package dev.galasa.zossecurity.internal.resources;

import com.google.gson.JsonObject;
import dev.galasa.zos.IZosImage;
import dev.galasa.zos.ZosManagerException;
import dev.galasa.zosfile.IZosDataset;
import dev.galasa.zosfile.IZosFileHandler;
import dev.galasa.zosfile.ZosDatasetException;
import dev.galasa.zossecurity.IZosCertificate;
import dev.galasa.zossecurity.IZosKeyring;
import dev.galasa.zossecurity.ZosSecurityManagerException;
import dev.galasa.zossecurity.datatypes.RACFCertificateTrust;
import dev.galasa.zossecurity.datatypes.RACFCertificateType;
import dev.galasa.zossecurity.internal.ZosSecurityImpl;
import dev.galasa.zossecurity.internal.resources.RacfOutputProcessing;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.StringWriter;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:dev/galasa/zossecurity/internal/resources/ZosCertificateImpl.class */
public class ZosCertificateImpl implements IZosCertificate {
    private final ZosSecurityImpl zosSecurity;
    private final String userid;
    private final RACFCertificateType type;
    private final String label;
    private final String sysplexId;
    private final String runName;
    private final IZosImage image;
    private final Map<String, String> zosSecurityServerQueryParams;
    private static final Log logger = LogFactory.getLog(ZosCertificateImpl.class);

    public ZosCertificateImpl(ZosSecurityImpl zosSecurityImpl, RACFCertificateType rACFCertificateType, String str, String str2, IZosImage iZosImage) {
        this.zosSecurityServerQueryParams = new HashMap();
        this.zosSecurity = zosSecurityImpl;
        this.type = rACFCertificateType;
        this.userid = str;
        this.label = str2;
        this.image = iZosImage;
        this.sysplexId = iZosImage.getSysplexID();
        this.runName = zosSecurityImpl.getRunName();
        this.zosSecurityServerQueryParams.put("runid", this.runName);
    }

    public ZosCertificateImpl(ZosSecurityImpl zosSecurityImpl, String str, String str2, String str3, String str4, String str5) {
        this.zosSecurityServerQueryParams = new HashMap();
        this.zosSecurity = zosSecurityImpl;
        this.type = RACFCertificateType.valueOf(str);
        this.userid = str2;
        this.label = str3;
        this.image = null;
        this.sysplexId = str4;
        this.runName = str5;
        this.zosSecurityServerQueryParams.put("runid", this.runName);
    }

    @Override // dev.galasa.zossecurity.IZosCertificate
    public void free() throws ZosSecurityManagerException {
        this.zosSecurity.dssFree(ZosSecurityImpl.ResourceType.ZOS_CERTIFICATE.getName(), getTypeUseridLabel());
        logger.debug("zOS Certificate '" + getTypeUseridLabel() + "' was freed");
    }

    @Override // dev.galasa.zossecurity.IZosCertificate
    public String getUserid() {
        return this.userid;
    }

    @Override // dev.galasa.zossecurity.IZosCertificate
    public String getLabel() {
        return this.label;
    }

    private String getTypeUseridLabel() {
        return this.type.toString() + "/" + this.userid + "/" + this.label;
    }

    @Override // dev.galasa.zossecurity.IZosCertificate
    public void delete() throws ZosSecurityManagerException {
        try {
            RacfOutputProcessing.analyseOutput(this.zosSecurity.clientRequest(this.sysplexId, ZosSecurityImpl.HttpMethod.DELETE, "/api/certificate/" + getTypeUseridLabel(), this.zosSecurityServerQueryParams, null), RacfOutputProcessing.COMMAND.RACDCERT_DELETE, getTypeUseridLabel(), this.zosSecurity.isOutputReporting());
            this.zosSecurity.dssUnregister(ZosSecurityImpl.ResourceType.ZOS_CERTIFICATE.getName(), getTypeUseridLabel(), this.sysplexId, this.runName);
        } catch (ZosSecurityManagerException e) {
            throw new ZosSecurityManagerException("RACDCERT DELETE of " + getTypeUseridLabel() + " failed", e);
        }
    }

    @Override // dev.galasa.zossecurity.IZosCertificate
    public void connectKeyring(IZosKeyring iZosKeyring) throws ZosSecurityManagerException {
        iZosKeyring.connectCertificate(this);
    }

    @Override // dev.galasa.zossecurity.IZosCertificate
    public void connectKeyring(IZosKeyring iZosKeyring, boolean z) throws ZosSecurityManagerException {
        iZosKeyring.connectCertificate(this, z);
    }

    @Override // dev.galasa.zossecurity.IZosCertificate
    public void connectKeyring(IZosKeyring iZosKeyring, boolean z, RACFCertificateType rACFCertificateType) throws ZosSecurityManagerException {
        iZosKeyring.connectCertificate(this, z, rACFCertificateType);
    }

    @Override // dev.galasa.zossecurity.IZosCertificate
    public void removeKeyring(IZosKeyring iZosKeyring) throws ZosSecurityManagerException {
        iZosKeyring.removeCertificate(this);
    }

    public static IZosCertificate createCertificate(ZosSecurityImpl zosSecurityImpl, IZosImage iZosImage, String str, String str2, KeyStore keyStore, String str3, RACFCertificateType rACFCertificateType, RACFCertificateTrust rACFCertificateTrust, int i) throws ZosSecurityManagerException {
        if (str == null || str.trim().isEmpty()) {
            throw new ZosSecurityManagerException("The userid is missing");
        }
        if (str2 == null || str2.trim().isEmpty()) {
            throw new ZosSecurityManagerException("The label is missing");
        }
        if (iZosImage == null) {
            throw new ZosSecurityManagerException("The image is missing");
        }
        if (rACFCertificateType == null) {
            rACFCertificateType = RACFCertificateType.NONE;
        }
        String trim = str.trim();
        String trim2 = str2.trim();
        Properties properties = new Properties();
        properties.put("certificateType", rACFCertificateType.toString());
        properties.put("core.generic.resource.cleanup.ignore", "true");
        try {
            properties.store(new StringWriter(), (String) null);
            ZosCertificateImpl zosCertificateImpl = new ZosCertificateImpl(zosSecurityImpl, rACFCertificateType, trim, trim2, iZosImage);
            zosSecurityImpl.dssRegister(ZosSecurityImpl.ResourceType.ZOS_CERTIFICATE.getName(), rACFCertificateType.toString() + "/" + trim + "/" + trim2);
            zosCertificateImpl.createCertificateInRACF(keyStore, str3, rACFCertificateType, rACFCertificateTrust, i);
            return zosCertificateImpl;
        } catch (Exception e) {
            throw new ZosSecurityManagerException("Error creating zossec certificate resource properties", e);
        }
    }

    private void createCertificateInRACF(KeyStore keyStore, String str, RACFCertificateType rACFCertificateType, RACFCertificateTrust rACFCertificateTrust, int i) throws ZosSecurityManagerException {
        IZosFileHandler zosFileHandler = this.zosSecurity.getZosFileHandler();
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            keyStore.store(byteArrayOutputStream, str.toCharArray());
            IZosDataset newDataset = zosFileHandler.newDataset(this.zosSecurity.getRunDatasetHLQ(this.image) + "." + this.zosSecurity.getRunName() + ".C" + i + ".P12", this.image);
            newDataset.setDataType(IZosDataset.DatasetDataType.BINARY);
            newDataset.setRecordFormat(IZosDataset.RecordFormat.VARIABLE_BLOCKED);
            newDataset.setRecordlength(84);
            newDataset.setBlockSize(0);
            newDataset.setSpace(IZosDataset.SpaceUnit.TRACKS, 5, 1);
            if (newDataset.exists()) {
                newDataset.delete();
            }
            newDataset.create();
            newDataset.storeBinary(byteArrayOutputStream.toByteArray());
            logger.info("Certificate stored in dataset '" + newDataset.getName() + "'");
            StringBuilder sb = new StringBuilder();
            if (rACFCertificateTrust != null) {
                sb.append(rACFCertificateTrust.toString());
                sb.append(" ");
            }
            try {
                JsonObject jsonObject = new JsonObject();
                jsonObject.addProperty("parameters", sb.toString());
                jsonObject.addProperty("dsn", newDataset.getName());
                jsonObject.addProperty("password", str);
                RacfOutputProcessing.analyseOutput(this.zosSecurity.clientRequest(this.sysplexId, ZosSecurityImpl.HttpMethod.POST, "/api/certificate/" + getTypeUseridLabel(), this.zosSecurityServerQueryParams, jsonObject), RacfOutputProcessing.COMMAND.RACDCERT_ADD, getTypeUseridLabel(), this.zosSecurity.isOutputReporting());
                if (this.zosSecurity.isResourceReporting()) {
                    String list = list();
                    if (!this.zosSecurity.isOutputReporting()) {
                        logger.debug("Updated RLIST of " + getTypeUseridLabel() + " \n" + list);
                    }
                }
                try {
                    newDataset.delete();
                    logger.info("Certificate dataset '" + newDataset.getName() + "' deleted");
                } catch (ZosDatasetException e) {
                    throw new ZosSecurityManagerException("Unable to delete certificate dataset the image", e);
                }
            } catch (ZosSecurityManagerException e2) {
                throw new ZosSecurityManagerException("RDEFINE of " + getTypeUseridLabel() + " failed", e2);
            }
        } catch (ZosManagerException | IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e3) {
            throw new ZosSecurityManagerException("Unable to store certificate on the image", e3);
        }
    }

    @Override // dev.galasa.zossecurity.IZosCertificate
    public String list() throws ZosSecurityManagerException {
        try {
            return RacfOutputProcessing.analyseOutput(this.zosSecurity.clientRequest(this.sysplexId, ZosSecurityImpl.HttpMethod.GET, "/api/certificate/" + getTypeUseridLabel(), this.zosSecurityServerQueryParams, null), RacfOutputProcessing.COMMAND.RACDCERT_LIST, getTypeUseridLabel(), this.zosSecurity.isOutputReporting()).get("output").getAsString();
        } catch (ZosSecurityManagerException e) {
            throw new ZosSecurityManagerException("RACDCERT LIST of " + getTypeUseridLabel() + " failed", e);
        }
    }

    @Override // dev.galasa.zossecurity.IZosCertificate
    public RACFCertificateType getType() {
        return this.type;
    }

    public String toString() {
        return "[zOS Security Certificate] " + getTypeUseridLabel();
    }
}
