package com.ibm.ws.security.utility.tasks;

import com.ibm.websphere.crypto.InvalidPasswordEncodingException;
import com.ibm.websphere.crypto.PasswordUtil;
import com.ibm.websphere.crypto.UnsupportedCryptoAlgorithmException;
import com.ibm.ws.crypto.certificateutil.DefaultSSLCertificateCreator;
import com.ibm.ws.crypto.certificateutil.DefaultSubjectDN;
import com.ibm.ws.kernel.boot.internal.BootstrapConstants;
import com.ibm.ws.security.utility.IFileUtility;
import com.ibm.ws.security.utility.SecurityUtilityReturnCodes;
import com.ibm.ws.security.utility.utils.ConsoleWrapper;
import java.io.File;
import java.io.PrintStream;
import java.security.cert.CertificateException;
import java.text.MessageFormat;
import java.util.Arrays;
import java.util.Calendar;
import org.apache.commons.io.FilenameUtils;

/* loaded from: input_file:wlp/lib/com.ibm.ws.security.utility_1.0.16.jar:com/ibm/ws/security/utility/tasks/CreateSSLCertificateTask.class */
public class CreateSSLCertificateTask extends BaseCommandTask {
    static final String SLASH = String.valueOf(File.separatorChar);
    static final String ARG_SERVER = "--server";
    static final String ARG_CLIENT = "--client";
    static final String ARG_PASSWORD = "--password";
    static final String ARG_VALIDITY = "--validity";
    static final String ARG_SUBJECT = "--subject";
    static final String ARG_ENCODING = "--passwordEncoding";
    static final String ARG_KEY = "--passwordKey";
    static final String ARG_CREATE_CONFIG_FILE = "--createConfigFile";
    static final String ARG_KEYSIZE = "--keySize";
    static final String ARG_SIGALG = "--sigAlg";
    private final DefaultSSLCertificateCreator creator;
    private final IFileUtility fileUtility;
    protected ConsoleWrapper stdin;
    protected PrintStream stdout;
    protected PrintStream stderr;

    public CreateSSLCertificateTask(DefaultSSLCertificateCreator defaultSSLCertificateCreator, IFileUtility iFileUtility, String str) {
        super(str);
        this.creator = defaultSSLCertificateCreator;
        this.fileUtility = iFileUtility;
    }

    @Override // com.ibm.ws.security.utility.SecurityUtilityTask
    public String getTaskName() {
        return "createSSLCertificate";
    }

    @Override // com.ibm.ws.security.utility.SecurityUtilityTask
    public String getTaskDescription() {
        return getOption("sslCert.desc", true, new Object[0]);
    }

    @Override // com.ibm.ws.security.utility.SecurityUtilityTask
    public String getTaskHelp() {
        return getTaskHelp("sslCert.desc", "sslCert.usage.options", "sslCert.required-key.", "sslCert.required-desc.", "sslCert.option-key.", "sslCert.option-desc.", "sslCert.option.addon", null, this.scriptName, 6, 365, 365, "default", "RSA", DefaultSSLCertificateCreator.SIGALG, 2048, DefaultSSLCertificateCreator.SIGALG);
    }

    @Override // com.ibm.ws.security.utility.SecurityUtilityTask
    public SecurityUtilityReturnCodes handleTask(ConsoleWrapper consoleWrapper, PrintStream printStream, PrintStream printStream2, String[] strArr) throws Exception {
        String str;
        this.stdin = consoleWrapper;
        this.stdout = printStream;
        this.stderr = printStream2;
        validateArgumentList(strArr, Arrays.asList(ARG_PASSWORD));
        String argumentValue = getArgumentValue(ARG_SERVER, strArr, null);
        String argumentValue2 = getArgumentValue(ARG_CLIENT, strArr, null);
        String str2 = null;
        String str3 = null;
        if (argumentValue != null) {
            String serversDirectory = this.fileUtility.getServersDirectory();
            String str4 = serversDirectory + argumentValue + SLASH;
            if (!this.fileUtility.exists(str4)) {
                Object resolvePath = this.fileUtility.resolvePath(serversDirectory);
                printStream.println(getMessage("sslCert.abort", new Object[0]));
                printStream.println(getMessage("serverNotFound", argumentValue, resolvePath));
                return SecurityUtilityReturnCodes.ERR_SERVER_NOT_FOUND;
            }
            str3 = str4;
            str2 = argumentValue;
        }
        if (argumentValue2 != null) {
            String clientsDirectory = this.fileUtility.getClientsDirectory();
            String str5 = clientsDirectory + argumentValue2 + SLASH;
            if (!this.fileUtility.exists(str5)) {
                Object resolvePath2 = this.fileUtility.resolvePath(clientsDirectory);
                printStream.println(getMessage("sslCert.abort", new Object[0]));
                printStream.println(getMessage("sslCert.clientNotFound", argumentValue2, resolvePath2));
                return SecurityUtilityReturnCodes.ERR_CLIENT_NOT_FOUND;
            }
            str3 = str5;
            str2 = argumentValue2;
        }
        File file = new File(str3 + BootstrapConstants.LOC_AREA_NAME_RES + SLASH + "security" + SLASH + "key.jks");
        String resolvePath3 = this.fileUtility.resolvePath(file);
        if (!this.fileUtility.createParentDirectory(printStream, file)) {
            printStream.println(getMessage("sslCert.abort", new Object[0]));
            printStream.println(getMessage("file.requiredDirNotCreated", resolvePath3));
            return SecurityUtilityReturnCodes.ERR_PATH_CANNOT_BE_CREATED;
        }
        if (file.exists()) {
            printStream.println(getMessage("sslCert.abort", new Object[0]));
            printStream.println(getMessage("file.exists", resolvePath3));
            return SecurityUtilityReturnCodes.ERR_FILE_EXISTS;
        }
        String argumentValue3 = getArgumentValue(ARG_PASSWORD, strArr, null);
        int intValue = Integer.valueOf(getArgumentValue(ARG_VALIDITY, strArr, String.valueOf(365))).intValue();
        String argumentValue4 = getArgumentValue(ARG_SUBJECT, strArr, new DefaultSubjectDN(null, str2).getSubjectDN());
        int intValue2 = Integer.valueOf(getArgumentValue(ARG_KEYSIZE, strArr, String.valueOf(2048))).intValue();
        String argumentValue5 = getArgumentValue(ARG_SIGALG, strArr, DefaultSSLCertificateCreator.SIGALG);
        try {
            String argumentValue6 = getArgumentValue(ARG_ENCODING, strArr, PasswordUtil.getDefaultEncoding());
            String argumentValue7 = getArgumentValue(ARG_KEY, strArr, null);
            printStream.println(getMessage("sslCert.createKeyStore", resolvePath3));
            String encode = PasswordUtil.encode(argumentValue3, argumentValue6, argumentValue7);
            this.creator.createDefaultSSLCertificate(resolvePath3, argumentValue3, intValue, argumentValue4, intValue2, argumentValue5);
            if (argumentValue != null) {
                printStream.println(getMessage("sslCert.serverXML", argumentValue, argumentValue4));
                str = "    <featureManager>" + NL + "        <feature>ssl-1.0</feature>" + NL + "    </featureManager>" + NL + "    <keyStore id=\"defaultKeyStore\" password=\"" + encode + "\" />" + NL;
            } else {
                printStream.println(getMessage("sslCert.clientXML", argumentValue2, argumentValue4));
                str = "    <featureManager>" + NL + "        <feature>appSecurityClient-1.0</feature>" + NL + "    </featureManager>" + NL + "    <keyStore id=\"defaultKeyStore\" password=\"" + encode + "\" />" + NL;
            }
            printStream.println(NL + createConfigFileIfNeeded(str3, strArr, str) + NL);
            return SecurityUtilityReturnCodes.OK;
        } catch (InvalidPasswordEncodingException e) {
            printStream.println(getMessage("sslCert.errorEncodePassword", e.getMessage()));
            throw e;
        } catch (UnsupportedCryptoAlgorithmException e2) {
            printStream.println(getMessage("sslCert.errorEncodePassword", e2.getMessage()));
            throw e2;
        } catch (CertificateException e3) {
            printStream.println(getMessage("sslCert.createFailed", e3.getMessage()));
            throw e3;
        }
    }

    @Override // com.ibm.ws.security.utility.tasks.BaseCommandTask
    boolean isKnownArgument(String str) {
        return str.equals(ARG_SERVER) || str.equals(ARG_PASSWORD) || str.equals(ARG_VALIDITY) || str.equals(ARG_SUBJECT) || str.equals(ARG_ENCODING) || str.equals(ARG_KEY) || str.equals(ARG_CREATE_CONFIG_FILE) || str.equals(ARG_KEYSIZE) || str.equals(ARG_CLIENT) || str.equals(ARG_SIGALG);
    }

    @Override // com.ibm.ws.security.utility.tasks.BaseCommandTask
    void checkRequiredArguments(String[] strArr) {
        String message = strArr.length < 3 ? getMessage("insufficientArgs", new Object[0]) : "";
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        for (String str : strArr) {
            if (str.startsWith(ARG_SERVER)) {
                z = true;
            }
            if (str.startsWith(ARG_CLIENT)) {
                z2 = true;
            }
            if (str.startsWith(ARG_PASSWORD)) {
                z3 = true;
            }
        }
        if (!z && !z2) {
            message = message + " " + getMessage("missingArg2", ARG_SERVER, ARG_CLIENT);
        }
        if (z && z2) {
            message = message + " " + getMessage("exclusiveArg", ARG_SERVER, ARG_CLIENT);
        }
        if (!z3) {
            message = message + " " + getMessage("missingArg", ARG_PASSWORD);
        }
        if (!message.isEmpty()) {
            throw new IllegalArgumentException(message);
        }
    }

    private String getArgumentValue(String str, String[] strArr, String str2) {
        return getArgumentValue(str, strArr, str2, ARG_PASSWORD, this.stdin, this.stdout);
    }

    protected String createConfigFileIfNeeded(String str, String[] strArr, String str2) {
        String str3 = this.scriptName;
        String taskName = getTaskName();
        String argumentValue = getArgumentValue(ARG_CREATE_CONFIG_FILE, strArr, "@!$#%$#%32543265k425k4/3nj5k43n?m2|5k4\\n5k2345");
        if (argumentValue == "@!$#%$#%32543265k425k4/3nj5k43n?m2|5k4\\n5k2345") {
            return str2;
        }
        File generateConfigFileName = generateConfigFileName(str3, taskName, str, argumentValue);
        String format = MessageFormat.format("<?xml version=\"1.0\" encoding=\"UTF-8\" ?>" + NL + "<server description=\"This file was generated by the ''{0} {1}'' command on {2,date,yyyy-MM-dd HH:mm:ss z}.\">" + NL + "{3}" + NL + "</server>" + NL, str3, taskName, Calendar.getInstance().getTime(), str2);
        this.fileUtility.createParentDirectory(this.stdout, generateConfigFileName);
        this.fileUtility.writeToFile(this.stderr, format, generateConfigFileName);
        return "    <include location=\"" + generateConfigFileName.getAbsolutePath() + "\" />" + NL;
    }

    protected File generateConfigFileName(String str, String str2, String str3, String str4) {
        if (str4 == null || str4.equals("")) {
            str4 = str3 + SLASH;
        }
        File file = new File(str4);
        if (this.fileUtility.isDirectory(file)) {
            file = new File(file, str + "-" + str2 + "-include.xml");
        }
        if (this.fileUtility.exists(file)) {
            String removeExtension = FilenameUtils.removeExtension(file.getPath());
            String extension = FilenameUtils.getExtension(file.getPath());
            int i = 1;
            do {
                file = new File(removeExtension + i + "." + extension);
                i++;
            } while (this.fileUtility.exists(file));
        }
        return file;
    }
}
