package com.ibm.ws.scripting.types;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ras.RASFormatter;
import com.ibm.websphere.management.configservice.ConfigServiceHelper;
import com.ibm.websphere.management.exception.AdminException;
import com.ibm.websphere.management.exception.ConnectorException;
import com.ibm.ws.scripting.AbstractShell;
import com.ibm.ws.scripting.AdminConfigClient;
import com.ibm.ws.scripting.ConfigNameCache;
import com.ibm.ws.scripting.ScriptingException;
import com.ibm.ws.ssl.core.Constants;
import java.util.Hashtable;
import javax.management.Attribute;
import javax.management.AttributeList;
import javax.management.AttributeNotFoundException;
import javax.management.ObjectName;

/* loaded from: input_file:WEB-INF/lib/admin-8.5.0.jar:com/ibm/ws/scripting/types/PropertyTSHelper.class */
public class PropertyTSHelper extends FIPSTSHelper {
    private static TraceComponent tc = Tr.register((Class<?>) PropertyTSHelper.class, "Scripting", "com.ibm.ws.scripting.resources.wscpMessage");
    private boolean skipFIPSCheck;
    private boolean create;

    public PropertyTSHelper(AdminConfigClient adminConfigClient, AbstractShell abstractShell, Hashtable hashtable, ConfigNameCache configNameCache) {
        super(adminConfigClient, abstractShell, hashtable, configNameCache);
        reset();
    }

    @Override // com.ibm.ws.scripting.types.FIPSTSHelper
    public void reset() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "reset");
        }
        this.msgId = "SECURITY_NONFIPS_PROVIDER";
        this.validationType = "all";
        this.create = false;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "reset");
        }
    }

    @Override // com.ibm.ws.scripting.types.BaseTSHelper, com.ibm.ws.scripting.types.TypeSpecificHelper
    public AttributeList attributeListUpdate(AttributeList attributeList, ObjectName objectName, boolean z) throws ScriptingException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "attributeListUpdate");
        }
        try {
            this.create = z;
            validate(attributeList, objectName);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "attributeListUpdate");
            }
            return attributeList;
        } catch (AdminException e) {
            this._shell.setLastException(e);
            throw new ScriptingException(e.toString());
        } catch (ConnectorException e2) {
            this._shell.setLastException(e2);
            throw new ScriptingException(e2.toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.ws.scripting.types.FIPSTSHelper
    public boolean validate(AttributeList attributeList, ObjectName objectName) throws ScriptingException, AdminException, ConnectorException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "validate");
        }
        boolean z = false;
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "validationType: " + this.validationType);
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "messageId: " + this.msgId);
        }
        if (this.validationType.equals("all") || this.validationType.equals("com.ibm.ssl.contextProvider")) {
            z = checkProviderProperty(attributeList, objectName);
        }
        if (!z && (this.validationType.equals("all") || this.validationType.equals("sslConfig"))) {
            z = checkSSLConfigProperty(attributeList, objectName);
        }
        if (!z && (this.validationType.equals("all") || this.validationType.equals("com.ibm.security.useFIPS"))) {
            z = checkFIPSProperty(attributeList, true, objectName);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "validate - " + z);
        }
        return z;
    }

    private boolean checkProviderProperty(AttributeList attributeList, ObjectName objectName) throws ScriptingException, AdminException, ConnectorException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "checkProviderProperty");
        }
        boolean z = false;
        Hashtable nameValuePropertyValues = getNameValuePropertyValues(attributeList, objectName, true);
        String str = (String) nameValuePropertyValues.get("name");
        String str2 = (String) nameValuePropertyValues.get("value");
        if (str.equals("com.ibm.ssl.contextProvider")) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "found matching contextProvider");
            }
            if (!str2.trim().equals("") && !str2.trim().equals(Constants.IBMJSSEFIPS_NAME)) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "not using IBMJSSEFIPS provider");
                }
                if (this.skipFIPSCheck || isFIPSEnabled(objectName)) {
                    if (this.validationType.equals("all")) {
                        this.msgId = "SECURITY_NONFIPS_PROVIDER";
                    }
                    z = true;
                    System.out.println(this._shell.getFormattedMessage(this.msgId, new Object[0], "SSL provider is not IBMJSSEFIPS. FIPS approved cryptographic algorithms may not be used."));
                    Tr.warning(tc, this.msgId);
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "checkProviderProperty - " + z);
        }
        return z;
    }

    private boolean checkSSLConfigProperty(AttributeList attributeList, ObjectName objectName) throws ScriptingException, AdminException, ConnectorException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "checkSSLConfigProperty");
        }
        boolean z = false;
        Hashtable nameValuePropertyValues = getNameValuePropertyValues(attributeList, objectName, true);
        String str = (String) nameValuePropertyValues.get("name");
        String str2 = (String) nameValuePropertyValues.get("value");
        if (str.equals("sslConfig")) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "found matching sslConfig");
            }
            this.msgId = "SECURITY_NONFIPS_PROVIDER";
            z = matchSSLConfig(str2, null);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "checkSSLConfigProperty - " + z);
        }
        return z;
    }

    public boolean checkFIPSProperty(AttributeList attributeList, boolean z, ObjectName objectName) throws ScriptingException, AdminException, ConnectorException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "checkFIPSProperty");
        }
        boolean z2 = false;
        Hashtable nameValuePropertyValues = getNameValuePropertyValues(attributeList, objectName, true);
        String str = (String) nameValuePropertyValues.get("name");
        String str2 = (String) nameValuePropertyValues.get("value");
        if (str.equals("com.ibm.security.useFIPS")) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "found matching useFIPS property");
            }
            if (str2.equals("true")) {
                if (z) {
                    this.msgId = "SECURITY_NONFIPS_SSL";
                    this.validationType = "com.ibm.ssl.contextProvider";
                    this.skipFIPSCheck = true;
                    z2 = matchSSLConfig("lookThroughAllSSLConfig", null, objectName);
                    this.skipFIPSCheck = false;
                    if (!z2 && objectName != null && getConfigPath(objectName).indexOf("/servers/") == -1) {
                        SecurityTSHelper securityTSHelper = (SecurityTSHelper) getTSHelper("Security");
                        securityTSHelper.setMessageId("SECURITY_NONFIPS_SSL");
                        securityTSHelper.setValidationType("com.ibm.ssl.contextProvider");
                        z2 = securityTSHelper.checkServerSSLConfig(objectName);
                        securityTSHelper.reset();
                    }
                } else {
                    z2 = true;
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "checkFIPSProperty - " + z2);
        }
        return z2;
    }

    public boolean matchSSLConfig(String str, ObjectName objectName) throws ScriptingException, AdminException, ConnectorException {
        return matchSSLConfig(str, objectName, null);
    }

    public boolean matchSSLConfig(String str, ObjectName objectName, ObjectName objectName2) throws ScriptingException, AdminException, ConnectorException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "matchSSLConfig", new Object[]{str, objectName});
        }
        boolean z = false;
        ObjectName[] objectNameListForType = getObjectNameListForType("SSLConfig", objectName);
        if (objectNameListForType != null) {
            String str2 = new String();
            if (objectName2 != null) {
                str2 = getConfigPath(objectName2);
            } else if (objectName != null) {
                str2 = getConfigPath(objectName);
            }
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "matchinfConfigPath: " + str2);
            }
            SSLConfigTSHelper sSLConfigTSHelper = (SSLConfigTSHelper) getTSHelper("SSLConfig");
            sSLConfigTSHelper.setMessageId(this.msgId);
            sSLConfigTSHelper.setValidationType("com.ibm.ssl.contextProvider");
            for (int i = 0; i < objectNameListForType.length; i++) {
                String str3 = null;
                if (str2.equals("") || str2.equals(getConfigPath(objectNameListForType[i]))) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Processing " + objectNameListForType[i]);
                    }
                    AttributeList attributeListFromON = getAttributeListFromON(objectNameListForType[i]);
                    if (attributeListFromON != null) {
                        try {
                            str3 = (String) ConfigServiceHelper.getAttributeValue(attributeListFromON, "alias");
                        } catch (AttributeNotFoundException e) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, e.toString());
                            }
                        }
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "alias: " + str3);
                        }
                        if (str.equals("lookThroughAllSSLConfig") || (str3 != null && str3.equals(str))) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "found matching SSL config");
                            }
                            z = sSLConfigTSHelper.validate(attributeListFromON, objectNameListForType[i]);
                            if (z) {
                                break;
                            }
                        }
                    } else {
                        continue;
                    }
                } else if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Skipping " + objectNameListForType[i]);
                }
            }
            sSLConfigTSHelper.reset();
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "matchSSLConfig - " + z);
        }
        return z;
    }

    public void setSkipFIPSCheck(boolean z) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setSkipFIPSCheck - " + z);
        }
        this.skipFIPSCheck = z;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setSkipFIPSCheck");
        }
    }

    private Hashtable getNameValuePropertyValues(AttributeList attributeList, ObjectName objectName, boolean z) throws ScriptingException, AdminException, ConnectorException {
        AttributeList attributeListFromON;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getNameValuePropertyValues");
        }
        Hashtable hashtable = new Hashtable();
        String str = new String();
        String str2 = new String();
        for (int i = 0; i < attributeList.size(); i++) {
            String name = ((Attribute) attributeList.get(i)).getName();
            Object value = ((Attribute) attributeList.get(i)).getValue();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "name: " + name);
            }
            if (name.equals("name")) {
                str = (String) value;
            }
            if (name.equals("value")) {
                str2 = (String) value;
            }
        }
        if (!this.create && z && (((!str.equals("") && str2.equals("")) || (str.equals("") && !str2.equals(""))) && (attributeListFromON = getAttributeListFromON(objectName)) != null)) {
            Hashtable nameValuePropertyValues = getNameValuePropertyValues(attributeListFromON, objectName, false);
            if (str.equals("")) {
                str = (String) nameValuePropertyValues.get("name");
            }
            if (str2.equals("")) {
                str2 = (String) nameValuePropertyValues.get("value");
            }
        }
        hashtable.put("name", str);
        hashtable.put("value", str2);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getNameValuePropertyValues - " + str + RASFormatter.DEFAULT_SEPARATOR + str2);
        }
        return hashtable;
    }
}
