package com.tivoli.core.mmcd.util.jartools;

import com.ibm.distman.voyagerx.security.ssl.ISslContext;
import com.ibm.distman.voyagerx.security.ssl.sslite.SSLCert;
import com.ibm.distman.voyagerx.security.ssl.sslite.SSLRuntimeException;
import com.ibm.distman.voyagerx.security.ssl.sslite.SignedJarInputStream;
import com.ibm.distman.voyagerx.security.ssl.sslite.SignedJarOutputStream;
import com.tivoli.core.ns.Vault;
import com.tivoli.core.security.acn.common.IACNConstants;
import com.tivoli.dms.plugin.syncmldm.DMSJob;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.util.zip.ZipEntry;
import java.util.zip.ZipInputStream;

/* JADX WARN: Classes with same name are omitted:
  input_file:DMSDependencies/mm_orb.jar:com/tivoli/core/mmcd/util/jartools/TivoliJarSigner.class
 */
/* loaded from: input_file:com.tivoli.eDMS_1.8.0.20050921D.jar:DMSDependencies/mm_orb.jar:com/tivoli/core/mmcd/util/jartools/TivoliJarSigner.class */
public class TivoliJarSigner {
    private boolean parsedargs;
    private static final String COPYRIGHT = "\nLicensed Materials - Property of IBM\n\n5698-TKS\n\nCopyright IBM Corp. 1999, 2000 All Rights Reserved\n\nUS Government Users Restricted Rights - Use, duplication or disclosure\nrestricted by GSA ADP Schedule Contract with IBM Corp.\n";
    private static final String sClassRevision = "$Revision: @(#)58 1.4 orb/src/com/tivoli/core/mmcd/util/jartools/TivoliJarSigner.java, mm_pnd, mm_orb_dev 00/11/11 15:28:56 $";
    static final int BRIEF_ARG = 0;
    static final int VERBOSE_ARG = 1;
    static final int DESCRIP_ARG = 2;
    static String[] FILENAME = {"-if", "--inputjarfile", "\t<no default>"};
    static String[] OUTFILENAME = {"-of", "--outputjarfile", "\t<no default>"};
    static String[] CERTNAME = {"-s", "--subjname", "subject name of certificate to sign jar with"};
    static String[] VAULT = {"-vn", "--vaultname", "<no default>"};
    static String[] PASSWORD = {"-pw", "--password", ISslContext.DEFAULT_PASSWORD};
    static String[] CHAIN = {"-cc", "--cert", "\tcertificate filename"};
    static String[] CHAINPART = {"-rc", "--rootcert", "filename containing root of cert chain"};
    static String[] COMMAND = {"-c", "--command", "\tlist,sign,verify"};
    static String[] VERBOSE = {"-v", "--verbose", "\t<no default>"};
    static String[] STASHNAME = {"-stf", "--stashfile", "<no default>"};
    static String[][] ARGS = {FILENAME, OUTFILENAME, CERTNAME, VAULT, PASSWORD, COMMAND, VERBOSE, CHAIN, CHAINPART, STASHNAME};
    static String SIGN_CMD = "sign";
    static String LIST_CMD = "list";
    static String VERIFY_CMD = IACNConstants.KEY_AS_VERIFY;
    private boolean verbose = false;
    private String jarname = null;
    private String signedjarname = null;
    private String certname = null;
    private String command = null;
    private String vaultname = null;
    private String stashname = null;
    private String password = null;

    public void execute() {
        if (this.command.equals(SIGN_CMD)) {
            signer(getPrivCert());
            return;
        }
        if (this.command.equals(VERIFY_CMD)) {
            try {
                verifyjar(this.jarname, this.certname, getPrivCert());
                return;
            } catch (Exception unused) {
                System.exit(-1);
                return;
            }
        }
        if (this.command.equals(LIST_CMD)) {
            printCerts(getCerts(-1));
        } else if (this.command.equals("generate")) {
            generate();
        } else {
            System.exit(-1);
        }
    }

    private void generate() {
        System.out.println("Error, I am not implemented yet");
        System.exit(-1);
    }

    private SSLCert[] getCerts(int i) {
        testFile("Vault file", this.vaultname);
        Vault vault = null;
        try {
            if (this.password != null) {
                vault = new Vault();
                File file = new File(this.vaultname);
                byte[] bArr = new byte[(int) file.length()];
                FileInputStream fileInputStream = new FileInputStream(file);
                fileInputStream.read(bArr);
                fileInputStream.close();
                vault.open(bArr, this.password);
            } else if (this.stashname == null) {
                printUsage();
            } else {
                testFile("Stash file", this.stashname);
                vault = new Vault(this.vaultname, this.stashname);
                vault.open();
            }
        } catch (IOException e) {
            System.out.println(new StringBuffer("Error opening the vault: ").append(e.toString()).toString());
            System.exit(-1);
        } catch (SSLRuntimeException e2) {
            System.out.println(new StringBuffer("Error opening the vault: ").append(e2.toString()).toString());
            System.exit(-1);
        }
        SSLCert[] keyRing = vault.getKeyRing(i);
        if (keyRing == null) {
            System.out.println(new StringBuffer("No Certificates found, error with vault file:").append(this.vaultname).toString());
            System.exit(-1);
        }
        return keyRing;
    }

    private SSLCert getPrivCert() {
        if (this.certname == null) {
            System.out.println("Certificate name is null");
            printUsage();
            System.exit(-1);
        }
        SSLCert sSLCert = null;
        SSLCert[] certs = getCerts(4);
        for (int i = 0; i < certs.length; i++) {
            if (certs[i].subjectName().toString().equals(this.certname)) {
                sSLCert = certs[i];
            }
        }
        if (sSLCert == null) {
            System.out.println(new StringBuffer("Could not find certificate ").append(this.certname).append(" within ").append(this.vaultname).append(".").toString());
            System.exit(-1);
        }
        if (this.verbose) {
            System.out.println("=========================== Signer Certificate ===========================");
            System.out.println(new StringBuffer("Found certificate: ").append(sSLCert.toString()).toString());
        }
        return sSLCert;
    }

    public static void main(String[] strArr) {
        TivoliJarSigner tivoliJarSigner = new TivoliJarSigner();
        tivoliJarSigner.parseArgs(strArr);
        tivoliJarSigner.execute();
        System.exit(0);
    }

    private void parseArgs(String[] strArr) {
        if (this.parsedargs) {
            return;
        }
        if (strArr.length == 0) {
            printUsage();
            System.exit(1);
        }
        int i = 0;
        while (i < strArr.length) {
            if (strArr[i].equals(FILENAME[0]) || strArr[i].equals(FILENAME[1])) {
                setJarname(strArr[i + 1]);
                i++;
            } else if (strArr[i].equals(OUTFILENAME[0]) || strArr[i].equals(OUTFILENAME[1])) {
                setSignedJarname(strArr[i + 1]);
                i++;
            } else if (strArr[i].equals(CERTNAME[0]) || strArr[i].equals(CERTNAME[1])) {
                setCertname(strArr[i + 1]);
                i++;
            } else if (strArr[i].equals(VAULT[0]) || strArr[i].equals(VAULT[1])) {
                setVaultname(strArr[i + 1]);
                i++;
            } else if (strArr[i].equals(STASHNAME[0]) || strArr[i].equals(STASHNAME[1])) {
                setStashname(strArr[i + 1]);
                i++;
            } else if (strArr[i].equals(PASSWORD[0]) || strArr[i].equals(PASSWORD[1])) {
                setPassword(strArr[i + 1]);
                i++;
            } else if (strArr[i].equals(COMMAND[0]) || strArr[i].equals(COMMAND[1])) {
                setCommand(strArr[i + 1]);
                i++;
            } else if (strArr[i].equals(VERBOSE[0]) || strArr[i].equals(VERBOSE[1])) {
                setVerbose(true);
            } else {
                System.out.println(new StringBuffer("Option not recognized: ").append(strArr[i]).toString());
                printUsage();
                System.exit(-1);
            }
            i++;
        }
        this.parsedargs = true;
    }

    private void printCerts(SSLCert[] sSLCertArr) {
        System.out.println("Listing all certificates:");
        for (SSLCert sSLCert : sSLCertArr) {
            System.out.println(String.valueOf(sSLCert.toString()));
        }
    }

    static void printUsage() {
        System.out.println("Usage: ");
        for (int i = 0; i < ARGS.length; i++) {
            if (ARGS[i][1].length() > 0) {
                System.out.println(new StringBuffer("  ").append(ARGS[i][0]).append(", ").append(ARGS[i][1]).append("\t\t").append(ARGS[i][2]).toString());
            } else {
                System.out.println(new StringBuffer("  ").append(ARGS[i][0]).append("\t\t\t\t").append(ARGS[i][2]).toString());
            }
        }
        System.out.println("You must be using a debug version of SSLite to see certificate detail.\n");
        System.out.println("Some sample commands:");
        System.out.println("java com.tivoli.core.mmcd.util.jartools.TivoliJarSigner -c list -vn orb.1.keyring -stf orb.1.stash");
        System.out.println("java com.tivoli.core.mmcd.util.jartools.TivoliJarSigner -c list -vn orb.1.keyring -pw secret");
        System.out.println("java com.tivoli.core.mmcd.util.jartools.TivoliJarSigner -c sign -stf orb.1.stash -vn orb.1.keyring -s \"cn=orb.1, serial=3.1.1.1, ou=tmos, o=Tivoli, c=US, st=TX\" -if log@1.1.1.jar -of signed/log@1.1.1.jar");
        System.out.println("java com.tivoli.core.mmcd.util.jartools.TivoliJarSigner -c sign -pw secret -vn orb.1.keyring -s \"cn=orb.1, serial=3.1.1.1, ou=tmos, o=Tivoli, c=US, st=TX\" -if log@1.1.1.jar -of signed/log@1.1.1.jar");
        System.out.println("java com.tivoli.core.mmcd.util.jartools.TivoliJarSigner -c verify -vn orb.1.keyring  -s \"cn=orb.1, serial=3.1.1.1, ou=tmos, o=Tivoli, c=US, st=TX\" -f signed/log@1.1.1.jar");
    }

    public void setCertname(String str) {
        this.certname = str;
    }

    public void setCommand(String str) {
        this.command = str;
    }

    public void setJarname(String str) {
        this.jarname = str;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public void setSignedJarname(String str) {
        this.signedjarname = str;
    }

    public void setStashname(String str) {
        this.stashname = str;
    }

    public void setVaultname(String str) {
        this.vaultname = str;
    }

    public void setVerbose(boolean z) {
        this.verbose = z;
    }

    private void signer(SSLCert sSLCert) {
        boolean z;
        testFile("Unsigned Jar File", this.jarname);
        try {
            z = signjar(this.jarname, this.signedjarname, this.certname, sSLCert, this.verbose);
        } catch (IOException e) {
            System.out.println(new StringBuffer("Error signing jar file: ").append(e.toString()).toString());
            z = false;
        }
        if (z) {
            return;
        }
        System.out.println(new StringBuffer("Jar file: ").append(this.jarname).append(" was not signed.   Error.").toString());
        printUsage();
        System.exit(-1);
    }

    public static boolean signjar(String str, String str2, String str3, SSLCert sSLCert, boolean z) throws IOException {
        ZipEntry nextEntry;
        byte[] bArr = new byte[4096];
        if (str3 == null || str == null || str2 == null || sSLCert == null) {
            return false;
        }
        if (z) {
            System.out.println(new StringBuffer("Signing ").append(str).append(" with ").append(str3).toString());
        }
        SignedJarOutputStream signedJarOutputStream = new SignedJarOutputStream(new FileOutputStream(str2));
        ZipInputStream zipInputStream = new ZipInputStream(new FileInputStream(str));
        do {
            int i = 0;
            System.out.print(DMSJob.PARM_KEY_INSTANCE_PREFIX);
            nextEntry = zipInputStream.getNextEntry();
            if (nextEntry != null) {
                if (z) {
                    System.out.print(new StringBuffer("Processing: ").append(nextEntry.getName()).append("; ").toString());
                }
                ZipEntry zipEntry = new ZipEntry(nextEntry.getName());
                if (nextEntry.getComment() != null) {
                    zipEntry.setComment(nextEntry.getComment());
                }
                byte[] extra = nextEntry.getExtra();
                if (extra != null) {
                    zipEntry.setExtra(extra);
                }
                if (nextEntry.getMethod() != -1) {
                    zipEntry.setMethod(nextEntry.getMethod());
                }
                zipEntry.setTime(nextEntry.getTime());
                signedJarOutputStream.putNextEntry(zipEntry);
                i = 0;
                while (true) {
                    int read = zipInputStream.read(bArr);
                    if (read == -1) {
                        break;
                    }
                    i += read;
                    if (z) {
                        System.out.print(new StringBuffer("r=").append(read).append(",").toString());
                    }
                    signedJarOutputStream.write(bArr, 0, read);
                    if (z) {
                        System.out.print(new StringBuffer("w=").append(read).append(",").toString());
                    }
                }
                zipInputStream.closeEntry();
                signedJarOutputStream.closeEntry();
            }
            if (z) {
                System.out.println(new StringBuffer(" total=").append(i).toString());
            }
        } while (nextEntry != null);
        signedJarOutputStream.close(sSLCert);
        if (!z) {
            return true;
        }
        System.out.println(new StringBuffer("\nJar file ").append(str2).append(" is signed.").toString());
        return true;
    }

    private void testFile(String str, String str2) {
        try {
        } catch (IOException e) {
            System.out.println();
            System.out.println(new StringBuffer(String.valueOf(str)).append(" error: ").append(e.toString()).toString());
            printUsage();
            System.exit(-1);
        }
        if (str2 == null) {
            throw new IOException("null filename");
        }
        File file = new File(str2);
        if (this.verbose) {
            System.out.print(new StringBuffer("Getting ").append(str).append(": ").append(file.getAbsolutePath()).toString());
        }
        if (this.verbose) {
            System.out.println(new StringBuffer(".   ").append(str).append(" found.").toString());
        }
    }

    public void verifyjar(String str, String str2, SSLCert sSLCert) throws IOException, SSLRuntimeException {
        if (str2 != null) {
            try {
                if (this.verbose) {
                    System.out.println(new StringBuffer("Verifying ").append(str).append(" with ").append(str2).toString());
                }
                SignedJarInputStream signedJarInputStream = new SignedJarInputStream(new FileInputStream(str));
                while (true) {
                    ZipEntry nextEntry = signedJarInputStream.getNextEntry();
                    if (nextEntry == null) {
                        break;
                    }
                    System.out.print(DMSJob.PARM_KEY_INSTANCE_PREFIX);
                    if (this.verbose) {
                        System.out.println(nextEntry.getName());
                    }
                    signedJarInputStream.closeEntry();
                }
                signedJarInputStream.close(new SSLCert[]{sSLCert});
            } catch (IOException e) {
                if (this.verbose) {
                    System.out.println(new StringBuffer("\n").append(str).append(" did not verify. Reason:").append(e).toString());
                }
                throw e;
            } catch (SSLRuntimeException e2) {
                if (this.verbose) {
                    System.out.println(new StringBuffer("\n").append(str).append(" did not verify. Reason:").append(e2.reason).append(", ").append(e2.getMessage()).toString());
                }
                throw e2;
            }
        }
        if (this.verbose) {
            System.out.println(new StringBuffer("\n").append(str).append(" is verified.").toString());
        }
    }
}
