package com.iplanet.ias.tools.cli;

import com.iplanet.ias.admin.common.constant.ConfigAttributeName;
import com.iplanet.ias.admin.server.gui.jato.EditAclEntryViewBean;
import com.iplanet.ias.admin.servermodel.AppServerInstance;
import com.iplanet.ias.admin.servermodel.beans.HttpListener;
import com.iplanet.ias.admin.servermodel.beans.IiopListener;
import com.iplanet.ias.admin.servermodel.beans.ORBComponentBean;
import com.iplanet.ias.admin.util.Debug;
import com.iplanet.ias.tools.cli.framework.CommandException;
import com.iplanet.ias.tools.cli.framework.CommandValidationException;
import com.iplanet.ias.tools.cli.framework.Operand;
import com.iplanet.ias.tools.cli.framework.Option;
import java.util.Iterator;
import java.util.Vector;
import javax.management.Attribute;
import javax.management.AttributeList;

/* loaded from: input_file:116286-13/SUNWasaco/reloc/$ASINSTDIR/lib/appserv-admin.jar:com/iplanet/ias/tools/cli/CreateSSLCommand.class */
public class CreateSSLCommand extends BaseOtherCommand {
    private static final String SSL2_ENABLED = "ssl2enabled";
    private static final String SSL2_CIPHERS = "ssl2ciphers";
    private static final String SSL3_ENABLED = "ssl3enabled";
    private static final String SSL3_TLS_CIPHERS = "ssl3tlsciphers";
    private static final String TLS_ENABLED = "tlsenabled";
    private static final String TLS_ROLLBACK_ENABLED = "tlsrollbackenabled";
    private static final String CLIENT_AUTH_ENABLED = "clientauthenabled";
    private static final String HTTP_LISTENER = "http-listener";
    private static final String IIOP_LISTENER = "iiop-listener";
    private static final String IIOP_SERVICE = "iiop-service";

    @Override // com.iplanet.ias.tools.cli.IasCommand, com.iplanet.ias.tools.cli.framework.Command
    public boolean validateOptions() throws CommandValidationException {
        if (!super.validateOptions()) {
            return false;
        }
        Option findOption = findOption("type");
        if (findOption != null && findOption.getValue().equals(EditAclEntryViewBean.CHILD_ALL)) {
            throw new CommandValidationException(getLocalizedString("RequiredOptionsNotProvided", new Object[]{findOption.getName()}));
        }
        String value = findOption.getValue();
        if (!value.equals(HTTP_LISTENER) && !value.equals(IIOP_LISTENER) && !value.equals(IIOP_SERVICE)) {
            throw new CommandValidationException(getLocalizedString("InvalidListenerType"));
        }
        if (value.equals(HTTP_LISTENER) || value.equals(IIOP_LISTENER)) {
            if (getOperands().size() != 1) {
                throw new CommandValidationException(getLocalizedString("InvalidNumberOfOperands"));
            }
            return true;
        }
        if (!value.equals(IIOP_SERVICE) || getOperands().size() == 0) {
            return true;
        }
        throw new CommandValidationException(getLocalizedString("InvalidNumberOfOperands"));
    }

    @Override // com.iplanet.ias.tools.cli.IasCommand, com.iplanet.ias.tools.cli.framework.Command
    public void runCommand() throws CommandException, CommandValidationException {
        if (validateOptions()) {
            try {
                AppServerInstance serverInstance = getServerInstanceManager().getServerInstance(getInstanceOption());
                String value = findOption("type").getValue();
                String value2 = findOption("certname").getValue();
                try {
                    if (value.equals(HTTP_LISTENER)) {
                        createSSLInHTTPListener(serverInstance, value2);
                        printMessage(getLocalizedString("CreatedSSLInHTTPListener"));
                    } else if (value.equals(IIOP_LISTENER)) {
                        createSSLInIIOPListener(serverInstance, value2);
                        printMessage(getLocalizedString("CreatedSSLInIIOPListener"));
                    } else if (value.equals(IIOP_SERVICE)) {
                        createSSLInIIOPService(serverInstance, value2);
                        printMessage(getLocalizedString("CreatedSSLInIIOPService"));
                    }
                    Debug.println(new StringBuffer().append(getClass().getName()).append(" : Command executed").toString());
                } catch (Exception e) {
                    Debug.printStackTrace(e);
                    throw new CommandException(e.getLocalizedMessage());
                }
            } catch (Exception e2) {
                Debug.printStackTrace(e2);
                printError(getLocalizedString("CannotCreateSSL"));
                throw new CommandException(e2.getLocalizedMessage());
            }
        }
    }

    private AttributeList getAttributeList() throws CommandValidationException {
        AttributeList attributeList = new AttributeList();
        if (findOption(SSL2_ENABLED) != null) {
            attributeList.add(new Attribute("ssl2", getBooleanOptionValue(SSL2_ENABLED)));
        }
        if (findOption("ssl2ciphers") != null) {
            String optionValue = getOptionValue("ssl2ciphers");
            isValidSSL2Ciphers(optionValue);
            attributeList.add(new Attribute(ConfigAttributeName.Ssl.kSsl2Ciphers, optionValue));
        }
        if (findOption(SSL3_ENABLED) != null) {
            attributeList.add(new Attribute("ssl3", getBooleanOptionValue(SSL3_ENABLED)));
        }
        if (findOption("ssl3tlsciphers") != null) {
            String optionValue2 = getOptionValue("ssl3tlsciphers");
            isValidSSL3Ciphers(optionValue2);
            attributeList.add(new Attribute(ConfigAttributeName.Ssl.kSsl3TlsCiphers, optionValue2));
        }
        if (findOption(TLS_ENABLED) != null) {
            attributeList.add(new Attribute("tls", getBooleanOptionValue(TLS_ENABLED)));
        }
        if (findOption(TLS_ROLLBACK_ENABLED) != null) {
            attributeList.add(new Attribute(ConfigAttributeName.Ssl.kTlsRollbackEnabled, getBooleanOptionValue(TLS_ROLLBACK_ENABLED)));
        }
        if (findOption(CLIENT_AUTH_ENABLED) != null) {
            attributeList.add(new Attribute(ConfigAttributeName.Ssl.kClientAuthEnabled, getBooleanOptionValue(CLIENT_AUTH_ENABLED)));
        }
        return attributeList;
    }

    private void isValidSSL2Ciphers(String str) throws CommandValidationException {
        Iterator ciphers = getCiphers(str);
        while (ciphers.hasNext()) {
            String str2 = (String) ciphers.next();
            if (!str2.equals("rc4") && !str2.equals("rc4export") && !str2.equals("rc2") && !str2.equals("rc2export") && !str2.equals("idea") && !str2.equals("des") && !str2.equals("desede3")) {
                throw new CommandValidationException(getLocalizedString("InvalidSSL2Ciphers"));
            }
        }
    }

    private void isValidSSL3Ciphers(String str) throws CommandValidationException {
        Iterator ciphers = getCiphers(str);
        while (ciphers.hasNext()) {
            String str2 = (String) ciphers.next();
            if (!str2.equals("rsa_rc4_128_md5") && !str2.equals("rsa3des_sha") && !str2.equals("rsa_des_sha") && !str2.equals("rsa_rc4_40_md5") && !str2.equals("rsa_rc2_40_md5") && !str2.equals("rsa_null_md5") && !str2.equals("rsa_des_56_sha") && !str2.equals("rsa_rc4_56_sha")) {
                throw new CommandValidationException(getLocalizedString("InvalidSSL3Ciphers"));
            }
        }
    }

    private Iterator getCiphers(String str) throws CommandValidationException {
        int i = 0;
        Vector vector = new Vector();
        while (i < str.length()) {
            int indexOf = str.indexOf(44, i);
            if (indexOf == -1) {
                indexOf = str.length();
            }
            if (str.charAt(i) == '+' || str.charAt(i) == '-') {
                if (i >= indexOf) {
                    throw new CommandValidationException(getLocalizedString("InvalidSSLCiphers"));
                }
                i++;
            }
            String substring = str.substring(i, indexOf);
            i = indexOf + 1;
            vector.add(substring);
        }
        return vector.iterator();
    }

    private void createSSLInHTTPListener(AppServerInstance appServerInstance, String str) throws Exception {
        HttpListener httpListener = appServerInstance.getHttpService().getHttpListener(((Operand) getOperands().get(0)).getName());
        if (httpListener.isSSLCreated()) {
            throw new CommandException(getLocalizedString("SSLExists"));
        }
        try {
            AttributeList attributeList = getAttributeList();
            httpListener.createSSL(str);
            if (attributeList != null) {
                try {
                    if (!attributeList.isEmpty()) {
                        validateAttributeList(attributeList, httpListener.setAttributes(attributeList));
                    }
                } catch (Exception e) {
                    Debug.printStackTrace(e);
                    printError(getLocalizedString("UseDefaultAttribute"));
                    throw new CommandException(e.getLocalizedMessage());
                }
            }
        } catch (Exception e2) {
            Debug.printStackTrace(e2);
            printError(getLocalizedString("CannotCreateSSLInHTTPListener"));
            throw new CommandException(e2.getLocalizedMessage());
        }
    }

    private void createSSLInIIOPListener(AppServerInstance appServerInstance, String str) throws Exception {
        IiopListener iiopListener = appServerInstance.getORBComponent().getIiopListener(((Operand) getOperands().get(0)).getName());
        if (iiopListener.isSSLCreated()) {
            throw new CommandException(getLocalizedString("SSLExists"));
        }
        try {
            AttributeList attributeList = getAttributeList();
            iiopListener.createSSL(str);
            if (attributeList != null) {
                try {
                    if (!attributeList.isEmpty()) {
                        validateAttributeList(attributeList, iiopListener.setAttributes(attributeList));
                    }
                } catch (Exception e) {
                    Debug.printStackTrace(e);
                    printError(getLocalizedString("UseDefaultAttribute"));
                    throw new CommandException(e.getLocalizedMessage());
                }
            }
        } catch (Exception e2) {
            Debug.printStackTrace(e2);
            printError(getLocalizedString("CannotCreateSSLInIIOPListener"));
            throw new CommandException(e2.getLocalizedMessage());
        }
    }

    private void createSSLInIIOPService(AppServerInstance appServerInstance, String str) throws Exception {
        ORBComponentBean oRBComponent = appServerInstance.getORBComponent();
        if (oRBComponent.isSSLCreated()) {
            throw new CommandException(getLocalizedString("SSLExists"));
        }
        try {
            AttributeList attributeList = getAttributeList();
            oRBComponent.createSSL(str);
            if (attributeList != null) {
                try {
                    if (!attributeList.isEmpty()) {
                        validateAttributeList(attributeList, oRBComponent.setAttributes(attributeList));
                    }
                } catch (Exception e) {
                    Debug.printStackTrace(e);
                    printError(getLocalizedString("UseDefaultAttribute"));
                    throw new CommandException(e.getLocalizedMessage());
                }
            }
        } catch (Exception e2) {
            Debug.printStackTrace(e2);
            printError(getLocalizedString("CannotCreateSSLInIIOPService"));
            throw new CommandException(e2.getLocalizedMessage());
        }
    }
}
