package com.sun.portal.cli.cert;

import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.util.Calendar;
import java.util.Date;
import org.mozilla.jss.asn1.ASN1Util;
import org.mozilla.jss.asn1.BOOLEAN;
import org.mozilla.jss.asn1.INTEGER;
import org.mozilla.jss.asn1.OBJECT_IDENTIFIER;
import org.mozilla.jss.asn1.OCTET_STRING;
import org.mozilla.jss.asn1.SEQUENCE;
import org.mozilla.jss.crypto.CryptoToken;
import org.mozilla.jss.crypto.KeyPairAlgorithm;
import org.mozilla.jss.crypto.KeyPairGenerator;
import org.mozilla.jss.pkix.cert.Certificate;
import org.mozilla.jss.pkix.cert.CertificateInfo;
import org.mozilla.jss.pkix.cert.Extension;
import org.mozilla.jss.pkix.primitive.AlgorithmIdentifier;
import org.mozilla.jss.pkix.primitive.Name;
import org.mozilla.jss.pkix.primitive.SubjectPublicKeyInfo;
import org.mozilla.jss.util.ConsolePasswordCallback;
import org.mozilla.jss.util.NullPasswordCallback;

/* loaded from: input_file:116856-29/SUNWpsnlp/reloc/SUNWps/lib/netletproxy.jar:com/sun/portal/cli/cert/CreateSelfSignedCertificate.class */
public class CreateSelfSignedCertificate implements Command {
    private JSSContext cntx;

    @Override // com.sun.portal.cli.cert.Command
    public boolean execute(JSSContext jSSContext) {
        String str;
        int i;
        CryptoToken tokenByName;
        CertAdminPasswordCallback consolePasswordCallback;
        this.cntx = jSSContext;
        CertAdminUtil.println(CertAdminConstants.newline);
        String host = jSSContext.getHost();
        CertAdminUtil.println(CertAdminHelpText.getDNHelpText());
        String question = CertAdminUtil.question(new StringBuffer().append(CertAdminLocale.getPFString("q2", "What is the fully-qualified DNS name of this host? [")).append(host).append(CertAdminLocale.getPFString("q1", "]")).toString());
        if (question.equals("")) {
            question = host;
        }
        String question2 = CertAdminUtil.question(new StringBuffer().append(CertAdminLocale.getPFString("q3", "What is the name of your organization (ex: Company)? [")).append(CertAdminLocale.getPFString("q1", "]")).toString());
        String question3 = CertAdminUtil.question(new StringBuffer().append(CertAdminLocale.getPFString("q4", "What is the name of your organizational unit (ex: division)? [")).append(CertAdminLocale.getPFString("q1", "]")).toString());
        String question4 = CertAdminUtil.question(new StringBuffer().append(CertAdminLocale.getPFString("q5", "What is the name of your City or Locality? [")).append(CertAdminLocale.getPFString("q1", "]")).toString());
        String question5 = CertAdminUtil.question(new StringBuffer().append(CertAdminLocale.getPFString("q6", "What is the name (no abbreviation please) of your State or Province? [")).append(CertAdminLocale.getPFString("q1", "]")).toString());
        String question6 = CertAdminUtil.question(CertAdminLocale.getPFString("q7", "What is the two-letter country code for this unit? []"));
        while (true) {
            str = question6;
            if (str.trim().length() == 2) {
                break;
            }
            CertAdminUtil.println(CertAdminLocale.getPFString("m9", "Enter a valid country code!"));
            question6 = CertAdminUtil.question(CertAdminLocale.getPFString("q7", "What is the two-letter country code for this unit? []"));
        }
        CertAdminUtil.println(CertAdminHelpText.getTokenHelpText());
        String question7 = CertAdminUtil.question(CertAdminLocale.getPFString("q8", "Enter the token name []"));
        String question8 = CertAdminUtil.question(new StringBuffer().append(CertAdminLocale.getPFString("q9", "Enter the name you like for this certificate [")).append("server-cert").append(CertAdminLocale.getPFString("q1", "]")).toString());
        if (question8.equals("")) {
            question8 = "server-cert";
        }
        if (JSSUtil.certExist(jSSContext, question8)) {
            CertAdminUtil.println(CertAdminLocale.getPFString("m10", "Certificate with the specified nickname already exist!"));
            return false;
        }
        String question9 = CertAdminUtil.question(new StringBuffer().append(CertAdminLocale.getPFString("q10", "Enter the validity period for the certificate (months) [")).append(6).append(CertAdminLocale.getPFString("q1", "]")).toString());
        if (question9.trim().equals("")) {
        }
        try {
            i = new Integer(question9).intValue();
        } catch (Exception e) {
            i = 6;
        }
        try {
            Name name = new Name();
            if (!question.equals("")) {
                name.addCommonName(question);
            }
            if (!question4.equals("")) {
                name.addLocalityName(question4);
            }
            if (!question5.equals("")) {
                name.addStateOrProvinceName(question5);
            }
            name.addCountryName(str);
            if (!question2.equals("")) {
                name.addOrganizationName(question2);
            }
            if (!question3.equals("")) {
                name.addOrganizationalUnitName(question3);
            }
            int nextRandInt = nextRandInt(SecureRandom.getInstance("pkcs11prng", "Mozilla-JSS"));
            String generatePassphrase = jSSContext.getPasswordContext().generatePassphrase(jSSContext);
            if (question7.trim().equals("")) {
                tokenByName = jSSContext.getCryptoManager().getInternalKeyStorageToken();
                consolePasswordCallback = new CertAdminPasswordCallback(generatePassphrase);
                if (!tokenByName.passwordIsInitialized()) {
                    tokenByName.initPassword(new NullPasswordCallback(), consolePasswordCallback);
                }
            } else {
                tokenByName = jSSContext.getCryptoManager().getTokenByName(question7);
                consolePasswordCallback = new ConsolePasswordCallback();
                if (!tokenByName.passwordIsInitialized()) {
                    tokenByName.initPassword(new NullPasswordCallback(), consolePasswordCallback);
                }
            }
            tokenByName.login(consolePasswordCallback);
            String certWithSubject = JSSUtil.getCertWithSubject(tokenByName, name);
            if (certWithSubject != null) {
                CertAdminUtil.println();
                CertAdminUtil.println(CertAdminLocale.getPFString("m63", "Certificate with the specified Subject DN already exist!"));
                CertAdminUtil.println(new StringBuffer().append(CertAdminLocale.getPFString("m64", "Certificate Nickname:")).append(" ").append(certWithSubject).toString());
                CertAdminUtil.println(new StringBuffer().append(CertAdminLocale.getPFString("m65", "Certificate Subject DN:")).append(" ").append(name.getRFC1485()).toString());
                CertAdminUtil.println(CertAdminLocale.getPFString("m66", "Retry deleting the certificate or change the Subject DN for the new certificate"));
                CertAdminUtil.question(CertAdminLocale.getPFString("m67", "Hit Return to continue!!"));
                CertAdminUtil.println(CertAdminConstants.newline);
                return false;
            }
            CertAdminUtil.println(CertAdminLocale.getPFString("m11", "Generating self-signed certificate..."));
            CertAdminUtil.println(CertAdminLocale.getPFString("m12", "Generating key.  This may take a few moments..."));
            KeyPairGenerator keyPairGenerator = tokenByName.getKeyPairGenerator(KeyPairAlgorithm.RSA);
            keyPairGenerator.initialize(1024);
            KeyPair genKeyPair = keyPairGenerator.genKeyPair();
            Certificate makeCert = makeCert(name, name, nextRandInt, genKeyPair.getPrivate(), genKeyPair.getPublic(), null, i);
            JSSUtil.verifyCertificate(makeCert);
            jSSContext.getCryptoManager().importCertPackage(ASN1Util.encode(makeCert), question8);
            String stringBuffer = new StringBuffer().append(jSSContext.getCertdir()).append(CertAdminConstants.SEPERATOR).append(".nickname").toString();
            if (CertAdminUtil.fileExist(stringBuffer) && !CertAdminUtil.delete(stringBuffer)) {
                CertAdminUtil.println(CertAdminLocale.getPFString("m46", "Could not delete the .nickname file!"));
            }
            if (!CertAdminUtil.writeLine(question8, stringBuffer)) {
                CertAdminUtil.println(CertAdminLocale.getPFString("m47", "Could not update .nickname file. Please update it manually!"));
                CertAdminUtil.println(CertAdminConstants.newline);
                CertAdminUtil.println(CertAdminLocale.getPFString("m48", ".nickname file location : "));
            }
            CertAdminUtil.println(CertAdminLocale.getPFString("m14", "Generated 1024-bit RSA KeyPair"));
            CertAdminUtil.println(CertAdminLocale.getPFString("m15", "Self-signed certificate generated"));
            return true;
        } catch (Exception e2) {
            CertAdminUtil.println(CertAdminLocale.getPFString("m13", "Could not generate the self signed certificate!"));
            e2.printStackTrace();
            return false;
        }
    }

    public boolean execute(JSSContext jSSContext, CertContext certContext) {
        CryptoToken tokenByName;
        CertAdminPasswordCallback consolePasswordCallback;
        this.cntx = jSSContext;
        if (JSSUtil.certExist(jSSContext, certContext.nick)) {
            CertAdminUtil.println(CertAdminLocale.getPFString("m10", "Certificate with the specified nickname already exist!"));
            return false;
        }
        try {
            Name name = new Name();
            if (!certContext.fqdn.equals("")) {
                name.addCommonName(certContext.fqdn);
            }
            if (!certContext.l.equals("")) {
                name.addLocalityName(certContext.l);
            }
            if (!certContext.s.equals("")) {
                name.addStateOrProvinceName(certContext.s);
            }
            name.addCountryName(certContext.c);
            if (!certContext.o.equals("")) {
                name.addOrganizationName(certContext.o);
            }
            if (!certContext.ou.equals("")) {
                name.addOrganizationalUnitName(certContext.ou);
            }
            int nextRandInt = nextRandInt(SecureRandom.getInstance("pkcs11prng", "Mozilla-JSS"));
            String generatePassphrase = jSSContext.getPasswordContext().generatePassphrase(jSSContext);
            if (certContext.token.trim().equals("")) {
                tokenByName = jSSContext.getCryptoManager().getInternalKeyStorageToken();
                consolePasswordCallback = new CertAdminPasswordCallback(generatePassphrase);
                if (!tokenByName.passwordIsInitialized()) {
                    tokenByName.initPassword(new NullPasswordCallback(), consolePasswordCallback);
                }
            } else {
                tokenByName = jSSContext.getCryptoManager().getTokenByName(certContext.token);
                consolePasswordCallback = new ConsolePasswordCallback();
                if (!tokenByName.passwordIsInitialized()) {
                    tokenByName.initPassword(new NullPasswordCallback(), consolePasswordCallback);
                }
            }
            tokenByName.login(consolePasswordCallback);
            String certWithSubject = JSSUtil.getCertWithSubject(tokenByName, name);
            if (certWithSubject != null) {
                CertAdminUtil.println(CertAdminLocale.getPFString("m63", "Certificate with the specified Subject DN already exist!"));
                CertAdminUtil.println(new StringBuffer().append(CertAdminLocale.getPFString("m64", "Certificate Nickname:")).append(" ").append(certWithSubject).toString());
                CertAdminUtil.println(new StringBuffer().append(CertAdminLocale.getPFString("m65", "Certificate Subject DN:")).append(" ").append(name.getRFC1485()).toString());
                CertAdminUtil.println(CertAdminLocale.getPFString("m66", "Retry deleting the certificate or change the Subject DN for the new certificate"));
                CertAdminUtil.question(CertAdminLocale.getPFString("m67", "Hit Return to continue!!"));
                CertAdminUtil.println(CertAdminConstants.newline);
                return false;
            }
            KeyPairGenerator keyPairGenerator = tokenByName.getKeyPairGenerator(KeyPairAlgorithm.RSA);
            keyPairGenerator.initialize(1024);
            KeyPair genKeyPair = keyPairGenerator.genKeyPair();
            Certificate makeCert = makeCert(name, name, nextRandInt, genKeyPair.getPrivate(), genKeyPair.getPublic(), null, certContext.val);
            JSSUtil.verifyCertificate(makeCert);
            jSSContext.getCryptoManager().importCertPackage(ASN1Util.encode(makeCert), certContext.nick);
            String stringBuffer = new StringBuffer().append(jSSContext.getCertdir()).append(CertAdminConstants.SEPERATOR).append(".nickname").toString();
            if (CertAdminUtil.fileExist(stringBuffer) && !CertAdminUtil.delete(stringBuffer)) {
                CertAdminUtil.println(CertAdminLocale.getPFString("m46", "Could not delete the .nickname file!"));
            }
            if (!CertAdminUtil.writeLine(certContext.nick, stringBuffer)) {
                CertAdminUtil.println(CertAdminLocale.getPFString("m47", "Could not update .nickname file. Please update it manually!"));
                CertAdminUtil.println(CertAdminConstants.newline);
                CertAdminUtil.println(CertAdminLocale.getPFString("m48", ".nickname file location : "));
            }
            CertAdminUtil.println(CertAdminLocale.getPFString("m14", "Generated 1024-bit RSA KeyPair"));
            CertAdminUtil.println(CertAdminLocale.getPFString("m15", "Self-signed certificate generated"));
            return true;
        } catch (Exception e) {
            CertAdminUtil.println(CertAdminLocale.getPFString("m13", "Could not generate the self signed certificate!"));
            e.printStackTrace();
            return false;
        }
    }

    protected Certificate makeCert(Name name, Name name2, int i, PrivateKey privateKey, PublicKey publicKey, SEQUENCE sequence, int i2) throws Exception {
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(this.cntx.getSigAlg().toOID());
        Calendar calendar = Calendar.getInstance();
        Date time = calendar.getTime();
        calendar.add(2, i2);
        CertificateInfo certificateInfo = new CertificateInfo(CertificateInfo.v3, new INTEGER(i), algorithmIdentifier, name, time, calendar.getTime(), name2, ASN1Util.decode(new SubjectPublicKeyInfo.Template(), publicKey.getEncoded()));
        if (sequence != null) {
            certificateInfo.setExtensions(sequence);
        }
        return new Certificate(certificateInfo, privateKey, this.cntx.getSigAlg());
    }

    protected Extension makeBasicConstraintsExtension() throws Exception {
        SEQUENCE sequence = new SEQUENCE();
        sequence.addElement(new BOOLEAN(true));
        return new Extension(new OBJECT_IDENTIFIER(new long[]{2, 5, 29, 19}), true, new OCTET_STRING(ASN1Util.encode(sequence)));
    }

    protected int nextRandInt(SecureRandom secureRandom) throws Exception {
        byte[] bArr = new byte[4];
        secureRandom.nextBytes(bArr);
        return (bArr[0] << 24) | (bArr[1] << 16) | (bArr[2] << 8) | bArr[3];
    }
}
