package org.nhindirect.dns.tools;

import java.io.File;
import java.io.IOException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import org.apache.commons.io.FileUtils;
import org.nhind.config.Certificate;
import org.nhind.config.CertificateGetOptions;
import org.nhind.config.ConfigurationServiceProxy;
import org.nhind.config.EntityStatus;
import org.nhindirect.dns.tools.printers.CertRecordPrinter;
import org.nhindirect.dns.tools.printers.RecordPrinter;
import org.nhindirect.dns.tools.utils.Command;
import org.nhindirect.dns.tools.utils.StringArrayUtil;
import org.nhindirect.dns.utils.CertUtils;
import org.nhindirect.stagent.CryptoExtensions;
import org.nhindirect.stagent.cert.X509CertificateEx;

/* loaded from: input_file:org/nhindirect/dns/tools/CertCommands.class */
public class CertCommands {
    private static final String LIST_CERTIFICATES_USAGE = "Lists certificates in the system";
    private static final String LIST_EMAIL_CERTIFICATES_USAGE = "Lists certificates by a given email address or domain\r\n address\r\n\t address: The email address or domain to search for.  Certificates are mathed on the subject alternative name field of legacy email address of the certificate";
    private static final String IMPORT_PUBLIC_CERT_USAGE = "Imports a certificate that does not contain private key information\r\n  certfile\r\n\t certfile: Fully qualified path and file name of the X509 certificate file.  Place the file name in quotes (\"\") if there are spaces in the path or name.";
    private static final String IMPORT_PRIVATE_CERT_USAGE = "Imports a certificate with a private key an optional passphrase. \r\nFiles should be in pkcs12 format.\r\n  certfile [passphrase]\r\n\t certfile: Fully qualified path and file name of the pkcs12 certificate file.  Place the file name in quotes (\"\") if there are spaces in the path or name.\r\n\t [passphrase]: Optional passphrase to decrypt the pkcs12 file.";
    private static final String ADD_IPKIX_CERT_USAGE = "Add an IPKIX record with a subject and URL. \r\n\r\n  subject URL\r\n  subject: email address or domain name\r\n\t URL: Fully qualified URL to certificate";
    private static final String REMOVED_CERTIFICATE_USAGE = "Removes a certifacte from the system by owner.\r\n  owner\r\n\t owner: owner or URL of the certificate to be removed";
    protected ConfigurationServiceProxy proxy;
    protected RecordPrinter<Certificate> certPrinter = new CertRecordPrinter();

    public CertCommands(ConfigurationServiceProxy configurationServiceProxy) {
        this.proxy = configurationServiceProxy;
    }

    @Command(name = "ListCerts", usage = LIST_CERTIFICATES_USAGE)
    public void listCerts(String[] strArr) {
        try {
            Certificate[] listCertificates = this.proxy.listCertificates(1L, 1000, (CertificateGetOptions) null);
            if (listCertificates == null || listCertificates.length == 0) {
                System.out.println("No certificates found");
            } else {
                this.certPrinter.printRecords(Arrays.asList(listCertificates));
            }
        } catch (Exception e) {
            System.out.println("Failed to lookup certificates: " + e.getMessage());
        }
    }

    @Command(name = "ListCertsByAddress", usage = LIST_EMAIL_CERTIFICATES_USAGE)
    public void listCertsByAddress(String[] strArr) {
        try {
            Certificate[] certificatesForOwner = this.proxy.getCertificatesForOwner(StringArrayUtil.getRequiredValue(strArr, 0), (CertificateGetOptions) null);
            if (certificatesForOwner == null || certificatesForOwner.length == 0) {
                System.out.println("No certificates found");
            } else {
                this.certPrinter.printRecords(Arrays.asList(certificatesForOwner));
            }
        } catch (Exception e) {
            System.out.println("Failed to lookup certificates: " + e.getMessage());
        }
    }

    @Command(name = "AddPublicCert", usage = IMPORT_PUBLIC_CERT_USAGE)
    public void importPublicCert(String[] strArr) {
        String requiredValue = StringArrayUtil.getRequiredValue(strArr, 0);
        try {
            X509Certificate certFromFile = CertUtils.certFromFile(requiredValue);
            Certificate certificate = new Certificate();
            certificate.setData(certFromFile.getEncoded());
            certificate.setOwner(CryptoExtensions.getSubjectAddress(certFromFile));
            certificate.setPrivateKey(false);
            certificate.setStatus(EntityStatus.ENABLED);
            this.proxy.addCertificates(new Certificate[]{certificate});
            System.out.println("Successfully imported public certificate.");
        } catch (IOException e) {
            System.out.println("Error reading file " + requiredValue + " : " + e.getMessage());
        } catch (Exception e2) {
            System.out.println("Error importing certificate " + requiredValue + " : " + e2.getMessage());
        }
    }

    @Command(name = "AddPrivateCert", usage = IMPORT_PRIVATE_CERT_USAGE)
    public void importPrivateCert(String[] strArr) {
        String requiredValue = StringArrayUtil.getRequiredValue(strArr, 0);
        String optionalValue = StringArrayUtil.getOptionalValue(strArr, 1, "");
        try {
            byte[] readFileToByteArray = FileUtils.readFileToByteArray(new File(requiredValue));
            X509Certificate x509Certificate = CertUtils.toX509Certificate((optionalValue == null || optionalValue.isEmpty()) ? readFileToByteArray : CertUtils.pkcs12ToStrippedPkcs12(readFileToByteArray, optionalValue));
            Certificate certificate = new Certificate();
            certificate.setData(readFileToByteArray);
            certificate.setOwner(CryptoExtensions.getSubjectAddress(x509Certificate));
            certificate.setPrivateKey(x509Certificate instanceof X509CertificateEx);
            certificate.setStatus(EntityStatus.ENABLED);
            this.proxy.addCertificates(new Certificate[]{certificate});
            System.out.println("Successfully imported private certificate.");
        } catch (IOException e) {
            System.out.println("Error reading file " + requiredValue + " : " + e.getMessage());
        } catch (Exception e2) {
            System.out.println("Error importing certificate " + requiredValue + " : " + e2.getMessage());
        }
    }

    @Command(name = "AddIPKIXCert", usage = ADD_IPKIX_CERT_USAGE)
    public void addIPKIXCert(String[] strArr) {
        String requiredValue = StringArrayUtil.getRequiredValue(strArr, 0);
        String requiredValue2 = StringArrayUtil.getRequiredValue(strArr, 1);
        try {
            Certificate certificate = new Certificate();
            certificate.setData(requiredValue2.getBytes());
            certificate.setOwner(requiredValue);
            certificate.setPrivateKey(false);
            certificate.setStatus(EntityStatus.ENABLED);
            this.proxy.addCertificates(new Certificate[]{certificate});
            System.out.println("Successfully added IPKIX certificate URL.");
        } catch (Exception e) {
            System.out.println("Error add IPKIX URL: " + e.getMessage());
        }
    }

    @Command(name = "RemoveCert", usage = REMOVED_CERTIFICATE_USAGE)
    public void removeCert(String[] strArr) {
        String requiredValue = StringArrayUtil.getRequiredValue(strArr, 0);
        try {
            this.proxy.removeCertificatesForOwner(requiredValue);
            System.out.println("Successfully removed certificate for owner." + requiredValue);
        } catch (Exception e) {
            System.out.println("Error removing certificate for owner " + requiredValue + " : " + e.getMessage());
        }
    }

    public void setRecordPrinter(RecordPrinter<Certificate> recordPrinter) {
        this.certPrinter = recordPrinter;
    }

    public void setConfigurationProxy(ConfigurationServiceProxy configurationServiceProxy) {
        this.proxy = configurationServiceProxy;
    }
}
