package com.ibm.bcg.util;

import com.ibm.bcg.server.DocumentState;
import com.ibm.bcg.server.Message;
import com.ibm.bcg.server.MessageConst;
import com.ibm.bcg.server.VMSLog;
import com.ibm.bcg.server.util.DebugMgr;
import com.ibm.bcg.server.util.EventUtil;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Set;
import java.util.Vector;
import org.apache.log4j.Category;

/* loaded from: input_file:com/ibm/bcg/util/PKCSOwnerInfo.class */
public class PKCSOwnerInfo {
    public static final String COPYRIGHT = "Licensed Material - Property of IBM , 5724-E75,5724-E87,5724-L68,5724-L69.  (C) Copyright IBM Corp. 2001,2004 - All Rights Reserved. The source code for this program is not published or otherwisedivested of its trade secrets, irrespective of what has beendeposited with the U.S. Copyright Office. ";
    private static Category m_logger;
    private static VMSLog vmsLog;
    private Vector ownerSigningCertInfos = new Vector(2);
    private Vector ownerDecryptCertInfos = new Vector(2);
    private Hashtable ownerSSLCerts = new Hashtable(4);
    private int hubOwnerPartnerId;
    static Class class$com$ibm$bcg$util$PKCSOwnerInfo;
    static Class class$com$ibm$bcg$util$PKCS7Util;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/ibm/bcg/util/PKCSOwnerInfo$SSLKeyStoreAndCertInfo.class */
    public class SSLKeyStoreAndCertInfo {
        OwnerCertInfo certInfo;
        KeyStore keyStore;
        private final PKCSOwnerInfo this$0;

        SSLKeyStoreAndCertInfo(PKCSOwnerInfo pKCSOwnerInfo, OwnerCertInfo ownerCertInfo) {
            this.this$0 = pKCSOwnerInfo;
            PKCSOwnerInfo.debug(new StringBuffer().append("Starting constructor with certId = ").append(ownerCertInfo.getCertId()).toString());
            this.certInfo = ownerCertInfo;
            try {
                this.keyStore = KeyStore.getInstance("JKS");
                this.keyStore.load(null, null);
                this.keyStore.setKeyEntry(new StringBuffer().append("").append(ownerCertInfo.getCertId()).toString(), ownerCertInfo.getKey(), ownerCertInfo.getKeyPassword().toCharArray(), new X509Certificate[]{ownerCertInfo.getCert()});
                PKCSOwnerInfo.debug(new StringBuffer().append("Got the keyStore for certId = ").append(ownerCertInfo.getCertId()).toString());
            } catch (Exception e) {
                PKCSOwnerInfo.error(new StringBuffer().append("Error while Creating KeyStore CertId = ").append(ownerCertInfo.getCertId()).toString(), e);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PKCSOwnerInfo(int i) {
        if (i < 1) {
            throw new IllegalArgumentException("The hub OwnerID can't be < 1");
        }
        this.hubOwnerPartnerId = i;
    }

    public OwnerCertInfo getSigningCertInfo(boolean z) {
        return getCertInfo(getUsage(z), this.ownerSigningCertInfos);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setSigningCertInfo(OwnerCertInfo ownerCertInfo) {
        setCertInfo(ownerCertInfo, this.ownerSigningCertInfos);
    }

    public synchronized Vector getDecryptCertInfo() {
        return this.ownerDecryptCertInfos;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setDecryptCertInfo(OwnerCertInfo ownerCertInfo) {
        setCertInfo(ownerCertInfo, this.ownerDecryptCertInfos);
    }

    public synchronized OwnerCertInfo getOutboundSSLInfo(String str, boolean z) {
        Vector vector;
        SSLKeyStoreAndCertInfo sSLKeyStoreAndCertInfo;
        if (str == null || str.trim().length() == 0 || (vector = (Vector) this.ownerSSLCerts.get(str)) == null || (sSLKeyStoreAndCertInfo = getSSLKeyStoreAndCertInfo(z, vector)) == null || sSLKeyStoreAndCertInfo.certInfo == null) {
            return null;
        }
        return sSLKeyStoreAndCertInfo.certInfo;
    }

    public synchronized KeyStore getOutboundSSLKeyStore(String str, boolean z) {
        Vector vector;
        SSLKeyStoreAndCertInfo sSLKeyStoreAndCertInfo;
        if (str == null || str.trim().length() == 0 || (vector = (Vector) this.ownerSSLCerts.get(str)) == null || (sSLKeyStoreAndCertInfo = getSSLKeyStoreAndCertInfo(z, vector)) == null || sSLKeyStoreAndCertInfo.certInfo == null) {
            return null;
        }
        return sSLKeyStoreAndCertInfo.keyStore;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized void setOwnerSSLCertInfo(String str, OwnerCertInfo ownerCertInfo) {
        if (str == null || ownerCertInfo == null) {
            return;
        }
        Vector vector = (Vector) this.ownerSSLCerts.get(str);
        if (vector == null) {
            vector = new Vector(2);
            this.ownerSSLCerts.put(str, vector);
        }
        setCertInfo(ownerCertInfo, vector);
    }

    public int getHubOwnerPartnerId() {
        return this.hubOwnerPartnerId;
    }

    private synchronized SSLKeyStoreAndCertInfo getSSLKeyStoreAndCertInfo(boolean z, Vector vector) {
        int usage = getUsage(z);
        for (int i = 0; i < vector.size(); i++) {
            SSLKeyStoreAndCertInfo sSLKeyStoreAndCertInfo = (SSLKeyStoreAndCertInfo) vector.get(i);
            if (sSLKeyStoreAndCertInfo.certInfo.getUsage() == usage) {
                return sSLKeyStoreAndCertInfo;
            }
        }
        return null;
    }

    private int getUsage(boolean z) {
        return z ? 1 : 2;
    }

    private synchronized OwnerCertInfo getCertInfo(int i, Vector vector) {
        debug("Starting Method  = getCertInfo");
        for (int i2 = 0; i2 < vector.size(); i2++) {
            OwnerCertInfo ownerCertInfo = (OwnerCertInfo) vector.get(i2);
            debug(new StringBuffer().append("ownerCertInfo.getUsage() = ").append(ownerCertInfo.getUsage()).append("CertId = ").append(ownerCertInfo.getCertId()).toString());
            if (ownerCertInfo.getUsage() == i) {
                return ownerCertInfo;
            }
        }
        return null;
    }

    private synchronized void setCertInfo(OwnerCertInfo ownerCertInfo, Vector vector) {
        debug("Enetering Method setCertInfo");
        if (ownerCertInfo == null || vector == null || ownerCertInfo.getType() == null) {
            return;
        }
        debug(new StringBuffer().append("Cert type = ").append(ownerCertInfo.getType()).toString());
        if (ownerCertInfo.getType().equals(WBICSecurityManager.CERT_TYPE_SSL)) {
            vector.add(new SSLKeyStoreAndCertInfo(this, ownerCertInfo));
        } else {
            vector.add(ownerCertInfo);
        }
        debug("Enetering Method setCertInfo");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized void removeCertInfo(int i) {
        remove(this.ownerDecryptCertInfos, i);
        remove(this.ownerSigningCertInfos, i);
        Enumeration keys = this.ownerSSLCerts.keys();
        while (keys.hasMoreElements()) {
            removeSSLCert((Vector) this.ownerSSLCerts.get((String) keys.nextElement()), i);
        }
    }

    private synchronized void remove(Vector vector, int i) {
        boolean z = false;
        debug("Starting method Remove");
        int i2 = 0;
        while (i2 < vector.size()) {
            CertInfo certInfo = (CertInfo) vector.get(i2);
            if (certInfo.getCertId() == i) {
                debug(new StringBuffer().append("found a cert CertID = ").append(certInfo.getCertId()).toString());
                vector.remove(i2);
                certInfo.setRowTs(certInfo.getRowTs() + 1);
                i2--;
                if (certInfo.getUsage() == 1) {
                    debug("Its a Primary Certificate");
                    z = true;
                }
            }
            i2++;
        }
        if (z) {
            debug("found a Primary cetrt Trying to get a Secondary ");
            for (int i3 = 0; i3 < vector.size(); i3++) {
                CertInfo certInfo2 = (CertInfo) vector.get(i3);
                if (certInfo2.getUsage() == 2) {
                    debug("Got a secondary .... Now trying to update the database");
                    try {
                        WBICSecurityManager.getDBInterface().setSecondaryAsPrimary(certInfo2.getCertId(), certInfo2.getRowTs());
                        debug("Now updation of the database is successful");
                        certInfo2.setUsage(1);
                        certInfo2.setRowTs(certInfo2.getRowTs() + 1);
                        logEvent("108011", "3", new StringBuffer().append(certInfo2.getCert().getSerialNumber().toString(16).toUpperCase()).append(EventUtil.PIPE_STR).append(certInfo2.getCert().getIssuerDN().getName()).toString(), null);
                    } catch (Exception e) {
                        error("Could not set the Secondary Certificate to Primary Certificate", e);
                    }
                }
            }
        }
    }

    private synchronized void removeSSLCert(Vector vector, int i) {
        boolean z = false;
        debug("Starting method removeSSLCert");
        int i2 = 0;
        while (i2 < vector.size()) {
            SSLKeyStoreAndCertInfo sSLKeyStoreAndCertInfo = (SSLKeyStoreAndCertInfo) vector.get(i2);
            if (sSLKeyStoreAndCertInfo.certInfo.getCertId() == i) {
                vector.remove(i2);
                sSLKeyStoreAndCertInfo.certInfo.setRowTs(sSLKeyStoreAndCertInfo.certInfo.getRowTs() + 1);
                i2--;
                if (sSLKeyStoreAndCertInfo.certInfo.getUsage() == 1) {
                    z = true;
                }
            }
            i2++;
        }
        if (z) {
            debug("found a Primary cetrt Trying to get a Secondary ");
            for (int i3 = 0; i3 < vector.size(); i3++) {
                SSLKeyStoreAndCertInfo sSLKeyStoreAndCertInfo2 = (SSLKeyStoreAndCertInfo) vector.get(i3);
                if (sSLKeyStoreAndCertInfo2.certInfo.getUsage() == 2) {
                    debug(new StringBuffer().append("Got a secondary .... Now trying to update the database").append(sSLKeyStoreAndCertInfo2.certInfo.getCertId()).toString());
                    try {
                        WBICSecurityManager.getDBInterface().setSecondaryAsPrimary(sSLKeyStoreAndCertInfo2.certInfo.getCertId(), sSLKeyStoreAndCertInfo2.certInfo.getRowTs());
                        debug("Now updation of the database is successful");
                        sSLKeyStoreAndCertInfo2.certInfo.setUsage(1);
                        sSLKeyStoreAndCertInfo2.certInfo.setRowTs(sSLKeyStoreAndCertInfo2.certInfo.getRowTs() + 1);
                    } catch (Exception e) {
                        error("Could not set the Secondary Certificate to Primary Certificate", e);
                    }
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void debug(String str) {
        if (m_logger.isDebugEnabled()) {
            m_logger.debug(new StringBuffer().append("----PKCSOwnerInfo---->").append(str).toString());
        }
    }

    private static void error(String str) {
        error(str, null);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void error(String str, Throwable th) {
        m_logger.error(new StringBuffer().append("----PKCSOwnerInfo---->").append(str).toString());
        if (th != null) {
            th.printStackTrace();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized boolean checkValidity() throws BcgException {
        debug("In Method checkValidity");
        HashSet hashSet = new HashSet();
        boolean z = checkValidity(this.ownerSigningCertInfos, hashSet);
        if (!z) {
            return false;
        }
        debug(new StringBuffer().append("ownerSigningCertInfos validity = ").append(z).toString());
        boolean z2 = checkValidity(this.ownerDecryptCertInfos, hashSet) ? z : false;
        if (!z2) {
            return false;
        }
        debug(new StringBuffer().append("ownerDecryptCertInfos validity = ").append(z2).toString());
        Enumeration keys = this.ownerSSLCerts.keys();
        while (keys.hasMoreElements()) {
            String str = (String) keys.nextElement();
            z2 = checkSSLCertValidity((Vector) this.ownerSSLCerts.get(str), hashSet) ? z2 : false;
            if (!z2) {
                return false;
            }
            debug(new StringBuffer().append("for gatewayName = ").append(str).append(" validity = ").append(z2).toString());
        }
        return z2;
    }

    private boolean checkValidity(Vector vector, Set set) throws BcgException {
        int i = 0;
        int i2 = 0;
        CertInfo certInfo = null;
        CertInfo certInfo2 = null;
        debug(new StringBuffer().append("There are ").append(vector.size()).append(" Certificates").toString());
        if (vector == null) {
            return true;
        }
        for (int i3 = 0; i3 < vector.size(); i3++) {
            CertInfo certInfo3 = (CertInfo) vector.get(i3);
            debug(new StringBuffer().append("IPrimary = ").append(certInfo3.getUsage()).toString());
            if (certInfo3.getUsage() == 1) {
                debug(new StringBuffer().append("CertId ").append(certInfo3.getCertId()).append(" is  a primary Certificate ").toString());
                i2++;
                certInfo2 = certInfo3;
            } else if (certInfo3.getUsage() == 2) {
                debug(new StringBuffer().append("CertId ").append(certInfo3.getCertId()).append(" is  a secondary Certificate ").toString());
                i++;
                certInfo = certInfo3;
            }
        }
        if (i2 > 1) {
            error(new StringBuffer().append("There are ").append(i2).append(" Primary Certificates for ").append(certInfo2.getType()).append(" The PKCS Instance cant be used until the problem is fixed.").append(" Please check the certId ").append(certInfo2.getCertId()).append(" of hub Operator  to fix the problem").toString());
            return false;
        }
        if (i > 1) {
            error(new StringBuffer().append("There are ").append(i).append(" Secondary Certificates for ").append(certInfo.getType()).append(". The PKCS Instance cant be used until ").append(" the problem is fixed. Please check the certId ").append(certInfo.getCertId()).append(" of hub Operator to ").append("fix the problem").toString());
            return false;
        }
        if (i2 != 0 || i != 1) {
            return true;
        }
        if (set.contains(new Integer(certInfo.getCertId()))) {
            return false;
        }
        debug("There are no primary certificate and at least one Secondary Certificates");
        WBICSecurityManager.getDBInterface().setSecondaryAsPrimary(certInfo.getCertId(), certInfo.getRowTs());
        logEvent("108011", "3", new StringBuffer().append(certInfo.getCert().getSerialNumber().toString(16).toUpperCase()).append(EventUtil.PIPE_STR).append(certInfo.getCert().getIssuerDN().getName()).toString(), null);
        set.add(new Integer(certInfo.getCertId()));
        return false;
    }

    private boolean checkSSLCertValidity(Vector vector, Set set) throws BcgException {
        int i = 0;
        int i2 = 0;
        OwnerCertInfo ownerCertInfo = null;
        OwnerCertInfo ownerCertInfo2 = null;
        debug(new StringBuffer().append("There are ").append(vector.size()).append(" Certificates").toString());
        if (vector == null) {
            return true;
        }
        for (int i3 = 0; i3 < vector.size(); i3++) {
            SSLKeyStoreAndCertInfo sSLKeyStoreAndCertInfo = (SSLKeyStoreAndCertInfo) vector.get(i3);
            if (sSLKeyStoreAndCertInfo.certInfo.getUsage() == 1) {
                i2++;
                ownerCertInfo2 = sSLKeyStoreAndCertInfo.certInfo;
            } else if (sSLKeyStoreAndCertInfo.certInfo.getUsage() == 2) {
                i++;
                ownerCertInfo = sSLKeyStoreAndCertInfo.certInfo;
            }
        }
        if (i2 > 1) {
            error(new StringBuffer().append("There are ").append(i2).append(" Primary Certificates for the Gateway type ").append(ownerCertInfo2.getGatewayType()).append(". The PKCS Instance cant be used ").append("until the problem is fixed. Please check the certId ").append(ownerCertInfo2.getCertId()).append(" of hub Operator to fix the problem").toString());
            return false;
        }
        if (i > 1) {
            error(new StringBuffer().append("There are ").append(i).append(" Secondary Certificates for the Gateway type").append(ownerCertInfo.getGatewayType()).append(". The PKCS Instance cant be used until ").append("the problem is fixed. Please check the certId ").append(ownerCertInfo.getCertId()).append(" of hub Operator to fix the problem").toString());
            throw new BcgException(new StringBuffer().append("There are ").append(i).append(" Secondary Certificates. The PKCS Instance cant be used until the problem is fixed").toString(), null, null, null);
        }
        if (i2 != 0 || i != 1) {
            return true;
        }
        if (set.contains(new Integer(ownerCertInfo.getCertId()))) {
            return false;
        }
        debug("There are no primary certificate and one Secondary Certificates so need to modify it");
        WBICSecurityManager.getDBInterface().setSecondaryAsPrimary(ownerCertInfo.getCertId(), ownerCertInfo.getRowTs());
        logEvent("108011", "3", new StringBuffer().append(ownerCertInfo.getCert().getSerialNumber().toString(16).toUpperCase()).append(EventUtil.PIPE_STR).append(ownerCertInfo.getCert().getIssuerDN().getName()).toString(), null);
        set.add(new Integer(ownerCertInfo.getCertId()));
        return false;
    }

    private static void logEvent(String str, String str2, String str3, Throwable th) {
        Class cls;
        try {
            Message message = new Message(str, DocumentState.DOC_IN_PROCESS, str2);
            if (class$com$ibm$bcg$util$PKCS7Util == null) {
                cls = class$("com.ibm.bcg.util.PKCS7Util");
                class$com$ibm$bcg$util$PKCS7Util = cls;
            } else {
                cls = class$com$ibm$bcg$util$PKCS7Util;
            }
            message.setValue(MessageConst.SOURCECLASS, cls.getName());
            message.setValue(MessageConst.FAULTTYPE, "3");
            if (th != null) {
                message.setValue(MessageConst.STACKTRACE, DebugMgr.getStackTrace(th));
            }
            if (str3 != null) {
                message.setValue(MessageConst.ARGSTRING, str3);
            }
            vmsLog.log(message);
        } catch (Exception e) {
            m_logger.error(new StringBuffer().append("Exception:").append(e.getMessage()).toString(), e);
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$com$ibm$bcg$util$PKCSOwnerInfo == null) {
            cls = class$("com.ibm.bcg.util.PKCSOwnerInfo");
            class$com$ibm$bcg$util$PKCSOwnerInfo = cls;
        } else {
            cls = class$com$ibm$bcg$util$PKCSOwnerInfo;
        }
        m_logger = Category.getInstance(cls.getName());
        vmsLog = new VMSLog(m_logger);
    }
}
