package com.ibm.ws.ssl.commands.certificateRequests;

import com.ibm.ISecurityUtilityImpl.SecConstants;
import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.icu.impl.CalendarAstronomer;
import com.ibm.security.certclient.PkEeCertReqFactory;
import com.ibm.security.certclient.PkEeCertReqTransaction;
import com.ibm.security.certclient.util.PkSsCertFactory;
import com.ibm.security.certclient.util.PkSsCertificate;
import com.ibm.security.pkcs10.CertificationRequest;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.cmdframework.CommandException;
import com.ibm.websphere.management.cmdframework.CommandLoadException;
import com.ibm.websphere.management.cmdframework.CommandNotFoundException;
import com.ibm.websphere.management.cmdframework.CommandValidationException;
import com.ibm.websphere.management.cmdframework.commanddata.CommandData;
import com.ibm.websphere.management.cmdframework.commandmetadata.TaskCommandMetadata;
import com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand;
import com.ibm.websphere.management.cmdframework.provider.TaskCommandResultImpl;
import com.ibm.websphere.management.configservice.ConfigService;
import com.ibm.websphere.management.configservice.ConfigServiceFactory;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import com.ibm.websphere.management.exception.ConfigServiceException;
import com.ibm.websphere.models.config.ipc.ssl.KeyStore;
import com.ibm.ws.ssl.commands.personalCertificates.PersonalCertificateHelper;
import com.ibm.ws.ssl.commands.utils.CommandConstants;
import com.ibm.ws.ssl.commands.utils.CommandHelper;
import com.ibm.ws.ssl.config.KeyStoreManager;
import com.ibm.ws.ssl.config.WSKeyStore;
import com.ibm.ws.ssl.config.WSKeyStoreRemotable;
import com.ibm.ws.ssl.model.CertReqInfo;
import com.ibm.ws.ssl.model.KeyStoreInfo;
import java.io.File;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import javax.management.ObjectName;
import org.apache.tools.ant.taskdefs.XSLTLiaison;

/* loaded from: input_file:eclipse/plugins/com.ibm.websphere.v61_6.1.1/ws_runtime.jar:com/ibm/ws/ssl/commands/certificateRequests/CreateCertificateRequest.class */
public class CreateCertificateRequest extends AbstractTaskCommand {
    private static TraceComponent tc;
    private String keyStoreName;
    private String keyStoreScope;
    private String certLabel;
    private String certCommonName;
    private String certOrganization;
    private String certOrganizationalUnit;
    private int certSize;
    private String certZip;
    private String certCountry;
    private String certLocality;
    private String certState;
    private String certReqFilePath;
    private String certReqFilePathExpanded;
    private KeyStoreInfo ksInfo;
    private CertReqInfo certInfo;
    private ObjectName keyStoreObjName;
    private KeyStore keyStore;
    private WSKeyStore wsKeyStore;
    private String subjectDN;
    static Class class$com$ibm$ws$ssl$commands$certificateRequests$CreateCertificateRequest;

    public CreateCertificateRequest(TaskCommandMetadata taskCommandMetadata) throws CommandNotFoundException {
        super(taskCommandMetadata);
        this.keyStoreName = null;
        this.keyStoreScope = null;
        this.certLabel = null;
        this.certCommonName = null;
        this.certOrganization = null;
        this.certOrganizationalUnit = null;
        this.certSize = 0;
        this.certZip = null;
        this.certCountry = null;
        this.certLocality = null;
        this.certState = null;
        this.certReqFilePath = null;
        this.certReqFilePathExpanded = null;
        this.ksInfo = null;
        this.certInfo = null;
        this.keyStoreObjName = null;
        this.keyStore = null;
        this.wsKeyStore = null;
        this.subjectDN = null;
    }

    public CreateCertificateRequest(CommandData commandData) throws CommandNotFoundException, CommandLoadException {
        super(commandData);
        this.keyStoreName = null;
        this.keyStoreScope = null;
        this.certLabel = null;
        this.certCommonName = null;
        this.certOrganization = null;
        this.certOrganizationalUnit = null;
        this.certSize = 0;
        this.certZip = null;
        this.certCountry = null;
        this.certLocality = null;
        this.certState = null;
        this.certReqFilePath = null;
        this.certReqFilePathExpanded = null;
        this.ksInfo = null;
        this.certInfo = null;
        this.keyStoreObjName = null;
        this.keyStore = null;
        this.wsKeyStore = null;
        this.subjectDN = null;
    }

    @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand, com.ibm.websphere.management.cmdframework.provider.AbstractAdminCommand, com.ibm.websphere.management.cmdframework.AdminCommand
    public void validate() throws CommandValidationException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "validate");
        }
        super.validate();
        try {
            ConfigService configService = ConfigServiceFactory.getConfigService();
            Session configSession = getConfigSession();
            ObjectName createObjectName = ConfigServiceHelper.createObjectName(null, "Security");
            ObjectName objectName = configService.resolve(configSession, "Cell=")[0];
            if (objectName != null) {
                ObjectName objectName2 = configService.queryConfigObjects(configSession, objectName, createObjectName, null)[0];
            }
            this.keyStoreName = (String) getParameter(CommandConstants.KEY_STORE_NAME);
            this.keyStoreScope = (String) getParameter(CommandConstants.KEY_STORE_SCOPE);
            this.certLabel = (String) getParameter(CommandConstants.CERT_ALIAS);
            this.certCommonName = (String) getParameter(CommandConstants.CERT_COMMON_NAME);
            this.certSize = ((Integer) getParameter(CommandConstants.CERT_SIZE)).intValue();
            this.certOrganization = (String) getParameter(CommandConstants.CERT_ORGANIZATION);
            this.certOrganizationalUnit = (String) getParameter(CommandConstants.CERT_ORGANIZATIONAL_UNIT);
            this.certLocality = (String) getParameter(CommandConstants.CERT_LOCALITY);
            this.certState = (String) getParameter(CommandConstants.CERT_STATE);
            this.certZip = (String) getParameter(CommandConstants.CERT_ZIP);
            this.certCountry = (String) getParameter(CommandConstants.CERT_COUNTRY);
            this.certReqFilePath = (String) getParameter(CommandConstants.CERT_REQ_FILE_PATH);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, new StringBuffer().append("keyStoreName=").append(this.keyStoreName).append(" certlabel=").append(this.certLabel).append(" certCommonName=").append(this.certCommonName).append(" certSize=").append(this.certSize).append(" certOrganization=").append(this.certOrganization).append(" certOrganizationalUnit=").append(this.certOrganizationalUnit).append(" certLocality=").append(this.certLocality).append(" certState=").append(this.certState).append(" certZip=").append(this.certZip).append(" certCountry=").append(this.certCountry).append(" certReqFilePath=").append(this.certReqFilePath).toString());
            }
            this.subjectDN = makeSubjectDN(this.certCommonName, this.certOrganization, this.certOrganizationalUnit, this.certLocality, this.certState, this.certZip, this.certCountry);
            CommandHelper commandHelper = new CommandHelper();
            if (this.keyStoreScope == null) {
                this.keyStoreScope = commandHelper.defaultCellScope(objectName);
                Tr.debug(tc, new StringBuffer().append("Default cell scopeName: ").append(this.keyStoreScope).toString());
            }
            this.ksInfo = PersonalCertificateHelper.getKsInfo(configSession, configService, this.keyStoreName, this.keyStoreScope);
            this.certReqFilePathExpanded = KeyStoreManager.getInstance().expand(this.certReqFilePath);
            File file = new File(this.certReqFilePathExpanded);
            if (!file.isAbsolute()) {
                this.certReqFilePathExpanded = KeyStoreManager.getInstance().expand(new StringBuffer().append(SecConstants.USER_INSTALL_ROOT).append(File.separator).append("etc").append(File.separator).append(this.certReqFilePath).toString());
                file = new File(this.certReqFilePathExpanded);
            }
            if (!file.exists() && !file.getParentFile().exists()) {
                file.getParentFile().mkdirs();
            }
            this.certInfo = new CertReqInfo(this.certLabel, this.certSize, this.subjectDN, 365, this.ksInfo, this.certReqFilePathExpanded);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "validate");
            }
        } catch (ConfigServiceException e) {
            throw new CommandValidationException(e.getMessage());
        } catch (Exception e2) {
            throw new CommandValidationException(e2.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand
    public void afterStepsExecuted() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "afterStepsExecuted");
        }
        super.afterStepsExecuted();
        TaskCommandResultImpl taskCommandResultImpl = (TaskCommandResultImpl) getTaskCommandResult();
        if (!taskCommandResultImpl.isSuccessful()) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "afterStepsExecuted");
            }
        } else {
            try {
                personalCertificateCreate(this.certInfo);
            } catch (Exception e) {
                taskCommandResultImpl.setException(new CommandException(e, e.getMessage()));
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "afterStepsExecuted");
            }
        }
    }

    public String makeSubjectDN(String str, String str2, String str3, String str4, String str5, String str6, String str7) throws CommandValidationException {
        if (str == null) {
            throw new CommandValidationException("CommonName is missing, unable to create the Certificate.");
        }
        String stringBuffer = new StringBuffer().append("CN=").append(str).toString();
        if (str3 != null) {
            stringBuffer = new StringBuffer().append(stringBuffer).append(", OU=").append(str3).toString();
        }
        if (str2 == null) {
            throw new CommandValidationException("Organization is missing, unable to create the Certificate.");
        }
        String stringBuffer2 = new StringBuffer().append(stringBuffer).append(", O=").append(str2).toString();
        if (str4 != null) {
            stringBuffer2 = new StringBuffer().append(stringBuffer2).append(", L=").append(str4).toString();
        }
        if (str5 != null) {
            stringBuffer2 = new StringBuffer().append(stringBuffer2).append(", ST=").append(str5).toString();
        }
        if (str6 != null) {
            stringBuffer2 = new StringBuffer().append(stringBuffer2).append(", POSTALCODE=").append(str6).toString();
        }
        if (str7 == null) {
            throw new CommandValidationException("Country is missing, unable to create the Certificate.");
        }
        String stringBuffer3 = new StringBuffer().append(stringBuffer2).append(", C=").append(str7).toString();
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, new StringBuffer().append("DN is ").append(stringBuffer3).toString());
        }
        return stringBuffer3;
    }

    public boolean personalCertificateCreate(CertReqInfo certReqInfo) throws Exception {
        boolean z = false;
        String subjectDN = certReqInfo.getSubjectDN();
        String label = certReqInfo.getLabel();
        int size = certReqInfo.getSize();
        String filename = certReqInfo.getFilename();
        String stringBuffer = new StringBuffer().append(XSLTLiaison.FILE_PROTOCOL_PREFIX).append(filename).toString();
        KeyStoreInfo ksInfo = certReqInfo.getKsInfo();
        ksInfo.getProvider();
        String password = ksInfo.getPassword();
        WSKeyStoreRemotable wSKeyStoreRemotable = new WSKeyStoreRemotable(ksInfo);
        new StringBuffer().append(label).append("_certreq").toString();
        ArrayList arrayList = new ArrayList();
        arrayList.add("certreq@us.ibm.com");
        arrayList.add("CERTREQUEST");
        arrayList.add(stringBuffer);
        String substring = subjectDN.substring(0, subjectDN.indexOf(","));
        String substring2 = subjectDN.substring(subjectDN.indexOf(",") + 1);
        try {
            if (((Boolean) wSKeyStoreRemotable.invokeKeyStoreCommand("containsAlias", new Object[]{label})[0]).booleanValue()) {
                throw new CommandValidationException(new StringBuffer().append(label).append(" already exists.").toString());
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "IBMJCE");
            keyPairGenerator.initialize(size, SecureRandom.getInstance("IBMSecureRandom", "IBMJCE"));
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            PkEeCertReqTransaction newCertRequest = PkEeCertReqFactory.newCertRequest(size, substring, 365, true, false, (List<String>) null, (List<String>) null, (List<String>) null, (String) null, (String) null, substring2, generateKeyPair);
            if (newCertRequest != null) {
                Date date = new Date();
                date.setTime(date.getTime() - CalendarAstronomer.DAY_MS);
                PkSsCertificate newSsCert = PkSsCertFactory.newSsCert(size, subjectDN, 365, date, true, true, arrayList, null, null, "IBMJCE", generateKeyPair);
                if (newSsCert == null) {
                    throw new Exception("SelfSigned create failed.");
                }
                X509Certificate certificate = newSsCert.getCertificate();
                wSKeyStoreRemotable.invokeKeyStoreCommand("setKeyEntry", new Object[]{label, newSsCert.getKey(), password.toCharArray(), new X509Certificate[]{certificate}});
                z = true;
                new CertificationRequest(newCertRequest.getPKCS10CertReq()).writeBASE64(filename);
                try {
                    Tr.audit(tc, new StringBuffer().append("Self Signed Certificate: notBefore time: ").append(certificate.getNotBefore().toString()).append(" notAfter time: ").append(certificate.getNotAfter().toString()).toString());
                } catch (Throwable th) {
                }
            }
            return z;
        } catch (Throwable th2) {
            th2.printStackTrace();
            throw new Exception(th2.getMessage());
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$com$ibm$ws$ssl$commands$certificateRequests$CreateCertificateRequest == null) {
            cls = class$("com.ibm.ws.ssl.commands.certificateRequests.CreateCertificateRequest");
            class$com$ibm$ws$ssl$commands$certificateRequests$CreateCertificateRequest = cls;
        } else {
            cls = class$com$ibm$ws$ssl$commands$certificateRequests$CreateCertificateRequest;
        }
        tc = Tr.register(cls, "SSL", "com.ibm.ws.ssl.commands.certificateRequests");
    }
}
