package com.ibm.ws.ssl.utils;

import com.ibm.ejs.ras.ManagerAdmin;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.AdminClient;
import com.ibm.websphere.management.AdminClientFactory;
import com.ibm.websphere.management.ObjectNameHelper;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.profile.WSProfileConstants;
import com.ibm.ws.security.util.AccessController;
import com.ibm.ws.sm.validation.CompositeValidator;
import com.ibm.ws.ssl.config.KeyStoreManager;
import com.ibm.ws.ssl.config.ThreadManager;
import com.ibm.ws.ssl.config.WSKeyStore;
import com.ibm.ws.ssl.core.TraceNLSHelper;
import com.ibm.wsspi.profile.WSProfile;
import java.io.ByteArrayOutputStream;
import java.io.DataOutputStream;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.KeyStore;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import java.util.Set;
import javax.management.InstanceNotFoundException;
import javax.management.MalformedObjectNameException;
import javax.management.ObjectName;
import javax.management.QueryExp;
import org.apache.tools.ant.taskdefs.optional.sos.SOSCmd;

/* loaded from: input_file:wasJars/cryptoimpl.jar:com/ibm/ws/ssl/utils/RetrieveSigners.class */
public class RetrieveSigners {
    private static final String DEFAULT_TRACE_FILE = "retrieveSigners.log";
    private static final String DEFAULT_CONNECTOR_TYPE_PROP = "com.ibm.ws.scripting.connectionType";
    private static final String DEFAULT_SCRIPTING_PORT_PROP = "com.ibm.ws.scripting.port";
    private static final String DEFAULT_SCRIPTING_HOST_PROP = "com.ibm.ws.scripting.host";
    private static final String DEFAULT_APPCLIENT_CONNECTOR_TYPE_PROP = "SOAP";
    public static final int MAX_MSG_LEN = 79;
    public static final String INDENT = "           ";
    boolean trace = false;
    boolean replacelog = false;
    boolean quiet = false;
    boolean help = false;
    boolean upload = false;
    String remoteKeyStoreName = null;
    String remoteAlias = null;
    String localAlias = null;
    String localKeyStoreName = null;
    boolean listRemoteKeyStoreNames = false;
    boolean listLocalKeyStoreNames = false;
    Properties props = new Properties();
    String logfile = null;
    boolean isDoubleByteSystem = false;
    String profileName = null;
    String userRoot = null;
    private static final String[] ARG_LIST = {"-profileName", WSProfileConstants.S_HELP_ARG_RAW, "-replacelog", "-logfile", "-quiet", "-trace", SOSCmd.FLAG_PASSWORD, "-user", "-username", "-conntype", "-port", "-host", "-localAlias", "-remoteAlias", "-upload", "-listLocalKeyStoreNames", "-listRemoteKeyStoreNames", "-autoAcceptBootstrapSigner", "-uploadSigners"};
    private static final TraceComponent tc = Tr.register(RetrieveSigners.class, "SSL", "com.ibm.ws.ssl.resources.ssl");

    public static int mainForInProcess(String[] strArr) {
        return new RetrieveSigners().retrieveSigners(strArr);
    }

    public static void main(String[] strArr) {
        System.exit(new RetrieveSigners().retrieveSigners(strArr));
    }

    /* JADX WARN: Removed duplicated region for block: B:112:0x05a1  */
    /* JADX WARN: Removed duplicated region for block: B:114:? A[RETURN, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private int retrieveSigners(java.lang.String[] r11) {
        /*
            Method dump skipped, instructions count: 1451
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ws.ssl.utils.RetrieveSigners.retrieveSigners(java.lang.String[]):int");
    }

    private int uploadSigners(AdminClient adminClient) {
        KeyStore keyStore;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "uploadSigners");
        }
        if (adminClient != null) {
            try {
                Set queryNames = adminClient.queryNames(new ObjectName("WebSphere:type=SSLAdmin,process=" + getProcessName(adminClient) + ",*"), (QueryExp) null);
                if (queryNames.isEmpty()) {
                    if (!tc.isEntryEnabled()) {
                        return 1;
                    }
                    Tr.exit(tc, "uploadSigners (can't get SSLAdmin)");
                    return 1;
                }
                ObjectName objectName = (ObjectName) queryNames.iterator().next();
                WSKeyStore keyStore2 = KeyStoreManager.getInstance().getKeyStore(this.localKeyStoreName);
                if (keyStore2 != null && (keyStore = keyStore2.getKeyStore(false, false)) != null) {
                    Enumeration<String> aliases = keyStore.aliases();
                    while (aliases.hasMoreElements()) {
                        String nextElement = aliases.nextElement();
                        Certificate certificate = keyStore.getCertificate(nextElement);
                        if (certificate != null) {
                            adminClient.invoke(objectName, "invokeRemoteKeyStoreCommand", new Object[]{this.remoteKeyStoreName, "setCertificateEntry", new Object[]{nextElement, certificate}}, new String[]{"java.lang.String", "java.lang.String", "[Ljava.lang.Object;"});
                        }
                    }
                    if (!tc.isEntryEnabled()) {
                        return 0;
                    }
                    Tr.exit(tc, "uploadSigners (success)");
                    return 0;
                }
            } catch (InstanceNotFoundException e) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Exception occurred getting admin client connection.", new Object[]{e});
                }
                FFDCFilter.processException(e, "com.ibm.ws.ssl.utils.RetrieveSigners.retrieveSigners", "377", this);
            } catch (MalformedObjectNameException e2) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Exception occurred getting admin client connection.", new Object[]{e2});
                }
                FFDCFilter.processException(e2, "com.ibm.ws.ssl.utils.RetrieveSigners.retrieveSigners", "372", this);
            } catch (Exception e3) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Exception occurred getting admin client connection.", new Object[]{e3});
                }
                FFDCFilter.processException(e3, "com.ibm.ws.ssl.utils.RetrieveSigners.retrieveSigners", "382", this);
            }
        }
        if (!tc.isEntryEnabled()) {
            return 3;
        }
        Tr.exit(tc, "uploadSigners");
        return 3;
    }

    private AdminClient createAdminClient(String[] strArr) throws Exception {
        List asList = Arrays.asList(ARG_LIST);
        ArrayList arrayList = new ArrayList();
        boolean z = false;
        for (int i = 0; i < strArr.length; i++) {
            if (strArr[i] != null && (!strArr[i].startsWith("-") || (asList.contains(strArr[i]) && (i + 1 == strArr.length || (i + 1 < strArr.length && strArr[i + 1] != null))))) {
                arrayList.add(strArr[i]);
            } else if (strArr[i] != null && !asList.contains(strArr[i])) {
                z = true;
                issueMessage("ssl.signer.invalid.option.CWPKI0313W", new Object[]{strArr[i]}, "CWPKI0313W: The following option is not valid: " + strArr[i]);
            }
        }
        if (z) {
            issueMessage("ssl.signer.retrieval.usage.CWPKI0300I", null, "Usage: retrieveSigners <remoteKeyStoreName> <localKeyStoreName> [options]\n        options: [-profileName <profileName>] [-remoteAlias <aliasFromRemoteStore>] [-localAlias <storeAsAlias>] [-host <host>] [-port <port>] [-connType <RMI|SOAP>] [-user <user>] [-password <password>] [-trace] [-logfile <filename>] [-replacelog] [-quiet] [-help]\n");
        }
        if (arrayList != null) {
            int indexOf = arrayList.indexOf("-profileName");
            if (indexOf != -1) {
                this.profileName = (String) arrayList.get(indexOf + 1);
                this.userRoot = getConfigRootForProfileName(this.profileName);
                if (this.userRoot == null) {
                    this.userRoot = System.getProperty(CompositeValidator.USER_INSTALL_ROOT_PROPERTY);
                }
            } else {
                this.userRoot = System.getProperty(CompositeValidator.USER_INSTALL_ROOT_PROPERTY);
            }
            if (arrayList.indexOf("-autoAcceptBootstrapSigner") != -1) {
                ThreadManager.getInstance().setAutoAcceptBootstrapSigner(true);
            }
            if (arrayList.indexOf("-listRemoteKeyStoreNames") != -1) {
                this.listRemoteKeyStoreNames = true;
            }
            if (arrayList.indexOf("-listLocalKeyStoreNames") != -1) {
                this.listLocalKeyStoreNames = true;
            }
            if (arrayList.indexOf("-uploadSigners") != -1) {
                this.upload = true;
            }
            if (arrayList.indexOf("-upload") != -1) {
                this.upload = true;
            }
            int indexOf2 = arrayList.indexOf("-remoteAlias");
            if (indexOf2 != -1) {
                this.remoteAlias = (String) arrayList.get(indexOf2 + 1);
            }
            int indexOf3 = arrayList.indexOf("-localAlias");
            if (indexOf3 != -1) {
                this.localAlias = (String) arrayList.get(indexOf3 + 1);
            }
            Properties loadPropertiesFile = loadPropertiesFile("file:" + this.userRoot + "/properties/wsadmin.properties");
            String str = "";
            String str2 = "";
            String str3 = "";
            if (loadPropertiesFile != null) {
                str = loadPropertiesFile.getProperty(DEFAULT_CONNECTOR_TYPE_PROP);
                str2 = loadPropertiesFile.getProperty(DEFAULT_SCRIPTING_PORT_PROP);
                str3 = loadPropertiesFile.getProperty(DEFAULT_SCRIPTING_HOST_PROP);
            }
            int indexOf4 = arrayList.indexOf("-host");
            if (indexOf4 != -1) {
                this.props.setProperty("host", (String) arrayList.get(indexOf4 + 1));
            } else if (str3 != null && !str3.equals("")) {
                this.props.setProperty("host", str3);
            }
            int indexOf5 = arrayList.indexOf("-port");
            if (indexOf5 != -1) {
                this.props.setProperty("port", (String) arrayList.get(indexOf5 + 1));
            } else if (str2 != null && !str2.equals("")) {
                this.props.setProperty("port", str2);
            }
            int indexOf6 = arrayList.indexOf("-conntype");
            if (indexOf6 != -1) {
                this.props.setProperty("type", (String) arrayList.get(indexOf6 + 1));
            } else if (str == null || str.equals("")) {
                this.props.setProperty("type", "SOAP");
            } else {
                this.props.setProperty("type", str);
            }
            int indexOf7 = arrayList.indexOf("-username");
            if (indexOf7 != -1) {
                this.props.setProperty("username", (String) arrayList.get(indexOf7 + 1));
            }
            int indexOf8 = arrayList.indexOf("-user");
            if (indexOf8 != -1) {
                this.props.setProperty("username", (String) arrayList.get(indexOf8 + 1));
            }
            int indexOf9 = arrayList.indexOf(SOSCmd.FLAG_PASSWORD);
            if (indexOf9 != -1) {
                this.props.setProperty("password", (String) arrayList.get(indexOf9 + 1));
            }
            if (arrayList.indexOf("-trace") != -1) {
                this.props.setProperty("-trace", "true");
                this.trace = true;
            }
            if (arrayList.indexOf("-quiet") != -1) {
                this.props.setProperty("-quiet", "true");
                this.quiet = true;
            }
            int indexOf10 = arrayList.indexOf("-logfile");
            if (indexOf10 != -1) {
                this.props.setProperty("-logfile", (String) arrayList.get(indexOf10 + 1));
                this.logfile = (String) arrayList.get(indexOf10 + 1);
            }
            if (arrayList.indexOf("-replacelog") != -1) {
                this.props.setProperty("-replacelog", "true");
                this.replacelog = true;
            }
            if (arrayList.indexOf(WSProfileConstants.S_HELP_ARG_RAW) != -1) {
                this.props.setProperty("help", "true");
                this.help = true;
            }
        }
        if (this.help) {
            issueMessage("ssl.signer.retrieval.usage.CWPKI0300I", null, "Usage: retrieveSigners <remoteKeyStoreName> <localKeyStoreName> [options]\n        options: [-profileName <profileName>] [-remoteAlias <aliasFromRemoteStore>] [-localAlias <storeAsAlias>] [-host <host>] [-port <port>] [-connType <RMI|SOAP>] [-user <user>] [-password <password>] [-trace] [-logfile <filename>] [-replacelog] [-quiet] [-help]\n");
            return null;
        }
        if (this.props.getProperty("-trace") != null && setTrace()) {
            issueMessage("ssl.signer.retrieval.tracemodeon.CWPKI0301I", null, "Trace mode is on.");
        }
        if (strArr.length < 2 && !this.help && !this.listRemoteKeyStoreNames && !this.listLocalKeyStoreNames) {
            issueMessage("ssl.signer.retrieval.usage.CWPKI0300I", null, "Usage: retrieveSigners <remoteKeyStoreName> <localKeyStoreName> [options]\n        options: [-profileName <profileName>] [-remoteAlias <aliasFromRemoteStore>] [-localAlias <storeAsAlias>] [-host <host>] [-port <port>] [-connType <RMI|SOAP>] [-user <user>] [-password <password>] [-trace] [-logfile <filename>] [-replacelog] [-quiet] [-help]\n");
            return null;
        }
        if (this.help) {
            issueMessage("ssl.signer.retrieval.usage.CWPKI0300I", null, "Usage: retrieveSigners <remoteKeyStoreName> <localKeyStoreName> [options]\n        options: [-profileName <profileName] [-remoteAlias <aliasFromRemoteStore>] [-localAlias <storeAsAlias>] [-host <host>] [-port <port>] [-connType <RMI|SOAP>] [-user <user>] [-password <password>] [-trace] [-logfile <filename>] [-replacelog] [-quiet] [-help]\n");
            return null;
        }
        if (strArr.length < 2 || strArr[0] == null || strArr[0].startsWith("-")) {
            this.remoteKeyStoreName = "CellDefaultTrustStore";
            this.localKeyStoreName = "ClientDefaultTrustStore";
        } else {
            this.remoteKeyStoreName = strArr[0];
            this.localKeyStoreName = strArr[1];
        }
        return AdminClientFactory.createAdminClient(this.props);
    }

    private String getProcessName(AdminClient adminClient) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getProcessName");
        }
        ObjectName objectName = null;
        String str = null;
        try {
            objectName = adminClient.getServerMBean();
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.ssl.utils.RetrieveSigners.getProcessName", "607", this);
        }
        if (objectName != null) {
            str = ObjectNameHelper.getProcessName(objectName);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getProcessName -> " + str);
        }
        return str;
    }

    private boolean setTrace() {
        String str;
        if (this.trace) {
            str = "com.ibm.ws.management.*=all=enabled:com.ibm.websphere.management.*=all=enabled:com.ibm.ws.ssl.*=all=enabled:SSL=all=enabled:com.ibm.ws.security.*=all=enabled:SASRas=all=enabled";
            Tr.info(tc, "ssl.signer.retrieval.tracemodeon.CWPKI0301I");
        } else {
            str = "";
        }
        if (this.logfile == null) {
            this.logfile = getDefaultTraceFile();
        }
        boolean z = true;
        if (!ManagerAdmin.isLogFileWriteable(this.logfile)) {
            issueMessage("ssl.signer.retrieval.logfile.error.CWPKI0302E", new Object[]{new File(this.logfile).getAbsolutePath()}, "Cannot write to the trace logfile at the following location: " + new File(this.logfile).getAbsolutePath());
            z = false;
        }
        if (!z) {
            return true;
        }
        issueMessage("ssl.signer.retrieval.logfile.location.CWPKI0303I", new Object[]{new File(this.logfile).getAbsolutePath()}, "Trace is being logged to the following location: " + new File(this.logfile).getAbsolutePath());
        ManagerAdmin.configureClientTrace(str, ManagerAdmin.file, this.logfile, this.replacelog, "basic", false);
        return true;
    }

    protected String getDefaultTraceFile() {
        String property = System.getProperty(CompositeValidator.USER_INSTALL_ROOT_PROPERTY);
        if (property == null || property.length() <= 0) {
            property = System.getProperty("was.install.root");
        }
        return (property + File.separator + "logs") + File.separator + DEFAULT_TRACE_FILE;
    }

    protected void issueMessage(String str, Object[] objArr, String str2) {
        String formattedMessage = TraceNLSHelper.getInstance().getFormattedMessage(str, objArr, str2);
        if (this.quiet) {
            return;
        }
        printMessage(formattedMessage);
    }

    protected void issueMessage(String str, String str2) {
        String string = TraceNLSHelper.getInstance().getString(str, str2);
        if (this.quiet) {
            return;
        }
        printMessage(string);
    }

    protected void printMessage(String str) {
        int i = 79;
        if (isDoubleByteSystem(str)) {
            i = 79 / 2;
        }
        printMessage(str, i, false);
    }

    private boolean isDoubleByteSystem(String str) {
        DataOutputStream dataOutputStream = new DataOutputStream(new ByteArrayOutputStream());
        try {
            dataOutputStream.writeUTF(str);
            dataOutputStream.flush();
            try {
                dataOutputStream.close();
            } catch (IOException e) {
            }
            if (r0.toByteArray().length > str.length() + (str.length() * 0.1d)) {
                this.isDoubleByteSystem = true;
            } else {
                this.isDoubleByteSystem = false;
            }
            return this.isDoubleByteSystem;
        } catch (IOException e2) {
            try {
                dataOutputStream.close();
            } catch (IOException e3) {
            }
            return false;
        } catch (Throwable th) {
            try {
                dataOutputStream.close();
            } catch (IOException e4) {
            }
            throw th;
        }
    }

    private void printMessage(String str, int i, boolean z) {
        int i2 = i;
        if (z) {
            System.out.print("           ");
            i2 -= "           ".length();
        }
        if (str.length() <= i2) {
            System.out.println(str);
            return;
        }
        int lastIndexOf = str.lastIndexOf(32, i2);
        if (lastIndexOf == -1) {
            lastIndexOf = str.indexOf(32);
            if (lastIndexOf == -1) {
                System.out.println(str);
                return;
            }
        }
        printMessage(str.substring(0, lastIndexOf), i, false);
        printMessage(str.substring(lastIndexOf + 1), i, true);
    }

    private Properties loadPropertiesFile(final String str) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "loadPropertiesFile", new Object[]{str});
        }
        if (str == null) {
            if (!tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "loadPropertiesFile (null URL)");
            return null;
        }
        try {
            Properties properties = (Properties) AccessController.doPrivileged(new PrivilegedExceptionAction() { // from class: com.ibm.ws.ssl.utils.RetrieveSigners.1
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws Exception {
                    Properties properties2 = new Properties();
                    InputStream inputStream = null;
                    try {
                        try {
                            inputStream = new URL(str).openStream();
                            properties2.load(inputStream);
                            if (inputStream != null) {
                                inputStream.close();
                            }
                            return properties2;
                        } catch (Exception e) {
                            throw e;
                        }
                    } catch (Throwable th) {
                        if (inputStream != null) {
                            inputStream.close();
                        }
                        throw th;
                    }
                }
            });
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "loadPropertiesFile", new Object[]{properties});
            }
            return properties;
        } catch (PrivilegedActionException e) {
            FFDCFilter.processException(e, "com.ibm.ws.ssl.utils.RetrieveSigners.loadPropertiesFile", "801", this);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "loadPropertiesFile exception: ", new Object[]{e.getException()});
            }
            if (!tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "loadPropertiesFile (null)");
            return null;
        }
    }

    private String getConfigRootForProfileName(String str) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getConfigRootForProfileName", new Object[]{str});
        }
        String str2 = null;
        File registryFile = WSProfile.getRegistryFile();
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Using profile registry: " + registryFile);
        }
        Iterator it = WSProfile.listProfileNames(registryFile).iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            String str3 = (String) it.next();
            if (str3 != null && str3.equals(str)) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Found profile: " + str3);
                }
                File profileLocation = WSProfile.getProfileLocation(str3, registryFile);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "   Profile location: " + profileLocation);
                }
                str2 = profileLocation.getAbsolutePath();
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getConfigRootForProfileName", new Object[]{str2});
        }
        return str2;
    }
}
