package net.jxta.impl.shell.bin.pse;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.KeyStoreException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.Iterator;
import net.jxta.document.Attributable;
import net.jxta.document.Element;
import net.jxta.document.StructuredDocument;
import net.jxta.id.IDFactory;
import net.jxta.impl.membership.pse.PSEMembershipService;
import net.jxta.impl.protocol.Certificate;
import net.jxta.impl.shell.GetOpt;
import net.jxta.impl.shell.ShellApp;
import net.jxta.impl.shell.ShellEnv;
import net.jxta.impl.shell.ShellObject;
import net.jxta.peer.PeerID;
import net.jxta.peergroup.PeerGroup;
import net.jxta.protocol.PeerAdvertisement;

/* loaded from: input_file:net/jxta/impl/shell/bin/pse/importcert.class */
public class importcert extends ShellApp {
    public int startApp(String[] strArr) {
        PeerID fromURI;
        Certificate certificate;
        ShellEnv env = getEnv();
        PeerGroup peerGroup = (PeerGroup) env.get("stdgroup").getObject();
        boolean z = false;
        PSEMembershipService membershipService = getGroup().getMembershipService();
        if (!(membershipService instanceof PSEMembershipService)) {
            consoleMessage("Group membership service is not PSE. (" + membershipService.getImplAdvertisement().getDescription() + ")");
            return ShellApp.appMiscError;
        }
        PSEMembershipService pSEMembershipService = membershipService;
        if (null == pSEMembershipService.getDefaultCredential()) {
            consoleMessage("Key store has not been opened.");
            return ShellApp.appMiscError;
        }
        GetOpt getOpt = new GetOpt(strArr, 0, "t");
        while (true) {
            try {
                int nextOption = getOpt.getNextOption();
                if (-1 == nextOption) {
                    String nextParameter = getOpt.getNextParameter();
                    if (null == nextParameter) {
                        consoleMessage("Missing <id> or <peerAdv> parameter");
                        return syntaxError();
                    }
                    ShellObject<?> shellObject = env.get(nextParameter);
                    if (null == shellObject) {
                        String nextParameter2 = getOpt.getNextParameter();
                        if (null == nextParameter2) {
                            consoleMessage("Missing <cert> parameter");
                            return syntaxError();
                        }
                        try {
                            fromURI = IDFactory.fromURI(new URI(nextParameter));
                            ShellObject<?> shellObject2 = env.get(nextParameter2);
                            if (null == shellObject2) {
                                consoleMessage("Issuer environment variable '" + nextParameter2 + "' not found.");
                                return ShellApp.appMiscError;
                            }
                            if (!StructuredDocument.class.isAssignableFrom(shellObject2.getObjectClass())) {
                                consoleMessage("'" + nextParameter2 + "' is not a certificate.");
                                return ShellApp.appMiscError;
                            }
                            certificate = new Certificate((Element) shellObject2.getObject());
                        } catch (URISyntaxException e) {
                            printStackTrace("Bad ID", e);
                            return ShellApp.appMiscError;
                        }
                    } else {
                        if (!PeerAdvertisement.class.isAssignableFrom(shellObject.getObjectClass())) {
                            consoleMessage("'" + nextParameter + "' is not a PeerAdvertisement");
                            return syntaxError();
                        }
                        PeerAdvertisement peerAdvertisement = (PeerAdvertisement) shellObject.getObject();
                        fromURI = peerAdvertisement.getPeerID();
                        StructuredDocument serviceParam = peerAdvertisement.getServiceParam(PeerGroup.peerGroupClassID);
                        if (null == serviceParam) {
                            consoleMessage("'" + nextParameter + "' does not contain group parameters");
                            return ShellApp.appMiscError;
                        }
                        Enumeration children = serviceParam.getChildren("RootCert");
                        if (!children.hasMoreElements()) {
                            consoleMessage("'" + nextParameter + "' does not contain group parameters");
                            return ShellApp.appMiscError;
                        }
                        Attributable attributable = (Element) children.nextElement();
                        if (attributable instanceof Attributable) {
                            attributable.addAttribute("type", Certificate.getMessageType());
                        }
                        certificate = new Certificate(attributable);
                    }
                    if (null != getOpt.getNextParameter()) {
                        consoleMessage("Unsupported parameter");
                        return syntaxError();
                    }
                    try {
                        Iterator it = Arrays.asList(certificate.getCertificates()).iterator();
                        int i = 0;
                        X509Certificate x509Certificate = (X509Certificate) it.next();
                        while (null == pSEMembershipService.getPSEConfig().getTrustedCertificateID(x509Certificate)) {
                            pSEMembershipService.getPSEConfig().erase(fromURI);
                            pSEMembershipService.getPSEConfig().setTrustedCertificate(fromURI, x509Certificate);
                            i++;
                            x509Certificate = null;
                            if (it.hasNext()) {
                                x509Certificate = (X509Certificate) it.next();
                                if (z && null != pSEMembershipService.getPSEConfig().getTrustedCertificateID(x509Certificate)) {
                                    consoleMessage("Imported " + i + " certificates. ");
                                    return 0;
                                }
                                fromURI = IDFactory.newCodatID(peerGroup.getPeerGroupID(), new ByteArrayInputStream(x509Certificate.getEncoded()));
                            }
                            if (null == x509Certificate) {
                                consoleMessage("Imported " + i + " certificates. ");
                                return 0;
                            }
                        }
                        consoleMessage("Imported " + i + " certificates. ");
                        return 0;
                    } catch (IOException e2) {
                        printStackTrace("IO failure while importing certificate.", e2);
                        return ShellApp.appMiscError;
                    } catch (KeyStoreException e3) {
                        printStackTrace("KeyStore failure while importing certificate.", e3);
                        return ShellApp.appMiscError;
                    } catch (CertificateEncodingException e4) {
                        printStackTrace("Bad certifiacte.", e4);
                        return ShellApp.appMiscError;
                    }
                }
                switch (nextOption) {
                    case 116:
                        z = true;
                    default:
                        consoleMessage("Unrecognized option");
                        return syntaxError();
                }
            } catch (IllegalArgumentException e5) {
                consoleMessage("Illegal argument :" + e5);
                return syntaxError();
            }
        }
    }

    private int syntaxError() {
        consoleMessage("Usage: pse.importcert [-t] [<id> <cert> | <peerAdv>]");
        return 1;
    }

    @Override // net.jxta.impl.shell.ShellApp
    public String getDescription() {
        return "Imports a trusted certificate chain.";
    }

    @Override // net.jxta.impl.shell.ShellApp
    public void help() {
        println("NAME");
        println("     pse.importcert  - " + getDescription());
        println(" ");
        println("SYNOPSIS");
        println(" ");
        println("     pse.importcert [-t] [<id> <cert> | <peerAdv>]");
        println(" ");
        println("    <id>       ID under which the certificate chain will be ");
        println("               stored in the PSE key store.");
        println("    <cert>     The certificate chain to be imported. ");
        println("    <peerAdv>  The PeerAdvertisement who's certificate will be");
        println("               trusted.");
        println(" ");
        println("OPTIONS");
        println("    [-t]    Trim the certificate chain at the first certificate");
        println("            already present in the PSE.");
        println(" ");
        println("DESCRIPTION");
        println(" ");
        println("Import a trusted certificate or certificate chain into the PSE.");
        println(" ");
        println("EXAMPLE");
        println(" ");
        println("    JXTA> pse.importcert urn:jxta:uuid-59616261646162614A78746150325033CACD56AE273E448CB25E8DA42C2BD46903 cert");
        println(" ");
        println("This example imports a certificate from 'cert'. The certificate ");
        println("chain in 'cert' will be stored under the id provided.");
        println(" ");
        println("SEE ALSO");
        println("     pse.certs pse.keys pse.erase pse.createkey pse.newcsr pse.signcsr");
    }
}
