package com.ibm.ws.ssl.commands.KeySet;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.websphere.management.Session;
import com.ibm.websphere.management.cmdframework.CommandException;
import com.ibm.websphere.management.cmdframework.CommandLoadException;
import com.ibm.websphere.management.cmdframework.CommandNotFoundException;
import com.ibm.websphere.management.cmdframework.CommandValidationException;
import com.ibm.websphere.management.cmdframework.commanddata.CommandData;
import com.ibm.websphere.management.cmdframework.commandmetadata.TaskCommandMetadata;
import com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand;
import com.ibm.websphere.management.cmdframework.provider.TaskCommandResultImpl;
import com.ibm.websphere.management.configservice.ConfigService;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import com.ibm.websphere.management.exception.ConfigServiceException;
import com.ibm.websphere.models.config.ipc.ssl.KeySet;
import com.ibm.ws.crypto.config.KeyReference;
import com.ibm.ws.crypto.config.WSKeyPairReference;
import com.ibm.ws.crypto.config.WSKeyReference;
import com.ibm.ws.crypto.config.WSKeySet;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.management.configservice.MOFUtil;
import com.ibm.ws.security.common.util.AuditConstants;
import com.ibm.ws.ssl.commands.utils.CommandConstants;
import com.ibm.ws.ssl.commands.utils.CommandHelper;
import com.ibm.ws.ssl.commands.utils.SSLCommandsHelper;
import com.ibm.ws.ssl.commands.utils.TraceNLSHelper;
import com.ibm.ws.ssl.config.WSKeyStoreRemotable;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.TreeSet;
import javax.management.AttributeList;
import javax.management.ObjectName;

/* loaded from: input_file:com/ibm/ws/ssl/commands/KeySet/GenerateKeyForKeySet.class */
public class GenerateKeyForKeySet extends AbstractTaskCommand {
    private static TraceComponent tc = Tr.register(GenerateKeyForKeySet.class, "SSL", "com.ibm.ws.ssl.commands");
    private String keySetName;
    private String scopeName;
    private Boolean saveConfig;
    private ConfigService cs;
    private ObjectName security;
    private Session session;
    ObjectName keySetObjName;
    KeySet keySet;
    WSKeySet wsKeySet;

    public GenerateKeyForKeySet(TaskCommandMetadata taskCommandMetadata) throws CommandNotFoundException {
        super(taskCommandMetadata);
        this.keySetName = null;
        this.scopeName = null;
        this.saveConfig = Boolean.FALSE;
        this.cs = null;
        this.security = null;
        this.session = null;
        this.keySetObjName = null;
        this.keySet = null;
        this.wsKeySet = null;
    }

    public GenerateKeyForKeySet(CommandData commandData) throws CommandNotFoundException, CommandLoadException {
        super(commandData);
        this.keySetName = null;
        this.scopeName = null;
        this.saveConfig = Boolean.FALSE;
        this.cs = null;
        this.security = null;
        this.session = null;
        this.keySetObjName = null;
        this.keySet = null;
        this.wsKeySet = null;
    }

    @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand, com.ibm.websphere.management.cmdframework.provider.AbstractAdminCommand, com.ibm.websphere.management.cmdframework.AdminCommand
    public void validate() throws CommandValidationException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, AuditConstants.VALIDATE);
        }
        super.validate();
        try {
            this.cs = SSLCommandsHelper.getConfigService(getName());
            this.session = getConfigSession();
            this.security = SSLCommandsHelper.getSecurityObjectName(this.session, this.cs);
            this.keySetName = (String) getParameter(CommandConstants.KEY_SET_NAME);
            this.scopeName = (String) getParameter(CommandConstants.KEY_SET_SCOPE);
            this.saveConfig = (Boolean) getParameter(CommandConstants.KEY_SET_SAVE_CONFIG);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "keySetName: " + this.keySetName);
                Tr.debug(tc, "scopeName: " + this.scopeName);
            }
            CommandHelper commandHelper = new CommandHelper();
            if (this.scopeName == null) {
                this.scopeName = commandHelper.defaultScope();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Default cell scopeName: " + this.scopeName);
                }
            }
            AttributeList attributeList = new AttributeList();
            ConfigServiceHelper.setAttributeValue(attributeList, "name", this.keySetName);
            this.keySetObjName = commandHelper.getObjectName(this.cs, this.session, this.security, CommandConstants.KEY_SETS, attributeList, this.scopeName);
            if (this.keySetObjName == null) {
                throw new CommandValidationException(TraceNLSHelper.getInstance().getFormattedMessage("ssl.command.object.not.found.CWPKI0600E", new Object[]{this.keySetName, this.scopeName}, this.keySetName + " does not exist within management scope " + this.scopeName));
            }
            this.keySet = (KeySet) MOFUtil.convertToEObject(this.session, this.keySetObjName);
            this.wsKeySet = new WSKeySet(this.keySet, this.session);
            if (this.keySet.getKeyGenerationClass() == null) {
                throw new CommandValidationException(TraceNLSHelper.getInstance().getString("ssl.command.generate.key.class.CWPKI0635E", "Cannot generate keys since the key generator class is not configured."));
            }
            if (this.keySet.getKeyStore().isReadOnly()) {
                throw new CommandValidationException("Cannot generate keys since KeyStore \"" + this.keySet.getKeyStore().getName() + "\" is marked read-only.");
            }
            attributeList.clear();
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, AuditConstants.VALIDATE);
            }
        } catch (ConfigServiceException e) {
            if (tc.isEntryEnabled()) {
                Tr.debug(tc, "Error getting configuration:", e.getMessage());
            }
            throw new CommandValidationException(e.getMessage());
        } catch (Exception e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.ssl.commands.getKeySet.validate", "132");
            if (tc.isEntryEnabled()) {
                Tr.debug(tc, "Error getting configuration:", e2.getMessage());
            }
            throw new CommandValidationException(e2.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.websphere.management.cmdframework.provider.AbstractTaskCommand
    public void beforeStepsExecuted() {
        int i;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "beforeStepsExecuted");
        }
        super.beforeStepsExecuted();
        CommandHelper commandHelper = new CommandHelper();
        TaskCommandResultImpl taskCommandResultImpl = (TaskCommandResultImpl) getTaskCommandResult();
        if (!taskCommandResultImpl.isSuccessful()) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "beforeStepsExecuted");
                return;
            }
            return;
        }
        try {
            String aliasPrefix = this.wsKeySet.getAliasPrefix();
            int maxKeyReferences = this.wsKeySet.getMaxKeyReferences();
            boolean deleteOldKeys = this.wsKeySet.getDeleteOldKeys();
            KeyReference latestKeyReference = this.wsKeySet.getLatestKeyReference();
            if (latestKeyReference != null) {
                int version = latestKeyReference.getVersion();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Current key version: " + version);
                }
                i = version + 1;
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Next key version: " + i);
                }
            } else {
                i = 1;
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Next key version: 1");
                }
            }
            TreeSet keyReferenceTreeSet = this.wsKeySet.getKeyReferenceTreeSet();
            int size = keyReferenceTreeSet.size();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Total keys: " + size);
            }
            while (size >= maxKeyReferences) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Total keys > max keys.");
                }
                KeyReference oldestKeyReference = this.wsKeySet.getOldestKeyReference();
                String keyAlias = oldestKeyReference.getKeyAlias();
                int version2 = oldestKeyReference.getVersion();
                Iterator it = ((List) this.cs.getAttribute(this.session, this.keySetObjName, CommandConstants.KEY_REFERENCE)).iterator();
                while (true) {
                    if (it.hasNext()) {
                        Integer num = (Integer) ConfigServiceHelper.getAttributeValue((AttributeList) it.next(), "version");
                        if (num.intValue() == version2) {
                            AttributeList attributeList = new AttributeList();
                            ConfigServiceHelper.setAttributeValue(attributeList, "keyAlias", keyAlias);
                            ObjectName objectName = commandHelper.getObjectName(this.cs, this.session, this.keySetObjName, CommandConstants.KEY_REFERENCE, attributeList, (String) null);
                            if (objectName != null) {
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "Deleting KeyReference for version " + num);
                                }
                                this.cs.deleteConfigData(this.session, objectName);
                                if (deleteOldKeys) {
                                    if (tc.isDebugEnabled()) {
                                        Tr.debug(tc, "Deleting keys from KeyStore.");
                                    }
                                    WSKeyStoreRemotable wSKeyStoreRemotable = new WSKeyStoreRemotable(this.wsKeySet.getWSKeyStore());
                                    if (wSKeyStoreRemotable != null && !this.wsKeySet.getIsKeyPair()) {
                                        wSKeyStoreRemotable.invokeKeyStoreCommand("deleteEntry", new Object[]{keyAlias});
                                    } else if (wSKeyStoreRemotable != null) {
                                        boolean z = false;
                                        if (((Boolean) wSKeyStoreRemotable.invokeKeyStoreCommand("containsAlias", new Object[]{keyAlias + "_public"})[0]).booleanValue()) {
                                            wSKeyStoreRemotable.invokeKeyStoreCommand("deleteEntry", new Object[]{keyAlias + "_public"});
                                            z = true;
                                        }
                                        if (((Boolean) wSKeyStoreRemotable.invokeKeyStoreCommand("containsAlias", new Object[]{keyAlias + "_private"})[0]).booleanValue()) {
                                            wSKeyStoreRemotable.invokeKeyStoreCommand("deleteEntry", new Object[]{keyAlias + "_private"});
                                            z = true;
                                        }
                                        if (!z && ((Boolean) wSKeyStoreRemotable.invokeKeyStoreCommand("containsAlias", new Object[]{keyAlias})[0]).booleanValue()) {
                                            wSKeyStoreRemotable.invokeKeyStoreCommand("deleteEntry", new Object[]{keyAlias});
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
                this.wsKeySet.removeOldestReference();
                size = keyReferenceTreeSet.size();
            }
            AttributeList attributeList2 = new AttributeList();
            String str = aliasPrefix + "_" + i;
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Next alias: " + str);
            }
            ConfigServiceHelper.setAttributeValue(attributeList2, "version", new Integer(i));
            ConfigServiceHelper.setAttributeValue(attributeList2, "keyAlias", str);
            com.ibm.websphere.models.config.ipc.ssl.KeyReference keyReference = (com.ibm.websphere.models.config.ipc.ssl.KeyReference) MOFUtil.convertToEObject(this.session, this.cs.createConfigData(this.session, this.keySetObjName, CommandConstants.KEY_REFERENCE, null, attributeList2));
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "KeyReference: " + keyReference);
            }
            HashMap hashMap = new HashMap();
            if (this.wsKeySet.getIsKeyPair()) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Creating a KeyPair.");
                }
                hashMap.put(str, new WSKeyPairReference(keyReference, this.wsKeySet, this.wsKeySet.getWSKeyStore()).getKeyPair());
            } else {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Creating a Key.");
                }
                hashMap.put(str, new WSKeyReference(keyReference, this.wsKeySet, this.wsKeySet.getWSKeyStore()).getKey());
            }
            if (this.saveConfig != null && this.saveConfig.booleanValue()) {
                this.cs.save(this.session, true);
            }
            taskCommandResultImpl.setResult(hashMap);
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.ssl.commands.GenerateKeyForKeySet.beforeStepsExecuted", "379", this);
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception occurred.", new Object[]{e});
            }
            taskCommandResultImpl.setException(new CommandException(e, e.getMessage()));
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "beforeStepsExecuted");
        }
    }
}
