package com.ibm.security.certclient;

import com.ibm.misc.Debug;
import com.ibm.security.certclient.base.PkActiveSource;
import com.ibm.security.certclient.base.PkConstants;
import com.ibm.security.certclient.base.PkException;
import com.ibm.security.certclient.base.PkNLSConstants;
import com.ibm.security.certclient.base.PkPipe;
import com.ibm.security.certclient.base.PkRejectionException;
import com.ibm.security.certclient.base.PkRevoReqEvent;
import com.ibm.security.certclient.beans.PkEeXMgr;
import com.ibm.security.certclient.beans.PkTcpClient;
import com.ibm.security.certclient.util.JPKI;
import com.ibm.security.certclient.util.PkConnector;
import com.ibm.security.x509.X509CertImpl;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;

/* loaded from: input_file:efixes/PK83758_Hpux_PaRISC/components/prereq.jdk/update.jar:/java/jre/lib/ext/ibmkeycert.jar:com/ibm/security/certclient/PkEeRevokeFactory.class */
public final class PkEeRevokeFactory extends PkEeFactory {

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:efixes/PK83758_Hpux_PaRISC/components/prereq.jdk/update.jar:/java/jre/lib/ext/ibmkeycert.jar:com/ibm/security/certclient/PkEeRevokeFactory$PkEe1.class */
    public static final class PkEe1 extends PkActiveSource implements PkConstants {
        private static Debug debug = Debug.getInstance("keycertmanage");
        private X509CertImpl cert;
        private String revoPwd;
        private String caDn;
        private int caPort;
        private String certAlias;
        private String certPwd;
        private final Object className = toString();
        private String reason = null;
        private KeyStore kstore = null;
        private Exception runException = null;
        private boolean runFailed = false;

        protected PkEe1() {
            if (debug != null) {
                debug.text(1L, this.className, "PkEe1", "Begin");
            }
        }

        protected boolean getRunFailed() {
            return this.runFailed;
        }

        protected Exception getRunException() {
            return this.runException;
        }

        protected void setcert(X509CertImpl x509CertImpl) {
            this.cert = x509CertImpl;
        }

        protected void setrevoReason(String str) throws PkException {
            if (str == null || str.length() == 0) {
                throw new PkException(PkNLSConstants.HTTP_INVALID_REVO_REASON);
            }
            this.reason = str;
        }

        protected void setrevoPwd(String str) {
            this.revoPwd = str;
        }

        protected void setCertAlias(String str) throws PkException {
            if (str == null || str.length() == 0) {
                throw new PkException(PkNLSConstants.EE_BAD_OR_MISSING_ALIAS);
            }
            this.certAlias = str;
        }

        protected void setCertPwd(String str) {
            if ((PkEeFactory.keystorePwd == null || PkEeFactory.keystorePwd.length == 0) && str != null && str.length() > 0) {
                PkEeFactory.keystorePwd = str.toCharArray();
            }
            this.certPwd = str;
        }

        protected void setCaDn(String str) {
            if (str != null) {
                this.caDn = str;
            } else {
                this.caDn = PkEeFactory.caDn;
            }
        }

        protected void setCaPort(int i) {
            if (i != 0) {
                this.caPort = i;
            } else {
                this.caPort = PkEeFactory.caPort;
            }
        }

        protected String getCaDn() {
            return this.caDn;
        }

        protected int getCaPort() {
            return this.caPort;
        }

        protected void keyStore(String str, String str2, char[] cArr) throws PkException {
            this.kstore = null;
            try {
                this.kstore = KeyStore.getInstance(str, PkEeFactory.provider);
                try {
                    FileInputStream fileInputStream = new FileInputStream(str2);
                    this.kstore.load(fileInputStream, cArr);
                    fileInputStream.close();
                } catch (FileNotFoundException e) {
                    if (debug != null) {
                        debug.exception(4L, this.className, "keyStore", e);
                    }
                    throw new PkException(e);
                }
            } catch (IOException e2) {
                if (debug != null) {
                    debug.exception(4L, this.className, "keyStore", e2);
                }
                throw new PkException(e2);
            } catch (GeneralSecurityException e3) {
                if (debug != null) {
                    debug.exception(4L, this.className, "keyStore", e3);
                }
                throw new PkException(e3);
            }
        }

        private void setCert() throws PkRejectionException {
            try {
                this.cert = (X509CertImpl) this.kstore.getCertificate(this.certAlias);
                if (this.cert == null) {
                    throw new PkRejectionException(PkNLSConstants.EE_MISSING_CERTIFICATE);
                }
            } catch (KeyStoreException e) {
                throw new PkRejectionException(PkNLSConstants.EE_BAD_OR_MISSING_ALIAS, e);
            }
        }

        @Override // java.lang.Runnable
        public void run() {
            int i;
            this.runFailed = false;
            this.runException = null;
            if (this.reason.equalsIgnoreCase("unspecified")) {
                i = 0;
            } else if (this.reason.equalsIgnoreCase("key compromise")) {
                i = 1;
            } else if (this.reason.equalsIgnoreCase("ca compromise")) {
                i = 2;
            } else if (this.reason.equalsIgnoreCase("affiliation changed")) {
                i = 3;
            } else if (this.reason.equalsIgnoreCase("superseded")) {
                i = 4;
            } else if (this.reason.equalsIgnoreCase("cessation of operation")) {
                i = 5;
            } else if (this.reason.equalsIgnoreCase("certificate hold")) {
                i = 6;
            } else if (this.reason.equalsIgnoreCase("remove from crl")) {
                i = 8;
            } else {
                i = 0;
                if (debug != null) {
                    debug.text(1L, this.className, "PkEe1.run", "Invalid reason - defaults to unspecified");
                }
            }
            try {
                setCert();
                try {
                    propagate(new PkRevoReqEvent(this, null, new JPKI().revoRequest(new Object[]{this.cert, new Integer(i), null, this.revoPwd})));
                    if (debug != null) {
                        debug.text(1L, this.className, "PkEe1.run", "propagated revoke-request");
                    }
                } catch (Exception e) {
                    this.runFailed = true;
                    this.runException = e;
                    if (debug != null) {
                        debug.exception(4L, this.className, "PkEe1.run", e);
                    }
                }
            } catch (PkRejectionException e2) {
                this.runFailed = true;
                this.runException = e2;
                if (debug != null) {
                    debug.exception(4L, this.className, "PkEe1.run", e2);
                }
            }
        }
    }

    /* loaded from: input_file:efixes/PK83758_Hpux_PaRISC/components/prereq.jdk/update.jar:/java/jre/lib/ext/ibmkeycert.jar:com/ibm/security/certclient/PkEeRevokeFactory$RevokeImpl.class */
    private static final class RevokeImpl implements PkEeTransaction {
        private static Debug debug = Debug.getInstance("keycertmanage");
        private final Object className = toString();
        private PkEe1 ee = new PkEe1();

        RevokeImpl(String str, String str2, String str3, String str4) throws PkException {
            this.ee.keyStore(PkEeFactory.keyStoreType, PkEeFactory.keystoreFilename, PkEeFactory.keystorePwd);
            this.ee.setCertAlias(str);
            this.ee.setCertPwd(str2);
            this.ee.setrevoReason(str3);
            this.ee.setrevoPwd(str4);
            this.ee.setCaDn(PkEeFactory.caDn);
            this.ee.setCaPort(PkEeFactory.caPort);
        }

        @Override // com.ibm.security.certclient.PkEeTransaction
        public void actionRequest() throws PkException {
            runRevoke();
        }

        private void runRevoke() throws PkException {
            try {
                String caDn = this.ee.getCaDn();
                int caPort = this.ee.getCaPort();
                if (debug != null) {
                    debug.text(1L, this.className, "runRevoke", "EE_CARA_HOST={0}", caDn);
                    debug.text(1L, this.className, "runRevoke", "EE_CARA_CMP_PORT={0}", new Integer(caPort));
                }
                PkConnector.connect((PkActiveSource) this.ee, new PkPipe[]{new PkEeXMgr(), new PkTcpClient(caDn, caPort, PkEeFactory.cmpEvntFmt, 1)}).run();
                if (this.ee.getRunFailed()) {
                    throw this.ee.getRunException();
                }
            } catch (Exception e) {
                if (debug != null) {
                    debug.exception(4L, this.className, "runRevoke()", e);
                }
                throw new PkException(e);
            }
        }
    }

    private PkEeRevokeFactory() {
        throw new UnsupportedOperationException();
    }

    public static PkEeTransaction newRevoke(String str, String str2, String str3, String str4) throws PkException {
        return new RevokeImpl(str, str2, str3, str4);
    }
}
