package org.opends.admin.ads;

import java.util.Map;
import java.util.SortedSet;
import java.util.TreeSet;
import javax.naming.NameNotFoundException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
import org.opends.admin.ads.ADSContext;
import org.opends.admin.ads.ADSContextException;
import org.opends.server.admin.ManagedObjectNotFoundException;
import org.opends.server.admin.client.ldap.JNDIDirContextAdaptor;
import org.opends.server.admin.client.ldap.LDAPManagementContext;
import org.opends.server.admin.std.client.BackendCfgClient;
import org.opends.server.admin.std.client.LDIFBackendCfgClient;
import org.opends.server.admin.std.client.RootCfgClient;
import org.opends.server.admin.std.meta.BackendCfgDefn;
import org.opends.server.admin.std.meta.LDIFBackendCfgDefn;
import org.opends.server.config.ConfigConstants;
import org.opends.server.crypto.CryptoManagerImpl;
import org.opends.server.types.CryptoManagerException;
import org.opends.server.types.DN;
import org.opends.server.util.ServerConstants;

/* loaded from: input_file:WEB-INF/lib/OpenDS.jar:org/opends/admin/ads/ADSContextHelper.class */
public class ADSContextHelper {
    static final /* synthetic */ boolean $assertionsDisabled;

    public void removeAdministrationSuffix(InitialLdapContext initialLdapContext, String str) throws ADSContextException {
        SortedSet<DN> baseDN;
        try {
            RootCfgClient rootConfiguration = LDAPManagementContext.createFromContext(JNDIDirContextAdaptor.adapt(initialLdapContext)).getRootConfiguration();
            BackendCfgClient backendCfgClient = null;
            try {
                backendCfgClient = rootConfiguration.getBackend(str);
            } catch (ManagedObjectNotFoundException e) {
            }
            if (backendCfgClient != null && (baseDN = backendCfgClient.getBaseDN()) != null && baseDN.remove(DN.decode(ADSContext.getAdministrationSuffixDN()))) {
                if (baseDN.size() > 0) {
                    backendCfgClient.setBaseDN(baseDN);
                    backendCfgClient.commit();
                } else {
                    rootConfiguration.removeBackend(str);
                }
            }
        } catch (Throwable th) {
            throw new ADSContextException(ADSContextException.ErrorType.ERROR_UNEXPECTED, th);
        }
    }

    public void createAdministrationSuffix(InitialLdapContext initialLdapContext, String str) throws ADSContextException {
        try {
            RootCfgClient rootConfiguration = LDAPManagementContext.createFromContext(JNDIDirContextAdaptor.adapt(initialLdapContext)).getRootConfiguration();
            LDIFBackendCfgClient lDIFBackendCfgClient = null;
            try {
                lDIFBackendCfgClient = (LDIFBackendCfgClient) rootConfiguration.getBackend(str);
            } catch (ClassCastException e) {
                throw new ADSContextException(ADSContextException.ErrorType.UNEXPECTED_ADS_BACKEND_TYPE, e);
            } catch (ManagedObjectNotFoundException e2) {
            }
            if (lDIFBackendCfgClient == null) {
                lDIFBackendCfgClient = (LDIFBackendCfgClient) rootConfiguration.createBackend(LDIFBackendCfgDefn.getInstance(), str, null);
                lDIFBackendCfgClient.setEnabled(true);
                lDIFBackendCfgClient.setLDIFFile(ADSContext.getAdminLDIFFile());
                lDIFBackendCfgClient.setBackendId(str);
                lDIFBackendCfgClient.setWritabilityMode(BackendCfgDefn.WritabilityMode.ENABLED);
                lDIFBackendCfgClient.setIsPrivateBackend(true);
            }
            SortedSet<DN> baseDN = lDIFBackendCfgClient.getBaseDN();
            if (baseDN == null) {
                baseDN = new TreeSet();
            }
            DN decode = DN.decode(ADSContext.getAdministrationSuffixDN());
            if (!baseDN.contains(decode)) {
                baseDN.add(decode);
                lDIFBackendCfgClient.setBaseDN(baseDN);
                lDIFBackendCfgClient.commit();
            }
        } catch (Throwable th) {
            throw new ADSContextException(ADSContextException.ErrorType.ERROR_UNEXPECTED, th);
        }
    }

    public void registerInstanceKeyCertificate(InitialLdapContext initialLdapContext, Map<ADSContext.ServerProperty, Object> map, LdapName ldapName) throws ADSContextException {
        if (!$assertionsDisabled && !map.containsKey(ADSContext.ServerProperty.INSTANCE_PUBLIC_KEY_CERTIFICATE)) {
            throw new AssertionError();
        }
        if (map.containsKey(ADSContext.ServerProperty.INSTANCE_PUBLIC_KEY_CERTIFICATE)) {
            String str = (String) map.get(ADSContext.ServerProperty.INSTANCE_KEY_ID);
            BasicAttributes basicAttributes = new BasicAttributes();
            BasicAttribute basicAttribute = new BasicAttribute(ServerConstants.OBJECTCLASS_ATTRIBUTE_TYPE_NAME);
            basicAttribute.add("top");
            basicAttribute.add(ConfigConstants.OC_CRYPTO_INSTANCE_KEY);
            basicAttributes.put(basicAttribute);
            if (null != str) {
                basicAttributes.put(new BasicAttribute(ADSContext.ServerProperty.INSTANCE_KEY_ID.getAttributeName(), str));
            }
            basicAttributes.put(new BasicAttribute(ADSContext.ServerProperty.INSTANCE_PUBLIC_KEY_CERTIFICATE.getAttributeName() + ";binary", map.get(ADSContext.ServerProperty.INSTANCE_PUBLIC_KEY_CERTIFICATE)));
            String[] strArr = {ConfigConstants.ATTR_CRYPTO_KEY_ID};
            NamingEnumeration<?> namingEnumeration = null;
            try {
                try {
                    try {
                        namingEnumeration = initialLdapContext.search(ADSContext.getInstanceKeysContainerDN(), basicAttributes, strArr);
                        if (namingEnumeration.hasMore()) {
                            Attribute attribute = ((SearchResult) namingEnumeration.next()).getAttributes().get(strArr[0]);
                            if (null != attribute) {
                                str = (String) attribute.get();
                            }
                        } else {
                            if (null == str) {
                                str = CryptoManagerImpl.getInstanceKeyID((byte[]) map.get(ADSContext.ServerProperty.INSTANCE_PUBLIC_KEY_CERTIFICATE));
                                basicAttributes.put(new BasicAttribute(ADSContext.ServerProperty.INSTANCE_KEY_ID.getAttributeName(), str));
                            }
                            initialLdapContext.createSubcontext(new LdapName(ADSContext.ServerProperty.INSTANCE_KEY_ID.getAttributeName() + "=" + Rdn.escapeValue(str) + "," + ADSContext.getInstanceKeysContainerDN()), basicAttributes).close();
                        }
                        if (ldapName != null) {
                            initialLdapContext.modifyAttributes(ldapName, 2, new BasicAttributes(ADSContext.ServerProperty.INSTANCE_KEY_ID.getAttributeName(), str));
                        }
                        handleCloseNamingEnumeration(namingEnumeration);
                    } catch (NamingException e) {
                        throw new ADSContextException(ADSContextException.ErrorType.ERROR_UNEXPECTED, e);
                    }
                } catch (CryptoManagerException e2) {
                    throw new ADSContextException(ADSContextException.ErrorType.ERROR_UNEXPECTED, e2);
                }
            } catch (Throwable th) {
                handleCloseNamingEnumeration(namingEnumeration);
                throw th;
            }
        }
    }

    public void unregisterInstanceKeyCertificate(InitialLdapContext initialLdapContext, Map<ADSContext.ServerProperty, Object> map, LdapName ldapName) throws ADSContextException {
        if (!$assertionsDisabled && !map.containsKey(ADSContext.ServerProperty.INSTANCE_PUBLIC_KEY_CERTIFICATE)) {
            throw new AssertionError();
        }
        if (map.containsKey(ADSContext.ServerProperty.INSTANCE_PUBLIC_KEY_CERTIFICATE)) {
            BasicAttributes basicAttributes = new BasicAttributes();
            BasicAttribute basicAttribute = new BasicAttribute(ServerConstants.OBJECTCLASS_ATTRIBUTE_TYPE_NAME);
            basicAttribute.add("top");
            basicAttribute.add(ConfigConstants.OC_CRYPTO_INSTANCE_KEY);
            basicAttributes.put(basicAttribute);
            basicAttributes.put(new BasicAttribute(ADSContext.ServerProperty.INSTANCE_PUBLIC_KEY_CERTIFICATE.getAttributeName() + ";binary", map.get(ADSContext.ServerProperty.INSTANCE_PUBLIC_KEY_CERTIFICATE)));
            NamingEnumeration<?> namingEnumeration = null;
            try {
                try {
                    namingEnumeration = initialLdapContext.search(ADSContext.getInstanceKeysContainerDN(), basicAttributes, new String[]{ConfigConstants.ATTR_CRYPTO_KEY_ID});
                    if (namingEnumeration.hasMore()) {
                        initialLdapContext.destroySubcontext(((SearchResult) namingEnumeration.next()).getNameInNamespace());
                    }
                    handleCloseNamingEnumeration(namingEnumeration);
                } catch (NamingException e) {
                    throw new ADSContextException(ADSContextException.ErrorType.ERROR_UNEXPECTED, e);
                } catch (NameNotFoundException e2) {
                    handleCloseNamingEnumeration(namingEnumeration);
                }
            } catch (Throwable th) {
                handleCloseNamingEnumeration(namingEnumeration);
                throw th;
            }
        }
    }

    public String getOcCryptoInstanceKey() {
        return ConfigConstants.OC_CRYPTO_INSTANCE_KEY;
    }

    public String getAttrCryptoKeyCompromisedTime() {
        return ConfigConstants.ATTR_CRYPTO_KEY_COMPROMISED_TIME;
    }

    private void handleCloseNamingEnumeration(NamingEnumeration<?> namingEnumeration) throws ADSContextException {
        if (namingEnumeration != null) {
            try {
                namingEnumeration.close();
            } catch (NamingException e) {
                throw new ADSContextException(ADSContextException.ErrorType.ERROR_UNEXPECTED, e);
            }
        }
    }

    static {
        $assertionsDisabled = !ADSContextHelper.class.desiredAssertionStatus();
    }
}
