package org.ejbca.core.protocol.ws.client;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.util.ArrayList;
import org.cesecore.util.CertTools;
import org.ejbca.core.protocol.ws.client.gen.AuthorizationDeniedException_Exception;
import org.ejbca.core.protocol.ws.client.gen.CertificateResponse;
import org.ejbca.core.protocol.ws.client.gen.UserDataVOWS;
import org.ejbca.core.protocol.ws.common.CertificateHelper;
import org.ejbca.ui.cli.ErrorAdminCommandException;
import org.ejbca.ui.cli.IAdminCommand;
import org.ejbca.ui.cli.IllegalAdminCommandException;

/* loaded from: input_file:org/ejbca/core/protocol/ws/client/CertificateRequestCommand.class */
public class CertificateRequestCommand extends EJBCAWSRABaseCommand implements IAdminCommand {
    private static final int ARG_USERNAME = 1;
    private static final int ARG_SUBJECTDN = 2;
    private static final int ARG_SUBJECTALTNAME = 3;
    private static final int ARG_CANAME = 4;
    private static final int ARG_EEPROF = 5;
    private static final int ARG_CERTPROF = 6;
    private static final int ARG_REQPATH = 7;
    private static final int ARG_REQTYPE = 8;
    private static final int ARG_ENCODING = 9;
    private static final int ARG_HARDTOKENSN = 10;
    private static final int ARG_OUTPUTPATH = 11;

    public CertificateRequestCommand(String[] strArr) {
        super(strArr);
    }

    public void execute() throws IllegalAdminCommandException, ErrorAdminCommandException {
        try {
            if (this.args.length < 11 || this.args.length > 12) {
                usage();
                System.exit(-1);
            }
            UserDataVOWS userDataVOWS = new UserDataVOWS();
            userDataVOWS.setUsername(this.args[1]);
            userDataVOWS.setSubjectDN(this.args[2]);
            if (!this.args[3].equalsIgnoreCase("NULL")) {
                userDataVOWS.setSubjectAltName(this.args[3]);
            }
            userDataVOWS.setCaName(this.args[4]);
            userDataVOWS.setEndEntityProfileName(this.args[5]);
            userDataVOWS.setCertificateProfileName(this.args[6]);
            String requestData = getRequestData(this.args[7]);
            int requestType = getRequestType(this.args[8]);
            String encoding = getEncoding(this.args[9]);
            String hardTokenSN = getHardTokenSN(this.args[10]);
            String str = null;
            if (this.args.length > 11) {
                str = getOutputPath(this.args[11]);
            }
            getPrintStream().println("Requesting certificate for end entity:");
            getPrintStream().println("Username: " + userDataVOWS.getUsername());
            getPrintStream().println("Subject DN: " + userDataVOWS.getSubjectDN());
            getPrintStream().println("Subject Altname: " + userDataVOWS.getSubjectAltName());
            getPrintStream().println("Email: " + userDataVOWS.getEmail());
            getPrintStream().println("CA Name: " + userDataVOWS.getCaName());
            getPrintStream().println("Token: " + userDataVOWS.getTokenType());
            getPrintStream().println("End entity profile: " + userDataVOWS.getEndEntityProfileName());
            getPrintStream().println("Certificate profile: " + userDataVOWS.getCertificateProfileName());
            getPrintStream().println("Hard token SN: " + hardTokenSN);
            getPrintStream().println("Request type: " + requestType);
            getPrintStream().println("Encoding: " + encoding);
            getPrintStream().println("Output path: " + str);
            try {
                CertificateResponse certificateRequest = getEjbcaRAWS().certificateRequest(userDataVOWS, requestData, requestType, hardTokenSN, "CERTIFICATE");
                if (certificateRequest == null) {
                    getPrintStream().println("No certificate could be generated for user, check server logs for error.");
                } else {
                    String username = userDataVOWS.getUsername();
                    String str2 = encoding.equals("DER") ? username + ".cer" : username + ".pem";
                    if (str != null) {
                        str2 = str + "/" + str2;
                    }
                    if (encoding.equals("DER")) {
                        FileOutputStream fileOutputStream = new FileOutputStream(str2);
                        fileOutputStream.write(CertificateHelper.getCertificate(certificateRequest.getData()).getEncoded());
                        fileOutputStream.close();
                    } else {
                        FileOutputStream fileOutputStream2 = new FileOutputStream(str2);
                        ArrayList arrayList = new ArrayList();
                        arrayList.add(CertificateHelper.getCertificate(certificateRequest.getData()));
                        fileOutputStream2.write(CertTools.getPemFromCertificateChain(arrayList));
                        fileOutputStream2.close();
                    }
                    getPrintStream().println("Certificate generated, written to " + str2);
                }
            } catch (AuthorizationDeniedException_Exception e) {
                getPrintStream().println("Error : " + e.getMessage());
            }
        } catch (Exception e2) {
            throw new ErrorAdminCommandException(e2);
        }
    }

    private String getHardTokenSN(String str) {
        if (str.equalsIgnoreCase("NONE")) {
            return null;
        }
        return str;
    }

    private String getRequestData(String str) {
        String str2 = null;
        try {
            FileInputStream fileInputStream = new FileInputStream(str);
            byte[] bArr = new byte[fileInputStream.available()];
            fileInputStream.read(bArr);
            fileInputStream.close();
            str2 = new String(bArr);
        } catch (FileNotFoundException e) {
            getPrintStream().println("Error : request data file couln't be found.");
            System.exit(-1);
        } catch (IOException e2) {
            getPrintStream().println("Error reading content of request data file.");
            System.exit(-1);
        }
        return str2;
    }

    private String getOutputPath(String str) {
        File file = new File(str);
        if (!file.exists()) {
            getPrintStream().println("Error : Output directory doesn't seem to exist.");
            System.exit(-1);
        }
        if (!file.isDirectory()) {
            getPrintStream().println("Error : Output directory doesn't seem to be a directory.");
            System.exit(-1);
        }
        if (!file.canWrite()) {
            getPrintStream().println("Error : Output directory isn't writeable.");
            System.exit(-1);
        }
        return str;
    }

    private String getEncoding(String str) {
        if (!str.equalsIgnoreCase(UserDataVOWS.TOKEN_TYPE_PEM) && !str.equalsIgnoreCase("DER")) {
            usage();
            System.exit(-1);
        }
        return str.toUpperCase();
    }

    private int getRequestType(String str) {
        if (str.equals("PKCS10")) {
            return 0;
        }
        if (str.equals("CRMF")) {
            return 1;
        }
        if (str.equals("SPKAC")) {
            return 2;
        }
        usage();
        System.exit(-1);
        return 0;
    }

    @Override // org.ejbca.core.protocol.ws.client.EJBCAWSRABaseCommand
    protected void usage() {
        getPrintStream().println("Command used to generate a users certificate.");
        getPrintStream().println("Usage : certreq <username> <subjectdn> <subjectaltname or NULL> <caname> <endentityprofilename> <certificateprofilename> <reqpath> <reqtype (PKCS10|SPKAC|CRMF)> <encoding (DER|PEM)> <hardtokensn (or NONE)> <outputpath (optional)> \n\n");
        getPrintStream().println("outputpath : directory where certificate is written in form outputpath/username+.cer|.pem ");
    }
}
