package com.ibm.ws.ssl.commands.migrate;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.cmdframework.CommandException;
import com.ibm.websphere.management.cmdframework.CommandLoadException;
import com.ibm.websphere.management.cmdframework.CommandNotFoundException;
import com.ibm.websphere.management.cmdframework.CommandValidationException;
import com.ibm.websphere.management.cmdframework.commanddata.CommandData;
import com.ibm.websphere.management.cmdframework.commandmetadata.TaskCommandMetadata;
import com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand;
import com.ibm.websphere.management.cmdframework.provider.TaskCommandResultImpl;
import com.ibm.websphere.management.configservice.ConfigDataId;
import com.ibm.websphere.management.configservice.ConfigService;
import com.ibm.websphere.management.configservice.ConfigServiceFactory;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import com.ibm.websphere.management.exception.ConfigServiceException;
import com.ibm.websphere.management.exception.ConnectorException;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.util.NodeVersionUtils;
import com.ibm.ws.ssl.commands.keyStores.KeyStoreHelper;
import com.ibm.ws.ssl.commands.personalCertificates.PersonalCertificateHelper;
import com.ibm.ws.ssl.commands.utils.CommandConstants;
import com.ibm.ws.ssl.commands.utils.CommandHelper;
import com.ibm.ws.ssl.config.KeyStoreManager;
import com.ibm.ws.ssl.config.ManagementScopeData;
import com.ibm.ws.ssl.config.WSKeyStore;
import com.ibm.ws.ssl.config.WSKeyStoreRemotable;
import com.ibm.ws.ssl.core.Constants;
import com.ibm.ws.ssl.model.KeyStoreInfo;
import com.ibm.ws.workspace.query.WorkSpaceQueryUtil;
import com.ibm.wsspi.management.bla.OperationConstants;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.ResourceBundle;
import javax.management.Attribute;
import javax.management.AttributeList;
import javax.management.AttributeNotFoundException;
import javax.management.ObjectName;

/* loaded from: input_file:wasJars/cryptoimpl.jar:com/ibm/ws/ssl/commands/migrate/ConvertSSLConfig.class */
public class ConvertSSLConfig extends AbstractTaskCommand {
    private static TraceComponent tc = Tr.register(ConvertSSLConfig.class, "SSL", "com.ibm.ws.ssl.commands.migrate");
    private static String BUNDLE_NAME = "com.ibm.ejs.resources.security";
    private static ResourceBundle resBundle = ResourceBundle.getBundle(BUNDLE_NAME, Locale.getDefault());
    private String sslConversionOption;

    public ConvertSSLConfig(TaskCommandMetadata taskCommandMetadata) throws CommandNotFoundException {
        super(taskCommandMetadata);
        this.sslConversionOption = null;
    }

    public ConvertSSLConfig(CommandData commandData) throws CommandNotFoundException, CommandLoadException {
        super(commandData);
        this.sslConversionOption = null;
    }

    @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand, com.ibm.websphere.management.cmdframework.provider.AbstractAdminCommand, com.ibm.websphere.management.cmdframework.AdminCommand
    public void validate() throws CommandValidationException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "validate");
        }
        super.validate();
        try {
            this.sslConversionOption = (String) getParameter("sslConversionOption");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "sslConversionOption name is " + this.sslConversionOption);
            }
            if (this.sslConversionOption != null && !validSSLConvstionType(this.sslConversionOption)) {
                throw new CommandValidationException("sslConversionOption is not valid.");
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "validate");
            }
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityConfigProvider", "198");
            throw new CommandValidationException(e.getMessage());
        }
    }

    @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand
    public void afterStepsExecuted() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "convertSSLConfig");
        }
        super.afterStepsExecuted();
        TaskCommandResultImpl taskCommandResultImpl = (TaskCommandResultImpl) getTaskCommandResult();
        if (!taskCommandResultImpl.isSuccessful()) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "afterStepsExecuted");
                return;
            }
            return;
        }
        try {
            ConfigService configService = ConfigServiceFactory.getConfigService();
            Session configSession = getConfigSession();
            if (this.sslConversionOption.equals("CONVERT_SSLCONFIGS")) {
                convertSSLConfigurations(configSession, configService);
            }
            if (this.sslConversionOption.equals("CONVERT_TO_DEFAULT")) {
                convertToDefaultConfig(configSession, configService);
            }
        } catch (Exception e) {
            taskCommandResultImpl.setException(new CommandException(e, e.getMessage()));
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "convertSSLConfig");
        }
    }

    private boolean validSSLConvstionType(String str) {
        return str.equalsIgnoreCase("CONVERT_SSLCONFIGS") || str.equalsIgnoreCase("CONVERT_TO_DEFAULT");
    }

    private void convertToDefaultConfig(Session session, ConfigService configService) throws Exception {
        String buildScopeName;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "convertToDefaultConfig");
        }
        boolean z = false;
        try {
            try {
                ObjectName objectName = configService.resolve(session, "Cell=")[0];
                ObjectName objectName2 = configService.resolve(session, "Cell=:Security=")[0];
                ObjectName[] queryConfigObjects = configService.queryConfigObjects(session, objectName, ConfigServiceHelper.createObjectName((ConfigDataId) null, "ServerEntry"), null);
                int i = 0;
                while (true) {
                    if (i >= queryConfigObjects.length) {
                        break;
                    }
                    String str = (String) configService.getAttribute(session, queryConfigObjects[i], "serverType");
                    if (str != null && str.equals("DEPLOYMENT_MANAGER")) {
                        z = true;
                        checkSSLConfigExistsCreateIfNot(session, configService, objectName2, "CellDefaultSSLSettings", buildScopeName(session, configService, null, "cell"), true);
                        break;
                    }
                    i++;
                }
                for (ObjectName objectName3 : configService.resolve(session, "Cell=:Node=")) {
                    boolean z2 = false;
                    for (ObjectName objectName4 : configService.queryConfigObjects(session, objectName3, ConfigServiceHelper.createObjectName((ConfigDataId) null, "ServerEntry"), null)) {
                        if (((String) configService.getAttribute(session, objectName4, "serverType")).equals("DEPLOYMENT_MANAGER")) {
                            z2 = true;
                        }
                    }
                    String str2 = (String) configService.getAttribute(session, objectName3, CommandConstants.NAME);
                    if (NodeVersionUtils.isNodeValid(str2, session, 6, 1)) {
                        if (!z2 && (buildScopeName = buildScopeName(session, configService, str2, "Node")) != null) {
                            checkSSLConfigExistsCreateIfNot(session, configService, objectName2, "NodeDefaultSSLSettings", buildScopeName, z);
                        }
                        removeSSLReferences(session, configService, objectName3);
                    }
                }
                findOrCreateSpecialKeyStores(session, configService, objectName2, z);
                findOrCreateRSAKeyStores(session, configService, objectName2, z);
                if (z) {
                    addSignerToCommonTrustStore(session, configService, objectName2);
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "convertToDefaultConfig");
                }
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.commands.SSLConfig.ConvertSSLConfigProvider", "254");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "exception caught", e);
                }
                throw e;
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "convertToDefaultConfig");
            }
            throw th;
        }
    }

    public StringBuffer convertSSLConfigurations(Session session, ConfigService configService) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "convertSSLConfigurations");
        }
        StringBuffer stringBuffer = new StringBuffer();
        try {
            try {
                ObjectName objectName = configService.resolve(session, "Cell=:Security=")[0];
                for (AttributeList attributeList : (List) configService.getAttribute(session, objectName, CommandConstants.REPERTOIRE)) {
                    ObjectName objectName2 = null;
                    ObjectName objectName3 = null;
                    ObjectName objectName4 = null;
                    ObjectName objectName5 = null;
                    String str = null;
                    String str2 = null;
                    String str3 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "alias");
                    ObjectName objectName6 = (ObjectName) ConfigServiceHelper.getAttributeValue(attributeList, "managementScope");
                    if (str3.endsWith("/DefaultSSLSettings")) {
                        str3.substring(0, str3.indexOf("/DefaultSSLSettings"));
                    }
                    AttributeList attributeList2 = (AttributeList) ConfigServiceHelper.getAttributeValue(attributeList, CommandConstants.SETTING);
                    AttributeList attributeList3 = new AttributeList();
                    if (objectName6 == null) {
                        ObjectName createObjectName = ConfigServiceHelper.createObjectName(attributeList);
                        objectName6 = getScopeForThisConfig(session, configService, objectName, attributeList);
                        attributeList3.add(new Attribute(CommandConstants.MANAGEMENT_SCOPE, objectName6));
                        configService.setAttributes(session, createObjectName, attributeList3);
                        attributeList3.clear();
                    }
                    String str4 = (String) ConfigServiceHelper.getAttributeValue(attributeList2, "keyFileName");
                    if (str4 != null) {
                        String str5 = (String) ConfigServiceHelper.getAttributeValue(attributeList2, "keyFilePassword");
                        String str6 = (String) ConfigServiceHelper.getAttributeValue(attributeList2, "keyFileFormat");
                        if (str5 != null && str6 != null) {
                            objectName2 = findOrCreateKSObj(session, configService, objectName, str4, str5, str6, objectName6);
                        }
                        String str7 = (String) ConfigServiceHelper.getAttributeValue(attributeList2, "trustFileName");
                        if (str7 != null) {
                            String str8 = (String) ConfigServiceHelper.getAttributeValue(attributeList2, "trustFilePassword");
                            String str9 = (String) ConfigServiceHelper.getAttributeValue(attributeList2, "trustFileFormat");
                            if (str8 != null && str9 != null) {
                                objectName3 = findOrCreateKSObj(session, configService, objectName, str7, str8, str9, objectName6);
                            }
                        }
                        ObjectName findOrCreateKeyManager = findOrCreateKeyManager(session, configService, objectName, objectName6);
                        List findOrCreateTrustManager = findOrCreateTrustManager(session, configService, objectName, objectName6);
                        ObjectName objectName7 = configService.queryConfigObjects(session, null, ConfigServiceHelper.createObjectName(attributeList2), null)[0];
                        for (ObjectName objectName8 : (List) ((Attribute) configService.getAttributes(session, objectName7, new String[]{"properties"}, false).get(0)).getValue()) {
                            String str10 = (String) configService.getAttribute(session, objectName8, "name");
                            if (str10.equals("com.ibm.ssl.contextProvider")) {
                                objectName4 = objectName8;
                                str = (String) configService.getAttribute(session, objectName8, "value");
                            }
                            if (str10.equals("com.ibm.ssl.protocol")) {
                                objectName5 = objectName8;
                                str2 = (String) configService.getAttribute(session, objectName8, "value");
                            }
                        }
                        if (objectName2 != null) {
                            attributeList3.add(new Attribute(CommandConstants.KEY_STORE, objectName2));
                        }
                        if (objectName3 != null) {
                            attributeList3.add(new Attribute(CommandConstants.TRUST_STORE, objectName3));
                        }
                        if (findOrCreateKeyManager != null) {
                            attributeList3.add(new Attribute(CommandConstants.KEY_MANAGER, findOrCreateKeyManager));
                        }
                        if (!findOrCreateTrustManager.isEmpty()) {
                            attributeList3.add(new Attribute(CommandConstants.TRUST_MANAGER, findOrCreateTrustManager));
                        }
                        if (str != null) {
                            attributeList3.add(new Attribute(CommandConstants.JSSE_PROVIDER, str));
                        }
                        if (str2 != null) {
                            attributeList3.add(new Attribute(CommandConstants.SSL_PROTOCOL, str2));
                        }
                        attributeList3.add(new Attribute("keyFileName", null));
                        attributeList3.add(new Attribute("keyFilePassword", null));
                        attributeList3.add(new Attribute("keyFileFormat", null));
                        attributeList3.add(new Attribute("trustFileName", null));
                        attributeList3.add(new Attribute("trustFilePassword", null));
                        attributeList3.add(new Attribute("trustFileFormat", null));
                        configService.setAttributes(session, objectName7, attributeList3);
                        if (objectName4 != null) {
                            configService.deleteConfigData(session, objectName4);
                        }
                        if (objectName5 != null) {
                            configService.deleteConfigData(session, objectName5);
                        }
                        stringBuffer.append(str3);
                    }
                }
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "convertSSLConfigurations");
                }
                return stringBuffer;
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityConfigProvider", "290");
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "exception caught", e);
                }
                throw e;
            }
        } catch (Throwable th) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "convertSSLConfigurations");
            }
            throw th;
        }
    }

    private List findOrCreateTrustManager(Session session, ConfigService configService, ObjectName objectName, ObjectName objectName2) throws ConfigServiceException, ConnectorException, AttributeNotFoundException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "findOrCreateTrustManager", new Object[]{objectName, objectName2});
        }
        ObjectName objectName3 = null;
        ArrayList arrayList = new ArrayList();
        ObjectName[] queryConfigObjects = configService.queryConfigObjects(session, objectName, ConfigServiceHelper.createObjectName((ConfigDataId) null, "TrustManager"), null);
        int i = 0;
        while (true) {
            if (i >= queryConfigObjects.length) {
                break;
            }
            ObjectName objectName4 = queryConfigObjects[i];
            if (((String) configService.getAttribute(session, objectName4, CommandConstants.NAME)).equals("IbmPKIX")) {
                objectName3 = objectName4;
                break;
            }
            i++;
        }
        if (objectName3 == null) {
            AttributeList attributeList = new AttributeList();
            attributeList.add(new Attribute(CommandConstants.NAME, "IbmPKIX"));
            attributeList.add(new Attribute(CommandConstants.PROVIDER, "IBMJSSE2"));
            attributeList.add(new Attribute(CommandConstants.ALGORITHM, "IbmPKIX"));
            attributeList.add(new Attribute(CommandConstants.MANAGEMENT_SCOPE, objectName2));
            objectName3 = configService.createConfigData(session, objectName, CommandConstants.TRUST_MANAGERS, null, attributeList);
        }
        arrayList.add(objectName3);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "findOrCreateTrustManager", new Object[]{arrayList});
        }
        return arrayList;
    }

    private ObjectName findOrCreateKeyManager(Session session, ConfigService configService, ObjectName objectName, ObjectName objectName2) throws ConfigServiceException, ConnectorException, AttributeNotFoundException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "findOrCreateKeyManager", new Object[]{objectName, objectName2});
        }
        ObjectName objectName3 = null;
        Iterator it = ((List) configService.getAttribute(session, objectName, CommandConstants.KEY_MANAGERS)).iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            AttributeList attributeList = (AttributeList) it.next();
            if (((String) ConfigServiceHelper.getAttributeValue(attributeList, CommandConstants.NAME)).equals("IbmX509")) {
                objectName3 = ConfigServiceHelper.createObjectName(attributeList);
                break;
            }
        }
        if (objectName3 == null) {
            AttributeList attributeList2 = new AttributeList();
            attributeList2.add(new Attribute(CommandConstants.NAME, "IbmX509"));
            attributeList2.add(new Attribute(CommandConstants.PROVIDER, "IBMJSSE2"));
            attributeList2.add(new Attribute(CommandConstants.ALGORITHM, "IbmX509"));
            attributeList2.add(new Attribute(CommandConstants.MANAGEMENT_SCOPE, objectName2));
            objectName3 = configService.createConfigData(session, objectName, CommandConstants.KEY_MANAGERS, null, attributeList2);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "findOrCreateKeyManager", new Object[]{objectName3});
        }
        return objectName3;
    }

    private ObjectName findOrCreateKSObj(Session session, ConfigService configService, ObjectName objectName, String str, String str2, String str3, ObjectName objectName2) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "findOrCreateKSObj", new Object[]{objectName, str, str3, objectName2});
        }
        ObjectName objectName3 = null;
        List list = (List) configService.getAttribute(session, objectName, CommandConstants.KEY_STORES);
        String str4 = (String) configService.getAttribute(session, objectName2, CommandConstants.SCOPE_NAME);
        Iterator it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            AttributeList attributeList = (AttributeList) it.next();
            if (str != null && str3 != null && str2 != null) {
                String str5 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "location");
                String str6 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "type");
                String str7 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "password");
                if (str.equals(str5) && str3.equals(str6) && str2.equals(str7) && new CommandHelper().withInScope(configService, session, attributeList, str4)) {
                    objectName3 = ConfigServiceHelper.createObjectName(attributeList);
                    break;
                }
            }
        }
        String substring = str.substring(str.lastIndexOf("/") + 1);
        String str8 = "IBMJCE";
        if (str3.equals(Constants.KEYSTORE_TYPE_CMS)) {
            str8 = Constants.IBMCMS_NAME;
        } else if (str3.equals(Constants.KEYSTORE_TYPE_CMS_OS400)) {
            str8 = Constants.OS400CMS_NAME;
        } else if (str3.equals(Constants.KEYSTORE_TYPE_JAVACRYPTO)) {
            str8 = Constants.KEYSTORE_TYPE_JAVACRYPTO;
        }
        KeyStoreInfo keyStoreInfo = new KeyStoreInfo(substring, str, str2, str8, str3, Boolean.TRUE, null, str4, objectName2, Boolean.FALSE, Boolean.FALSE, Boolean.FALSE, null, null, null, null, null);
        if (objectName3 == null) {
            objectName3 = configService.createConfigData(session, objectName, "keyStores", null, KeyStoreHelper.createKeyStoreAttrList(keyStoreInfo));
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "findOrCreateKSObj", new Object[]{objectName3});
        }
        return objectName3;
    }

    private ObjectName makeDefaultKSObj(Session session, ConfigService configService, ObjectName objectName, String str, String str2, String str3, ObjectName objectName2, String str4) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "makeDefaultKSObj", new Object[]{objectName, str, str3, objectName2, str4});
        }
        ObjectName objectName3 = null;
        String str5 = (String) configService.getAttribute(session, objectName2, CommandConstants.SCOPE_NAME);
        ObjectName[] queryConfigObjects = configService.queryConfigObjects(session, objectName, ConfigServiceHelper.createObjectName((ConfigDataId) null, "KeyStore"), null);
        int i = 0;
        while (true) {
            if (i >= queryConfigObjects.length) {
                break;
            }
            ObjectName objectName4 = queryConfigObjects[i];
            if (str4 != null && str4.equals((String) configService.getAttribute(session, objectName4, CommandConstants.NAME)) && str5.equals((String) configService.getAttribute(session, (ObjectName) configService.getAttribute(session, objectName4, CommandConstants.MANAGEMENT_SCOPE), CommandConstants.SCOPE_NAME))) {
                objectName3 = objectName4;
                break;
            }
            i++;
        }
        String str6 = (str4.endsWith(Constants.RSA_TOKEN_KEY_STORE) || str4.endsWith(Constants.RSA_TOKEN_ROOT_STORE) || str4.endsWith(Constants.RSA_TOKEN_TRUST_STORE)) ? "RSATokenKeys" : "SSLKeys";
        Object obj = "IBMJCE";
        if (str3.equals(Constants.KEYSTORE_TYPE_CMS)) {
            obj = Constants.IBMCMS_NAME;
        } else if (str3.equals(Constants.KEYSTORE_TYPE_CMS_OS400)) {
            obj = Constants.OS400CMS_NAME;
        } else if (str3.equals(Constants.KEYSTORE_TYPE_JAVACRYPTO)) {
            obj = Constants.KEYSTORE_TYPE_JAVACRYPTO;
        }
        AttributeList attributeList = new AttributeList();
        if (str4 != null) {
            attributeList.add(new Attribute("name", str4));
        }
        if (str != null) {
            attributeList.add(new Attribute("location", str));
        }
        if (str3 != null) {
            attributeList.add(new Attribute("type", str3));
        }
        if (str2 != null) {
            attributeList.add(new Attribute("password", str2));
        }
        if (obj != null) {
            attributeList.add(new Attribute("provider", obj));
        }
        attributeList.add(new Attribute("usage", str6));
        attributeList.add(new Attribute("fileBased", Boolean.TRUE));
        attributeList.add(new Attribute("readOnly", Boolean.FALSE));
        attributeList.add(new Attribute("initializeAtStartup", Boolean.FALSE));
        if (objectName2 != null) {
            attributeList.add(new Attribute(CommandConstants.MANAGEMENT_SCOPE, objectName2));
        }
        if (objectName3 != null) {
            configService.setAttributes(session, objectName3, attributeList);
        } else {
            objectName3 = configService.createConfigData(session, objectName, "keyStores", null, attributeList);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "makeDefaultKSObj", new Object[]{objectName3});
        }
        return objectName3;
    }

    private void findOrCreateSSLConfigGroup(Session session, ConfigService configService, ObjectName objectName, ObjectName objectName2, String str) throws Exception {
        String nodeName;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "findOrCreateSSLConfigGroup", new Object[]{objectName, objectName2});
        }
        boolean z = false;
        boolean z2 = false;
        ManagementScopeData managementScopeData = new ManagementScopeData(str);
        String scopeType = managementScopeData.getScopeType();
        if (scopeType != null && scopeType.equalsIgnoreCase("cell")) {
            nodeName = managementScopeData.getCellName();
        } else if (scopeType == null || !scopeType.equalsIgnoreCase("node")) {
            return;
        } else {
            nodeName = managementScopeData.getNodeName();
        }
        for (ObjectName objectName3 : configService.queryConfigObjects(session, objectName, ConfigServiceHelper.createObjectName((ConfigDataId) null, "SSLConfigGroup"), null)) {
            if (((String) configService.getAttribute(session, objectName3, "name")).equals(nodeName)) {
                String str2 = (String) configService.getAttribute(session, objectName3, "direction");
                if (str2.equals("inbound")) {
                    z = true;
                }
                if (str2.equals("outbound")) {
                    z2 = true;
                }
            }
        }
        if (!z) {
            AttributeList attributeList = new AttributeList();
            attributeList.add(new Attribute(CommandConstants.NAME, nodeName));
            attributeList.add(new Attribute(CommandConstants.DIRECTION, "inbound"));
            attributeList.add(new Attribute(CommandConstants.SSL_CONFIG, objectName2));
            attributeList.add(new Attribute(CommandConstants.MANAGEMENT_SCOPE, (ObjectName) configService.getAttribute(session, objectName2, CommandConstants.MANAGEMENT_SCOPE)));
            configService.createConfigData(session, objectName, CommandConstants.SSL_CONFIG_GROUPS, null, attributeList);
        }
        if (!z2) {
            AttributeList attributeList2 = new AttributeList();
            attributeList2.add(new Attribute(CommandConstants.NAME, nodeName));
            attributeList2.add(new Attribute(CommandConstants.DIRECTION, "outbound"));
            attributeList2.add(new Attribute(CommandConstants.SSL_CONFIG, objectName2));
            attributeList2.add(new Attribute(CommandConstants.MANAGEMENT_SCOPE, (ObjectName) configService.getAttribute(session, objectName2, CommandConstants.MANAGEMENT_SCOPE)));
            configService.createConfigData(session, objectName, CommandConstants.SSL_CONFIG_GROUPS, null, attributeList2);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "findOrCreateSSLConfigGroup");
        }
    }

    private ObjectName getScopeForThisConfig(Session session, ConfigService configService, ObjectName objectName, AttributeList attributeList) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getScopeForThisConfig");
        }
        ObjectName objectName2 = null;
        String defaultScope = defaultScope(session, configService);
        ManagementScopeData managementScopeData = new ManagementScopeData(defaultScope);
        String str = (String) ConfigServiceHelper.getAttributeValue(attributeList, CommandConstants.ALIAS);
        try {
            if (str.endsWith("/DefaultSSLSettings")) {
                String scopeType = managementScopeData.getScopeType();
                if (scopeType.equalsIgnoreCase("cell")) {
                    String substring = str.substring(0, str.indexOf("/DefaultSSLSettings"));
                    if (substring != null) {
                        objectName2 = getScopeForSSLConfig(session, configService, objectName, substring);
                    }
                    if (objectName2 == null) {
                        objectName2 = getScopeObject(session, configService, objectName, defaultScope, scopeType);
                    }
                } else {
                    objectName2 = getScopeObject(session, configService, objectName, defaultScope, scopeType);
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getScopeForThisConfig", new Object[]{objectName2});
            }
            return objectName2;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityConfigProvider", "775");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exception caught", e);
            }
            throw e;
        }
    }

    private ObjectName getScopeForSSLConfig(Session session, ConfigService configService, ObjectName objectName, String str) throws Exception {
        ObjectName objectName2;
        String displayName;
        ObjectName objectName3 = null;
        try {
            ObjectName[] resolve = configService.resolve(session, "Cell=:Node=" + str);
            if (resolve != null && resolve.length > 0 && (objectName2 = resolve[0]) != null) {
                boolean z = false;
                for (ObjectName objectName4 : configService.queryConfigObjects(session, objectName2, ConfigServiceHelper.createObjectName((ConfigDataId) null, "ServerEntry"), null)) {
                    if (((String) configService.getAttribute(session, objectName4, "serverType")).equals("DEPLOYMENT_MANAGER")) {
                        z = true;
                    }
                }
                ObjectName objectName5 = configService.resolve(session, "Cell=")[0];
                if (objectName5 != null && (displayName = ConfigServiceHelper.getDisplayName(objectName5)) != null) {
                    StringBuffer stringBuffer = new StringBuffer();
                    stringBuffer.append("(cell):");
                    stringBuffer.append(displayName);
                    if (!z) {
                        stringBuffer.append(":(node):");
                        stringBuffer.append(str);
                    }
                    objectName3 = getScopeObject(session, configService, objectName, stringBuffer.toString(), "node");
                }
            }
            return objectName3;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityConfigProvider", "198");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exception caught", e);
            }
            throw e;
        }
    }

    private ObjectName getScopeObject(Session session, ConfigService configService, ObjectName objectName, String str, String str2) throws ConfigServiceException, ConnectorException, AttributeNotFoundException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getScopeObject", new Object[]{objectName, str, str2});
        }
        ObjectName objectName2 = null;
        Iterator it = ((List) configService.getAttribute(session, objectName, CommandConstants.MANAGEMENT_SCOPES)).iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            AttributeList attributeList = (AttributeList) it.next();
            if (((String) ConfigServiceHelper.getAttributeValue(attributeList, CommandConstants.SCOPE_NAME)).equals(str)) {
                objectName2 = ConfigServiceHelper.createObjectName(attributeList);
                break;
            }
        }
        if (objectName2 == null) {
            AttributeList attributeList2 = new AttributeList();
            attributeList2.add(new Attribute(CommandConstants.SCOPE_NAME, str));
            attributeList2.add(new Attribute(CommandConstants.SCOPE_TYPE, str2));
            objectName2 = configService.createConfigData(session, objectName, CommandConstants.MANAGEMENT_SCOPES, null, attributeList2);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getScopeObject", new Object[]{objectName2});
        }
        return objectName2;
    }

    private ObjectName checkSSLConfigExistsCreateIfNot(Session session, ConfigService configService, ObjectName objectName, String str, String str2, boolean z) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "checkSSLConfigExistsCreateIfNot", new Object[]{objectName, str, str2});
        }
        ObjectName objectName2 = null;
        try {
            Iterator it = ((List) configService.getAttribute(session, objectName, CommandConstants.REPERTOIRE)).iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                AttributeList attributeList = (AttributeList) it.next();
                String str3 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "alias");
                ObjectName objectName3 = (ObjectName) ConfigServiceHelper.getAttributeValue(attributeList, "managementScope");
                if (str3.equals(str) && ((String) configService.getAttribute(session, objectName3, "scopeName")).equals(str2)) {
                    objectName2 = ConfigServiceHelper.createObjectName(attributeList);
                    break;
                }
            }
            ObjectName createTheSSLConfig = createTheSSLConfig(session, configService, objectName, str, str2, objectName2, z, true);
            findOrCreateSSLConfigGroup(session, configService, objectName, createTheSSLConfig, str2);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "checkSSLConfigExistsCreateIfNot", new Object[]{createTheSSLConfig});
            }
            return createTheSSLConfig;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.commands.SSLConfig.ConvertSSLConfigProvider", "909");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exception caught", e);
            }
            throw e;
        }
    }

    private ObjectName createTheSSLConfig(Session session, ConfigService configService, ObjectName objectName, String str, String str2, ObjectName objectName2, boolean z, boolean z2) throws Exception {
        String str3;
        String str4;
        String str5;
        String str6;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "createTheSSLConfig", new Object[]{objectName, str, str2});
        }
        AttributeList attributeList = new AttributeList();
        String str7 = null;
        ObjectName objectName3 = null;
        ObjectName objectName4 = null;
        try {
            ManagementScopeData managementScopeData = new ManagementScopeData(str2);
            if (str != null) {
                if (str2 != null) {
                    str7 = managementScopeData.getScopeType();
                    ObjectName scopeObject = getScopeObject(session, configService, objectName, str2, str7);
                    if (scopeObject != null) {
                        attributeList.add(new Attribute(CommandConstants.MANAGEMENT_SCOPE, scopeObject));
                    }
                }
                if (objectName2 != null) {
                    objectName4 = configService.queryConfigObjects(session, objectName2, ConfigServiceHelper.createObjectName((ConfigDataId) null, "SecureSocketLayer"), null)[0];
                    objectName3 = objectName2;
                } else {
                    attributeList.add(new Attribute(CommandConstants.ALIAS, str + "1"));
                    ObjectName createConfigData = configService.createConfigData(session, objectName, CommandConstants.REPERTOIRE, null, attributeList);
                    attributeList.clear();
                    attributeList.add(new Attribute(CommandConstants.ALIAS, str));
                    configService.setAttributes(session, createConfigData, attributeList);
                    objectName3 = createConfigData;
                }
                if (objectName3 != null) {
                    ObjectName scopeObject2 = getScopeObject(session, configService, objectName, str2, str7);
                    ObjectName scopeObject3 = getScopeObject(session, configService, objectName, "(cell):" + managementScopeData.getCellName(), "cell");
                    attributeList.clear();
                    if (str7.equalsIgnoreCase("cell")) {
                        str3 = "CellDefaultKeyStore";
                        str4 = "CellDefaultTrustStore";
                        str6 = "${CONFIG_ROOT}/cells/" + managementScopeData.getCellName() + "/trust.p12";
                        str5 = "${CONFIG_ROOT}/cells/" + managementScopeData.getCellName() + "/key.p12";
                    } else {
                        str3 = "NodeDefaultKeyStore";
                        str4 = "NodeDefaultTrustStore";
                        str5 = "${CONFIG_ROOT}/cells/" + managementScopeData.getCellName() + "/nodes/" + managementScopeData.getNodeName() + "/key.p12";
                        str6 = "${CONFIG_ROOT}/cells/" + managementScopeData.getCellName() + "/nodes/" + managementScopeData.getNodeName() + "/trust.p12";
                    }
                    ObjectName makeDefaultKSObj = makeDefaultKSObj(session, configService, objectName, str5, Constants.DEFAULT_KEYSTORE_PASSWORD, Constants.KEYSTORE_TYPE_PKCS12, scopeObject2, str3);
                    ObjectName makeDefaultKSObj2 = makeDefaultKSObj(session, configService, objectName, str6, Constants.DEFAULT_KEYSTORE_PASSWORD, Constants.KEYSTORE_TYPE_PKCS12, scopeObject2, str4);
                    if (z) {
                        makeDefaultKSObj2 = makeDefaultKSObj(session, configService, objectName, "${CONFIG_ROOT}/cells/" + managementScopeData.getCellName() + "/trust.p12", Constants.DEFAULT_KEYSTORE_PASSWORD, Constants.KEYSTORE_TYPE_PKCS12, scopeObject3, "CellDefaultTrustStore");
                    }
                    List findOrCreateTrustManager = findOrCreateTrustManager(session, configService, objectName, scopeObject2);
                    ObjectName findOrCreateKeyManager = findOrCreateKeyManager(session, configService, objectName, scopeObject2);
                    attributeList.clear();
                    if (makeDefaultKSObj != null) {
                        attributeList.add(new Attribute(CommandConstants.KEY_STORE, makeDefaultKSObj));
                    }
                    if (makeDefaultKSObj2 != null) {
                        attributeList.add(new Attribute(CommandConstants.TRUST_STORE, makeDefaultKSObj2));
                    }
                    if (findOrCreateKeyManager != null) {
                        attributeList.add(new Attribute(CommandConstants.KEY_MANAGER, findOrCreateKeyManager));
                    }
                    if (!findOrCreateTrustManager.isEmpty()) {
                        attributeList.add(new Attribute(CommandConstants.TRUST_MANAGER, findOrCreateTrustManager));
                    }
                    attributeList.add(new Attribute(CommandConstants.JSSE_PROVIDER, "IBMJSSE2"));
                    attributeList.add(new Attribute(CommandConstants.SSL_PROTOCOL, Constants.PROTOCOL_SSL_TLS));
                    attributeList.add(new Attribute(CommandConstants.CLIENT_AUTHENTICATION, Boolean.FALSE));
                    attributeList.add(new Attribute(CommandConstants.SECURITY_LEVEL, Constants.SECURITY_LEVEL_HIGH));
                    if (objectName4 != null) {
                        configService.setAttributes(session, objectName4, attributeList);
                    } else {
                        configService.createConfigData(session, objectName3, CommandConstants.SETTING, null, attributeList);
                    }
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "createTheSSLConfig", new Object[]{objectName3});
            }
            return objectName3;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.commands.SSLConfig.ConvertSSLConfigProvider", "1045");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exception caught", e);
            }
            throw e;
        }
    }

    private String buildScopeName(Session session, ConfigService configService, String str, String str2) throws ConfigServiceException, ConnectorException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "buildScopeName", new Object[]{str, str2});
        }
        StringBuffer stringBuffer = new StringBuffer();
        String str3 = null;
        String str4 = null;
        ObjectName objectName = configService.resolve(session, "Cell=")[0];
        if (objectName != null) {
            str4 = ConfigServiceHelper.getDisplayName(objectName);
        }
        if (str2.equalsIgnoreCase("cell")) {
            stringBuffer.append("(cell):");
            stringBuffer.append(str4);
            str3 = stringBuffer.toString();
        } else if (str2.equals("Node") && configService.resolve(session, "Cell=:Node=" + str)[0] != null && str4 != null) {
            stringBuffer.append("(cell):");
            stringBuffer.append(str4);
            stringBuffer.append(":(node):");
            stringBuffer.append(str);
            str3 = stringBuffer.toString();
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "buildScopeName", new Object[]{str3});
        }
        return str3;
    }

    private String defaultScope(Session session, ConfigService configService) throws Exception {
        String str = null;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, OperationConstants.DEFAULTSCOPE);
        }
        try {
            ObjectName objectName = configService.resolve(session, "Cell=")[0];
            if (objectName != null) {
                String str2 = (String) configService.getAttribute(session, objectName, "cellType");
                str = "(cell):" + ((String) configService.getAttribute(session, objectName, "name"));
                if (str2.equals(WorkSpaceQueryUtil.CELL_TYPE_STANDALONE) && configService.resolve(session, "Node=")[0] != null) {
                    str = str + ":(node):" + ((String) configService.getAttribute(session, objectName, "name"));
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, OperationConstants.DEFAULTSCOPE, str);
            }
            return str;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityConfigProvider", "198");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exception caught", e);
            }
            throw e;
        }
    }

    private void removeSSLReferences(Session session, ConfigService configService, ObjectName objectName) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "removeSSLReferences", objectName);
        }
        try {
            for (ObjectName objectName2 : configService.queryConfigObjects(session, objectName, ConfigServiceHelper.createObjectName((ConfigDataId) null, "Server"), null)) {
                ObjectName[] queryConfigObjects = configService.queryConfigObjects(session, objectName2, ConfigServiceHelper.createObjectName((ConfigDataId) null, "SOAPConnector"), null);
                if (queryConfigObjects != null && queryConfigObjects.length > 0) {
                    Iterator it = ((List) ((Attribute) configService.getAttributes(session, queryConfigObjects[0], new String[]{"properties"}, false).get(0)).getValue()).iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        ObjectName objectName3 = (ObjectName) it.next();
                        if (((String) configService.getAttribute(session, objectName3, "name")).equals("sslConfig")) {
                            configService.deleteConfigData(session, objectName3);
                            break;
                        }
                    }
                }
                ObjectName[] queryConfigObjects2 = configService.queryConfigObjects(session, objectName2, ConfigServiceHelper.createObjectName((ConfigDataId) null, "IPCConnector"), null);
                if (queryConfigObjects2 != null && queryConfigObjects2.length > 0) {
                    Iterator it2 = ((List) ((Attribute) configService.getAttributes(session, queryConfigObjects2[0], new String[]{"properties"}, false).get(0)).getValue()).iterator();
                    while (true) {
                        if (!it2.hasNext()) {
                            break;
                        }
                        ObjectName objectName4 = (ObjectName) it2.next();
                        if (((String) configService.getAttribute(session, objectName4, "name")).equals("sslConfig")) {
                            configService.deleteConfigData(session, objectName4);
                            break;
                        }
                    }
                }
                AttributeList attributeList = new AttributeList();
                attributeList.add(new Attribute("sslConfigAlias", null));
                for (ObjectName objectName5 : configService.queryConfigObjects(session, objectName2, ConfigServiceHelper.createObjectName((ConfigDataId) null, "SSLInboundChannel"), null)) {
                    configService.setAttributes(session, objectName5, attributeList);
                }
                for (ObjectName objectName6 : configService.queryConfigObjects(session, objectName2, ConfigServiceHelper.createObjectName((ConfigDataId) null, "SSLOutboundChannel"), null)) {
                    configService.setAttributes(session, objectName6, attributeList);
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "removeSSLReferences");
            }
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.commands.SSLConfig.ConvertSSLConfigProvider", "1220");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exception caught while clearing ssl config references from server", e);
            }
            throw e;
        }
    }

    private void addSignerToCommonTrustStore(Session session, ConfigService configService, ObjectName objectName) throws Exception {
        WSKeyStoreRemotable wSKeyStoreRemotable;
        Object[] invokeKeyStoreCommand;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "addSignerToCommonTrustStore");
        }
        try {
            new CommandHelper();
            KeyStoreInfo ksInfo = PersonalCertificateHelper.getKsInfo(session, configService, "CellDefaultTrustStore", buildScopeName(session, configService, null, "cell"));
            WSKeyStoreRemotable wSKeyStoreRemotable2 = new WSKeyStoreRemotable(ksInfo);
            for (ObjectName objectName2 : configService.queryConfigObjects(session, objectName, ConfigServiceHelper.createObjectName((ConfigDataId) null, "KeyStore"), null)) {
                String str = (String) configService.getAttribute(session, objectName2, CommandConstants.NAME);
                if ((str.endsWith(Constants.DEFAULT_KEY_STORE) || str.equals("NodeDefaultTrustStore")) && (invokeKeyStoreCommand = (wSKeyStoreRemotable = new WSKeyStoreRemotable(PersonalCertificateHelper.getKsInfo(session, configService, str, (String) configService.getAttribute(session, (ObjectName) configService.getAttribute(session, objectName2, CommandConstants.MANAGEMENT_SCOPE), CommandConstants.SCOPE_NAME)))).invokeKeyStoreCommand("aliases", null)) != null) {
                    for (Object obj : invokeKeyStoreCommand) {
                        String str2 = (String) obj;
                        Object[] invokeKeyStoreCommand2 = wSKeyStoreRemotable.invokeKeyStoreCommand("isKeyEntry", new Object[]{str2});
                        Object[] invokeKeyStoreCommand3 = wSKeyStoreRemotable.invokeKeyStoreCommand("isCertificateEntry", new Object[]{str2});
                        if (((Boolean) invokeKeyStoreCommand2[0]).booleanValue() || ((Boolean) invokeKeyStoreCommand3[0]).booleanValue()) {
                            wSKeyStoreRemotable2.invokeKeyStoreCommand("setCertificateEntry", new Object[]{str2, (X509Certificate) wSKeyStoreRemotable.invokeKeyStoreCommand("getCertificate", new Object[]{str2})[0]});
                        }
                    }
                }
            }
            for (ObjectName objectName3 : configService.queryConfigObjects(session, objectName, ConfigServiceHelper.createObjectName((ConfigDataId) null, "SSLConfig"), null)) {
                AttributeList attributeList = (AttributeList) configService.getAttribute(session, objectName3, "setting");
                String str3 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "keyFileName");
                String str4 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "keyFilePassword");
                String str5 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "keyFileFormat");
                if (str3 != null && str4 != null && str5 != null) {
                    KeyStore loadKeyStore = WSKeyStore.loadKeyStore(KeyStoreManager.getInstance().expand(str3), str5, str4);
                    Enumeration<String> aliases = loadKeyStore.aliases();
                    while (aliases.hasMoreElements()) {
                        String nextElement = aliases.nextElement();
                        if (loadKeyStore.isKeyEntry(nextElement)) {
                            wSKeyStoreRemotable2.invokeKeyStoreCommand("setCertificateEntry", new Object[]{nextElement, (X509Certificate) loadKeyStore.getCertificate(nextElement)});
                        }
                    }
                }
                String str6 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "trustFileName");
                String str7 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "trustFilePassword");
                String str8 = (String) ConfigServiceHelper.getAttributeValue(attributeList, "trustFileFormat");
                if (str6 != null && str7 != null && str8 != null) {
                    KeyStore loadKeyStore2 = WSKeyStore.loadKeyStore(KeyStoreManager.getInstance().expand(str6), str8, str7);
                    Enumeration<String> aliases2 = loadKeyStore2.aliases();
                    while (aliases2.hasMoreElements()) {
                        String nextElement2 = aliases2.nextElement();
                        if (loadKeyStore2.isCertificateEntry(nextElement2)) {
                            wSKeyStoreRemotable2.invokeKeyStoreCommand("setCertificateEntry", new Object[]{nextElement2, (X509Certificate) loadKeyStore2.getCertificate(nextElement2)});
                        }
                    }
                }
            }
            PersonalCertificateHelper.setWorkspaceUpdated(session, ksInfo.getLocation());
            PersonalCertificateHelper.markSSLConfigChanged(ksInfo, session);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "addSignerToCommonTrustStore");
            }
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.commands.securityDomain.SecurityConfigProvider", "198");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "exception caught", e);
            }
            throw e;
        }
    }

    private void findOrCreateSpecialKeyStores(Session session, ConfigService configService, ObjectName objectName, boolean z) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "findOrCreateSpecialKeyStores");
        }
        String scopeForNodeKeyStore = new CommandHelper().getScopeForNodeKeyStore(session, configService, null);
        ObjectName scopeObject = getScopeObject(session, configService, objectName, scopeForNodeKeyStore, "node");
        ManagementScopeData managementScopeData = new ManagementScopeData(scopeForNodeKeyStore);
        String cellName = managementScopeData.getCellName();
        String nodeName = managementScopeData.getNodeName();
        String str = z ? Constants.MANAGED_DMGR_STORE : "Node";
        String str2 = "${CONFIG_ROOT}/config/cells/" + cellName + "/nodes/" + nodeName;
        makeDefaultKSObj(session, configService, objectName, str2 + "/root-key.p12", Constants.DEFAULT_KEYSTORE_PASSWORD, Constants.KEYSTORE_TYPE_PKCS12, scopeObject, str + Constants.DEFAULT_ROOT_STORE);
        makeDefaultKSObj(session, configService, objectName, str2 + "/deleted.p12", Constants.DEFAULT_KEYSTORE_PASSWORD, Constants.KEYSTORE_TYPE_PKCS12, scopeObject, str + Constants.DEFAULT_DELETED_STORE);
        makeDefaultKSObj(session, configService, objectName, str2 + "/default-signers.p12", Constants.DEFAULT_KEYSTORE_PASSWORD, Constants.KEYSTORE_TYPE_PKCS12, scopeObject, str + Constants.DEFAULT_SIGNERS_STORE);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "findOrCreateSpecialKeyStores");
        }
    }

    private void findOrCreateRSAKeyStores(Session session, ConfigService configService, ObjectName objectName, boolean z) throws Exception {
        String str;
        ObjectName scopeObject;
        String str2;
        String str3;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "findOrCreateRSAKeyStores");
        }
        CommandHelper commandHelper = new CommandHelper();
        ManagementScopeData managementScopeData = new ManagementScopeData(null);
        String cellName = managementScopeData.getCellName();
        String nodeName = managementScopeData.getNodeName();
        if (z) {
            str = "Cell";
            scopeObject = getScopeObject(session, configService, objectName, commandHelper.defaultCellScope(configService.resolve(session, "Cell=")[0]), "cell");
        } else {
            str = "Node";
            scopeObject = getScopeObject(session, configService, objectName, commandHelper.getScopeForNodeKeyStore(session, configService, null), "node");
        }
        String str4 = "${CONFIG_ROOT}/config/cells/" + cellName + "/nodes/" + nodeName;
        if (z) {
            str2 = "DmgrRSATokenRootStore";
            str3 = "${CONFIG_ROOT}/config/cells/" + cellName + "/rsatoken-root-key.p12";
        } else {
            str2 = str + Constants.RSA_TOKEN_ROOT_STORE;
            str3 = str4 + "/rsatoken-root-key.p12";
        }
        makeDefaultKSObj(session, configService, objectName, str3, Constants.DEFAULT_KEYSTORE_PASSWORD, Constants.KEYSTORE_TYPE_PKCS12, scopeObject, str2);
        makeDefaultKSObj(session, configService, objectName, z ? "${CONFIG_ROOT}/config/cells/" + cellName + "/rsatoken-key.p12" : str4 + "/rsatoken-key.p12", Constants.DEFAULT_KEYSTORE_PASSWORD, Constants.KEYSTORE_TYPE_PKCS12, scopeObject, str + Constants.RSA_TOKEN_KEY_STORE);
        makeDefaultKSObj(session, configService, objectName, z ? "${CONFIG_ROOT}/config/cells/" + cellName + "/rsatoken-trust.p12" : str4 + "/rsatoken-trust.p12", Constants.DEFAULT_KEYSTORE_PASSWORD, Constants.KEYSTORE_TYPE_PKCS12, scopeObject, str + Constants.RSA_TOKEN_TRUST_STORE);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "findOrCreateRSAKeyStores");
        }
    }
}
