ConfigServiceFactory;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import com.ibm.websphere.management.exception.ConfigServiceException;
import com.ibm.websphere.ras.RasMessage;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.logging.IBMConstants;
import com.ibm.ws.security.config.AuditConfig;
import com.ibm.ws.security.profiletask.MessageFormatHelper;
import com.ibm.ws.security.role.RoleBasedAuthorizer;
import com.ibm.ws.security.role.RoleBasedConfiguratorFactory;
import com.ibm.ws.security.util.Constants;
import com.ibm.ws.util.PlatformHelperFactory;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.net.InetAddress;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.Locale;
import java.util.ResourceBundle;
import javax.management.Attribute;
import javax.management.AttributeList;
import javax.management.ObjectName;

/* loaded from: input_file:wasJars/securityimpl.jar:com/ibm/ws/security/admintask/audit/signing/CreateAuditSigningConfig.class */
public class CreateAuditSigningConfig extends AbstractTaskCommand {
    private static String BUNDLE_NAME = "com.ibm.ejs.resources.security";
    private static ResourceBundle resBundle = ResourceBundle.getBundle(BUNDLE_NAME, Locale.getDefault());
    private static TraceComponent tc = Tr.register(CreateAuditSigningConfig.class, ManagerAdmin.audit, "com.ibm.ws.security.admintask.audit.signing");
    private Boolean enable;
    private Boolean useEncryptionCert;
    private String certAlias;
    private Boolean autogenCert;
    private Boolean importCert;
    private String certKeyFileName;
    private String certKeyFilePath;
    private String certKeyFileType;
    private String certKeyFilePassword;
    private String certAliasToImport;
    private String signingKeyStoreRef;
    private String signingKeyStorePath;
    private String signingKeyStoreType;
    private String signingKeyStorePassword;
    private String signingKeyStoreConfirmPassword;
    private String origCertAlias;
    private Boolean keyStoreIsFileBased;
    private Boolean keyStoreReadOnly;
    private Boolean keyStoreInitAtStartup;
    private String keyStoreCustomProvider;
    private Boolean keyStoreStashFile;
    private String scopeName;
    private boolean createKeyFile;
    private String keyStoreDescription;
    private ObjectName mgmScopeObjName;
    private boolean createMgmScope;
    String keyFileName;
    ObjectName keyStoreCreated;
    boolean keyStoreFound;

    public CreateAuditSigningConfig(TaskCommandMetadata taskCommandMetadata) throws CommandNotFoundException {
        super(taskCommandMetadata);
        this.enable = null;
        this.useEncryptionCert = null;
        this.certAlias = null;
        this.autogenCert = null;
        this.importCert = null;
        this.certKeyFileName = null;
        this.certKeyFilePath = null;
        this.certKeyFileType = null;
        this.certKeyFilePassword = null;
        this.certAliasToImport = null;
        this.signingKeyStoreRef = null;
        this.signingKeyStorePath = null;
        this.signingKeyStoreType = null;
        this.signingKeyStorePassword = null;
        this.signingKeyStoreConfirmPassword = null;
        this.origCertAlias = null;
        this.keyStoreIsFileBased = Boolean.TRUE;
        this.keyStoreReadOnly = Boolean.FALSE;
        this.keyStoreInitAtStartup = null;
        this.keyStoreCustomProvider = null;
        this.keyStoreStashFile = null;
        this.scopeName = null;
        this.createKeyFile = true;
        this.keyStoreDescription = null;
        this.mgmScopeObjName = null;
        this.createMgmScope = false;
        this.keyFileName = null;
        this.keyStoreCreated = null;
        this.keyStoreFound = false;
    }

    public CreateAuditSigningConfig(CommandData commandData) throws CommandNotFoundException, CommandLoadException {
        super(commandData);
        this.enable = null;
        this.useEncryptionCert = null;
        this.certAlias = null;
        this.autogenCert = null;
        this.importCert = null;
        this.certKeyFileName = null;
        this.certKeyFilePath = null;
        this.certKeyFileType = null;
        this.certKeyFilePassword = null;
        this.certAliasToImport = null;
        this.signingKeyStoreRef = null;
        this.signingKeyStorePath = null;
        this.signingKeyStoreType = null;
        this.signingKeyStorePassword = null;
        this.signingKeyStoreConfirmPassword = null;
        this.origCertAlias = null;
        this.keyStoreIsFileBased = Boolean.TRUE;
        this.keyStoreReadOnly = Boolean.FALSE;
        this.keyStoreInitAtStartup = null;
        this.keyStoreCustomProvider = null;
        this.keyStoreStashFile = null;
        this.scopeName = null;
        this.createKeyFile = true;
        this.keyStoreDescription = null;
        this.mgmScopeObjName = null;
        this.createMgmScope = false;
        this.keyFileName = null;
        this.keyStoreCreated = null;
        this.keyStoreFound = false;
    }

    private String getMsg(ResourceBundle resourceBundle, String str, Object[] objArr) {
        return MessageFormatHelper.getFormattedMessage(resourceBundle, str, objArr);
    }

    @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand, com.ibm.websphere.management.cmdframework.provider.AbstractAdminCommand, com.ibm.websphere.management.cmdframework.AdminCommand
    public void validate() throws CommandValidationException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "validate");
        }
        super.validate();
        try {
            RoleBasedAuthorizer roleBasedAuthorizer = RoleBasedConfiguratorFactory.getConfigurator().getRoleBasedAuthorizer(Constants.ADMIN_APP, "domain");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Got the RoleBasedAuthorizer object.");
            }
            if (!roleBasedAuthorizer.isCallerInRole("administrator")) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.UserNotInRole", new Object[]{"administrator"}));
            }
            this.enable = (Boolean) getParameter("enableAuditSigning");
            if (this.enable != null && !this.enable.booleanValue()) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.CannotConfigSigning", null));
            }
            this.certAlias = (String) getParameter("certAlias");
            if (this.certAlias == null || this.certAlias.length() == 0) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.NoCertAliasValue", null));
            }
            if (this.certAlias != null && this.certAlias.length() != 0) {
                if (PlatformHelperFactory.getPlatformHelper().isZOS()) {
                    this.origCertAlias = this.certAlias;
                }
                this.certAlias = this.certAlias.toLowerCase();
            }
            this.useEncryptionCert = (Boolean) getParameter("useEncryptionCert");
            this.autogenCert = (Boolean) getParameter("autogenCert");
            this.importCert = (Boolean) getParameter("importCert");
            if (this.useEncryptionCert != null && this.useEncryptionCert.booleanValue() && ((this.autogenCert != null && this.autogenCert.booleanValue()) || (this.importCert != null && this.importCert.booleanValue()))) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.ReuseCertError", null));
            }
            if ((this.useEncryptionCert == null || !this.useEncryptionCert.booleanValue()) && this.autogenCert != null && this.importCert != null && this.autogenCert.equals(Boolean.TRUE) && this.importCert.equals(Boolean.TRUE)) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.MustSpecifyCertGenMethod", null));
            }
            this.certKeyFileName = (String) getParameter("certKeyFileName");
            if (this.importCert != null && this.importCert.booleanValue() && (this.certKeyFileName == null || this.certKeyFileName.length() == 0)) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.NoCertKeyFileNameValue", null));
            }
            this.certKeyFilePath = (String) getParameter("certKeyFilePath");
            if (this.importCert != null && this.importCert.booleanValue() && (this.certKeyFilePath == null || this.certKeyFilePath.length() == 0)) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.NoCertKeyFilePathValue", null));
            }
            this.certKeyFileType = (String) getParameter("certKeyFileType");
            if (this.importCert != null && this.importCert.booleanValue() && (this.certKeyFileType == null || this.certKeyFileType.length() == 0)) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.NoCertKeyFileTypeValue", null));
            }
            this.certKeyFilePassword = (String) getParameter("certKeyFilePassword");
            if (this.importCert != null && this.importCert.booleanValue() && (this.certKeyFilePassword == null || this.certKeyFilePassword.length() == 0)) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.NoCertKeyFilePasswordValue", null));
            }
            this.certAliasToImport = (String) getParameter("certAliasToImport");
            if (this.importCert != null && this.importCert.booleanValue() && (this.certAliasToImport == null || this.certAliasToImport.length() == 0)) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.NoCertAliasToImport", null));
            }
            if (this.certAliasToImport != null && this.certAliasToImport.length() != 0) {
                this.certAliasToImport = this.certAliasToImport.toLowerCase();
            }
            this.signingKeyStoreRef = (String) getParameter("signingKeyStoreRef");
            if (this.signingKeyStoreRef == null || this.signingKeyStoreRef.length() == 0) {
                throw new CommandValidationException(getMsg(resBundle, "security.admintask.NoKeyStoreNameValue", null));
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "enable: " + this.enable + " certAlias: " + this.certAlias + " useEncryptionCert: " + this.useEncryptionCert + " autogenCert: " + this.autogenCert + " importCert: " + this.importCert + " certKeyFileName: " + this.certKeyFileName + " certKeyFilePath: " + this.certKeyFilePath + " certKeyFileType: " + this.certKeyFileType + " certKeyFilePassword: ***  certAliasToImport: " + this.certAliasToImport + " signingKeyStoreRef: " + this.signingKeyStoreRef);
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "validate");
            }
        } catch (Exception e) {
            throw new CommandValidationException(e.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand
    public void afterStepsExecuted() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "afterStepsExecuted");
        }
        super.afterStepsExecuted();
        TaskCommandResultImpl taskCommandResultImpl = (TaskCommandResultImpl) getTaskCommandResult();
        if (!taskCommandResultImpl.isSuccessful()) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "afterStepsExecuted");
                return;
            }
            return;
        }
        ConfigService configService = ConfigServiceFactory.getConfigService();
        Session configSession = getConfigSession();
        AttributeList attributeList = new AttributeList();
        String str = null;
        try {
            ObjectName objectName = configService.queryConfigObjects(configSession, null, ConfigServiceHelper.createObjectName((ConfigDataId) null, RasMessage.AUDIT), null)[0];
            if (objectName == null) {
                String msg = getMsg(resBundle, "security.admintask.NoAuditXML", null);
                taskCommandResultImpl.addWarnings(msg);
                taskCommandResultImpl.setResult(new Boolean(false));
                taskCommandResultImpl.setException(new CommandException(msg));
                return;
            }
            ObjectName objectName2 = configService.queryConfigObjects(configSession, null, ConfigServiceHelper.createObjectName((AttributeList) configService.getAttribute(configSession, objectName, AuditConfig.AUDIT_POLICY)), null)[0];
            if (objectName2 != null && tc.isDebugEnabled()) {
                Tr.debug(tc, "policyObj: " + objectName2);
            }
            ObjectName objectName3 = (ObjectName) configService.getAttribute(configSession, objectName2, "encryptionCert");
            String str2 = null;
            ObjectName objectName4 = null;
            String str3 = null;
            String str4 = null;
            String str5 = null;
            String str6 = null;
            if (objectName3 == null) {
                Tr.debug(tc, "no encryption keystore");
            } else if (this.useEncryptionCert != null && this.useEncryptionCert.booleanValue()) {
                str2 = (String) configService.getAttribute(configSession, objectName3, "alias");
                objectName4 = (ObjectName) configService.getAttribute(configSession, objectName3, "keyStore");
                str3 = (String) configService.getAttribute(configSession, objectName4, "name");
                str4 = (String) configService.getAttribute(configSession, objectName4, "location");
                str5 = (String) configService.getAttribute(configSession, objectName4, "password");
                str6 = (String) configService.getAttribute(configSession, objectName4, "type");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, " >>> Encryption keyStore name: " + str3 + " keyPath: " + str4 + " keyType: " + str6 + "certAlias: " + str2);
                }
            }
            attributeList.add(new Attribute("sign", this.enable));
            boolean z = false;
            ArrayList arrayList = (ArrayList) configService.getAttribute(configSession, configService.resolve(configSession, "Cell=:Security=")[0], "keyStores");
            int i = 0;
            while (true) {
                if (i >= arrayList.size()) {
                    break;
                }
                AttributeList attributeList2 = (AttributeList) arrayList.get(i);
                ObjectName createObjectName = ConfigServiceHelper.createObjectName(attributeList2);
                ConfigServiceHelper.getAttributeValue(attributeList2, "name").toString();
                String str7 = ConfigServiceHelper.getConfigDataId(createObjectName).toString().split("#")[1];
                if (str7.equals(this.signingKeyStoreRef)) {
                    z = true;
                    this.keyStoreCreated = createObjectName;
                    str = str7;
                    break;
                }
                i++;
            }
            if (!z) {
                String msg2 = getMsg(resBundle, "security.admintask.NoKeyStore", null);
                taskCommandResultImpl.addWarnings(msg2);
                taskCommandResultImpl.setResult(new Boolean(false));
                taskCommandResultImpl.setException(new CommandException(msg2));
                return;
            }
            ObjectName objectName5 = this.keyStoreCreated;
            String str8 = (String) configService.getAttribute(configSession, (ObjectName) configService.getAttribute(configSession, this.keyStoreCreated, "managementScope"), "scopeName");
            String str9 = (String) configService.getAttribute(configSession, this.keyStoreCreated, "name");
            new AttributeList();
            if (this.useEncryptionCert != null && this.useEncryptionCert.booleanValue()) {
                if (!((Boolean) configService.getAttribute(configSession, objectName2, "encrypt")).booleanValue()) {
                    String msg3 = getMsg(resBundle, "security.admintask.NoEncryptionKeyStore", null);
                    taskCommandResultImpl.addWarnings(msg3);
                    taskCommandResultImpl.setResult(new Boolean(false));
                    taskCommandResultImpl.setException(new CommandException(msg3));
                    return;
                }
                if (objectName4 == null) {
                    String msg4 = getMsg(resBundle, "security.admintask.NoEncryptionKeyStore", null);
                    taskCommandResultImpl.addWarnings(msg4);
                    taskCommandResultImpl.setResult(new Boolean(false));
                    taskCommandResultImpl.setException(new CommandException(msg4));
                    return;
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Sign keystore ref: " + this.signingKeyStoreRef + " Sign keystore name: " + str9 + " Sign scope: " + str8 + " Encryption keyStore name: " + str3 + " keyPath: " + str4 + " keyType: " + str6);
                }
                AdminCommand createCommand = CommandMgr.getCommandMgr().createCommand("importEncryptionCertificate");
                createCommand.setParameter("keyStoreName", str9);
                createCommand.setParameter("keyStoreScope", str8);
                createCommand.setParameter("keyFilePath", str4);
                createCommand.setParameter("keyFilePassword", str5);
                createCommand.setParameter("keyFileType", str6);
                createCommand.setParameter("certificateAliasFromKeyFile", str2);
                createCommand.setParameter("certificateAlias", this.certAlias);
                createCommand.setConfigSession(configSession);
                createCommand.execute();
                CommandResult commandResult = createCommand.getCommandResult();
                if (!commandResult.isSuccessful()) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Was not successful importing self signed personal certificate for audit signing");
                    }
                    String msg5 = getMsg(resBundle, "security.admintask.ImportCertFailure", null);
                    if (commandResult.getException() != null && commandResult.getException().getMessage() != null) {
                        msg5 = msg5.concat(": ").concat(commandResult.getException().getMessage());
                    }
                    taskCommandResultImpl.addWarnings(msg5);
                    taskCommandResultImpl.setResult(new Boolean(false));
                    taskCommandResultImpl.setException(new CommandException(msg5));
                    return;
                }
                if (!((Boolean) commandResult.getResult()).booleanValue()) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Was not successful importing self signed personal certificate for audit signing");
                    }
                    String msg6 = getMsg(resBundle, "security.admintask.ImportCertFailure", null);
                    if (commandResult.getException() != null && commandResult.getException().getMessage() != null) {
                        msg6 = msg6.concat(": ").concat(commandResult.getException().getMessage());
                    }
                    taskCommandResultImpl.addWarnings(msg6);
                    taskCommandResultImpl.setResult(new Boolean(false));
                    taskCommandResultImpl.setException(new CommandException(msg6));
                    return;
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Successfully imported self signed personal certificate for audit signing");
                }
            } else if (this.autogenCert != null && this.autogenCert.booleanValue()) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Sign keystore name: " + str9 + " Sign scope: " + str8 + " certAlias: " + this.certAlias);
                }
                AdminCommand createCommand2 = CommandMgr.getCommandMgr().createCommand("createSelfSignedCertificate");
                createCommand2.setParameter("keyStoreName", str9);
                createCommand2.setParameter("keyStoreScope", str8);
                createCommand2.setParameter("certificateAlias", this.certAlias);
                createCommand2.setParameter("certificateSize", new Integer(2048));
                createCommand2.setParameter("certificateCommonName", InetAddress.getLocalHost().getHostName());
                createCommand2.setParameter("certificateOrganization", IBMConstants.ibm);
                createCommand2.setConfigSession(configSession);
                createCommand2.execute();
                CommandResult commandResult2 = createCommand2.getCommandResult();
                if (!commandResult2.isSuccessful()) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Was not successful creating self signed personal certificate for audit signing");
                    }
                    String msg7 = getMsg(resBundle, "security.admintask.AutogenCertFailure", null);
                    if (commandResult2.getException() != null && commandResult2.getException().getMessage() != null) {
                        msg7 = msg7.concat(": ").concat(commandResult2.getException().getMessage());
                    }
                    taskCommandResultImpl.addWarnings(msg7);
                    taskCommandResultImpl.setResult(new Boolean(false));
                    taskCommandResultImpl.setException(new CommandException(msg7));
                    return;
                }
                if (!((Boolean) commandResult2.getResult()).booleanValue()) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Was not successful creating self signed personal certificate for audit signing");
                    }
                    String msg8 = getMsg(resBundle, "security.admintask.AutogenCertFailure", null);
                    if (commandResult2.getException() != null && commandResult2.getException().getMessage() != null) {
                        msg8 = msg8.concat(": ").concat(commandResult2.getException().getMessage());
                    }
                    taskCommandResultImpl.addWarnings(msg8);
                    taskCommandResultImpl.setResult(new Boolean(false));
                    taskCommandResultImpl.setException(new CommandException(msg8));
                    return;
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Successfully created self signed personal certificate for audit signing");
                }
            } else if (this.importCert != null && this.importCert.booleanValue()) {
                AdminCommand createCommand3 = CommandMgr.getCommandMgr().createCommand("importCertificate");
                createCommand3.setParameter("keyStoreName", str9);
                createCommand3.setParameter("keyStoreScope", str8);
                createCommand3.setParameter("keyFilePath", this.certKeyFilePath);
                createCommand3.setParameter("keyFilePassword", this.certKeyFilePassword);
                createCommand3.setParameter("keyFileType", this.certKeyFileType);
                createCommand3.setParameter("certificateAliasFromKeyFile", this.certAliasToImport);
                createCommand3.setParameter("certificateAlias", this.certAlias);
                createCommand3.setConfigSession(configSession);
                createCommand3.execute();
                CommandResult commandResult3 = createCommand3.getCommandResult();
                if (!commandResult3.isSuccessful()) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Was not successful importing self signed personal certificate for audit signing");
                    }
                    String msg9 = getMsg(resBundle, "security.admintask.ImportCertFailure", null);
                    if (commandResult3.getException() != null && commandResult3.getException().getMessage() != null) {
                        msg9 = msg9.concat(": ").concat(commandResult3.getException().getMessage());
                    }
                    taskCommandResultImpl.addWarnings(msg9);
                    taskCommandResultImpl.setResult(new Boolean(false));
                    taskCommandResultImpl.setException(new CommandException(msg9));
                    return;
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Successfully imported self signed personal certificate for audit signing");
                }
            }
            if (this.autogenCert != null && !this.autogenCert.booleanValue() && this.importCert != null && !this.importCert.booleanValue() && this.useEncryptionCert != null && !this.useEncryptionCert.booleanValue() && this.certAlias != null && this.certAlias.length() != 0) {
                AdminCommand createCommand4 = CommandMgr.getCommandMgr().createCommand("listPersonalCertificates");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "keyStoreName: " + str9);
                }
                createCommand4.setParameter("keyStoreName", str9);
                createCommand4.setParameter("keyStoreScope", this.scopeName);
                createCommand4.setConfigSession(configSession);
                createCommand4.execute();
                CommandResult commandResult4 = createCommand4.getCommandResult();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "cmdResult.isSuccessful: " + commandResult4.isSuccessful());
                    Tr.debug(tc, "cmdResult.getResult: " + commandResult4.getResult().toString());
                }
                if (!commandResult4.isSuccessful()) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Was unsuccessful listing the certificate aliases in the referenced keystore");
                    }
                    String msg10 = getMsg(resBundle, "security.admintask.ListCertFailure", null);
                    if (commandResult4.getException() != null && commandResult4.getException().getMessage() != null) {
                        msg10 = msg10.concat(": ").concat(commandResult4.getException().getMessage());
                    }
                    taskCommandResultImpl.addWarnings(msg10);
                    taskCommandResultImpl.setResult(new Boolean(false));
                    taskCommandResultImpl.setException(new CommandException(msg10));
                    return;
                }
                boolean z2 = false;
                ArrayList arrayList2 = (ArrayList) commandResult4.getResult();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "list size: " + arrayList2.size());
                }
                for (int i2 = 0; i2 < arrayList2.size(); i2++) {
                    Iterator it = ((AttributeList) arrayList2.get(i2)).iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        Attribute attribute = (Attribute) it.next();
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "attribute: " + attribute.toString());
                        }
                        if (attribute.getName().equals("alias") && attribute.getValue().equals(this.certAlias)) {
                            z2 = true;
                            break;
                        }
                    }
                    if (z2) {
                        break;
                    }
                }
                if (!z2) {
                    if (PlatformHelperFactory.getPlatformHelper().isZOS()) {
                        for (int i3 = 0; i3 < arrayList2.size(); i3++) {
                            Iterator it2 = ((AttributeList) arrayList2.get(i3)).iterator();
                            while (true) {
                                if (!it2.hasNext()) {
                                    break;
                                }
                                Attribute attribute2 = (Attribute) it2.next();
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "z check,attribute: " + attribute2.toString());
                                }
                                if (attribute2.getName().equals("alias") && attribute2.getValue().equals(this.origCertAlias)) {
                                    z2 = true;
                                    break;
                                }
                            }
                            if (z2) {
                                break;
                            }
                        }
                    }
                    if (!z2) {
                        String msg11 = getMsg(resBundle, "security.admintask.CertNotInKeyStore", null);
                        taskCommandResultImpl.addWarnings(msg11);
                        taskCommandResultImpl.setResult(new Boolean(false));
                        taskCommandResultImpl.setException(new CommandException(msg11));
                        return;
                    }
                }
            }
            attributeList.add(new Attribute(AuditConfig.SECURITY_XML_SIGNER_KEYSTORE_NAME, str9));
            attributeList.add(new Attribute(AuditConfig.SECURITY_XML_SIGNER_CERT_ALIAS, this.certAlias));
            attributeList.add(new Attribute(AuditConfig.SECURITY_XML_SIGNER_SCOPE_NANME, str8));
            configService.setAttributes(configSession, objectName2, attributeList);
            taskCommandResultImpl.setResult(str);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "afterStepsExecuted");
            }
        } catch (ConfigServiceException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.admintask.audit.signing.CreateAuditSigningConfig.afterStepsExecuted", "154");
            if (tc.isEntryEnabled()) {
                Tr.debug(tc, "Error getting configuration: ", e.getMessage());
            }
            String msg12 = getMsg(resBundle, "security.admintask.ConfigurationError", null);
            if (e.getMessage() != null) {
                msg12 = msg12.concat(": ").concat(e.getMessage());
            }
            e.printStackTrace();
            taskCommandResultImpl.addWarnings(msg12);
            taskCommandResultImpl.setResult(new Boolean(false));
            taskCommandResultImpl.setException(new CommandException(msg12));
        } catch (Exception e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.security.admintask.audit.signing.CreateAuditSigningConfig.afterStepsExecuted", "154");
            if (tc.isEntryEnabled()) {
                Tr.debug(tc, "Error getting configuration: ", e2.getMessage());
            }
            String msg13 = getMsg(resBundle, "security.admintask.ConfigurationError", null);
            if (e2.getMessage() != null) {
                msg13 = msg13.concat(": ").concat(e2.getMessage());
            }
            e2.printStackTrace();
            taskCommandResultImpl.addWarnings(msg13);
            taskCommandResultImpl.setResult(new Boolean(false));
            taskCommandResultImpl.setException(new CommandException(msg13));
        }
    }

    private String fixLocation(String str, String str2) {
        String replace = str2.replace('\\', '/');
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "fixLocation", new Object[]{str, replace});
        }
        int indexOf = replace.indexOf("/cells/");
        String str3 = replace;
        if (indexOf != -1) {
            str3 = str + replace.substring(indexOf);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "fixLocation -> " + str3);
        }
        return str3;
    }

    private static X509Certificate getCertFromArmFile(String str) throws Exception {
        String str2;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getCertFromArmFile");
        }
        if (str.equals("server")) {
            str2 = "serverCert.arm";
        } else {
            if (!str.equals("client")) {
                return null;
            }
            str2 = "clientCert.arm";
        }
        FileInputStream fileInputStream = null;
        String str3 = System.getProperty("user.install.root") + "/etc/" + str2;
        try {
            try {
                try {
                    fileInputStream = new FileInputStream(str3);
                    Collection<? extends Certificate> generateCertificates = CertificateFactory.getInstance("X509").generateCertificates(fileInputStream);
                    X509Certificate[] x509CertificateArr = new X509Certificate[generateCertificates.size()];
                    Iterator<? extends Certificate> it = generateCertificates.iterator();
                    int i = 0;
                    while (it.hasNext()) {
                        x509CertificateArr[i] = (X509Certificate) it.next();
                        i++;
                    }
                    X509Certificate x509Certificate = x509CertificateArr[0];
                    if (fileInputStream != null) {
                        fileInputStream.close();
                    }
                    if (tc.isEntryEnabled()) {
                        Tr.exit(tc, "getCertFromArmFile");
                    }
                    return x509Certificate;
                } catch (Exception e) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Exception recieve while trying to get certificate from arm file: " + e.getMessage());
                    }
                    if (tc.isEntryEnabled()) {
                        Tr.exit(tc, "getCertFromArmFile");
                    }
                    if (fileInputStream != null) {
                        fileInputStream.close();
                    }
                    return null;
                }
            } catch (FileNotFoundException e2) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, str3 + " does not exist.  Certificate will no be used.");
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "getCertFromArmFile");
                }
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
                return null;
            }
        } catch (Throwable th) {
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            throw th;
        }
    }
}
