package com.ibm.ws.ssl.commands.adminagent;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.AdminContext;
import com.ibm.websphere.management.AdminServiceFactory;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.cmdframework.CommandException;
import com.ibm.websphere.management.cmdframework.CommandLoadException;
import com.ibm.websphere.management.cmdframework.CommandNotFoundException;
import com.ibm.websphere.management.cmdframework.CommandValidationException;
import com.ibm.websphere.management.cmdframework.commanddata.CommandData;
import com.ibm.websphere.management.cmdframework.commandmetadata.CommandMetadata;
import com.ibm.websphere.management.cmdframework.commandmetadata.TaskCommandMetadata;
import com.ibm.websphere.management.cmdframework.provider.AbstractAdminCommand;
import com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand;
import com.ibm.websphere.management.cmdframework.provider.SimpleCommandProvider;
import com.ibm.websphere.management.cmdframework.provider.TaskCommandResultImpl;
import com.ibm.websphere.management.configservice.ConfigDataId;
import com.ibm.websphere.management.configservice.ConfigService;
import com.ibm.websphere.management.configservice.ConfigServiceFactory;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import com.ibm.websphere.management.exception.AdminException;
import com.ibm.websphere.management.exception.ConfigServiceException;
import com.ibm.websphere.management.filetransfer.FileTransferConfig;
import com.ibm.websphere.management.metadata.ManagedObjectMetadataAccessorFactory;
import com.ibm.websphere.models.config.ipc.ssl.KeyStore;
import com.ibm.websphere.models.config.security.AuthMechanism;
import com.ibm.websphere.models.config.security.RSAToken;
import com.ibm.websphere.models.config.security.Security;
import com.ibm.websphere.security.WSSecurityHelper;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.management.AdminDataHolder;
import com.ibm.ws.management.authorizer.AdminAuthzConstants;
import com.ibm.ws.management.configservice.MOFUtil;
import com.ibm.ws.management.filetransfer.FileTransferConfigImpl;
import com.ibm.ws.management.filetransfer.client.FileTransferClientImpl;
import com.ibm.ws.security.auth.SubjectHelper;
import com.ibm.ws.sm.workspace.RepositoryContext;
import com.ibm.ws.sm.workspace.WorkSpace;
import com.ibm.ws.sm.workspace.WorkSpaceManager;
import com.ibm.ws.sm.workspace.WorkSpaceManagerFactory;
import com.ibm.ws.sm.workspace.impl.WorkSpaceManagerImpl;
import com.ibm.ws.ssl.commands.personalCertificates.PersonalCertificateHelper;
import com.ibm.ws.ssl.commands.utils.TraceNLSHelper;
import com.ibm.ws.ssl.config.CertificateManager;
import com.ibm.ws.ssl.config.KeyStoreManager;
import com.ibm.ws.ssl.config.SSLConfig;
import com.ibm.ws.ssl.config.SSLConfigManager;
import com.ibm.ws.ssl.config.WSKeyStoreRemotable;
import com.ibm.ws.ssl.core.Constants;
import com.ibm.ws.ssl.model.KeyStoreInfo;
import com.ibm.ws.ssl.provider.AbstractJSSEProvider;
import com.ibm.ws.util.PlatformHelperFactory;
import com.ibm.ws.workspace.query.WorkSpaceQueryUtil;
import java.io.File;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Properties;
import javax.management.ObjectName;
import javax.security.auth.Subject;
import org.eclipse.emf.common.util.EList;
import org.eclipse.emf.common.util.URI;
import org.eclipse.emf.ecore.resource.Resource;

/* loaded from: input_file:wasJars/cryptoimpl.jar:com/ibm/ws/ssl/commands/adminagent/AdminAgentSecurityCommands.class */
public class AdminAgentSecurityCommands extends SimpleCommandProvider {
    private static TraceComponent tc = Tr.register((Class<?>) AdminAgentSecurityCommands.class, "SSL", "com.ibm.ws.ssl.resources.sslCommandTask");

    /* loaded from: input_file:wasJars/cryptoimpl.jar:com/ibm/ws/ssl/commands/adminagent/AdminAgentSecurityCommands$AgentToJobManagerRegistration.class */
    public class AgentToJobManagerRegistration extends AbstractTaskCommand {
        String profileConfigPath;
        String agentProfilePath;
        String jobManagerHost;
        Integer jobManagerFTSecurePort;
        Integer jobManagerFTPort;
        String jobManagerUserid;
        String jobManagerPassword;
        Boolean register;
        public ConfigService cs;
        public Session session;
        private Subject subject;

        public AgentToJobManagerRegistration(CommandData commandData) throws CommandNotFoundException, CommandLoadException {
            super(commandData);
            this.profileConfigPath = null;
            this.agentProfilePath = null;
            this.jobManagerHost = null;
            this.jobManagerFTSecurePort = null;
            this.jobManagerFTPort = null;
            this.jobManagerUserid = null;
            this.jobManagerPassword = null;
            this.register = Boolean.TRUE;
            this.cs = null;
            this.session = null;
            this.subject = null;
        }

        public AgentToJobManagerRegistration(TaskCommandMetadata taskCommandMetadata) throws CommandNotFoundException {
            super(taskCommandMetadata);
            this.profileConfigPath = null;
            this.agentProfilePath = null;
            this.jobManagerHost = null;
            this.jobManagerFTSecurePort = null;
            this.jobManagerFTPort = null;
            this.jobManagerUserid = null;
            this.jobManagerPassword = null;
            this.register = Boolean.TRUE;
            this.cs = null;
            this.session = null;
            this.subject = null;
        }

        @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand, com.ibm.websphere.management.cmdframework.provider.AbstractAdminCommand, com.ibm.websphere.management.cmdframework.AdminCommand
        public void validate() throws CommandValidationException {
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.entry(AdminAgentSecurityCommands.tc, "validate");
            }
            super.validate();
            try {
                this.cs = ConfigServiceFactory.getConfigService();
                if (this.cs == null) {
                    Properties properties = new Properties();
                    properties.put("location", "local");
                    this.cs = ConfigServiceFactory.createConfigService(true, properties);
                }
                this.session = getConfigSession();
                this.agentProfilePath = (String) getParameter("agentProfilePath");
                this.jobManagerHost = (String) getParameter("jobManagerHost");
                this.jobManagerFTSecurePort = (Integer) getParameter("jobManagerFTSecurePort");
                this.jobManagerFTPort = (Integer) getParameter("jobManagerFTPort");
                this.jobManagerUserid = (String) getParameter("jobManagerUserid");
                this.jobManagerPassword = (String) getParameter("jobManagerPassword");
                this.register = (Boolean) getParameter("register");
                StringBuffer stringBuffer = new StringBuffer("agentProfilePath=");
                stringBuffer.append(this.agentProfilePath);
                stringBuffer.append(", jobManagerHost=");
                stringBuffer.append(this.jobManagerHost);
                stringBuffer.append(", jobManagerFTSecurePort=");
                stringBuffer.append(this.jobManagerFTSecurePort);
                stringBuffer.append(", jobManagerFTPort=");
                stringBuffer.append(this.jobManagerFTPort);
                stringBuffer.append(", jobManagerUserid=");
                stringBuffer.append(this.jobManagerUserid);
                stringBuffer.append(", jobManagerPassword=");
                stringBuffer.append(SSLConfigManager.mask(this.jobManagerPassword));
                stringBuffer.append(", register=");
                stringBuffer.append(this.register);
                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                    Tr.debug(AdminAgentSecurityCommands.tc, stringBuffer.toString());
                }
                if (this.agentProfilePath == null) {
                    throw new CommandValidationException("The profile root is not specified for the task parameter agentProfilePath.");
                }
                if (!new File(this.agentProfilePath).exists()) {
                    throw new CommandValidationException("Profile " + this.agentProfilePath + " does not exist.");
                }
                this.profileConfigPath = this.agentProfilePath + File.separatorChar + "config";
                if (!new File(this.profileConfigPath).exists()) {
                    throw new CommandValidationException("The profile \"" + this.profileConfigPath + "\" does not exist.");
                }
                if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                    Tr.exit(AdminAgentSecurityCommands.tc, "validate");
                }
            } catch (ConfigServiceException e) {
                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                    Tr.debug(AdminAgentSecurityCommands.tc, "ConfigService exception: ", new Object[]{e});
                }
                throw new CommandValidationException(e.getMessage());
            } catch (Exception e2) {
                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                    Tr.debug(AdminAgentSecurityCommands.tc, "Exception occurred in validate: ", new Object[]{e2});
                }
                throw new CommandValidationException(e2.getMessage());
            }
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand
        public void afterStepsExecuted() {
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.entry(AdminAgentSecurityCommands.tc, "afterStepsExecuted");
            }
            super.afterStepsExecuted();
            TaskCommandResultImpl taskCommandResultImpl = (TaskCommandResultImpl) getTaskCommandResult();
            if (!taskCommandResultImpl.isSuccessful()) {
                if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                    Tr.exit(AdminAgentSecurityCommands.tc, "afterStepsExecuted");
                    return;
                }
                return;
            }
            try {
                boolean isGlobalSecurityEnabled = WSSecurityHelper.isGlobalSecurityEnabled();
                FileTransferClientImpl fileTransferClientImpl = new FileTransferClientImpl();
                FileTransferConfigImpl fileTransferConfigImpl = new FileTransferConfigImpl();
                Properties properties = new Properties();
                fileTransferConfigImpl.setSecurityEnabled(isGlobalSecurityEnabled);
                properties.setProperty("host", String.valueOf(this.jobManagerHost));
                properties.setProperty(FileTransferConfig.SECURE_PORT_KEY, String.valueOf(this.jobManagerFTSecurePort));
                properties.setProperty("port", String.valueOf(this.jobManagerFTPort));
                fileTransferConfigImpl.setProperties(properties);
                fileTransferClientImpl.setFileTransferConfig(fileTransferConfigImpl);
                String processType = AdminServiceFactory.getAdminService().getProcessType();
                if (isGlobalSecurityEnabled && this.jobManagerUserid != null && this.jobManagerUserid.length() > 0 && this.jobManagerPassword != null && this.jobManagerPassword.length() > 0) {
                    this.subject = SubjectHelper.createBasicAuthSubject(null, this.jobManagerUserid, this.jobManagerPassword);
                    if (this.subject == null) {
                        throw new RuntimeException("Subject is null while security is enabled.");
                    }
                    AdminDataHolder.setData(AdminDataHolder.WSSUBJECT, this.subject);
                }
                if (this.register.booleanValue()) {
                    if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                        Tr.debug(AdminAgentSecurityCommands.tc, "Registering agent with job manager...");
                    }
                    try {
                        Map<String, Object> jobManagerInfo = fileTransferClientImpl.getJobManagerInfo();
                        if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                            Tr.debug(AdminAgentSecurityCommands.tc, "jobMgrInfo = " + jobManagerInfo);
                        }
                        Boolean bool = (Boolean) jobManagerInfo.get(FileTransferClientImpl.IS_DOWNLEVEL_JM);
                        if (bool != null && bool.booleanValue()) {
                            Tr.error(AdminAgentSecurityCommands.tc, "ssl.command.agent.registration.jobmgr.downlevel.CWPKI0737E");
                            throw new CommandException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.agent.registration.jobmgr.downlevel.CWPKI0737E", null, "The job manager and the node attempting to register to the job manager are at different product versions. The job manager version must be equal to or greater than the node version. Registration is not allowed."));
                        }
                        if (!jobManagerInfo.containsKey(FileTransferClientImpl.IS_ADMIN_SECURITY_ENABLED)) {
                            FFDCFilter.processException(new RuntimeException("jobMgrInfo does not contain key IS_ADMIN_SECURITY_ENABLED: " + jobManagerInfo), "com.ibm.ws.ssl.commands.adminagent.AdminAgentSecurityCommands.afterStepsExecuted", "1805", this);
                        }
                        boolean booleanValue = ((Boolean) jobManagerInfo.get(FileTransferClientImpl.IS_ADMIN_SECURITY_ENABLED)).booleanValue();
                        if (booleanValue && !isGlobalSecurityEnabled) {
                            if (processType.equals("DeploymentManager")) {
                                Tr.error(AdminAgentSecurityCommands.tc, "ssl.command.agent.registration.dmgroff.jmon.CWPKI0733E");
                                throw new CommandException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.agent.registration.dmgroff.jmon.CWPKI0733E", null, "The job manager has administrative security enabled but the deployment manager does not."));
                            }
                            Tr.error(AdminAgentSecurityCommands.tc, "ssl.command.agent.registration.agentoff.jmon.CWPKI0723E");
                            throw new CommandException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.agent.registration.agentoff.jmon.CWPKI0723E", null, "The job manager has administrative security enabled but the admin agent does not."));
                        }
                        if (!booleanValue && isGlobalSecurityEnabled) {
                            if (processType.equals("DeploymentManager")) {
                                Tr.error(AdminAgentSecurityCommands.tc, "ssl.command.agent.registration.dmgron.jmoff.CWPKI0732E");
                                throw new CommandException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.agent.registration.dmgron.jmoff.CWPKI0732E", null, "The deployment manager has administrative security enabled but the job manager does not."));
                            }
                            Tr.error(AdminAgentSecurityCommands.tc, "ssl.command.agent.registration.agenton.jmoff.CWPKI0722E");
                            throw new CommandException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.agent.registration.agenton.jmoff.CWPKI0722E", null, "The admin agent has administrative security enabled but the job manager does not."));
                        }
                        X509Certificate x509Certificate = (X509Certificate) CertificateManager.getInstance().getRootSigner("SSL");
                        if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                            Tr.debug(AdminAgentSecurityCommands.tc, "Retrieved the SSL root signer from the admin agent.");
                        }
                        if (x509Certificate != null) {
                            X509Certificate exchangeSigners = fileTransferClientImpl.exchangeSigners(x509Certificate, "SSL");
                            if (exchangeSigners != null) {
                                CertificateManager.getInstance().addRootSigner(exchangeSigners, "SSL");
                                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                                    Tr.debug(AdminAgentSecurityCommands.tc, "Added the SSL root signer from the job manager into the admin agent.");
                                }
                            } else {
                                if (!PlatformHelperFactory.getPlatformHelper().isZOS()) {
                                    if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                                        Tr.debug(AdminAgentSecurityCommands.tc, "The job manager SSL root signer is null, cannot update agent trust store.");
                                    }
                                    throw new CommandException("The job manager SSL root signer is null, cannot update agent trust store.");
                                }
                                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                                    Tr.debug(AdminAgentSecurityCommands.tc, "On z/OS, SSL signers already exchanged or need to be exchanged manually.");
                                }
                            }
                        } else {
                            if (!PlatformHelperFactory.getPlatformHelper().isZOS()) {
                                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                                    Tr.debug(AdminAgentSecurityCommands.tc, "The agent SSL root signer is null, cannot perform signer exchange.");
                                }
                                throw new CommandException("The agent SSL root signer is null, cannot perform signer exchange.");
                            }
                            if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                                Tr.debug(AdminAgentSecurityCommands.tc, "On z/OS, SSL signers already exchanged or need to be exchanged manually.");
                            }
                        }
                        X509Certificate x509Certificate2 = (X509Certificate) CertificateManager.getInstance().getRootSigner(Constants.RSA_CERTIFICATE_TYPE);
                        if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                            Tr.debug(AdminAgentSecurityCommands.tc, "Retrieved the RSA root signer from the admin agent.");
                        }
                        if (x509Certificate2 == null) {
                            if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                                Tr.debug(AdminAgentSecurityCommands.tc, "The agent RSA root signer is null, cannot perform signer exchange.");
                            }
                            throw new CommandException("The agent RSA root signer is null, cannot perform signer exchange.");
                        }
                        X509Certificate exchangeSigners2 = fileTransferClientImpl.exchangeSigners(x509Certificate2, Constants.RSA_CERTIFICATE_TYPE);
                        if (exchangeSigners2 != null) {
                            CertificateManager.getInstance().addRootSigner(exchangeSigners2, Constants.RSA_CERTIFICATE_TYPE);
                            if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                                Tr.debug(AdminAgentSecurityCommands.tc, "Added the RSA root signer from the job manager into the admin agent.");
                            }
                        } else {
                            if (!PlatformHelperFactory.getPlatformHelper().isZOS()) {
                                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                                    Tr.debug(AdminAgentSecurityCommands.tc, "The job manager RSA root signer is null, cannot update agent trust store.");
                                }
                                throw new CommandException("The job manager RSA root signer is null, cannot update agent trust store.");
                            }
                            if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                                Tr.debug(AdminAgentSecurityCommands.tc, "On z/OS, RSA signers may already be exchanged or need to be exchanged manually.");
                            }
                        }
                    } catch (Exception e) {
                        Tr.error(AdminAgentSecurityCommands.tc, "ssl.command.agent.registration.transfer.fail.CWPKI0734E");
                        String message = e.getMessage();
                        throw new CommandException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.agent.registration.transfer.fail.CWPKI0734E", new Object[]{message}, "Could not connect to the job manager. This may be due to a security enablement mismatch with the job manager or due to a incorrect username, password, port number, or hostname. Exception: " + message));
                    }
                } else {
                    if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                        Tr.debug(AdminAgentSecurityCommands.tc, "Un-registering agent with job manager...");
                    }
                    X509Certificate x509Certificate3 = (X509Certificate) CertificateManager.getInstance().getRootSigner("SSL");
                    if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                        Tr.debug(AdminAgentSecurityCommands.tc, "Retrieved the SSL root signer from the admin agent.");
                    }
                    if (x509Certificate3 != null) {
                        if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                            Tr.debug(AdminAgentSecurityCommands.tc, "Removing the agent SSL root signer from the job manager.");
                        }
                        fileTransferClientImpl.removeSigner(x509Certificate3, "SSL");
                    }
                    X509Certificate x509Certificate4 = (X509Certificate) CertificateManager.getInstance().getRootSigner(Constants.RSA_CERTIFICATE_TYPE);
                    if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                        Tr.debug(AdminAgentSecurityCommands.tc, "Retrieved the RSA root signer from the admin agent.");
                    }
                    if (x509Certificate4 != null) {
                        if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                            Tr.debug(AdminAgentSecurityCommands.tc, "Removing the agent RSA root signer from the job manager.");
                        }
                        fileTransferClientImpl.removeSigner(x509Certificate4, Constants.RSA_CERTIFICATE_TYPE);
                    }
                    X509Certificate rootSigner = fileTransferClientImpl.getRootSigner("SSL");
                    if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                        Tr.debug(AdminAgentSecurityCommands.tc, "Retrieved the SSL root signer from the job manager.");
                    }
                    if (rootSigner != null) {
                        if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                            Tr.debug(AdminAgentSecurityCommands.tc, "Removing the job manager SSL root signer from the admin agent.");
                        }
                        CertificateManager.getInstance().deleteRootSigner(rootSigner, "SSL");
                    }
                    X509Certificate rootSigner2 = fileTransferClientImpl.getRootSigner(Constants.RSA_CERTIFICATE_TYPE);
                    if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                        Tr.debug(AdminAgentSecurityCommands.tc, "Retrieved the RSA root signer from the job manager.");
                    }
                    if (rootSigner2 != null) {
                        if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                            Tr.debug(AdminAgentSecurityCommands.tc, "Removing the job manager RSA root signer from the admin agent.");
                        }
                        CertificateManager.getInstance().deleteRootSigner(rootSigner2, Constants.RSA_CERTIFICATE_TYPE);
                    }
                }
                if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                    Tr.exit(AdminAgentSecurityCommands.tc, "afterStepsExecuted");
                }
            } catch (Exception e2) {
                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                    Tr.debug(AdminAgentSecurityCommands.tc, "Exception occurred in afterStepsExecuted: ", new Object[]{e2});
                }
                taskCommandResultImpl.setException(new CommandException(e2, e2.getMessage()));
            }
        }
    }

    /* loaded from: input_file:wasJars/cryptoimpl.jar:com/ibm/ws/ssl/commands/adminagent/AdminAgentSecurityCommands$BaseToAgentRegistration.class */
    public class BaseToAgentRegistration extends AbstractTaskCommand {
        private String baseProfilePath;
        private Boolean removeSigners;
        String agentProfilePath;
        KeyStoreInfo agentKeyStoreInfo;
        KeyStoreInfo agentRSATokenKeyStoreInfo;
        Security agentSecurityXML;
        ArrayList<X509Certificate> agentDefaultSignerCertificates;
        ArrayList<X509Certificate> agentRSATokenSignerCertificates;
        KeyStoreInfo profileRootKeyStoreInfo;
        String profileConfigPath;
        String profileCellName;
        String profileNodeName;
        Properties profileNodeProperties;
        String profileVersion;
        String profileSSLConfigURL;
        String agentSSLConfigURL;
        Security profileSecurityXML;
        WorkSpace profileWorkSpace;
        ArrayList<X509Certificate> defaultProfileSignerCertificates;
        ArrayList<X509Certificate> rsaTokenProfileSignerCertificates;
        public ConfigService cs;
        public Session session;
        ArrayList<String> certsExchanged;

        public BaseToAgentRegistration(CommandData commandData) throws CommandNotFoundException, CommandLoadException {
            super(commandData);
            this.baseProfilePath = null;
            this.removeSigners = Boolean.TRUE;
            this.agentProfilePath = null;
            this.agentKeyStoreInfo = null;
            this.agentRSATokenKeyStoreInfo = null;
            this.agentSecurityXML = null;
            this.agentDefaultSignerCertificates = new ArrayList<>();
            this.agentRSATokenSignerCertificates = new ArrayList<>();
            this.profileRootKeyStoreInfo = null;
            this.profileConfigPath = null;
            this.profileCellName = null;
            this.profileNodeName = null;
            this.profileNodeProperties = new Properties();
            this.profileVersion = null;
            this.profileSSLConfigURL = null;
            this.agentSSLConfigURL = null;
            this.profileSecurityXML = null;
            this.profileWorkSpace = null;
            this.defaultProfileSignerCertificates = new ArrayList<>();
            this.rsaTokenProfileSignerCertificates = new ArrayList<>();
            this.cs = null;
            this.session = null;
            this.certsExchanged = new ArrayList<>();
        }

        public BaseToAgentRegistration(TaskCommandMetadata taskCommandMetadata) throws CommandNotFoundException {
            super(taskCommandMetadata);
            this.baseProfilePath = null;
            this.removeSigners = Boolean.TRUE;
            this.agentProfilePath = null;
            this.agentKeyStoreInfo = null;
            this.agentRSATokenKeyStoreInfo = null;
            this.agentSecurityXML = null;
            this.agentDefaultSignerCertificates = new ArrayList<>();
            this.agentRSATokenSignerCertificates = new ArrayList<>();
            this.profileRootKeyStoreInfo = null;
            this.profileConfigPath = null;
            this.profileCellName = null;
            this.profileNodeName = null;
            this.profileNodeProperties = new Properties();
            this.profileVersion = null;
            this.profileSSLConfigURL = null;
            this.agentSSLConfigURL = null;
            this.profileSecurityXML = null;
            this.profileWorkSpace = null;
            this.defaultProfileSignerCertificates = new ArrayList<>();
            this.rsaTokenProfileSignerCertificates = new ArrayList<>();
            this.cs = null;
            this.session = null;
            this.certsExchanged = new ArrayList<>();
        }

        @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand, com.ibm.websphere.management.cmdframework.provider.AbstractAdminCommand, com.ibm.websphere.management.cmdframework.AdminCommand
        public void validate() throws CommandValidationException {
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.entry(AdminAgentSecurityCommands.tc, "validate");
            }
            super.validate();
            try {
                this.cs = ConfigServiceFactory.getConfigService();
                if (this.cs == null) {
                    Properties properties = new Properties();
                    properties.put("location", "local");
                    this.cs = ConfigServiceFactory.createConfigService(true, properties);
                }
                this.session = getConfigSession();
                this.baseProfilePath = (String) getParameter("profilePath");
                this.removeSigners = (Boolean) getParameter("removeSigners");
                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                    Tr.debug(AdminAgentSecurityCommands.tc, "profilePath=" + this.baseProfilePath + " removeSigners=" + this.removeSigners);
                }
                if (this.baseProfilePath == null) {
                    throw new CommandValidationException("The profile root is not specified for the task parameter profilePath.");
                }
                if (!new File(this.baseProfilePath).exists()) {
                    throw new CommandValidationException("Profile " + this.baseProfilePath + " does not exist.");
                }
                this.profileConfigPath = this.baseProfilePath + File.separatorChar + "config";
                if (!new File(this.profileConfigPath).exists()) {
                    throw new CommandValidationException("The profile \"" + this.profileConfigPath + "\" does not exist.");
                }
                getProfileCellAndNodeName();
                String str = this.baseProfilePath + File.separator + "properties" + File.separator + "ssl.client.props";
                this.profileSSLConfigURL = "file:" + str;
                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                    Tr.debug(AdminAgentSecurityCommands.tc, "Base Client Config: " + this.profileConfigPath + " ClientSSL: " + this.profileSSLConfigURL);
                }
                if (!new File(str).exists()) {
                    throw new CommandValidationException("The node's ssl.client.props file \"" + this.profileSSLConfigURL + "\" does not exist.");
                }
                this.agentProfilePath = KeyStoreManager.getUserInstallRoot();
                if (this.agentProfilePath == null) {
                    this.agentProfilePath = SSLConfigManager.getInstance().getGlobalProperty("user.root");
                    if (this.agentProfilePath == null) {
                        this.agentProfilePath = SSLConfigManager.getInstance().getGlobalProperty("user.install.root");
                    }
                }
                String str2 = this.agentProfilePath + File.separator + "properties" + File.separator + "ssl.client.props";
                this.agentSSLConfigURL = "file:" + str2;
                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                    Tr.debug(AdminAgentSecurityCommands.tc, "Admin Agent Client Config: " + str2 + " ClientSSL: " + this.agentSSLConfigURL);
                }
                if (!new File(str2).exists()) {
                    throw new CommandValidationException("The Admin Agent's ssl.client.props file \"" + this.agentSSLConfigURL + "\" does not exist.");
                }
                if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                    Tr.exit(AdminAgentSecurityCommands.tc, "validate");
                }
            } catch (ConfigServiceException e) {
                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                    Tr.debug(AdminAgentSecurityCommands.tc, "ConfigService exception: ", new Object[]{e});
                }
                String message = e.getMessage();
                FFDCFilter.processException(e, "com.ibm.ws.ssl.commands.adminagent.AdminAgentSecurityCommands.validate", "277", this);
                throw new CommandValidationException(message);
            } catch (Exception e2) {
                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                    Tr.debug(AdminAgentSecurityCommands.tc, "Exception occurred in validate: ", new Object[]{e2});
                }
                String message2 = e2.getMessage();
                FFDCFilter.processException(e2, "com.ibm.ws.ssl.commands.adminagent.AdminAgentSecurityCommands.validate", "284", this);
                throw new CommandValidationException(message2);
            }
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand
        public void afterStepsExecuted() {
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.entry(AdminAgentSecurityCommands.tc, "afterStepsExecuted");
            }
            super.afterStepsExecuted();
            TaskCommandResultImpl taskCommandResultImpl = (TaskCommandResultImpl) getTaskCommandResult();
            try {
                if (!taskCommandResultImpl.isSuccessful()) {
                    if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                        Tr.exit(AdminAgentSecurityCommands.tc, "afterStepsExecuted");
                        return;
                    }
                    return;
                }
                try {
                    if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                        Tr.debug(AdminAgentSecurityCommands.tc, "UUID: " + AdminContext.peek());
                    }
                    if (this.cs == null || this.session == null) {
                        throw new CommandValidationException("ConfigService and/or Session is null.");
                    }
                    ObjectName createObjectName = ConfigServiceHelper.createObjectName((ConfigDataId) null, "Security");
                    ObjectName objectName = this.cs.resolve(this.session, "Cell=")[0];
                    ObjectName objectName2 = this.cs.resolve(this.session, "Cell=:Node=")[0];
                    this.agentSecurityXML = (Security) MOFUtil.convertToEObject(this.session, objectName != null ? this.cs.queryConfigObjects(this.session, objectName, createObjectName, null)[0] : null);
                    boolean isEnabled = this.agentSecurityXML.isEnabled();
                    AuthMechanism activeAuthMechanism = this.agentSecurityXML.getActiveAuthMechanism();
                    if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                        Tr.debug(AdminAgentSecurityCommands.tc, "Admin agent security enabled: " + isEnabled);
                    }
                    if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                        Tr.debug(AdminAgentSecurityCommands.tc, "Active auth mechanism: " + activeAuthMechanism.getOID());
                    }
                    String str = SSLConfigManager.getInstance().isServerProcess() ? null : "(cell):" + ConfigServiceHelper.getDisplayName(objectName) + ":(node):" + ConfigServiceHelper.getDisplayName(objectName2);
                    this.agentKeyStoreInfo = PersonalCertificateHelper.getKsInfo(this.session, this.cs, "NodeDefaultKeyStore", str);
                    this.agentRSATokenKeyStoreInfo = PersonalCertificateHelper.getKsInfo(this.session, this.cs, "NodeRSATokenKeyStore", str);
                    this.agentDefaultSignerCertificates = getCertificates(this.agentKeyStoreInfo);
                    this.agentRSATokenSignerCertificates = getCertificates(this.agentRSATokenKeyStoreInfo);
                    if (this.agentDefaultSignerCertificates.size() == 0) {
                        throw new CommandValidationException("AdminAgent default signer certificates could not be found.");
                    }
                    if (this.agentRSATokenSignerCertificates.size() == 0) {
                        throw new CommandValidationException("AdminAgent RSAToken signer certificates could not be found.");
                    }
                    WorkSpace workSpace = getWorkSpace(this.baseProfilePath + File.separatorChar + "config");
                    this.profileSecurityXML = getCellSecurityObject(this.baseProfilePath, workSpace);
                    ((WorkSpaceManagerImpl) WorkSpaceManagerFactory.getManager()).releaseWorkSpace(workSpace.getUserName());
                    boolean isEnabled2 = this.profileSecurityXML.isEnabled();
                    AuthMechanism activeAuthMechanism2 = this.profileSecurityXML.getActiveAuthMechanism();
                    if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                        Tr.debug(AdminAgentSecurityCommands.tc, "Profile security enabled: " + isEnabled2);
                    }
                    if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                        Tr.debug(AdminAgentSecurityCommands.tc, "Profile active auth mechanism: " + activeAuthMechanism2.getOID());
                    }
                    if (isEnabled2 && !isEnabled) {
                        Tr.error(AdminAgentSecurityCommands.tc, "ssl.command.agent.registration.agentoff.profileon.CWPKI0725E");
                        throw new CommandValidationException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.agent.registration.agentoff.profileon.CWPKI0725E", null, "The profile has administrative security enabled but the admin agent does not.  Make sure security is either enabled on both or disabled on both profiles."));
                    }
                    if (!isEnabled2 && isEnabled) {
                        Tr.error(AdminAgentSecurityCommands.tc, "ssl.command.agent.registration.agenton.profileoff.CWPKI0724E");
                        throw new CommandValidationException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.agent.registration.agenton.profileoff.CWPKI0724E", null, "The admin agent has administrative security enabled but the profile does not.  Make sure security is either enabled on both or disabled on both profiles."));
                    }
                    boolean z = false;
                    if (this.profileSecurityXML.getRepertoire() != null && this.profileSecurityXML.getRepertoire().size() > 0) {
                        if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                            Tr.debug(AdminAgentSecurityCommands.tc, "Loading the node's signer from the DefaultKeyStore");
                        }
                        EList<KeyStore> keyStores = this.profileSecurityXML.getKeyStores();
                        if (keyStores != null && keyStores.size() > 0) {
                            new ArrayList(keyStores.size());
                            for (KeyStore keyStore : keyStores) {
                                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                                    Tr.debug(AdminAgentSecurityCommands.tc, "Current KeyStore: " + keyStore.getName());
                                }
                                if (keyStore != null) {
                                    String expand = expand(keyStore.getLocation(), this.profileConfigPath);
                                    String name = keyStore.getName();
                                    if (name != null && (name.equals("NodeDefaultKeyStore") || name.equals("NodeRSATokenKeyStore"))) {
                                        if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                                            Tr.debug(AdminAgentSecurityCommands.tc, "Found KeyStore: " + name);
                                        }
                                        new File(expand);
                                        KeyStoreInfo makeKsInfo = makeKsInfo(keyStore, this.profileConfigPath);
                                        if (makeKsInfo.getType().equals(Constants.KEYSTORE_TYPE_JCERACFKS) || makeKsInfo.getType().equals(Constants.KEYSTORE_TYPE_JCECCARACFKS)) {
                                            Tr.debug(AdminAgentSecurityCommands.tc, "KeyStore is RACF type, skipping: " + name + ", " + makeKsInfo.getType());
                                            z = true;
                                        } else {
                                            WSKeyStoreRemotable wSKeyStoreRemotable = new WSKeyStoreRemotable(makeKsInfo);
                                            if (wSKeyStoreRemotable != null) {
                                                for (Object obj : wSKeyStoreRemotable.invokeKeyStoreCommand("aliases", null)) {
                                                    String str2 = (String) obj;
                                                    if (((Boolean) wSKeyStoreRemotable.invokeKeyStoreCommand("isKeyEntry", new Object[]{str2})[0]).booleanValue()) {
                                                        Certificate[] certificateArr = (Certificate[]) wSKeyStoreRemotable.invokeKeyStoreCommand("getCertificateChain", new Object[]{str2})[0];
                                                        if (name.equals("NodeDefaultKeyStore")) {
                                                            this.defaultProfileSignerCertificates.add((X509Certificate) certificateArr[certificateArr.length - 1]);
                                                        }
                                                        if (name.equals("NodeRSATokenKeyStore")) {
                                                            this.rsaTokenProfileSignerCertificates.add((X509Certificate) certificateArr[certificateArr.length - 1]);
                                                        }
                                                    }
                                                }
                                            }
                                        }
                                    }
                                }
                            }
                        }
                    }
                    if (this.defaultProfileSignerCertificates.size() == 0 && !z) {
                        throw new CommandValidationException("A signer certificate for the base application server node's Default SSL could not be found.");
                    }
                    if (this.rsaTokenProfileSignerCertificates.size() == 0 && !z) {
                        throw new CommandValidationException("A signer certificate for the base application server node's RSA Token Framework could not be found.");
                    }
                    storeSignersInTrustStores(this.profileSecurityXML, this.agentDefaultSignerCertificates, "agent_signer", this.profileConfigPath, Constants.DEFAULT_TRUST_STORE);
                    storeSignersInTrustStores(this.profileSecurityXML, this.agentRSATokenSignerCertificates, "agent_signer", this.profileConfigPath, Constants.RSA_TOKEN_TRUST_STORE);
                    storeSignersInTrustStores(this.agentSecurityXML, this.defaultProfileSignerCertificates, this.profileNodeName + "_signer", null, Constants.DEFAULT_TRUST_STORE);
                    storeSignersInTrustStores(this.agentSecurityXML, this.rsaTokenProfileSignerCertificates, this.profileNodeName + "_signer", null, Constants.RSA_TOKEN_TRUST_STORE);
                    storeSignersInClientTrustStore(this.agentDefaultSignerCertificates, "agent_signer", this.profileSSLConfigURL, this.baseProfilePath);
                    storeSignersInClientTrustStore(this.agentRSATokenSignerCertificates, "agent_signer", this.profileSSLConfigURL, this.baseProfilePath);
                    storeSignersInClientTrustStore(this.defaultProfileSignerCertificates, this.profileNodeName + "_signer", this.agentSSLConfigURL, this.agentProfilePath);
                    if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                        Tr.debug(AdminAgentSecurityCommands.tc, "CERTIFICATES EXCHANGED");
                        Iterator<String> it = this.certsExchanged.iterator();
                        while (it.hasNext()) {
                            Tr.debug(AdminAgentSecurityCommands.tc, it.next());
                        }
                    }
                    if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                        Tr.exit(AdminAgentSecurityCommands.tc, "afterStepsExecuted");
                    }
                    if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                        Tr.debug(AdminAgentSecurityCommands.tc, "Clearing SSL context and keyStoreMap");
                    }
                    callClearCaches();
                } catch (Exception e) {
                    if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                        Tr.debug(AdminAgentSecurityCommands.tc, "Exception occurred in afterStepsExecuted: ", new Object[]{e});
                    }
                    FFDCFilter.processException(e, "com.ibm.ws.ssl.commands.adminagent.AdminAgentSecurityCommands.afterStepsExecuted", "544", this);
                    taskCommandResultImpl.setException(new CommandException(e, e.getMessage()));
                    if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                        Tr.debug(AdminAgentSecurityCommands.tc, "Clearing SSL context and keyStoreMap");
                    }
                    callClearCaches();
                }
            } catch (Throwable th) {
                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                    Tr.debug(AdminAgentSecurityCommands.tc, "Clearing SSL context and keyStoreMap");
                }
                callClearCaches();
                throw th;
            }
        }

        private void callClearCaches() {
            Iterator it;
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.entry(AdminAgentSecurityCommands.tc, "callClearCaches");
            }
            try {
                it = AdminServiceFactory.getAdminService().queryNames(new ObjectName("WebSphere:type=SSLAdmin,process=adminagent,*"), null).iterator();
            } catch (Exception e) {
                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                    Tr.debug(AdminAgentSecurityCommands.tc, "Exception calling SSLAdmin mbean " + e.getMessage());
                }
                KeyStoreManager.getInstance().clearJavaKeyStoresFromKeyStoreMap();
                AbstractJSSEProvider.clearSSLContextCache();
            }
            if (!it.hasNext()) {
                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                    Tr.exit(AdminAgentSecurityCommands.tc, "SSLAdmin MBean not found just clear caches locally. ");
                }
                KeyStoreManager.getInstance().clearJavaKeyStoresFromKeyStoreMap();
                AbstractJSSEProvider.clearSSLContextCache();
                return;
            }
            AdminServiceFactory.getAdminService().invoke((ObjectName) it.next(), "clearSSLContextCache", null, null);
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.exit(AdminAgentSecurityCommands.tc, "callClearCaches");
            }
        }

        private void storeSignersInClientTrustStore(ArrayList arrayList, String str, String str2, String str3) throws Exception, KeyStoreException {
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.entry(AdminAgentSecurityCommands.tc, "storeSignersInClientTrustStore", new Object[]{arrayList, str, str2});
            }
            if (str2.indexOf("ssl.client.props") != -1) {
                SSLConfig[] loadPropertiesFile = new SSLConfig().loadPropertiesFile(str2, true);
                KeyStoreInfo keyStoreInfo = null;
                String str4 = null;
                for (int i = 0; i < loadPropertiesFile.length; i++) {
                    try {
                        if (i == 0 && loadPropertiesFile[i] != null) {
                            str4 = loadPropertiesFile[i].getProperty(Constants.SSLPROP_DEFAULT_ALIAS);
                            if (str4 == null) {
                                str4 = "DefaultSSLSettings";
                            }
                        } else if (loadPropertiesFile[i] != null && loadPropertiesFile[i].getProperty("com.ibm.ssl.alias").equalsIgnoreCase(str4)) {
                            SSLConfig sSLConfig = loadPropertiesFile[i];
                            sSLConfig.decodePasswords();
                            keyStoreInfo = new KeyStoreInfo();
                            keyStoreInfo.setName(sSLConfig.getProperty(Constants.SSLPROP_TRUST_STORE_NAME));
                            keyStoreInfo.setLocation(expand(sSLConfig.getProperty("com.ibm.ssl.trustStore"), str3));
                            keyStoreInfo.setPassword(sSLConfig.getProperty("com.ibm.ssl.trustStorePassword"));
                            keyStoreInfo.setType(sSLConfig.getProperty("com.ibm.ssl.trustStoreType"));
                            keyStoreInfo.setProvider(sSLConfig.getProperty("com.ibm.ssl.trustStoreProvider"));
                            keyStoreInfo.setFileBased(new Boolean(sSLConfig.getProperty(Constants.SSLPROP_TRUST_STORE_FILE_BASED)));
                            keyStoreInfo.setReadOnly(new Boolean(sSLConfig.getProperty(Constants.SSLPROP_TRUST_STORE_READ_ONLY)));
                        }
                    } catch (Exception e) {
                        Tr.error(AdminAgentSecurityCommands.tc, "ssl.client.config.parse.CWPKI0019E", new Object[]{str2, e.getMessage()});
                        if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                            Tr.debug(AdminAgentSecurityCommands.tc, "Exception parsing SSL properties from ConfigURL.", new Object[]{e});
                        }
                        throw new Exception(e.getMessage());
                    }
                }
                if (keyStoreInfo != null) {
                    try {
                        storeSigners(arrayList, str, keyStoreInfo, new WSKeyStoreRemotable(keyStoreInfo));
                    } catch (Exception e2) {
                        throw new Exception(e2.getMessage());
                    }
                }
            } else if (str2.indexOf("soap.client.props") != -1) {
                try {
                    SSLConfig sSLConfig2 = new SSLConfig(str2);
                    sSLConfig2.decodePasswords();
                    KeyStoreInfo keyStoreInfo2 = new KeyStoreInfo();
                    keyStoreInfo2.setLocation(expand(sSLConfig2.getProperty("com.ibm.ssl.trustStore"), str3));
                    keyStoreInfo2.setPassword(sSLConfig2.getProperty("com.ibm.ssl.trustStorePassword"));
                    keyStoreInfo2.setType(sSLConfig2.getProperty("com.ibm.ssl.trustStoreType") == null ? "JKS" : sSLConfig2.getProperty("com.ibm.ssl.trustStoreType"));
                    if (keyStoreInfo2 != null) {
                        try {
                            storeSigners(arrayList, str, keyStoreInfo2, new WSKeyStoreRemotable(keyStoreInfo2));
                        } catch (Exception e3) {
                            throw new Exception(e3.getMessage());
                        }
                    }
                } catch (Exception e4) {
                    Tr.error(AdminAgentSecurityCommands.tc, "ssl.client.config.parse.CWPKI0019E", new Object[]{str2, e4.getMessage()});
                    if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                        Tr.debug(AdminAgentSecurityCommands.tc, "Exception parsing SSL properties from ConfigURL.", new Object[]{e4});
                    }
                    throw new Exception(e4.getMessage());
                }
            }
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.exit(AdminAgentSecurityCommands.tc, "storeSignersInClientTrustStore");
            }
        }

        private void storeSigners(ArrayList<X509Certificate> arrayList, String str, KeyStoreInfo keyStoreInfo, WSKeyStoreRemotable wSKeyStoreRemotable) throws Exception, KeyStoreException {
            java.security.KeyStore keyStore;
            String str2;
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.entry(AdminAgentSecurityCommands.tc, "storeSigners");
            }
            if (wSKeyStoreRemotable != null) {
                boolean z = false;
                if (!keyStoreInfo.getType().equals(Constants.KEYSTORE_TYPE_JCERACFKS) && !keyStoreInfo.getType().equals(Constants.KEYSTORE_TYPE_JCECCARACFKS) && (keyStore = wSKeyStoreRemotable.getKeyStore(false, false)) != null) {
                    for (int i = 0; i < arrayList.size(); i++) {
                        X509Certificate x509Certificate = arrayList.get(i);
                        if (x509Certificate != null) {
                            if (!keyStoreInfo.getReadOnly().booleanValue()) {
                                boolean checkIfSignerAlreadyExistsInTrustStore = KeyStoreManager.getInstance().checkIfSignerAlreadyExistsInTrustStore(x509Certificate, keyStore);
                                if (!checkIfSignerAlreadyExistsInTrustStore && !keyStore.containsAlias(str)) {
                                    keyStore.setCertificateEntry(str, x509Certificate);
                                    String generateDigest = KeyStoreManager.getInstance().generateDigest("SHA", x509Certificate);
                                    if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                                        Tr.debug(AdminAgentSecurityCommands.tc, "Added signer certificate with \"" + str + "\" and serial \"" + x509Certificate.getSerialNumber() + "\" to keystore\"" + wSKeyStoreRemotable.getLocation() + "\"with the following SHA digest: " + generateDigest);
                                        this.certsExchanged.add("Added signer certificate with \"" + str + "\" and serial \"" + x509Certificate.getSerialNumber() + "\" to keystore\"" + wSKeyStoreRemotable.getLocation() + "\"with the following SHA digest: " + generateDigest);
                                    }
                                    z = true;
                                } else if (!checkIfSignerAlreadyExistsInTrustStore) {
                                    int i2 = 1;
                                    do {
                                        int i3 = i2;
                                        i2++;
                                        str2 = str + "_" + i3;
                                    } while (keyStore.containsAlias(str2));
                                    if (!keyStore.containsAlias(str2)) {
                                        keyStore.setCertificateEntry(str2, x509Certificate);
                                        String generateDigest2 = KeyStoreManager.getInstance().generateDigest("SHA", x509Certificate);
                                        if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                                            Tr.debug(AdminAgentSecurityCommands.tc, "Added signer certificate with \"" + str2 + "\" and serial \"" + x509Certificate.getSerialNumber() + "\" to keystore\"" + wSKeyStoreRemotable.getLocation() + "\"with the following SHA digest: " + generateDigest2);
                                            this.certsExchanged.add("Added signer certificate with \"" + str2 + "\" and serial \"" + x509Certificate.getSerialNumber() + "\" to keystore\"" + wSKeyStoreRemotable.getLocation() + "\"with the following SHA digest: " + generateDigest2);
                                        }
                                        z = true;
                                    }
                                } else if (checkIfSignerAlreadyExistsInTrustStore && this.removeSigners.booleanValue()) {
                                    if (removeSignerFromTrustStore(x509Certificate, keyStore)) {
                                        z = true;
                                    }
                                    new AgentProfileServerIDExchanger().exchangeServerIDs(this.baseProfilePath, System.getProperty("user.install.root"), null, false);
                                }
                            } else if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                                Tr.debug(AdminAgentSecurityCommands.tc, "Trust Store is read-only, unable to exchange signers.");
                            }
                        }
                        if (z) {
                            wSKeyStoreRemotable.store();
                        } else if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                            Tr.debug(AdminAgentSecurityCommands.tc, "All signers from remote keystore already exist in local keystore.");
                        }
                    }
                }
            }
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.exit(AdminAgentSecurityCommands.tc, "storeSigners");
            }
        }

        private void storeSignersInTrustStores(Security security, ArrayList<X509Certificate> arrayList, String str, String str2, String str3) throws Exception {
            EList<AuthMechanism> authMechanisms;
            KeyStore adminCertificateTrustStore;
            EList<com.ibm.websphere.models.config.security.SSLConfig> repertoire;
            KeyStore trustStore;
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.entry(AdminAgentSecurityCommands.tc, "storeSignersInTrustStores", new Object[]{security, arrayList, str, str2, str3});
            }
            try {
                if (security.getRepertoire() != null && security.getRepertoire().size() > 0 && (repertoire = security.getRepertoire()) != null && repertoire.size() > 0) {
                    new ArrayList(repertoire.size());
                    for (com.ibm.websphere.models.config.security.SSLConfig sSLConfig : repertoire) {
                        if (sSLConfig.getAlias() != null && (trustStore = sSLConfig.getSetting().getTrustStore()) != null) {
                            String expand = str2 != null ? expand(trustStore.getLocation(), str2) : KeyStoreManager.getInstance().expand(trustStore.getLocation());
                            String name = trustStore.getName();
                            if (name != null && name.endsWith(str3)) {
                                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                                    Tr.debug(AdminAgentSecurityCommands.tc, "TrustStore: " + trustStore.getName());
                                }
                                new File(expand);
                                KeyStoreInfo makeKsInfo = makeKsInfo(trustStore, str2);
                                storeSigners(arrayList, str, makeKsInfo, new WSKeyStoreRemotable(makeKsInfo));
                            }
                        }
                    }
                }
                if (security.getAuthMechanisms() != null && security.getAuthMechanisms().size() > 0 && (authMechanisms = security.getAuthMechanisms()) != null && authMechanisms.size() > 0) {
                    for (AuthMechanism authMechanism : authMechanisms) {
                        if ((authMechanism instanceof RSAToken) && (adminCertificateTrustStore = ((RSAToken) authMechanism).getAdminCertificateTrustStore()) != null) {
                            String expand2 = str2 != null ? expand(adminCertificateTrustStore.getLocation(), str2) : KeyStoreManager.getInstance().expand(adminCertificateTrustStore.getLocation());
                            String name2 = adminCertificateTrustStore.getName();
                            if (name2 != null && name2.endsWith(str3)) {
                                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                                    Tr.debug(AdminAgentSecurityCommands.tc, "TrustStore: " + adminCertificateTrustStore.getName());
                                }
                                new File(expand2);
                                KeyStoreInfo makeKsInfo2 = makeKsInfo(adminCertificateTrustStore, str2);
                                storeSigners(arrayList, str, makeKsInfo2, new WSKeyStoreRemotable(makeKsInfo2));
                            }
                        }
                    }
                }
                if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                    Tr.exit(AdminAgentSecurityCommands.tc, "storeSignersInTrustStores");
                }
            } catch (Exception e) {
                throw new Exception(e.getMessage());
            }
        }

        private boolean removeSignerFromTrustStore(X509Certificate x509Certificate, java.security.KeyStore keyStore) {
            String generateDigest;
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.entry(AdminAgentSecurityCommands.tc, "removeSignerFromTrustStore");
            }
            try {
                generateDigest = KeyStoreManager.getInstance().generateDigest("MD5", x509Certificate);
            } catch (Exception e) {
                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                    Tr.debug(AdminAgentSecurityCommands.tc, "Exception while removing signers from the trustStore.", new Object[]{e});
                }
            }
            if (generateDigest == null) {
                if (!AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                    return false;
                }
                Tr.exit(AdminAgentSecurityCommands.tc, "removeSignerFromTrustStore -> false (could not generate digest)");
                return false;
            }
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (keyStore.containsAlias(nextElement)) {
                    X509Certificate x509Certificate2 = (X509Certificate) keyStore.getCertificate(nextElement);
                    String generateDigest2 = KeyStoreManager.getInstance().generateDigest("MD5", x509Certificate2);
                    if (generateDigest.equals(generateDigest2) && !isLastCertificate(keyStore)) {
                        keyStore.deleteEntry(nextElement);
                        if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                            Tr.debug(AdminAgentSecurityCommands.tc, "Deleted signer certificate with \"" + nextElement + "\" and serial \"" + x509Certificate2.getSerialNumber() + "\"with the following SHA digest: " + generateDigest2);
                            this.certsExchanged.add("Deleted signer certificate with \"" + nextElement + "\" and serial \"" + x509Certificate2.getSerialNumber() + "\"with the following SHA digest: " + generateDigest2);
                        }
                        if (!AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                            return true;
                        }
                        Tr.exit(AdminAgentSecurityCommands.tc, "removeSignerFromTrustStore -> true (digest matches)");
                        return true;
                    }
                }
            }
            if (!AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                return false;
            }
            Tr.exit(AdminAgentSecurityCommands.tc, "removeMatchingSignersFromTrustStore -> false (no digest matches)");
            return false;
        }

        private boolean isLastCertificate(java.security.KeyStore keyStore) throws KeyStoreException {
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.entry(AdminAgentSecurityCommands.tc, "isLastCertificate");
            }
            Enumeration<String> aliases = keyStore.aliases();
            int i = 0;
            while (aliases.hasMoreElements()) {
                i++;
                aliases.nextElement();
            }
            if (i <= 1) {
                if (!AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                    return true;
                }
                Tr.exit(AdminAgentSecurityCommands.tc, "isLastCertificate", true);
                return true;
            }
            if (!AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                return false;
            }
            Tr.exit(AdminAgentSecurityCommands.tc, "isLastCertificate", false);
            return false;
        }

        private Security getCellSecurityObject(String str, WorkSpace workSpace) throws Exception {
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.entry(AdminAgentSecurityCommands.tc, "getCellSecurityObject", new Object[]{str, workSpace});
            }
            Resource resource = workSpace.findContext(((RepositoryContext) workSpace.findContext(workSpace.getMetaData().getContextType(AdminAuthzConstants.CELL_RES)).iterator().next()).getURI()).getResourceSet().getResource(URI.createURI(WorkSpaceQueryUtil.SECURITY_URI), true);
            resource.load(new HashMap());
            Security security = (Security) resource.getContents().get(0);
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.exit(AdminAgentSecurityCommands.tc, "getCellSecurityObject", security);
            }
            return security;
        }

        public KeyStoreInfo makeKsInfo(KeyStore keyStore, String str) throws Exception {
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.entry(AdminAgentSecurityCommands.tc, "makeKsInfo");
            }
            KeyStoreInfo keyStoreInfo = new KeyStoreInfo();
            try {
                keyStoreInfo.setName(keyStore.getName());
                keyStoreInfo.setType(keyStore.getType());
                keyStoreInfo.setPassword(keyStore.getPassword());
                keyStoreInfo.setProvider(keyStore.getProvider());
                if (str != null) {
                    keyStoreInfo.setLocation(expand(keyStore.getLocation(), str));
                } else {
                    keyStoreInfo.setLocation(KeyStoreManager.getInstance().expand(keyStore.getLocation()));
                }
                keyStoreInfo.setFileBased(Boolean.valueOf(keyStore.isFileBased()));
                keyStoreInfo.setHostList(keyStore.getHostList());
                keyStoreInfo.setInitializeAtStartup(Boolean.valueOf(keyStore.isInitializeAtStartup()));
                keyStoreInfo.setStashFile(Boolean.valueOf(keyStore.isCreateStashFileForCMS()));
                keyStoreInfo.setReadOnly(Boolean.valueOf(keyStore.isReadOnly()));
                keyStoreInfo.setScopeName(MOFUtil.createObjectName(keyStore.getManagementScope()));
                keyStoreInfo.setSlot(Integer.valueOf(keyStore.getSlot()));
                keyStoreInfo.setAccelerator(Boolean.valueOf(keyStore.isUseForAcceleration()));
                keyStoreInfo.setDescription(keyStore.getDescription());
                String scopeName = keyStore.getManagementScope().getScopeName();
                if (scopeName != null) {
                    if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                        Tr.debug(AdminAgentSecurityCommands.tc, "Management scope name going into the ksinfo is " + scopeName);
                    }
                    keyStoreInfo.setScopeNameString(scopeName);
                }
                if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                    Tr.exit(AdminAgentSecurityCommands.tc, "makeKsInfo");
                }
                return keyStoreInfo;
            } catch (Exception e) {
                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                    Tr.debug(AdminAgentSecurityCommands.tc, "Exception while create KeyStoreInfo " + e.getMessage());
                }
                throw e;
            }
        }

        public X509Certificate getCertificate(KeyStoreInfo keyStoreInfo, String str) throws Exception {
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.entry(AdminAgentSecurityCommands.tc, "getCertificate");
            }
            WSKeyStoreRemotable wSKeyStoreRemotable = new WSKeyStoreRemotable(keyStoreInfo);
            try {
                Object[] invokeKeyStoreCommand = wSKeyStoreRemotable.invokeKeyStoreCommand("containsAlias", new Object[]{str});
                Object[] invokeKeyStoreCommand2 = wSKeyStoreRemotable.invokeKeyStoreCommand("isKeyEntry", new Object[]{str});
                if (!((Boolean) invokeKeyStoreCommand[0]).booleanValue() || !((Boolean) invokeKeyStoreCommand2[0]).booleanValue()) {
                    throw new CommandValidationException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.cert.alias.not.exists.CWPKI0650E", new Object[]{str, keyStoreInfo.getName()}, "Signer certificate alias \"" + str + "\" does not exist in key store \"" + keyStoreInfo.getName() + "\"."));
                }
                X509Certificate x509Certificate = (X509Certificate) wSKeyStoreRemotable.invokeKeyStoreCommand("getCertificate", new Object[]{str})[0];
                if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                    Tr.exit(AdminAgentSecurityCommands.tc, "getCertificate");
                }
                return x509Certificate;
            } catch (Exception e) {
                throw new Exception(e.getMessage());
            }
        }

        public ArrayList<X509Certificate> getCertificates(KeyStoreInfo keyStoreInfo) throws Exception {
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.entry(AdminAgentSecurityCommands.tc, "getCertificates");
            }
            WSKeyStoreRemotable wSKeyStoreRemotable = new WSKeyStoreRemotable(keyStoreInfo);
            ArrayList<X509Certificate> arrayList = new ArrayList<>();
            try {
                for (Object obj : wSKeyStoreRemotable.invokeKeyStoreCommand("aliases", null)) {
                    String str = (String) obj;
                    if (((Boolean) wSKeyStoreRemotable.invokeKeyStoreCommand("isKeyEntry", new Object[]{str})[0]).booleanValue()) {
                        Certificate[] certificateArr = (Certificate[]) wSKeyStoreRemotable.invokeKeyStoreCommand("getCertificateChain", new Object[]{str})[0];
                        arrayList.add((X509Certificate) certificateArr[certificateArr.length - 1]);
                    }
                }
                if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                    Tr.exit(AdminAgentSecurityCommands.tc, "getCertificates");
                }
                return arrayList;
            } catch (Exception e) {
                throw new Exception(e.getMessage());
            }
        }

        public String expand(String str, String str2) {
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.entry(AdminAgentSecurityCommands.tc, "expand");
            }
            String str3 = str;
            String str4 = null;
            try {
                int indexOf = str3.indexOf("${CONFIG_ROOT}");
                if (indexOf != -1) {
                    String substring = str3.substring(0, indexOf);
                    String substring2 = str3.substring(indexOf + "${CONFIG_ROOT}".length());
                    if (str2 == null) {
                        throw new Exception("replace string is null.");
                    }
                    if (str2 != null) {
                        str4 = (substring == null || substring.equals("")) ? str2 + substring2 : substring + str2 + substring2;
                        str3 = str4;
                    }
                }
                int indexOf2 = str3.indexOf("${user.root}");
                if (indexOf2 != -1) {
                    String substring3 = str3.substring(0, indexOf2);
                    String substring4 = str3.substring(indexOf2 + "${user.root}".length());
                    if (str2 == null) {
                        throw new Exception("replace string is null.");
                    }
                    if (str2 != null) {
                        str4 = (substring3 == null || substring3.equals("")) ? str2 + substring4 : substring3 + str2 + substring4;
                    }
                }
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.ssl.commands.adminagent.AdminAgentSecurityCommands.expand", "1198", this);
                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                    Tr.debug(AdminAgentSecurityCommands.tc, "Expand exception: ", new Object[]{e});
                }
            }
            if (str4 != null) {
                String replace = str4.replace('\\', '/');
                if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                    Tr.exit(AdminAgentSecurityCommands.tc, "expand -> " + replace);
                }
                return replace;
            }
            String replace2 = str.replace('\\', '/');
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.exit(AdminAgentSecurityCommands.tc, "expand -> (not expanded)");
            }
            return replace2;
        }

        private WorkSpace getWorkSpace(String str) throws Exception {
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.entry(AdminAgentSecurityCommands.tc, "getWorkSpace", str);
            }
            WorkSpace workSpace = null;
            int i = 0;
            while (workSpace == null) {
                Properties properties = new Properties();
                properties.setProperty(WorkSpaceManager.WORKSPACE_USER_ID, "baseToAgent" + System.currentTimeMillis());
                properties.setProperty(WorkSpaceManager.WORKSPACE_REPOSITORY_ADAPTER, WorkSpaceManager.WORKSPACE_SELF_REPOSITORY_ADAPTER);
                properties.setProperty(WorkSpaceManager.WORKSPACE_ROOT, str);
                properties.setProperty(WorkSpaceManager.WORKSPACE_METADATA_ROOT, str + "/.repository");
                try {
                    workSpace = ((WorkSpaceManagerImpl) WorkSpaceManagerFactory.getManager()).createUniqueWorkSpace(properties);
                } catch (Exception e) {
                    Tr.debug(AdminAgentSecurityCommands.tc, "Caught exception creating the workspace: ", new Object[]{e});
                }
                if (workSpace == null) {
                    i++;
                    try {
                        Thread.sleep(1L);
                    } catch (InterruptedException e2) {
                        e2.printStackTrace(System.err);
                    }
                }
                if (i > 10) {
                    throw new Exception("Failed to create workspace ");
                }
            }
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.exit(AdminAgentSecurityCommands.tc, "getWorkSpace", workSpace);
            }
            return workSpace;
        }

        private void getNodeProperties() throws AdminException {
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.entry(AdminAgentSecurityCommands.tc, "getNodeProperties");
            }
            if (this.profileCellName != null && this.profileNodeName != null) {
                Properties properties = new Properties();
                properties.setProperty("local.cell", this.profileCellName);
                properties.setProperty("was.repository.root", this.profileConfigPath);
                this.profileNodeProperties = ManagedObjectMetadataAccessorFactory.createAccessor(properties).getMetadataProperties(this.profileNodeName);
            }
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.exit(AdminAgentSecurityCommands.tc, "getNodeProperties", this.profileNodeProperties);
            }
        }

        private void getProfileCellAndNodeName() throws Exception {
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.entry(AdminAgentSecurityCommands.tc, "getProfileCellAndNodeName");
            }
            String str = this.baseProfilePath + File.separator + "config" + File.separator + AdminAuthzConstants.CELL_RES;
            File file = new File(str);
            int length = file.list().length;
            int i = 0;
            while (true) {
                if (i > length) {
                    break;
                }
                if (file.list()[i].endsWith(".xml")) {
                    i++;
                } else {
                    this.profileCellName = file.list()[i];
                    if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                        Tr.debug(AdminAgentSecurityCommands.tc, "Profile cell name is " + this.profileCellName);
                    }
                }
            }
            String[] list = new File(str + File.separator + this.profileCellName + File.separator + "nodes").list();
            if (list.length != 1) {
                int i2 = 0;
                while (true) {
                    if (i2 >= list.length) {
                        break;
                    }
                    String str2 = list[i2];
                    if (str2.indexOf("Manager") != -1) {
                        this.profileNodeName = str2;
                        if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                            Tr.debug(AdminAgentSecurityCommands.tc, "Profile node name is " + this.profileNodeName);
                        }
                    } else {
                        i2++;
                    }
                }
            } else {
                this.profileNodeName = list[0];
                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                    Tr.debug(AdminAgentSecurityCommands.tc, "Profile node name is " + this.profileNodeName);
                }
            }
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.exit(AdminAgentSecurityCommands.tc, "getProfileCellAndNodeName");
            }
        }

        private boolean checkVersion(String str) throws AdminException {
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.entry(AdminAgentSecurityCommands.tc, "checkVersion");
            }
            boolean z = false;
            getNodeProperties();
            this.profileVersion = this.profileNodeProperties.getProperty("com.ibm.websphere.baseProductVersion");
            if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                Tr.debug(AdminAgentSecurityCommands.tc, "profile version is " + this.profileVersion);
            }
            if (this.profileVersion.indexOf(str) != -1) {
                z = true;
            }
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.exit(AdminAgentSecurityCommands.tc, "checkVersion " + z);
            }
            return z;
        }
    }

    /* loaded from: input_file:wasJars/cryptoimpl.jar:com/ibm/ws/ssl/commands/adminagent/AdminAgentSecurityCommands$BaseToAgentRegistrationAfterStart.class */
    public class BaseToAgentRegistrationAfterStart extends AbstractTaskCommand {
        private String profilePath;

        public BaseToAgentRegistrationAfterStart(CommandData commandData) throws CommandNotFoundException, CommandLoadException {
            super(commandData);
            this.profilePath = null;
        }

        public BaseToAgentRegistrationAfterStart(TaskCommandMetadata taskCommandMetadata) throws CommandNotFoundException {
            super(taskCommandMetadata);
            this.profilePath = null;
        }

        @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand, com.ibm.websphere.management.cmdframework.provider.AbstractAdminCommand, com.ibm.websphere.management.cmdframework.AdminCommand
        public void validate() throws CommandValidationException {
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.entry(AdminAgentSecurityCommands.tc, "validate");
            }
            super.validate();
            try {
                this.profilePath = (String) getParameter("profilePath");
                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                    Tr.debug(AdminAgentSecurityCommands.tc, "profilePath=" + this.profilePath);
                }
                if (this.profilePath == null) {
                    throw new CommandValidationException("The profile root is not specified for the task parameter profilePath.");
                }
                if (!new File(this.profilePath).exists()) {
                    throw new CommandValidationException("Profile " + this.profilePath + " does not exist.");
                }
                if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                    Tr.exit(AdminAgentSecurityCommands.tc, "validate");
                }
            } catch (Exception e) {
                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                    Tr.debug(AdminAgentSecurityCommands.tc, "Exception occurred in validate: ", new Object[]{e});
                }
                throw new CommandValidationException(e.getMessage());
            }
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand
        public void afterStepsExecuted() {
            if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                Tr.entry(AdminAgentSecurityCommands.tc, "afterStepsExecuted");
            }
            super.afterStepsExecuted();
            TaskCommandResultImpl taskCommandResultImpl = (TaskCommandResultImpl) getTaskCommandResult();
            if (!taskCommandResultImpl.isSuccessful()) {
                if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                    Tr.exit(AdminAgentSecurityCommands.tc, "afterStepsExecuted");
                    return;
                }
                return;
            }
            try {
                new AgentProfileServerIDExchanger().exchangeServerIDs(this.profilePath, System.getProperty("user.install.root"), null, true);
                if (AdminAgentSecurityCommands.tc.isEntryEnabled()) {
                    Tr.exit(AdminAgentSecurityCommands.tc, "afterStepsExecuted");
                }
            } catch (Exception e) {
                if (AdminAgentSecurityCommands.tc.isDebugEnabled()) {
                    Tr.debug(AdminAgentSecurityCommands.tc, "Exception occurred in afterStepsExecuted: ", new Object[]{e});
                }
                taskCommandResultImpl.setException(new CommandException(e, e.getMessage()));
            }
        }
    }

    @Override // com.ibm.websphere.management.cmdframework.provider.SimpleCommandProvider, com.ibm.websphere.management.cmdframework.provider.CommandProvider
    public AbstractAdminCommand createCommand(CommandMetadata commandMetadata) throws CommandNotFoundException {
        String name = commandMetadata.getName();
        return name.equals("baseToAgentRegistration") ? new BaseToAgentRegistration((TaskCommandMetadata) commandMetadata) : name.equals("baseToAgentRegistrationAfterStart") ? new BaseToAgentRegistrationAfterStart((TaskCommandMetadata) commandMetadata) : name.equals("agentToJobManagerRegistration") ? new AgentToJobManagerRegistration((TaskCommandMetadata) commandMetadata) : super.createCommand(commandMetadata);
    }

    @Override // com.ibm.websphere.management.cmdframework.provider.SimpleCommandProvider, com.ibm.websphere.management.cmdframework.provider.CommandProvider
    public AbstractAdminCommand loadCommand(CommandData commandData) throws CommandNotFoundException, CommandLoadException {
        String name = commandData.getName();
        return name.equals("baseToAgentRegistration") ? new BaseToAgentRegistration(commandData) : name.equals("baseToAgentRegistrationAfterStart") ? new BaseToAgentRegistrationAfterStart(commandData) : name.equals("agentToJobManagerRegistration") ? new AgentToJobManagerRegistration(commandData) : super.loadCommand(commandData);
    }
}
