package com.sun.identity.log.cli;

import com.iplanet.am.util.Locale;
import com.iplanet.am.util.SystemProperties;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.authentication.internal.AuthPrincipal;
import com.sun.identity.common.Constants;
import com.sun.identity.log.LogConstants;
import com.sun.identity.log.LogManager;
import com.sun.identity.log.LogManagerUtil;
import com.sun.identity.log.LogReader;
import com.sun.identity.log.secure.SecureLogHelper;
import com.sun.identity.log.secure.VerifierList;
import com.sun.identity.log.spi.IVerifierOutput;
import com.sun.identity.log.spi.VerifierAction;
import java.io.File;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.HashMap;
import java.util.Map;
import java.util.ResourceBundle;
import java.util.TreeMap;
import java.util.Vector;
import netscape.ldap.factory.JSSSocketFactory;
import org.mozilla.jss.CryptoManager;
import org.mozilla.jss.util.Password;

/* loaded from: input_file:117586-13/SUNWamsdk/reloc/$PRODUCT_DIR/lib/am_logging.jar:com/sun/identity/log/cli/ISArchiveVerify.class */
public class ISArchiveVerify {
    private IVerifierOutput result;
    private SecureLogHelper helper;
    private Password logPassword;
    private Password verPassword;
    private String name;
    private static CryptoManager.InitializationValues configValues;
    private static ResourceBundle bundle;
    static final int INVALID = 0;
    static final int LOGNAME = 1;
    static final int PATH = 2;
    static final int USERNAME = 3;
    static final int PASSWORD = 4;
    private static String USAGE = "Usage: VerifyArchive -l <logName> -p <path> -u <uname> -w <password>";
    private static String PREFIX = "_secure.";
    static Map OPTIONS = new HashMap();
    private String curMAC = null;
    private String prevSignature = null;
    private boolean verified = true;

    static int getToken(String str) {
        try {
            return ((Integer) OPTIONS.get(str)).intValue();
        } catch (Exception e) {
            return 0;
        }
    }

    public static void main(String[] strArr) throws Exception {
        if (strArr.length == 0 || strArr.length != 8) {
            System.err.println(USAGE);
            System.exit(1);
        }
        try {
            CryptoManager.getInstance();
        } catch (CryptoManager.NotInitializedException e) {
            String str = SystemProperties.get(Constants.AM_ADMIN_CLI_CERTDB_DIR);
            String str2 = SystemProperties.get(Constants.AM_ADMIN_CLI_CERTDB_PREFIX);
            SystemProperties.get("com.iplanet.am.admin.cli.certdb.passfile");
            CryptoManager.initialize(new CryptoManager.InitializationValues(str, str2, str2, JSSSocketFactory.defaultModDB));
        }
        runCommand(strArr);
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:7:0x001a. Please report as an issue. */
    private static void runCommand(String[] strArr) throws Exception {
        int i;
        int i2 = 0;
        int i3 = 0;
        int i4 = 0;
        int i5 = 0;
        int i6 = 0;
        while (i6 < strArr.length) {
            try {
                switch (getToken(strArr[i6])) {
                    case 1:
                        i = i6 + 1;
                        i2 = i;
                        i6 = i + 1;
                    case 2:
                        i = i6 + 1;
                        i3 = i;
                        i6 = i + 1;
                    case 3:
                        i = i6 + 1;
                        i4 = i;
                        i6 = i + 1;
                    case 4:
                        i = i6 + 1;
                        i5 = i;
                        i6 = i + 1;
                    default:
                        throw new Exception();
                }
            } catch (Exception e) {
                if (e.getMessage() != null) {
                    System.err.println(e.getMessage());
                }
                e.printStackTrace();
                System.err.println(USAGE);
                System.exit(1);
            }
        }
        try {
            if (new ISArchiveVerify().verifyArchive(strArr[i2], strArr[i3], strArr[i4], strArr[i5])) {
                System.out.println(new StringBuffer().append(bundle.getString("verificationOfLogArchiveFor")).append(" ").append(strArr[i2]).append(" ").append(bundle.getString("archiveVerificationPassed")).toString());
            } else {
                System.out.println(new StringBuffer().append(bundle.getString("verificationOfLogArchiveFor")).append(" ").append(strArr[i2]).append(" ").append(bundle.getString("archiveVerificationFailed")).toString());
            }
        } catch (Exception e2) {
            if (e2.getMessage() != null) {
                System.err.println(e2.getMessage());
            }
            e2.printStackTrace();
            System.exit(1);
        }
        System.exit(0);
    }

    private boolean verifyLogRecord(String[] strArr, int i) throws Exception {
        StringBuffer stringBuffer = new StringBuffer();
        for (int i2 = 0; i2 < strArr.length - 2; i2++) {
            stringBuffer.append(strArr[i2]);
        }
        this.curMAC = new String(strArr[i]);
        this.verified = this.helper.verifyMAC(stringBuffer.toString(), SecureLogHelper.toByteArray(this.curMAC));
        return this.verified;
    }

    private boolean verifySignature(String[] strArr, int i, int i2) throws Exception {
        byte[] bArr;
        String str = new String(strArr[i]);
        byte[] byteArray = SecureLogHelper.toByteArray(this.curMAC);
        if (this.prevSignature == null || this.prevSignature.equals("")) {
            bArr = new byte[byteArray.length];
            System.arraycopy(byteArray, 0, bArr, 0, byteArray.length);
        } else {
            bArr = new byte[byteArray.length + SecureLogHelper.toByteArray(this.prevSignature).length];
            System.arraycopy(byteArray, 0, bArr, 0, byteArray.length);
            System.arraycopy(SecureLogHelper.toByteArray(this.prevSignature), 0, bArr, byteArray.length, SecureLogHelper.toByteArray(this.prevSignature).length);
        }
        if (i2 != 0) {
            this.prevSignature = str;
        }
        this.verified = this.helper.verifySignature(SecureLogHelper.toByteArray(str), bArr);
        return this.verified;
    }

    public boolean verifyArchive(String str, String str2, String str3, String str4) throws Exception {
        Password password;
        ((LogManager) LogManagerUtil.getLogManager()).readConfiguration();
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA");
            try {
                password = new Password(new String(messageDigest.digest(Password.charToByte(str4.toCharArray())), "UTF-8").toCharArray());
            } catch (UnsupportedEncodingException e) {
                password = new Password(new String(messageDigest.digest(Password.charToByte(str4.toCharArray()))).toCharArray());
            }
        } catch (NoSuchAlgorithmException e2) {
            password = new Password(str4.toCharArray());
        }
        try {
            SSOToken createSSOToken = SSOTokenManager.getInstance().createSSOToken(new AuthPrincipal(str3), str4);
            VerifierList verifierList = new VerifierList();
            if (!str2.endsWith("/")) {
                str2 = new StringBuffer().append(str2).append("/").toString();
            }
            TreeMap keysAndFiles = verifierList.getKeysAndFiles(new File(str2), str);
            if (keysAndFiles.size() == 0) {
                System.out.println(new StringBuffer().append(bundle.getString("archiveVerification")).append(bundle.getString("noFilesToVerify")).toString());
                return true;
            }
            Object[] array = keysAndFiles.keySet().toArray();
            new String();
            String str5 = SystemProperties.get(Constants.AM_ADMIN_CLI_CERTDB_DIR);
            String str6 = SystemProperties.get(Constants.AM_ADMIN_CLI_CERTDB_PREFIX);
            SystemProperties.get("com.iplanet.am.admin.cli.certdb.passfile");
            CryptoManager.InitializationValues initializationValues = new CryptoManager.InitializationValues(str5, str6, str6, JSSSocketFactory.defaultModDB);
            if (array.length == 1) {
                System.out.println(new StringBuffer().append(bundle.getString("archiveVerification")).append(bundle.getString("noFilesToVerify")).toString());
            }
            for (int i = 1; i < array.length; i++) {
                this.helper = new SecureLogHelper(initializationValues);
                Vector vector = (Vector) keysAndFiles.get(array[i]);
                String substring = ((String) array[i]).substring(((String) array[i]).indexOf(".") + 1);
                String stringBuffer = new StringBuffer().append(PREFIX).append("ver").append(substring.substring(substring.indexOf("."))).toString();
                this.helper.initializeVerifier(new StringBuffer().append(str2).append(stringBuffer).toString(), password, password);
                this.helper.reinitializeVerifier(new StringBuffer().append(str2).append(stringBuffer).toString(), password);
                this.curMAC = null;
                this.prevSignature = null;
                for (int i2 = 0; i2 < vector.size(); i2++) {
                    System.out.println(new StringBuffer().append(bundle.getString("fileBeingVerified")).append((String) vector.elementAt(i2)).toString());
                    String[][] strArr = new String[1][1];
                    try {
                        strArr = LogReader.read((String) vector.elementAt(i2), createSSOToken);
                    } catch (Exception e3) {
                        e3.printStackTrace();
                    }
                    if (strArr == null && strArr.length == 0) {
                        System.err.println(new StringBuffer().append(bundle.getString("archiveVerification")).append(bundle.getString("emptyReturn")).append((String) vector.elementAt(i2)).toString());
                    } else {
                        Vector vector2 = new Vector(strArr[0].length);
                        for (int i3 = 0; i3 < strArr[0].length; i3++) {
                            vector2.add(strArr[0][i3]);
                        }
                        int i4 = -1;
                        int i5 = -1;
                        int i6 = 0;
                        while (true) {
                            if (i6 >= vector2.size()) {
                                break;
                            }
                            if (((String) vector2.get(i6)).equalsIgnoreCase("Signature")) {
                                i4 = i6;
                                break;
                            }
                            i6++;
                        }
                        int i7 = 0;
                        while (true) {
                            if (i7 >= vector2.size()) {
                                break;
                            }
                            if (((String) vector2.get(i7)).equalsIgnoreCase(LogConstants.MAC_FIELDNAME)) {
                                i5 = i7;
                                break;
                            }
                            i7++;
                        }
                        if (i4 == -1 || i5 == -1) {
                            return VerifierAction.doVerifierAction(str, this.verified);
                        }
                        int i8 = 1;
                        while (true) {
                            if (i8 >= strArr.length) {
                                break;
                            }
                            if (strArr[i8][i4].equals("-")) {
                                this.verified = verifyLogRecord(strArr[i8], i5);
                                if (!this.verified) {
                                    System.err.println(new StringBuffer().append(bundle.getString("recordVerificationFailed")).append((String) vector.elementAt(i2)).append(" ").append(bundle.getString("atRecordNumber")).append(i8).toString());
                                    break;
                                }
                                System.out.println(new StringBuffer().append(bundle.getString("recordVerificationPassed")).append((String) vector.elementAt(i2)).append(" ").append(bundle.getString("atRecordNumber")).append(i8).toString());
                                i8++;
                            } else {
                                this.verified = verifySignature(strArr[i8], i4, (strArr.length - 1) - i8);
                                if (!this.verified) {
                                    System.err.println(new StringBuffer().append(bundle.getString("signatureVerificationFailed")).append((String) vector.elementAt(i2)).append(bundle.getString("atRecordNumber")).append(i8).toString());
                                    break;
                                }
                                System.out.println(new StringBuffer().append(bundle.getString("signatureVerificationPassed")).append((String) vector.elementAt(i2)).append(bundle.getString("atRecordNumber")).append(i8).toString());
                                i8++;
                            }
                        }
                    }
                    if (!this.verified) {
                        return this.verified;
                    }
                }
                this.helper.reinitializeVerifier(new StringBuffer().append(str2).append(stringBuffer).toString(), password);
            }
            return this.verified;
        } catch (SSOException e4) {
            System.out.println(new StringBuffer().append(bundle.getString("archiveVerification")).append("SSOException: ").append(e4.getMessage()).toString());
            return false;
        } catch (UnsupportedOperationException e5) {
            System.out.println(new StringBuffer().append(bundle.getString("archiveVerification")).append("UnsupportedOperationException: ").append(e5.getMessage()).toString());
            return false;
        }
    }

    static {
        bundle = null;
        bundle = Locale.getInstallResourceBundle("amLogging");
        OPTIONS.put("-l", new Integer(1));
        OPTIONS.put("-p", new Integer(2));
        OPTIONS.put("-u", new Integer(3));
        OPTIONS.put("-w", new Integer(4));
    }
}
