package com.unboundid.util.ssl.cert;

import com.sun.mail.imap.IMAPStore;
import com.unboundid.asn1.ASN1BitString;
import com.unboundid.asn1.ASN1Element;
import com.unboundid.ldap.sdk.DN;
import com.unboundid.ldap.sdk.LDAPException;
import com.unboundid.ldap.sdk.ResultCode;
import com.unboundid.ldap.sdk.Version;
import com.unboundid.util.Base64;
import com.unboundid.util.ByteStringBuffer;
import com.unboundid.util.CommandLineTool;
import com.unboundid.util.Debug;
import com.unboundid.util.OID;
import com.unboundid.util.ObjectPair;
import com.unboundid.util.PasswordReader;
import com.unboundid.util.StaticUtils;
import com.unboundid.util.ThreadSafety;
import com.unboundid.util.ThreadSafetyLevel;
import com.unboundid.util.Validator;
import com.unboundid.util.args.Argument;
import com.unboundid.util.args.ArgumentException;
import com.unboundid.util.args.ArgumentParser;
import com.unboundid.util.args.BooleanArgument;
import com.unboundid.util.args.BooleanValueArgument;
import com.unboundid.util.args.DNArgument;
import com.unboundid.util.args.FileArgument;
import com.unboundid.util.args.IPAddressArgumentValueValidator;
import com.unboundid.util.args.IntegerArgument;
import com.unboundid.util.args.OIDArgumentValueValidator;
import com.unboundid.util.args.StringArgument;
import com.unboundid.util.args.SubCommand;
import com.unboundid.util.args.TimestampArgument;
import com.unboundid.util.ssl.JVMDefaultTrustManager;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.FileReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.PrintStream;
import java.net.InetAddress;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.LinkedBlockingQueue;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicReference;
import liquibase.exception.ValidationFailedException;
import net.shibboleth.utilities.java.support.security.BasicKeystoreKeyStrategyTool;
import net.shibboleth.utilities.java.support.security.SelfSignedCertificateGenerator;
import net.snowflake.client.jdbc.internal.apache.arrow.vector.util.DateUtility;
import net.snowflake.client.jdbc.internal.apache.tika.mime.MimeTypesReaderMetKeys;
import org.apache.batik.util.SMILConstants;
import org.apache.log4j.component.helpers.Constants;
import org.apache.logging.log4j.core.net.ssl.SslConfigurationDefaults;
import org.apache.pdfbox.contentstream.operator.OperatorName;
import org.apache.pdfbox.pdmodel.documentinterchange.taggedpdf.PDPrintFieldAttributeObject;
import org.apache.tools.ant.taskdefs.optional.sos.SOSCmd;
import org.jboss.netty.handler.codec.http.multipart.HttpPostBodyUtil;
import org.postgresql.jdbc.EscapedFunctions;

@ThreadSafety(level = ThreadSafetyLevel.NOT_THREADSAFE)
/* loaded from: input_file:com/unboundid/util/ssl/cert/ManageCertificates.class */
public final class ManageCertificates extends CommandLineTool {
    private static final File JVM_DEFAULT_CACERTS_FILE;
    private static final String PROPERTY_DEFAULT_KEYSTORE_TYPE;
    private static final String DEFAULT_KEYSTORE_TYPE;
    private static final int WRAP_COLUMN;
    private volatile ArgumentParser globalParser;
    private volatile ArgumentParser subCommandParser;
    private final InputStream in;

    public static void main(String... strArr) {
        ResultCode main = main(System.in, System.out, System.err, strArr);
        if (main != ResultCode.SUCCESS) {
            System.exit(Math.max(1, Math.min(main.intValue(), 255)));
        }
    }

    public static ResultCode main(InputStream inputStream, OutputStream outputStream, OutputStream outputStream2, String... strArr) {
        return new ManageCertificates(inputStream, outputStream, outputStream2).runTool(strArr);
    }

    public ManageCertificates(InputStream inputStream, OutputStream outputStream, OutputStream outputStream2) {
        super(outputStream, outputStream2);
        this.globalParser = null;
        this.subCommandParser = null;
        if (inputStream == null) {
            this.in = new ByteArrayInputStream(StaticUtils.NO_BYTES);
        } else {
            this.in = inputStream;
        }
    }

    @Override // com.unboundid.util.CommandLineTool
    public String getToolName() {
        return "manage-certificates";
    }

    @Override // com.unboundid.util.CommandLineTool
    public String getToolDescription() {
        return CertMessages.INFO_MANAGE_CERTS_TOOL_DESC.get();
    }

    @Override // com.unboundid.util.CommandLineTool
    public String getToolVersion() {
        return Version.NUMERIC_VERSION_STRING;
    }

    @Override // com.unboundid.util.CommandLineTool
    public boolean supportsInteractiveMode() {
        return true;
    }

    @Override // com.unboundid.util.CommandLineTool
    public boolean defaultsToInteractiveMode() {
        return true;
    }

    @Override // com.unboundid.util.CommandLineTool
    public boolean supportsPropertiesFile() {
        return true;
    }

    @Override // com.unboundid.util.CommandLineTool
    protected boolean supportsOutputFile() {
        return false;
    }

    @Override // com.unboundid.util.CommandLineTool
    protected boolean logToolInvocationByDefault() {
        return true;
    }

    @Override // com.unboundid.util.CommandLineTool
    public void addToolArguments(ArgumentParser argumentParser) throws ArgumentException {
        this.globalParser = argumentParser;
        ArgumentParser argumentParser2 = new ArgumentParser("list-certificates", CertMessages.INFO_MANAGE_CERTS_SC_LIST_CERTS_DESC.get());
        FileArgument fileArgument = new FileArgument(null, "keystore", true, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_KS_DESC.get(), true, true, true, false);
        fileArgument.addLongIdentifier("keystore-path", true);
        fileArgument.addLongIdentifier("keystorePath", true);
        fileArgument.addLongIdentifier("keystore-file", true);
        fileArgument.addLongIdentifier("keystoreFile", true);
        argumentParser2.addArgument(fileArgument);
        StringArgument stringArgument = new StringArgument(null, "keystore-password", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), CertMessages.INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_KS_PW_DESC.get());
        stringArgument.addLongIdentifier("keystorePassword", true);
        stringArgument.addLongIdentifier("keystore-passphrase", true);
        stringArgument.addLongIdentifier("keystorePassphrase", true);
        stringArgument.addLongIdentifier("keystore-pin", true);
        stringArgument.addLongIdentifier("keystorePIN", true);
        stringArgument.addLongIdentifier("storepass", true);
        stringArgument.setSensitive(true);
        argumentParser2.addArgument(stringArgument);
        FileArgument fileArgument2 = new FileArgument(null, "keystore-password-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
        fileArgument2.addLongIdentifier("keystorePasswordFile", true);
        fileArgument2.addLongIdentifier("keystore-passphrase-file", true);
        fileArgument2.addLongIdentifier("keystorePassphraseFile", true);
        fileArgument2.addLongIdentifier("keystore-pin-file", true);
        fileArgument2.addLongIdentifier("keystorePINFile", true);
        argumentParser2.addArgument(fileArgument2);
        BooleanArgument booleanArgument = new BooleanArgument(null, "prompt-for-keystore-password", CertMessages.INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_PROMPT_FOR_KS_PW_DESC.get());
        booleanArgument.addLongIdentifier("promptForKeystorePassword", true);
        booleanArgument.addLongIdentifier("prompt-for-keystore-passphrase", true);
        booleanArgument.addLongIdentifier("promptForKeystorePassphrase", true);
        booleanArgument.addLongIdentifier("prompt-for-keystore-pin", true);
        booleanArgument.addLongIdentifier("promptForKeystorePIN", true);
        argumentParser2.addArgument(booleanArgument);
        StringArgument stringArgument2 = new StringArgument(null, MimeTypesReaderMetKeys.ALIAS_TAG, false, 0, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), CertMessages.INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_ALIAS_DESC.get());
        stringArgument2.addLongIdentifier("nickname", true);
        argumentParser2.addArgument(stringArgument2);
        BooleanArgument booleanArgument2 = new BooleanArgument(null, "display-pem-certificate", 1, CertMessages.INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_DISPLAY_PEM_DESC.get());
        booleanArgument2.addLongIdentifier("displayPEMCertificate", true);
        booleanArgument2.addLongIdentifier("display-pem", true);
        booleanArgument2.addLongIdentifier("displayPEM", true);
        booleanArgument2.addLongIdentifier("show-pem-certificate", true);
        booleanArgument2.addLongIdentifier("showPEMCertificate", true);
        booleanArgument2.addLongIdentifier("show-pem", true);
        booleanArgument2.addLongIdentifier("showPEM", true);
        booleanArgument2.addLongIdentifier("pem", true);
        booleanArgument2.addLongIdentifier("rfc", true);
        argumentParser2.addArgument(booleanArgument2);
        argumentParser2.addArgument(new BooleanArgument(null, "verbose", 1, CertMessages.INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_VERBOSE_DESC.get()));
        BooleanArgument booleanArgument3 = new BooleanArgument(null, "display-keytool-command", 1, CertMessages.INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_DISPLAY_COMMAND_DESC.get());
        booleanArgument3.addLongIdentifier("displayKeytoolCommand", true);
        booleanArgument3.addLongIdentifier("show-keytool-command", true);
        booleanArgument3.addLongIdentifier("showKeytoolCommand", true);
        argumentParser2.addArgument(booleanArgument3);
        argumentParser2.addExclusiveArgumentSet(stringArgument, fileArgument2, booleanArgument);
        LinkedHashMap linkedHashMap = new LinkedHashMap(3);
        linkedHashMap.put(new String[]{"list-certificates", "--keystore", getPlatformSpecificPath("config", "keystore")}, CertMessages.INFO_MANAGE_CERTS_SC_LIST_CERTS_EXAMPLE_1.get(getPlatformSpecificPath("config", "keystore")));
        linkedHashMap.put(new String[]{"list-certificates", "--keystore", getPlatformSpecificPath("config", "keystore.p12"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "server-cert", "--verbose", "--display-pem-certificate", "--display-keytool-command"}, CertMessages.INFO_MANAGE_CERTS_SC_LIST_CERTS_EXAMPLE_2.get(getPlatformSpecificPath("config", "keystore.p12"), getPlatformSpecificPath("config", "keystore.pin")));
        if (JVM_DEFAULT_CACERTS_FILE != null) {
            linkedHashMap.put(new String[]{"list-certificates", "--keystore", JVM_DEFAULT_CACERTS_FILE.getAbsolutePath()}, CertMessages.INFO_MANAGE_CERTS_SC_LIST_CERTS_EXAMPLE_3.get());
        }
        SubCommand subCommand = new SubCommand("list-certificates", CertMessages.INFO_MANAGE_CERTS_SC_LIST_CERTS_DESC.get(), argumentParser2, linkedHashMap);
        subCommand.addName("listCertificates", true);
        subCommand.addName("list-certs", true);
        subCommand.addName("listCerts", true);
        subCommand.addName("list", false);
        argumentParser.addSubCommand(subCommand);
        ArgumentParser argumentParser3 = new ArgumentParser("export-certificate", CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_CERT_DESC.get());
        FileArgument fileArgument3 = new FileArgument(null, "keystore", true, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_KS_DESC.get(), true, true, true, false);
        fileArgument3.addLongIdentifier("keystore-path", true);
        fileArgument3.addLongIdentifier("keystorePath", true);
        fileArgument3.addLongIdentifier("keystore-file", true);
        fileArgument3.addLongIdentifier("keystoreFile", true);
        argumentParser3.addArgument(fileArgument3);
        StringArgument stringArgument3 = new StringArgument(null, "keystore-password", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_KS_PW_DESC.get());
        stringArgument3.addLongIdentifier("keystorePassword", true);
        stringArgument3.addLongIdentifier("keystore-passphrase", true);
        stringArgument3.addLongIdentifier("keystorePassphrase", true);
        stringArgument3.addLongIdentifier("keystore-pin", true);
        stringArgument3.addLongIdentifier("keystorePIN", true);
        stringArgument3.addLongIdentifier("storepass", true);
        stringArgument3.setSensitive(true);
        argumentParser3.addArgument(stringArgument3);
        FileArgument fileArgument4 = new FileArgument(null, "keystore-password-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
        fileArgument4.addLongIdentifier("keystorePasswordFile", true);
        fileArgument4.addLongIdentifier("keystore-passphrase-file", true);
        fileArgument4.addLongIdentifier("keystorePassphraseFile", true);
        fileArgument4.addLongIdentifier("keystore-pin-file", true);
        fileArgument4.addLongIdentifier("keystorePINFile", true);
        argumentParser3.addArgument(fileArgument4);
        BooleanArgument booleanArgument4 = new BooleanArgument(null, "prompt-for-keystore-password", CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_PROMPT_FOR_KS_PW_DESC.get());
        booleanArgument4.addLongIdentifier("promptForKeystorePassword", true);
        booleanArgument4.addLongIdentifier("prompt-for-keystore-passphrase", true);
        booleanArgument4.addLongIdentifier("promptForKeystorePassphrase", true);
        booleanArgument4.addLongIdentifier("prompt-for-keystore-pin", true);
        booleanArgument4.addLongIdentifier("promptForKeystorePIN", true);
        argumentParser3.addArgument(booleanArgument4);
        StringArgument stringArgument4 = new StringArgument(null, MimeTypesReaderMetKeys.ALIAS_TAG, true, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_ALIAS_DESC.get());
        stringArgument4.addLongIdentifier("nickname", true);
        argumentParser3.addArgument(stringArgument4);
        BooleanArgument booleanArgument5 = new BooleanArgument(null, "export-certificate-chain", 1, CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_CHAIN_DESC.get());
        booleanArgument5.addLongIdentifier("exportCertificateChain", true);
        booleanArgument5.addLongIdentifier("export-chain", true);
        booleanArgument5.addLongIdentifier("exportChain", true);
        booleanArgument5.addLongIdentifier("certificate-chain", true);
        booleanArgument5.addLongIdentifier("certificateChain", true);
        booleanArgument5.addLongIdentifier("chain", true);
        argumentParser3.addArgument(booleanArgument5);
        LinkedHashSet linkedHashSet = new LinkedHashSet(7);
        linkedHashSet.add("PEM");
        linkedHashSet.add("text");
        linkedHashSet.add("txt");
        linkedHashSet.add("RFC");
        linkedHashSet.add("DER");
        linkedHashSet.add("binary");
        linkedHashSet.add("bin");
        StringArgument stringArgument5 = new StringArgument((Character) null, "output-format", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_FORMAT.get(), CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_FORMAT_DESC.get(), (Set<String>) linkedHashSet, "PEM");
        stringArgument5.addLongIdentifier("outputFormat");
        argumentParser3.addArgument(stringArgument5);
        FileArgument fileArgument5 = new FileArgument(null, "output-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_FILE_DESC.get(), false, true, true, false);
        fileArgument5.addLongIdentifier("outputFile", true);
        fileArgument5.addLongIdentifier("export-file", true);
        fileArgument5.addLongIdentifier("exportFile", true);
        fileArgument5.addLongIdentifier("certificate-file", true);
        fileArgument5.addLongIdentifier("certificateFile", true);
        fileArgument5.addLongIdentifier("file", true);
        fileArgument5.addLongIdentifier(HttpPostBodyUtil.FILENAME, true);
        argumentParser3.addArgument(fileArgument5);
        BooleanArgument booleanArgument6 = new BooleanArgument(null, "separate-file-per-certificate", 1, CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_SEPARATE_FILE_DESC.get());
        booleanArgument6.addLongIdentifier("separateFilePerCertificate", true);
        booleanArgument6.addLongIdentifier("separate-files", true);
        booleanArgument6.addLongIdentifier("separateFiles", true);
        argumentParser3.addArgument(booleanArgument6);
        BooleanArgument booleanArgument7 = new BooleanArgument(null, "display-keytool-command", 1, CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_DISPLAY_COMMAND_DESC.get());
        booleanArgument7.addLongIdentifier("displayKeytoolCommand", true);
        booleanArgument7.addLongIdentifier("show-keytool-command", true);
        booleanArgument7.addLongIdentifier("showKeytoolCommand", true);
        argumentParser3.addArgument(booleanArgument7);
        argumentParser3.addExclusiveArgumentSet(stringArgument3, fileArgument4, booleanArgument4);
        argumentParser3.addDependentArgumentSet(booleanArgument6, booleanArgument5, new Argument[0]);
        argumentParser3.addDependentArgumentSet(booleanArgument6, fileArgument5, new Argument[0]);
        LinkedHashMap linkedHashMap2 = new LinkedHashMap(2);
        linkedHashMap2.put(new String[]{"export-certificate", "--keystore", getPlatformSpecificPath("config", "keystore"), BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "server-cert"}, CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_CERT_EXAMPLE_1.get());
        linkedHashMap2.put(new String[]{"export-certificate", "--keystore", getPlatformSpecificPath("config", "keystore.p12"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "server-cert", "--export-certificate-chain", "--output-format", "DER", "--output-file", "certificate-chain.der", "--display-keytool-command"}, CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_CERT_EXAMPLE_2.get());
        SubCommand subCommand2 = new SubCommand("export-certificate", CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_CERT_DESC.get(), argumentParser3, linkedHashMap2);
        subCommand2.addName("exportCertificate", true);
        subCommand2.addName("export-cert", true);
        subCommand2.addName("exportCert", true);
        subCommand2.addName("export", false);
        argumentParser.addSubCommand(subCommand2);
        ArgumentParser argumentParser4 = new ArgumentParser("export-private-key", CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_KEY_DESC.get());
        FileArgument fileArgument6 = new FileArgument(null, "keystore", true, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_KS_DESC.get(), true, true, true, false);
        fileArgument6.addLongIdentifier("keystore-path", true);
        fileArgument6.addLongIdentifier("keystorePath", true);
        fileArgument6.addLongIdentifier("keystore-file", true);
        fileArgument6.addLongIdentifier("keystoreFile", true);
        argumentParser4.addArgument(fileArgument6);
        StringArgument stringArgument6 = new StringArgument(null, "keystore-password", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_KS_PW_DESC.get());
        stringArgument6.addLongIdentifier("keystorePassword", true);
        stringArgument6.addLongIdentifier("keystore-passphrase", true);
        stringArgument6.addLongIdentifier("keystorePassphrase", true);
        stringArgument6.addLongIdentifier("keystore-pin", true);
        stringArgument6.addLongIdentifier("keystorePIN", true);
        stringArgument6.addLongIdentifier("storepass", true);
        stringArgument6.setSensitive(true);
        argumentParser4.addArgument(stringArgument6);
        FileArgument fileArgument7 = new FileArgument(null, "keystore-password-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
        fileArgument7.addLongIdentifier("keystorePasswordFile", true);
        fileArgument7.addLongIdentifier("keystore-passphrase-file", true);
        fileArgument7.addLongIdentifier("keystorePassphraseFile", true);
        fileArgument7.addLongIdentifier("keystore-pin-file", true);
        fileArgument7.addLongIdentifier("keystorePINFile", true);
        argumentParser4.addArgument(fileArgument7);
        BooleanArgument booleanArgument8 = new BooleanArgument(null, "prompt-for-keystore-password", CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_PROMPT_FOR_KS_PW_DESC.get());
        booleanArgument8.addLongIdentifier("promptForKeystorePassword", true);
        booleanArgument8.addLongIdentifier("prompt-for-keystore-passphrase", true);
        booleanArgument8.addLongIdentifier("promptForKeystorePassphrase", true);
        booleanArgument8.addLongIdentifier("prompt-for-keystore-pin", true);
        booleanArgument8.addLongIdentifier("promptForKeystorePIN", true);
        argumentParser4.addArgument(booleanArgument8);
        StringArgument stringArgument7 = new StringArgument(null, "private-key-password", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_PK_PW_DESC.get());
        stringArgument7.addLongIdentifier("privateKeyPassword", true);
        stringArgument7.addLongIdentifier("private-key-passphrase", true);
        stringArgument7.addLongIdentifier("privateKeyPassphrase", true);
        stringArgument7.addLongIdentifier("private-key-pin", true);
        stringArgument7.addLongIdentifier("privateKeyPIN", true);
        stringArgument7.addLongIdentifier("key-password", true);
        stringArgument7.addLongIdentifier("keyPassword", true);
        stringArgument7.addLongIdentifier("key-passphrase", true);
        stringArgument7.addLongIdentifier("keyPassphrase", true);
        stringArgument7.addLongIdentifier("key-pin", true);
        stringArgument7.addLongIdentifier("keyPIN", true);
        stringArgument7.addLongIdentifier("keypass", true);
        stringArgument7.setSensitive(true);
        argumentParser4.addArgument(stringArgument7);
        FileArgument fileArgument8 = new FileArgument(null, "private-key-password-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_PK_PW_FILE_DESC.get(), true, true, true, false);
        fileArgument8.addLongIdentifier("privateKeyPasswordFile", true);
        fileArgument8.addLongIdentifier("private-key-passphrase-file", true);
        fileArgument8.addLongIdentifier("privateKeyPassphraseFile", true);
        fileArgument8.addLongIdentifier("private-key-pin-file", true);
        fileArgument8.addLongIdentifier("privateKeyPINFile", true);
        fileArgument8.addLongIdentifier("key-password-file", true);
        fileArgument8.addLongIdentifier("keyPasswordFile", true);
        fileArgument8.addLongIdentifier("key-passphrase-file", true);
        fileArgument8.addLongIdentifier("keyPassphraseFile", true);
        fileArgument8.addLongIdentifier("key-pin-file", true);
        fileArgument8.addLongIdentifier("keyPINFile", true);
        argumentParser4.addArgument(fileArgument8);
        BooleanArgument booleanArgument9 = new BooleanArgument(null, "prompt-for-private-key-password", CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_PROMPT_FOR_PK_PW_DESC.get());
        booleanArgument9.addLongIdentifier("promptForPrivateKeyPassword", true);
        booleanArgument9.addLongIdentifier("prompt-for-private-key-passphrase", true);
        booleanArgument9.addLongIdentifier("promptForPrivateKeyPassphrase", true);
        booleanArgument9.addLongIdentifier("prompt-for-private-key-pin", true);
        booleanArgument9.addLongIdentifier("promptForPrivateKeyPIN", true);
        booleanArgument9.addLongIdentifier("prompt-for-key-password", true);
        booleanArgument9.addLongIdentifier("promptForKeyPassword", true);
        booleanArgument9.addLongIdentifier("prompt-for-key-passphrase", true);
        booleanArgument9.addLongIdentifier("promptForKeyPassphrase", true);
        booleanArgument9.addLongIdentifier("prompt-for-key-pin", true);
        booleanArgument9.addLongIdentifier("promptForKeyPIN", true);
        argumentParser4.addArgument(booleanArgument9);
        StringArgument stringArgument8 = new StringArgument(null, MimeTypesReaderMetKeys.ALIAS_TAG, true, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_ALIAS_DESC.get());
        stringArgument8.addLongIdentifier("nickname", true);
        argumentParser4.addArgument(stringArgument8);
        LinkedHashSet linkedHashSet2 = new LinkedHashSet(7);
        linkedHashSet2.add("PEM");
        linkedHashSet2.add("text");
        linkedHashSet2.add("txt");
        linkedHashSet2.add("RFC");
        linkedHashSet2.add("DER");
        linkedHashSet2.add("binary");
        linkedHashSet2.add("bin");
        StringArgument stringArgument9 = new StringArgument((Character) null, "output-format", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_FORMAT.get(), CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_FORMAT_DESC.get(), (Set<String>) linkedHashSet2, "PEM");
        stringArgument9.addLongIdentifier("outputFormat");
        argumentParser4.addArgument(stringArgument9);
        FileArgument fileArgument9 = new FileArgument(null, "output-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_FILE_DESC.get(), false, true, true, false);
        fileArgument9.addLongIdentifier("outputFile", true);
        fileArgument9.addLongIdentifier("export-file", true);
        fileArgument9.addLongIdentifier("exportFile", true);
        fileArgument9.addLongIdentifier("private-key-file", true);
        fileArgument9.addLongIdentifier("privateKeyFile", true);
        fileArgument9.addLongIdentifier("key-file", true);
        fileArgument9.addLongIdentifier("keyFile", true);
        fileArgument9.addLongIdentifier("file", true);
        fileArgument9.addLongIdentifier(HttpPostBodyUtil.FILENAME, true);
        argumentParser4.addArgument(fileArgument9);
        argumentParser4.addRequiredArgumentSet(stringArgument6, fileArgument7, booleanArgument8);
        argumentParser4.addExclusiveArgumentSet(stringArgument6, fileArgument7, booleanArgument8);
        argumentParser4.addExclusiveArgumentSet(stringArgument7, fileArgument8, booleanArgument9);
        LinkedHashMap linkedHashMap3 = new LinkedHashMap(2);
        linkedHashMap3.put(new String[]{"export-private-key", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "server-cert"}, CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_KEY_EXAMPLE_1.get());
        linkedHashMap3.put(new String[]{"export-private-key", "--keystore", getPlatformSpecificPath("config", "keystore.p12"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--private-key-password-file", getPlatformSpecificPath("config", "server-cert-key.pin"), BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "server-cert", "--output-format", "DER", "--output-file", "server-cert-key.der"}, CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_KEY_EXAMPLE_2.get());
        SubCommand subCommand3 = new SubCommand("export-private-key", CertMessages.INFO_MANAGE_CERTS_SC_EXPORT_CERT_DESC.get(), argumentParser4, linkedHashMap3);
        subCommand3.addName("exportPrivateKey", true);
        subCommand3.addName("export-key", true);
        subCommand3.addName("exportKey", true);
        argumentParser.addSubCommand(subCommand3);
        ArgumentParser argumentParser5 = new ArgumentParser("import-certificate", CertMessages.INFO_MANAGE_CERTS_SC_IMPORT_CERT_DESC.get());
        FileArgument fileArgument10 = new FileArgument(null, "keystore", true, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_KS_DESC.get(), false, true, true, false);
        fileArgument10.addLongIdentifier("keystore-path", true);
        fileArgument10.addLongIdentifier("keystorePath", true);
        fileArgument10.addLongIdentifier("keystore-file", true);
        fileArgument10.addLongIdentifier("keystoreFile", true);
        argumentParser5.addArgument(fileArgument10);
        StringArgument stringArgument10 = new StringArgument(null, "keystore-password", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), CertMessages.INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_KS_PW_DESC.get());
        stringArgument10.addLongIdentifier("keystorePassword", true);
        stringArgument10.addLongIdentifier("keystore-passphrase", true);
        stringArgument10.addLongIdentifier("keystorePassphrase", true);
        stringArgument10.addLongIdentifier("keystore-pin", true);
        stringArgument10.addLongIdentifier("keystorePIN", true);
        stringArgument10.addLongIdentifier("storepass", true);
        stringArgument10.setSensitive(true);
        argumentParser5.addArgument(stringArgument10);
        FileArgument fileArgument11 = new FileArgument(null, "keystore-password-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
        fileArgument11.addLongIdentifier("keystorePasswordFile", true);
        fileArgument11.addLongIdentifier("keystore-passphrase-file", true);
        fileArgument11.addLongIdentifier("keystorePassphraseFile", true);
        fileArgument11.addLongIdentifier("keystore-pin-file", true);
        fileArgument11.addLongIdentifier("keystorePINFile", true);
        argumentParser5.addArgument(fileArgument11);
        BooleanArgument booleanArgument10 = new BooleanArgument(null, "prompt-for-keystore-password", CertMessages.INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_PROMPT_FOR_KS_PW_DESC.get());
        booleanArgument10.addLongIdentifier("promptForKeystorePassword", true);
        booleanArgument10.addLongIdentifier("prompt-for-keystore-passphrase", true);
        booleanArgument10.addLongIdentifier("promptForKeystorePassphrase", true);
        booleanArgument10.addLongIdentifier("prompt-for-keystore-pin", true);
        booleanArgument10.addLongIdentifier("promptForKeystorePIN", true);
        argumentParser5.addArgument(booleanArgument10);
        LinkedHashSet linkedHashSet3 = new LinkedHashSet(2);
        linkedHashSet3.add("jks");
        linkedHashSet3.add("pkcs12");
        linkedHashSet3.add("pkcs 12");
        linkedHashSet3.add("pkcs#12");
        linkedHashSet3.add("pkcs #12");
        StringArgument stringArgument11 = new StringArgument((Character) null, "keystore-type", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), CertMessages.INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_KS_TYPE_DESC.get(), (Set<String>) linkedHashSet3);
        stringArgument11.addLongIdentifier("keystoreType", true);
        stringArgument11.addLongIdentifier("storetype", true);
        argumentParser5.addArgument(stringArgument11);
        StringArgument stringArgument12 = new StringArgument(null, MimeTypesReaderMetKeys.ALIAS_TAG, true, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), CertMessages.INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_ALIAS_DESC.get());
        stringArgument12.addLongIdentifier("nickname", true);
        argumentParser5.addArgument(stringArgument12);
        FileArgument fileArgument12 = new FileArgument(null, "certificate-file", true, 0, null, CertMessages.INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_CERT_FILE_DESC.get(), true, true, true, false);
        fileArgument12.addLongIdentifier("certificateFile", true);
        fileArgument12.addLongIdentifier("certificate-chain-file", true);
        fileArgument12.addLongIdentifier("certificateChainFile", true);
        fileArgument12.addLongIdentifier("input-file", true);
        fileArgument12.addLongIdentifier("inputFile", true);
        fileArgument12.addLongIdentifier("import-file", true);
        fileArgument12.addLongIdentifier("importFile", true);
        fileArgument12.addLongIdentifier("file", true);
        fileArgument12.addLongIdentifier(HttpPostBodyUtil.FILENAME, true);
        argumentParser5.addArgument(fileArgument12);
        FileArgument fileArgument13 = new FileArgument(null, "private-key-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_KEY_FILE_DESC.get(), true, true, true, false);
        fileArgument13.addLongIdentifier("privateKeyFile", true);
        fileArgument13.addLongIdentifier("key-file", true);
        fileArgument13.addLongIdentifier("keyFile", true);
        argumentParser5.addArgument(fileArgument13);
        StringArgument stringArgument13 = new StringArgument(null, "private-key-password", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), CertMessages.INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_PK_PW_DESC.get());
        stringArgument13.addLongIdentifier("privateKeyPassword", true);
        stringArgument13.addLongIdentifier("private-key-passphrase", true);
        stringArgument13.addLongIdentifier("privateKeyPassphrase", true);
        stringArgument13.addLongIdentifier("private-key-pin", true);
        stringArgument13.addLongIdentifier("privateKeyPIN", true);
        stringArgument13.addLongIdentifier("key-password", true);
        stringArgument13.addLongIdentifier("keyPassword", true);
        stringArgument13.addLongIdentifier("key-passphrase", true);
        stringArgument13.addLongIdentifier("keyPassphrase", true);
        stringArgument13.addLongIdentifier("key-pin", true);
        stringArgument13.addLongIdentifier("keyPIN", true);
        stringArgument13.addLongIdentifier("keypass", true);
        stringArgument13.setSensitive(true);
        argumentParser5.addArgument(stringArgument13);
        FileArgument fileArgument14 = new FileArgument(null, "private-key-password-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_PK_PW_FILE_DESC.get(), true, true, true, false);
        fileArgument14.addLongIdentifier("privateKeyPasswordFile", true);
        fileArgument14.addLongIdentifier("private-key-passphrase-file", true);
        fileArgument14.addLongIdentifier("privateKeyPassphraseFile", true);
        fileArgument14.addLongIdentifier("private-key-pin-file", true);
        fileArgument14.addLongIdentifier("privateKeyPINFile", true);
        fileArgument14.addLongIdentifier("key-password-file", true);
        fileArgument14.addLongIdentifier("keyPasswordFile", true);
        fileArgument14.addLongIdentifier("key-passphrase-file", true);
        fileArgument14.addLongIdentifier("keyPassphraseFile", true);
        fileArgument14.addLongIdentifier("key-pin-file", true);
        fileArgument14.addLongIdentifier("keyPINFile", true);
        argumentParser5.addArgument(fileArgument14);
        BooleanArgument booleanArgument11 = new BooleanArgument(null, "prompt-for-private-key-password", CertMessages.INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_PROMPT_FOR_PK_PW_DESC.get());
        booleanArgument11.addLongIdentifier("promptForPrivateKeyPassword", true);
        booleanArgument11.addLongIdentifier("prompt-for-private-key-passphrase", true);
        booleanArgument11.addLongIdentifier("promptForPrivateKeyPassphrase", true);
        booleanArgument11.addLongIdentifier("prompt-for-private-key-pin", true);
        booleanArgument11.addLongIdentifier("promptForPrivateKeyPIN", true);
        booleanArgument11.addLongIdentifier("prompt-for-key-password", true);
        booleanArgument11.addLongIdentifier("promptForKeyPassword", true);
        booleanArgument11.addLongIdentifier("prompt-for-key-passphrase", true);
        booleanArgument11.addLongIdentifier("promptForKeyPassphrase", true);
        booleanArgument11.addLongIdentifier("prompt-for-key-pin", true);
        booleanArgument11.addLongIdentifier("promptForKeyPIN", true);
        argumentParser5.addArgument(booleanArgument11);
        BooleanArgument booleanArgument12 = new BooleanArgument(null, "no-prompt", 1, CertMessages.INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_NO_PROMPT_DESC.get());
        booleanArgument12.addLongIdentifier("noPrompt", true);
        argumentParser5.addArgument(booleanArgument12);
        BooleanArgument booleanArgument13 = new BooleanArgument(null, "display-keytool-command", 1, CertMessages.INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_DISPLAY_COMMAND_DESC.get());
        booleanArgument13.addLongIdentifier("displayKeytoolCommand", true);
        booleanArgument13.addLongIdentifier("show-keytool-command", true);
        booleanArgument13.addLongIdentifier("showKeytoolCommand", true);
        argumentParser5.addArgument(booleanArgument13);
        argumentParser5.addRequiredArgumentSet(stringArgument10, fileArgument11, booleanArgument10);
        argumentParser5.addExclusiveArgumentSet(stringArgument10, fileArgument11, booleanArgument10);
        argumentParser5.addExclusiveArgumentSet(stringArgument13, fileArgument14, booleanArgument11);
        LinkedHashMap linkedHashMap4 = new LinkedHashMap(2);
        linkedHashMap4.put(new String[]{"import-certificate", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "server-cert", "--certificate-file", "server-cert.crt"}, CertMessages.INFO_MANAGE_CERTS_SC_IMPORT_CERT_EXAMPLE_1.get());
        linkedHashMap4.put(new String[]{"import-certificate", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "server-cert", "--certificate-file", "server-cert.crt", "--certificate-file", "server-cert-issuer.crt", "--private-key-file", "server-cert.key", "--display-keytool-command"}, CertMessages.INFO_MANAGE_CERTS_SC_IMPORT_CERT_EXAMPLE_2.get());
        SubCommand subCommand4 = new SubCommand("import-certificate", CertMessages.INFO_MANAGE_CERTS_SC_IMPORT_CERT_DESC.get(), argumentParser5, linkedHashMap4);
        subCommand4.addName("importCertificate", true);
        subCommand4.addName("import-certificates", true);
        subCommand4.addName("importCertificates", true);
        subCommand4.addName("import-cert", true);
        subCommand4.addName("importCert", true);
        subCommand4.addName("import-certs", true);
        subCommand4.addName("importCerts", true);
        subCommand4.addName("import-certificate-chain", true);
        subCommand4.addName("importCertificateChain", true);
        subCommand4.addName("import-chain", true);
        subCommand4.addName("importChain", true);
        subCommand4.addName("import", false);
        argumentParser.addSubCommand(subCommand4);
        ArgumentParser argumentParser6 = new ArgumentParser("delete-certificate", CertMessages.INFO_MANAGE_CERTS_SC_DELETE_CERT_DESC.get());
        FileArgument fileArgument15 = new FileArgument(null, "keystore", true, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_DELETE_CERT_ARG_KS_DESC.get(), true, true, true, false);
        fileArgument15.addLongIdentifier("keystore-path", true);
        fileArgument15.addLongIdentifier("keystorePath", true);
        fileArgument15.addLongIdentifier("keystore-file", true);
        fileArgument15.addLongIdentifier("keystoreFile", true);
        argumentParser6.addArgument(fileArgument15);
        StringArgument stringArgument14 = new StringArgument(null, "keystore-password", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), CertMessages.INFO_MANAGE_CERTS_SC_DELETE_CERT_ARG_KS_PW_DESC.get());
        stringArgument14.addLongIdentifier("keystorePassword", true);
        stringArgument14.addLongIdentifier("keystore-passphrase", true);
        stringArgument14.addLongIdentifier("keystorePassphrase", true);
        stringArgument14.addLongIdentifier("keystore-pin", true);
        stringArgument14.addLongIdentifier("keystorePIN", true);
        stringArgument14.addLongIdentifier("storepass", true);
        stringArgument14.setSensitive(true);
        argumentParser6.addArgument(stringArgument14);
        FileArgument fileArgument16 = new FileArgument(null, "keystore-password-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_DELETE_CERT_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
        fileArgument16.addLongIdentifier("keystorePasswordFile", true);
        fileArgument16.addLongIdentifier("keystore-passphrase-file", true);
        fileArgument16.addLongIdentifier("keystorePassphraseFile", true);
        fileArgument16.addLongIdentifier("keystore-pin-file", true);
        fileArgument16.addLongIdentifier("keystorePINFile", true);
        argumentParser6.addArgument(fileArgument16);
        BooleanArgument booleanArgument14 = new BooleanArgument(null, "prompt-for-keystore-password", CertMessages.INFO_MANAGE_CERTS_SC_DELETE_CERT_ARG_PROMPT_FOR_KS_PW_DESC.get());
        booleanArgument14.addLongIdentifier("promptForKeystorePassword", true);
        booleanArgument14.addLongIdentifier("prompt-for-keystore-passphrase", true);
        booleanArgument14.addLongIdentifier("promptForKeystorePassphrase", true);
        booleanArgument14.addLongIdentifier("prompt-for-keystore-pin", true);
        booleanArgument14.addLongIdentifier("promptForKeystorePIN", true);
        argumentParser6.addArgument(booleanArgument14);
        StringArgument stringArgument15 = new StringArgument(null, MimeTypesReaderMetKeys.ALIAS_TAG, true, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), CertMessages.INFO_MANAGE_CERTS_SC_DELETE_CERT_ARG_ALIAS_DESC.get());
        stringArgument15.addLongIdentifier("nickname", true);
        argumentParser6.addArgument(stringArgument15);
        BooleanArgument booleanArgument15 = new BooleanArgument(null, "no-prompt", 1, CertMessages.INFO_MANAGE_CERTS_SC_DELETE_CERT_ARG_NO_PROMPT_DESC.get());
        booleanArgument15.addLongIdentifier("noPrompt", true);
        argumentParser6.addArgument(booleanArgument15);
        BooleanArgument booleanArgument16 = new BooleanArgument(null, "display-keytool-command", 1, CertMessages.INFO_MANAGE_CERTS_SC_DELETE_CERT_ARG_DISPLAY_COMMAND_DESC.get());
        booleanArgument16.addLongIdentifier("displayKeytoolCommand", true);
        booleanArgument16.addLongIdentifier("show-keytool-command", true);
        booleanArgument16.addLongIdentifier("showKeytoolCommand", true);
        argumentParser6.addArgument(booleanArgument16);
        argumentParser6.addExclusiveArgumentSet(stringArgument14, fileArgument16, booleanArgument14);
        argumentParser6.addRequiredArgumentSet(stringArgument14, fileArgument16, booleanArgument14);
        LinkedHashMap linkedHashMap5 = new LinkedHashMap(1);
        linkedHashMap5.put(new String[]{"delete-certificate", "--keystore", getPlatformSpecificPath("config", "keystore"), BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "server-cert"}, CertMessages.INFO_MANAGE_CERTS_SC_DELETE_CERT_EXAMPLE_1.get(getPlatformSpecificPath("config", "keystore")));
        SubCommand subCommand5 = new SubCommand("delete-certificate", CertMessages.INFO_MANAGE_CERTS_SC_DELETE_CERT_DESC.get(), argumentParser6, linkedHashMap5);
        subCommand5.addName("deleteCertificate", true);
        subCommand5.addName("remove-certificate", false);
        subCommand5.addName("removeCertificate", true);
        subCommand5.addName("delete", false);
        subCommand5.addName(SMILConstants.SMIL_REMOVE_VALUE, false);
        argumentParser.addSubCommand(subCommand5);
        ArgumentParser argumentParser7 = new ArgumentParser("generate-self-signed-certificate", CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_DESC.get());
        FileArgument fileArgument17 = new FileArgument(null, "keystore", true, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_KS_DESC.get(), false, true, true, false);
        fileArgument17.addLongIdentifier("keystore-path", true);
        fileArgument17.addLongIdentifier("keystorePath", true);
        fileArgument17.addLongIdentifier("keystore-file", true);
        fileArgument17.addLongIdentifier("keystoreFile", true);
        argumentParser7.addArgument(fileArgument17);
        StringArgument stringArgument16 = new StringArgument(null, "keystore-password", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_KS_PW_DESC.get());
        stringArgument16.addLongIdentifier("keystorePassword", true);
        stringArgument16.addLongIdentifier("keystore-passphrase", true);
        stringArgument16.addLongIdentifier("keystorePassphrase", true);
        stringArgument16.addLongIdentifier("keystore-pin", true);
        stringArgument16.addLongIdentifier("keystorePIN", true);
        stringArgument16.addLongIdentifier("storepass", true);
        stringArgument16.setSensitive(true);
        argumentParser7.addArgument(stringArgument16);
        FileArgument fileArgument18 = new FileArgument(null, "keystore-password-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
        fileArgument18.addLongIdentifier("keystorePasswordFile", true);
        fileArgument18.addLongIdentifier("keystore-passphrase-file", true);
        fileArgument18.addLongIdentifier("keystorePassphraseFile", true);
        fileArgument18.addLongIdentifier("keystore-pin-file", true);
        fileArgument18.addLongIdentifier("keystorePINFile", true);
        argumentParser7.addArgument(fileArgument18);
        BooleanArgument booleanArgument17 = new BooleanArgument(null, "prompt-for-keystore-password", CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_PROMPT_FOR_KS_PW_DESC.get());
        booleanArgument17.addLongIdentifier("promptForKeystorePassword", true);
        booleanArgument17.addLongIdentifier("prompt-for-keystore-passphrase", true);
        booleanArgument17.addLongIdentifier("promptForKeystorePassphrase", true);
        booleanArgument17.addLongIdentifier("prompt-for-keystore-pin", true);
        booleanArgument17.addLongIdentifier("promptForKeystorePIN", true);
        argumentParser7.addArgument(booleanArgument17);
        StringArgument stringArgument17 = new StringArgument(null, "private-key-password", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_PK_PW_DESC.get());
        stringArgument17.addLongIdentifier("privateKeyPassword", true);
        stringArgument17.addLongIdentifier("private-key-passphrase", true);
        stringArgument17.addLongIdentifier("privateKeyPassphrase", true);
        stringArgument17.addLongIdentifier("private-key-pin", true);
        stringArgument17.addLongIdentifier("privateKeyPIN", true);
        stringArgument17.addLongIdentifier("key-password", true);
        stringArgument17.addLongIdentifier("keyPassword", true);
        stringArgument17.addLongIdentifier("key-passphrase", true);
        stringArgument17.addLongIdentifier("keyPassphrase", true);
        stringArgument17.addLongIdentifier("key-pin", true);
        stringArgument17.addLongIdentifier("keyPIN", true);
        stringArgument17.addLongIdentifier("keypass", true);
        stringArgument17.setSensitive(true);
        argumentParser7.addArgument(stringArgument17);
        FileArgument fileArgument19 = new FileArgument(null, "private-key-password-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_PK_PW_FILE_DESC.get(), true, true, true, false);
        fileArgument19.addLongIdentifier("privateKeyPasswordFile", true);
        fileArgument19.addLongIdentifier("private-key-passphrase-file", true);
        fileArgument19.addLongIdentifier("privateKeyPassphraseFile", true);
        fileArgument19.addLongIdentifier("private-key-pin-file", true);
        fileArgument19.addLongIdentifier("privateKeyPINFile", true);
        fileArgument19.addLongIdentifier("key-password-file", true);
        fileArgument19.addLongIdentifier("keyPasswordFile", true);
        fileArgument19.addLongIdentifier("key-passphrase-file", true);
        fileArgument19.addLongIdentifier("keyPassphraseFile", true);
        fileArgument19.addLongIdentifier("key-pin-file", true);
        fileArgument19.addLongIdentifier("keyPINFile", true);
        argumentParser7.addArgument(fileArgument19);
        BooleanArgument booleanArgument18 = new BooleanArgument(null, "prompt-for-private-key-password", CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_PROMPT_FOR_PK_PW_DESC.get());
        booleanArgument18.addLongIdentifier("promptForPrivateKeyPassword", true);
        booleanArgument18.addLongIdentifier("prompt-for-private-key-passphrase", true);
        booleanArgument18.addLongIdentifier("promptForPrivateKeyPassphrase", true);
        booleanArgument18.addLongIdentifier("prompt-for-private-key-pin", true);
        booleanArgument18.addLongIdentifier("promptForPrivateKeyPIN", true);
        booleanArgument18.addLongIdentifier("prompt-for-key-password", true);
        booleanArgument18.addLongIdentifier("promptForKeyPassword", true);
        booleanArgument18.addLongIdentifier("prompt-for-key-passphrase", true);
        booleanArgument18.addLongIdentifier("promptForKeyPassphrase", true);
        booleanArgument18.addLongIdentifier("prompt-for-key-pin", true);
        booleanArgument18.addLongIdentifier("promptForKeyPIN", true);
        argumentParser7.addArgument(booleanArgument18);
        LinkedHashSet linkedHashSet4 = new LinkedHashSet(2);
        linkedHashSet4.add("jks");
        linkedHashSet4.add("pkcs12");
        linkedHashSet4.add("pkcs 12");
        linkedHashSet4.add("pkcs#12");
        linkedHashSet4.add("pkcs #12");
        StringArgument stringArgument18 = new StringArgument((Character) null, "keystore-type", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_KS_TYPE_DESC.get(), (Set<String>) linkedHashSet4);
        stringArgument18.addLongIdentifier("keystoreType", true);
        stringArgument18.addLongIdentifier("storetype", true);
        argumentParser7.addArgument(stringArgument18);
        StringArgument stringArgument19 = new StringArgument(null, MimeTypesReaderMetKeys.ALIAS_TAG, true, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_ALIAS_DESC.get());
        stringArgument19.addLongIdentifier("nickname", true);
        argumentParser7.addArgument(stringArgument19);
        BooleanArgument booleanArgument19 = new BooleanArgument(null, "replace-existing-certificate", 1, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_REPLACE_DESC.get());
        booleanArgument19.addLongIdentifier("replaceExistingCertificate", true);
        booleanArgument19.addLongIdentifier("replace-certificate", true);
        booleanArgument19.addLongIdentifier("replaceCertificate", true);
        booleanArgument19.addLongIdentifier("replace-existing", true);
        booleanArgument19.addLongIdentifier("replaceExisting", true);
        booleanArgument19.addLongIdentifier("replace", true);
        argumentParser7.addArgument(booleanArgument19);
        DNArgument dNArgument = new DNArgument(null, "subject-dn", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_SUBJECT_DN_DESC.get());
        dNArgument.addLongIdentifier("subjectDN", true);
        dNArgument.addLongIdentifier("subject", true);
        dNArgument.addLongIdentifier("dname", true);
        argumentParser7.addArgument(dNArgument);
        IntegerArgument integerArgument = new IntegerArgument(null, "days-valid", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_DAYS_VALID_DESC.get(), 1, Integer.MAX_VALUE);
        integerArgument.addLongIdentifier("daysValid", true);
        integerArgument.addLongIdentifier("validity", true);
        argumentParser7.addArgument(integerArgument);
        TimestampArgument timestampArgument = new TimestampArgument(null, "validity-start-time", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_TIMESTAMP.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_VALIDITY_START_TIME_DESC.get());
        timestampArgument.addLongIdentifier("validityStartTime", true);
        timestampArgument.addLongIdentifier("not-before", true);
        timestampArgument.addLongIdentifier("notBefore", true);
        argumentParser7.addArgument(timestampArgument);
        StringArgument stringArgument20 = new StringArgument(null, "key-algorithm", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_KEY_ALGORITHM_DESC.get());
        stringArgument20.addLongIdentifier("keyAlgorithm", true);
        stringArgument20.addLongIdentifier("key-alg", true);
        stringArgument20.addLongIdentifier("keyAlg", true);
        argumentParser7.addArgument(stringArgument20);
        IntegerArgument integerArgument2 = new IntegerArgument(null, "key-size-bits", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_BITS.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_KEY_ALGORITHM_DESC.get(), 1, Integer.MAX_VALUE);
        integerArgument2.addLongIdentifier("keySizeBits", true);
        integerArgument2.addLongIdentifier("key-length-bits", true);
        integerArgument2.addLongIdentifier("keyLengthBits", true);
        integerArgument2.addLongIdentifier("key-size", true);
        integerArgument2.addLongIdentifier("keySize", true);
        integerArgument2.addLongIdentifier("key-length", true);
        integerArgument2.addLongIdentifier("keyLength", true);
        argumentParser7.addArgument(integerArgument2);
        StringArgument stringArgument21 = new StringArgument(null, "signature-algorithm", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_SIG_ALG_DESC.get());
        stringArgument21.addLongIdentifier("signatureAlgorithm", true);
        stringArgument21.addLongIdentifier("signature-alg", true);
        stringArgument21.addLongIdentifier("signatureAlg", true);
        stringArgument21.addLongIdentifier("sig-alg", true);
        stringArgument21.addLongIdentifier("sigAlg", true);
        argumentParser7.addArgument(stringArgument21);
        BooleanArgument booleanArgument20 = new BooleanArgument(null, "inherit-extensions", 1, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_INHERIT_EXT_DESC.get());
        booleanArgument20.addLongIdentifier("inheritExtensions", true);
        argumentParser7.addArgument(booleanArgument20);
        StringArgument stringArgument22 = new StringArgument(null, "subject-alternative-name-dns", false, 0, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_SAN_DNS_DESC.get());
        stringArgument22.addLongIdentifier("subjectAlternativeNameDNS", true);
        stringArgument22.addLongIdentifier("subject-alt-name-dns", true);
        stringArgument22.addLongIdentifier("subjectAltNameDNS", true);
        stringArgument22.addLongIdentifier("subject-alternative-dns", true);
        stringArgument22.addLongIdentifier("subjectAlternativeDNS", true);
        stringArgument22.addLongIdentifier("subject-alt-dns", true);
        stringArgument22.addLongIdentifier("subjectAltDNS", true);
        stringArgument22.addLongIdentifier("san-dns", true);
        stringArgument22.addLongIdentifier("sanDNS", true);
        argumentParser7.addArgument(stringArgument22);
        StringArgument stringArgument23 = new StringArgument(null, "subject-alternative-name-ip-address", false, 0, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_SAN_IP_DESC.get());
        stringArgument23.addLongIdentifier("subjectAlternativeNameIPAddress", true);
        stringArgument23.addLongIdentifier("subject-alternative-name-ip", true);
        stringArgument23.addLongIdentifier("subjectAlternativeNameIP", true);
        stringArgument23.addLongIdentifier("subject-alt-name-ip-address", true);
        stringArgument23.addLongIdentifier("subjectAltNameIPAddress", true);
        stringArgument23.addLongIdentifier("subject-alt-name-ip", true);
        stringArgument23.addLongIdentifier("subjectAltNameIP", true);
        stringArgument23.addLongIdentifier("subject-alternative-ip-address", true);
        stringArgument23.addLongIdentifier("subjectAlternativeIPAddress", true);
        stringArgument23.addLongIdentifier("subject-alternative-ip", true);
        stringArgument23.addLongIdentifier("subjectAlternativeIP", true);
        stringArgument23.addLongIdentifier("subject-alt-ip-address", true);
        stringArgument23.addLongIdentifier("subjectAltIPAddress", true);
        stringArgument23.addLongIdentifier("subject-alt-ip", true);
        stringArgument23.addLongIdentifier("subjectAltIP", true);
        stringArgument23.addLongIdentifier("san-ip-address", true);
        stringArgument23.addLongIdentifier("sanIPAddress", true);
        stringArgument23.addLongIdentifier("san-ip", true);
        stringArgument23.addLongIdentifier("sanIP", true);
        stringArgument23.addValueValidator(new IPAddressArgumentValueValidator(true, true));
        argumentParser7.addArgument(stringArgument23);
        StringArgument stringArgument24 = new StringArgument(null, "subject-alternative-name-email-address", false, 0, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_SAN_EMAIL_DESC.get());
        stringArgument24.addLongIdentifier("subjectAlternativeNameEmailAddress", true);
        stringArgument24.addLongIdentifier("subject-alternative-name-email", true);
        stringArgument24.addLongIdentifier("subjectAlternativeNameEmail", true);
        stringArgument24.addLongIdentifier("subject-alt-name-email-address", true);
        stringArgument24.addLongIdentifier("subjectAltNameEmailAddress", true);
        stringArgument24.addLongIdentifier("subject-alt-name-email", true);
        stringArgument24.addLongIdentifier("subjectAltNameEmail", true);
        stringArgument24.addLongIdentifier("subject-alternative-email-address", true);
        stringArgument24.addLongIdentifier("subjectAlternativeEmailAddress", true);
        stringArgument24.addLongIdentifier("subject-alternative-email", true);
        stringArgument24.addLongIdentifier("subjectAlternativeEmail", true);
        stringArgument24.addLongIdentifier("subject-alt-email-address", true);
        stringArgument24.addLongIdentifier("subjectAltEmailAddress", true);
        stringArgument24.addLongIdentifier("subject-alt-email", true);
        stringArgument24.addLongIdentifier("subjectAltEmail", true);
        stringArgument24.addLongIdentifier("san-email-address", true);
        stringArgument24.addLongIdentifier("sanEmailAddress", true);
        stringArgument24.addLongIdentifier("san-email", true);
        stringArgument24.addLongIdentifier("sanEmail", true);
        argumentParser7.addArgument(stringArgument24);
        StringArgument stringArgument25 = new StringArgument(null, "subject-alternative-name-uri", false, 0, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_URI.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_SAN_URI_DESC.get());
        stringArgument25.addLongIdentifier("subjectAlternativeNameURI", true);
        stringArgument25.addLongIdentifier("subject-alt-name-uri", true);
        stringArgument25.addLongIdentifier("subjectAltNameURI", true);
        stringArgument25.addLongIdentifier("subject-alternative-uri", true);
        stringArgument25.addLongIdentifier("subjectAlternativeURI", true);
        stringArgument25.addLongIdentifier("subject-alt-uri", true);
        stringArgument25.addLongIdentifier("subjectAltURI", true);
        stringArgument25.addLongIdentifier("san-uri", true);
        stringArgument25.addLongIdentifier("sanURI", true);
        argumentParser7.addArgument(stringArgument25);
        StringArgument stringArgument26 = new StringArgument(null, "subject-alternative-name-oid", false, 0, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_OID.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_SAN_OID_DESC.get());
        stringArgument26.addLongIdentifier("subjectAlternativeNameOID", true);
        stringArgument26.addLongIdentifier("subject-alt-name-oid", true);
        stringArgument26.addLongIdentifier("subjectAltNameOID", true);
        stringArgument26.addLongIdentifier("subject-alternative-oid", true);
        stringArgument26.addLongIdentifier("subjectAlternativeOID", true);
        stringArgument26.addLongIdentifier("subject-alt-oid", true);
        stringArgument26.addLongIdentifier("subjectAltOID", true);
        stringArgument26.addLongIdentifier("san-oid", true);
        stringArgument26.addLongIdentifier("sanOID", true);
        stringArgument26.addValueValidator(new OIDArgumentValueValidator(true));
        argumentParser7.addArgument(stringArgument26);
        BooleanValueArgument booleanValueArgument = new BooleanValueArgument(null, "basic-constraints-is-ca", false, null, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_BC_IS_CA_DESC.get());
        booleanValueArgument.addLongIdentifier("basicConstraintsIsCA", true);
        booleanValueArgument.addLongIdentifier("bc-is-ca", true);
        booleanValueArgument.addLongIdentifier("bcIsCA", true);
        argumentParser7.addArgument(booleanValueArgument);
        IntegerArgument integerArgument3 = new IntegerArgument(null, "basic-constraints-maximum-path-length", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_BC_PATH_LENGTH_DESC.get(), 1, Integer.MAX_VALUE);
        integerArgument3.addLongIdentifier("basicConstraintsMaximumPathLength", true);
        integerArgument3.addLongIdentifier("basic-constraints-max-path-length", true);
        integerArgument3.addLongIdentifier("basicConstraintsMaxPathLength", true);
        integerArgument3.addLongIdentifier("basic-constraints-path-length", true);
        integerArgument3.addLongIdentifier("basicConstraintsPathLength", true);
        integerArgument3.addLongIdentifier("bc-maximum-path-length", true);
        integerArgument3.addLongIdentifier("bcMaximumPathLength", true);
        integerArgument3.addLongIdentifier("bc-max-path-length", true);
        integerArgument3.addLongIdentifier("bcMaxPathLength", true);
        integerArgument3.addLongIdentifier("bc-path-length", true);
        integerArgument3.addLongIdentifier("bcPathLength", true);
        argumentParser7.addArgument(integerArgument3);
        StringArgument stringArgument27 = new StringArgument(null, "key-usage", false, 0, null, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_KU_DESC.get());
        stringArgument27.addLongIdentifier("keyUsage", true);
        argumentParser7.addArgument(stringArgument27);
        StringArgument stringArgument28 = new StringArgument(null, "extended-key-usage", false, 0, null, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_EKU_DESC.get());
        stringArgument28.addLongIdentifier("extendedKeyUsage", true);
        argumentParser7.addArgument(stringArgument28);
        StringArgument stringArgument29 = new StringArgument(null, "extension", false, 0, null, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_EXT_DESC.get());
        stringArgument29.addLongIdentifier("ext", true);
        argumentParser7.addArgument(stringArgument29);
        BooleanArgument booleanArgument21 = new BooleanArgument(null, "display-keytool-command", 1, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_DISPLAY_COMMAND_DESC.get());
        booleanArgument21.addLongIdentifier("displayKeytoolCommand", true);
        booleanArgument21.addLongIdentifier("show-keytool-command", true);
        booleanArgument21.addLongIdentifier("showKeytoolCommand", true);
        argumentParser7.addArgument(booleanArgument21);
        argumentParser7.addRequiredArgumentSet(stringArgument16, fileArgument18, booleanArgument17);
        argumentParser7.addExclusiveArgumentSet(stringArgument16, fileArgument18, booleanArgument17);
        argumentParser7.addExclusiveArgumentSet(stringArgument17, fileArgument19, booleanArgument18);
        argumentParser7.addExclusiveArgumentSet(booleanArgument19, stringArgument20, new Argument[0]);
        argumentParser7.addExclusiveArgumentSet(booleanArgument19, integerArgument2, new Argument[0]);
        argumentParser7.addExclusiveArgumentSet(booleanArgument19, stringArgument21, new Argument[0]);
        argumentParser7.addDependentArgumentSet(integerArgument3, booleanValueArgument, new Argument[0]);
        LinkedHashMap linkedHashMap6 = new LinkedHashMap(4);
        linkedHashMap6.put(new String[]{"generate-self-signed-certificate", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "server-cert", "--subject-dn", "CN=ldap.example.com,O=Example Corp,C=US"}, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_EXAMPLE_1.get());
        linkedHashMap6.put(new String[]{"generate-self-signed-certificate", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "server-cert", "--replace-existing-certificate", "--inherit-extensions"}, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_EXAMPLE_2.get());
        linkedHashMap6.put(new String[]{"generate-self-signed-certificate", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "server-cert", "--subject-dn", "CN=ldap.example.com,O=Example Corp,C=US", "--days-valid", "3650", "--validity-start-time", "20170101000000", "--key-algorithm", "RSA", "--key-size-bits", "4096", "--signature-algorithm", "SHA256withRSA", "--subject-alternative-name-dns", "ldap1.example.com", "--subject-alternative-name-dns", "ldap2.example.com", "--subject-alternative-name-ip-address", "1.2.3.4", "--subject-alternative-name-ip-address", "1.2.3.5", "--extended-key-usage", "server-auth", "--extended-key-usage", "client-auth", "--display-keytool-command"}, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_EXAMPLE_3.get());
        linkedHashMap6.put(new String[]{"generate-self-signed-certificate", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "ca-cert", "--subject-dn", "CN=Example Certification Authority,O=Example Corp,C=US", "--days-valid", "7300", "--validity-start-time", "20170101000000", "--key-algorithm", "EC", "--key-size-bits", "256", "--signature-algorithm", "SHA256withECDSA", "--basic-constraints-is-ca", "true", "--key-usage", "key-cert-sign", "--key-usage", "crl-sign", "--display-keytool-command"}, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_EXAMPLE_4.get());
        SubCommand subCommand6 = new SubCommand("generate-self-signed-certificate", CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_DESC.get(), argumentParser7, linkedHashMap6);
        subCommand6.addName("generateSelfSignedCertificate", true);
        subCommand6.addName("generate-certificate", false);
        subCommand6.addName("generateCertificate", true);
        subCommand6.addName("self-signed-certificate", true);
        subCommand6.addName("selfSignedCertificate", true);
        subCommand6.addName("selfcert", true);
        argumentParser.addSubCommand(subCommand6);
        ArgumentParser argumentParser8 = new ArgumentParser("generate-certificate-signing-request", CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_DESC.get());
        LinkedHashSet linkedHashSet5 = new LinkedHashSet(7);
        linkedHashSet5.add("PEM");
        linkedHashSet5.add("text");
        linkedHashSet5.add("txt");
        linkedHashSet5.add("RFC");
        linkedHashSet5.add("DER");
        linkedHashSet5.add("binary");
        linkedHashSet5.add("bin");
        StringArgument stringArgument30 = new StringArgument((Character) null, "output-format", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_FORMAT.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_FORMAT_DESC.get(), (Set<String>) linkedHashSet5, "PEM");
        stringArgument30.addLongIdentifier("outputFormat");
        argumentParser8.addArgument(stringArgument30);
        FileArgument fileArgument20 = new FileArgument(null, "output-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_OUTPUT_FILE_DESC.get(), false, true, true, false);
        fileArgument20.addLongIdentifier("outputFile", true);
        fileArgument20.addLongIdentifier(HttpPostBodyUtil.FILENAME, true);
        fileArgument20.addLongIdentifier("file", true);
        argumentParser8.addArgument(fileArgument20);
        FileArgument fileArgument21 = new FileArgument(null, "keystore", true, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_KS_DESC.get(), false, true, true, false);
        fileArgument21.addLongIdentifier("keystore-path", true);
        fileArgument21.addLongIdentifier("keystorePath", true);
        fileArgument21.addLongIdentifier("keystore-file", true);
        fileArgument21.addLongIdentifier("keystoreFile", true);
        argumentParser8.addArgument(fileArgument21);
        StringArgument stringArgument31 = new StringArgument(null, "keystore-password", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_KS_PW_DESC.get());
        stringArgument31.addLongIdentifier("keystorePassword", true);
        stringArgument31.addLongIdentifier("keystore-passphrase", true);
        stringArgument31.addLongIdentifier("keystorePassphrase", true);
        stringArgument31.addLongIdentifier("keystore-pin", true);
        stringArgument31.addLongIdentifier("keystorePIN", true);
        stringArgument31.addLongIdentifier("storepass", true);
        stringArgument31.setSensitive(true);
        argumentParser8.addArgument(stringArgument31);
        FileArgument fileArgument22 = new FileArgument(null, "keystore-password-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
        fileArgument22.addLongIdentifier("keystorePasswordFile", true);
        fileArgument22.addLongIdentifier("keystore-passphrase-file", true);
        fileArgument22.addLongIdentifier("keystorePassphraseFile", true);
        fileArgument22.addLongIdentifier("keystore-pin-file", true);
        fileArgument22.addLongIdentifier("keystorePINFile", true);
        argumentParser8.addArgument(fileArgument22);
        BooleanArgument booleanArgument22 = new BooleanArgument(null, "prompt-for-keystore-password", CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_PROMPT_FOR_KS_PW_DESC.get());
        booleanArgument22.addLongIdentifier("promptForKeystorePassword", true);
        booleanArgument22.addLongIdentifier("prompt-for-keystore-passphrase", true);
        booleanArgument22.addLongIdentifier("promptForKeystorePassphrase", true);
        booleanArgument22.addLongIdentifier("prompt-for-keystore-pin", true);
        booleanArgument22.addLongIdentifier("promptForKeystorePIN", true);
        argumentParser8.addArgument(booleanArgument22);
        StringArgument stringArgument32 = new StringArgument(null, "private-key-password", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_PK_PW_DESC.get());
        stringArgument32.addLongIdentifier("privateKeyPassword", true);
        stringArgument32.addLongIdentifier("private-key-passphrase", true);
        stringArgument32.addLongIdentifier("privateKeyPassphrase", true);
        stringArgument32.addLongIdentifier("private-key-pin", true);
        stringArgument32.addLongIdentifier("privateKeyPIN", true);
        stringArgument32.addLongIdentifier("key-password", true);
        stringArgument32.addLongIdentifier("keyPassword", true);
        stringArgument32.addLongIdentifier("key-passphrase", true);
        stringArgument32.addLongIdentifier("keyPassphrase", true);
        stringArgument32.addLongIdentifier("key-pin", true);
        stringArgument32.addLongIdentifier("keyPIN", true);
        stringArgument32.addLongIdentifier("keypass", true);
        stringArgument32.setSensitive(true);
        argumentParser8.addArgument(stringArgument32);
        FileArgument fileArgument23 = new FileArgument(null, "private-key-password-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_PK_PW_FILE_DESC.get(), true, true, true, false);
        fileArgument23.addLongIdentifier("privateKeyPasswordFile", true);
        fileArgument23.addLongIdentifier("private-key-passphrase-file", true);
        fileArgument23.addLongIdentifier("privateKeyPassphraseFile", true);
        fileArgument23.addLongIdentifier("private-key-pin-file", true);
        fileArgument23.addLongIdentifier("privateKeyPINFile", true);
        fileArgument23.addLongIdentifier("key-password-file", true);
        fileArgument23.addLongIdentifier("keyPasswordFile", true);
        fileArgument23.addLongIdentifier("key-passphrase-file", true);
        fileArgument23.addLongIdentifier("keyPassphraseFile", true);
        fileArgument23.addLongIdentifier("key-pin-file", true);
        fileArgument23.addLongIdentifier("keyPINFile", true);
        argumentParser8.addArgument(fileArgument23);
        BooleanArgument booleanArgument23 = new BooleanArgument(null, "prompt-for-private-key-password", CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_PROMPT_FOR_PK_PW_DESC.get());
        booleanArgument23.addLongIdentifier("promptForPrivateKeyPassword", true);
        booleanArgument23.addLongIdentifier("prompt-for-private-key-passphrase", true);
        booleanArgument23.addLongIdentifier("promptForPrivateKeyPassphrase", true);
        booleanArgument23.addLongIdentifier("prompt-for-private-key-pin", true);
        booleanArgument23.addLongIdentifier("promptForPrivateKeyPIN", true);
        booleanArgument23.addLongIdentifier("prompt-for-key-password", true);
        booleanArgument23.addLongIdentifier("promptForKeyPassword", true);
        booleanArgument23.addLongIdentifier("prompt-for-key-passphrase", true);
        booleanArgument23.addLongIdentifier("promptForKeyPassphrase", true);
        booleanArgument23.addLongIdentifier("prompt-for-key-pin", true);
        booleanArgument23.addLongIdentifier("promptForKeyPIN", true);
        argumentParser8.addArgument(booleanArgument23);
        LinkedHashSet linkedHashSet6 = new LinkedHashSet(2);
        linkedHashSet6.add("jks");
        linkedHashSet6.add("pkcs12");
        linkedHashSet6.add("pkcs 12");
        linkedHashSet6.add("pkcs#12");
        linkedHashSet6.add("pkcs #12");
        StringArgument stringArgument33 = new StringArgument((Character) null, "keystore-type", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_KS_TYPE_DESC.get(), (Set<String>) linkedHashSet6);
        stringArgument33.addLongIdentifier("keystoreType", true);
        stringArgument33.addLongIdentifier("storetype", true);
        argumentParser8.addArgument(stringArgument33);
        StringArgument stringArgument34 = new StringArgument(null, MimeTypesReaderMetKeys.ALIAS_TAG, true, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_ALIAS_DESC.get());
        stringArgument34.addLongIdentifier("nickname", true);
        argumentParser8.addArgument(stringArgument34);
        BooleanArgument booleanArgument24 = new BooleanArgument(null, "replace-existing-certificate", 1, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_REPLACE_DESC.get());
        booleanArgument24.addLongIdentifier("replaceExistingCertificate", true);
        booleanArgument24.addLongIdentifier("replace-certificate", true);
        booleanArgument24.addLongIdentifier("replaceCertificate", true);
        booleanArgument24.addLongIdentifier("replace-existing", true);
        booleanArgument24.addLongIdentifier("replaceExisting", true);
        booleanArgument24.addLongIdentifier("replace", true);
        argumentParser8.addArgument(booleanArgument24);
        DNArgument dNArgument2 = new DNArgument(null, "subject-dn", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_SUBJECT_DN_DESC.get());
        dNArgument2.addLongIdentifier("subjectDN", true);
        dNArgument2.addLongIdentifier("subject", true);
        dNArgument2.addLongIdentifier("dname", true);
        argumentParser8.addArgument(dNArgument2);
        StringArgument stringArgument35 = new StringArgument(null, "key-algorithm", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_KEY_ALGORITHM_DESC.get());
        stringArgument35.addLongIdentifier("keyAlgorithm", true);
        stringArgument35.addLongIdentifier("key-alg", true);
        stringArgument35.addLongIdentifier("keyAlg", true);
        argumentParser8.addArgument(stringArgument35);
        IntegerArgument integerArgument4 = new IntegerArgument(null, "key-size-bits", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_BITS.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_KEY_ALGORITHM_DESC.get(), 1, Integer.MAX_VALUE);
        integerArgument4.addLongIdentifier("keySizeBits", true);
        integerArgument4.addLongIdentifier("key-length-bits", true);
        integerArgument4.addLongIdentifier("keyLengthBits", true);
        integerArgument4.addLongIdentifier("key-size", true);
        integerArgument4.addLongIdentifier("keySize", true);
        integerArgument4.addLongIdentifier("key-length", true);
        integerArgument4.addLongIdentifier("keyLength", true);
        argumentParser8.addArgument(integerArgument4);
        StringArgument stringArgument36 = new StringArgument(null, "signature-algorithm", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_SIG_ALG_DESC.get());
        stringArgument36.addLongIdentifier("signatureAlgorithm", true);
        stringArgument36.addLongIdentifier("signature-alg", true);
        stringArgument36.addLongIdentifier("signatureAlg", true);
        stringArgument36.addLongIdentifier("sig-alg", true);
        stringArgument36.addLongIdentifier("sigAlg", true);
        argumentParser8.addArgument(stringArgument36);
        BooleanArgument booleanArgument25 = new BooleanArgument(null, "inherit-extensions", 1, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_INHERIT_EXT_DESC.get());
        booleanArgument25.addLongIdentifier("inheritExtensions", true);
        argumentParser8.addArgument(booleanArgument25);
        StringArgument stringArgument37 = new StringArgument(null, "subject-alternative-name-dns", false, 0, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_SAN_DNS_DESC.get());
        stringArgument37.addLongIdentifier("subjectAlternativeNameDNS", true);
        stringArgument37.addLongIdentifier("subject-alt-name-dns", true);
        stringArgument37.addLongIdentifier("subjectAltNameDNS", true);
        stringArgument37.addLongIdentifier("subject-alternative-dns", true);
        stringArgument37.addLongIdentifier("subjectAlternativeDNS", true);
        stringArgument37.addLongIdentifier("subject-alt-dns", true);
        stringArgument37.addLongIdentifier("subjectAltDNS", true);
        stringArgument37.addLongIdentifier("san-dns", true);
        stringArgument37.addLongIdentifier("sanDNS", true);
        argumentParser8.addArgument(stringArgument37);
        StringArgument stringArgument38 = new StringArgument(null, "subject-alternative-name-ip-address", false, 0, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_SAN_IP_DESC.get());
        stringArgument38.addLongIdentifier("subjectAlternativeNameIPAddress", true);
        stringArgument38.addLongIdentifier("subject-alternative-name-ip", true);
        stringArgument38.addLongIdentifier("subjectAlternativeNameIP", true);
        stringArgument38.addLongIdentifier("subject-alt-name-ip-address", true);
        stringArgument38.addLongIdentifier("subjectAltNameIPAddress", true);
        stringArgument38.addLongIdentifier("subject-alt-name-ip", true);
        stringArgument38.addLongIdentifier("subjectAltNameIP", true);
        stringArgument38.addLongIdentifier("subject-alternative-ip-address", true);
        stringArgument38.addLongIdentifier("subjectAlternativeIPAddress", true);
        stringArgument38.addLongIdentifier("subject-alternative-ip", true);
        stringArgument38.addLongIdentifier("subjectAlternativeIP", true);
        stringArgument38.addLongIdentifier("subject-alt-ip-address", true);
        stringArgument38.addLongIdentifier("subjectAltIPAddress", true);
        stringArgument38.addLongIdentifier("subject-alt-ip", true);
        stringArgument38.addLongIdentifier("subjectAltIP", true);
        stringArgument38.addLongIdentifier("san-ip-address", true);
        stringArgument38.addLongIdentifier("sanIPAddress", true);
        stringArgument38.addLongIdentifier("san-ip", true);
        stringArgument38.addLongIdentifier("sanIP", true);
        stringArgument38.addValueValidator(new IPAddressArgumentValueValidator(true, true));
        argumentParser8.addArgument(stringArgument38);
        StringArgument stringArgument39 = new StringArgument(null, "subject-alternative-name-email-address", false, 0, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_SAN_EMAIL_DESC.get());
        stringArgument39.addLongIdentifier("subjectAlternativeNameEmailAddress", true);
        stringArgument39.addLongIdentifier("subject-alternative-name-email", true);
        stringArgument39.addLongIdentifier("subjectAlternativeNameEmail", true);
        stringArgument39.addLongIdentifier("subject-alt-name-email-address", true);
        stringArgument39.addLongIdentifier("subjectAltNameEmailAddress", true);
        stringArgument39.addLongIdentifier("subject-alt-name-email", true);
        stringArgument39.addLongIdentifier("subjectAltNameEmail", true);
        stringArgument39.addLongIdentifier("subject-alternative-email-address", true);
        stringArgument39.addLongIdentifier("subjectAlternativeEmailAddress", true);
        stringArgument39.addLongIdentifier("subject-alternative-email", true);
        stringArgument39.addLongIdentifier("subjectAlternativeEmail", true);
        stringArgument39.addLongIdentifier("subject-alt-email-address", true);
        stringArgument39.addLongIdentifier("subjectAltEmailAddress", true);
        stringArgument39.addLongIdentifier("subject-alt-email", true);
        stringArgument39.addLongIdentifier("subjectAltEmail", true);
        stringArgument39.addLongIdentifier("san-email-address", true);
        stringArgument39.addLongIdentifier("sanEmailAddress", true);
        stringArgument39.addLongIdentifier("san-email", true);
        stringArgument39.addLongIdentifier("sanEmail", true);
        argumentParser8.addArgument(stringArgument39);
        StringArgument stringArgument40 = new StringArgument(null, "subject-alternative-name-uri", false, 0, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_URI.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_SAN_URI_DESC.get());
        stringArgument40.addLongIdentifier("subjectAlternativeNameURI", true);
        stringArgument40.addLongIdentifier("subject-alt-name-uri", true);
        stringArgument40.addLongIdentifier("subjectAltNameURI", true);
        stringArgument40.addLongIdentifier("subject-alternative-uri", true);
        stringArgument40.addLongIdentifier("subjectAlternativeURI", true);
        stringArgument40.addLongIdentifier("subject-alt-uri", true);
        stringArgument40.addLongIdentifier("subjectAltURI", true);
        stringArgument40.addLongIdentifier("san-uri", true);
        stringArgument40.addLongIdentifier("sanURI", true);
        argumentParser8.addArgument(stringArgument40);
        StringArgument stringArgument41 = new StringArgument(null, "subject-alternative-name-oid", false, 0, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_OID.get(), CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_SAN_OID_DESC.get());
        stringArgument41.addLongIdentifier("subjectAlternativeNameOID", true);
        stringArgument41.addLongIdentifier("subject-alt-name-oid", true);
        stringArgument41.addLongIdentifier("subjectAltNameOID", true);
        stringArgument41.addLongIdentifier("subject-alternative-oid", true);
        stringArgument41.addLongIdentifier("subjectAlternativeOID", true);
        stringArgument41.addLongIdentifier("subject-alt-oid", true);
        stringArgument41.addLongIdentifier("subjectAltOID", true);
        stringArgument41.addLongIdentifier("san-oid", true);
        stringArgument41.addLongIdentifier("sanOID", true);
        stringArgument41.addValueValidator(new OIDArgumentValueValidator(true));
        argumentParser8.addArgument(stringArgument41);
        BooleanValueArgument booleanValueArgument2 = new BooleanValueArgument(null, "basic-constraints-is-ca", false, null, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_BC_IS_CA_DESC.get());
        booleanValueArgument2.addLongIdentifier("basicConstraintsIsCA", true);
        booleanValueArgument2.addLongIdentifier("bc-is-ca", true);
        booleanValueArgument2.addLongIdentifier("bcIsCA", true);
        argumentParser8.addArgument(booleanValueArgument2);
        IntegerArgument integerArgument5 = new IntegerArgument(null, "basic-constraints-maximum-path-length", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_BC_PATH_LENGTH_DESC.get(), 1, Integer.MAX_VALUE);
        integerArgument5.addLongIdentifier("basicConstraintsMaximumPathLength", true);
        integerArgument5.addLongIdentifier("basic-constraints-max-path-length", true);
        integerArgument5.addLongIdentifier("basicConstraintsMaxPathLength", true);
        integerArgument5.addLongIdentifier("basic-constraints-path-length", true);
        integerArgument5.addLongIdentifier("basicConstraintsPathLength", true);
        integerArgument5.addLongIdentifier("bc-maximum-path-length", true);
        integerArgument5.addLongIdentifier("bcMaximumPathLength", true);
        integerArgument5.addLongIdentifier("bc-max-path-length", true);
        integerArgument5.addLongIdentifier("bcMaxPathLength", true);
        integerArgument5.addLongIdentifier("bc-path-length", true);
        integerArgument5.addLongIdentifier("bcPathLength", true);
        argumentParser8.addArgument(integerArgument5);
        StringArgument stringArgument42 = new StringArgument(null, "key-usage", false, 0, null, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_KU_DESC.get());
        stringArgument42.addLongIdentifier("keyUsage", true);
        argumentParser8.addArgument(stringArgument42);
        StringArgument stringArgument43 = new StringArgument(null, "extended-key-usage", false, 0, null, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_EKU_DESC.get());
        stringArgument43.addLongIdentifier("extendedKeyUsage", true);
        argumentParser8.addArgument(stringArgument43);
        StringArgument stringArgument44 = new StringArgument(null, "extension", false, 0, null, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_EXT_DESC.get());
        stringArgument44.addLongIdentifier("ext", true);
        argumentParser8.addArgument(stringArgument44);
        BooleanArgument booleanArgument26 = new BooleanArgument(null, "display-keytool-command", 1, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_DISPLAY_COMMAND_DESC.get());
        booleanArgument26.addLongIdentifier("displayKeytoolCommand", true);
        booleanArgument26.addLongIdentifier("show-keytool-command", true);
        booleanArgument26.addLongIdentifier("showKeytoolCommand", true);
        argumentParser8.addArgument(booleanArgument26);
        argumentParser8.addRequiredArgumentSet(stringArgument31, fileArgument22, booleanArgument22);
        argumentParser8.addExclusiveArgumentSet(stringArgument31, fileArgument22, booleanArgument22);
        argumentParser8.addExclusiveArgumentSet(stringArgument32, fileArgument23, booleanArgument23);
        argumentParser8.addExclusiveArgumentSet(booleanArgument24, stringArgument35, new Argument[0]);
        argumentParser8.addExclusiveArgumentSet(booleanArgument24, integerArgument4, new Argument[0]);
        argumentParser8.addExclusiveArgumentSet(booleanArgument24, stringArgument36, new Argument[0]);
        argumentParser8.addDependentArgumentSet(integerArgument5, booleanValueArgument2, new Argument[0]);
        LinkedHashMap linkedHashMap7 = new LinkedHashMap(3);
        linkedHashMap7.put(new String[]{"generate-certificate-signing-request", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "server-cert", "--subject-dn", "CN=ldap.example.com,O=Example Corp,C=US"}, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_EXAMPLE_1.get());
        linkedHashMap7.put(new String[]{"generate-certificate-signing-request", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "server-cert", "--replace-existing-certificate", "--inherit-extensions", "--output-file", "server-cert.csr"}, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_EXAMPLE_2.get());
        linkedHashMap7.put(new String[]{"generate-certificate-signing-request", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "server-cert", "--subject-dn", "CN=ldap.example.com,O=Example Corp,C=US", "--key-algorithm", "EC", "--key-size-bits", "256", "--signature-algorithm", "SHA256withECDSA", "--subject-alternative-name-dns", "ldap1.example.com", "--subject-alternative-name-dns", "ldap2.example.com", "--subject-alternative-name-ip-address", "1.2.3.4", "--subject-alternative-name-ip-address", "1.2.3.5", "--extended-key-usage", "server-auth", "--extended-key-usage", "client-auth", "--output-file", "server-cert.csr", "--display-keytool-command"}, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_EXAMPLE_3.get());
        SubCommand subCommand7 = new SubCommand("generate-certificate-signing-request", CertMessages.INFO_MANAGE_CERTS_SC_GEN_CSR_DESC.get(), argumentParser8, linkedHashMap7);
        subCommand7.addName("generateCertificateSigningRequest", true);
        subCommand7.addName("generate-certificate-request", false);
        subCommand7.addName("generateCertificateRequest", true);
        subCommand7.addName("generate-csr", true);
        subCommand7.addName("generateCSR", true);
        subCommand7.addName("certificate-signing-request", true);
        subCommand7.addName("certificateSigningRequest", true);
        subCommand7.addName("csr", true);
        subCommand7.addName("certreq", true);
        argumentParser.addSubCommand(subCommand7);
        ArgumentParser argumentParser9 = new ArgumentParser("sign-certificate-signing-request", CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_DESC.get());
        FileArgument fileArgument24 = new FileArgument(null, "request-input-file", true, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_INPUT_FILE_DESC.get(), true, true, true, false);
        fileArgument24.addLongIdentifier("requestInputFile", true);
        fileArgument24.addLongIdentifier("certificate-signing-request", true);
        fileArgument24.addLongIdentifier("certificateSigningRequest", true);
        fileArgument24.addLongIdentifier("input-file", false);
        fileArgument24.addLongIdentifier("inputFile", true);
        fileArgument24.addLongIdentifier("csr", true);
        argumentParser9.addArgument(fileArgument24);
        FileArgument fileArgument25 = new FileArgument(null, "certificate-output-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_OUTPUT_FILE_DESC.get(), false, true, true, false);
        fileArgument25.addLongIdentifier("certificateOutputFile", true);
        fileArgument25.addLongIdentifier("output-file", false);
        fileArgument25.addLongIdentifier("outputFile", true);
        fileArgument25.addLongIdentifier("certificate-file", true);
        fileArgument25.addLongIdentifier("certificateFile", true);
        argumentParser9.addArgument(fileArgument25);
        LinkedHashSet linkedHashSet7 = new LinkedHashSet(7);
        linkedHashSet7.add("PEM");
        linkedHashSet7.add("text");
        linkedHashSet7.add("txt");
        linkedHashSet7.add("RFC");
        linkedHashSet7.add("DER");
        linkedHashSet7.add("binary");
        linkedHashSet7.add("bin");
        StringArgument stringArgument45 = new StringArgument((Character) null, "output-format", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_FORMAT.get(), CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_FORMAT_DESC.get(), (Set<String>) linkedHashSet7, "PEM");
        stringArgument45.addLongIdentifier("outputFormat");
        argumentParser9.addArgument(stringArgument45);
        FileArgument fileArgument26 = new FileArgument(null, "keystore", true, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_KS_DESC.get(), true, true, true, false);
        fileArgument26.addLongIdentifier("keystore-path", true);
        fileArgument26.addLongIdentifier("keystorePath", true);
        fileArgument26.addLongIdentifier("keystore-file", true);
        fileArgument26.addLongIdentifier("keystoreFile", true);
        argumentParser9.addArgument(fileArgument26);
        StringArgument stringArgument46 = new StringArgument(null, "keystore-password", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_KS_PW_DESC.get());
        stringArgument46.addLongIdentifier("keystorePassword", true);
        stringArgument46.addLongIdentifier("keystore-passphrase", true);
        stringArgument46.addLongIdentifier("keystorePassphrase", true);
        stringArgument46.addLongIdentifier("keystore-pin", true);
        stringArgument46.addLongIdentifier("keystorePIN", true);
        stringArgument46.addLongIdentifier("storepass", true);
        stringArgument46.setSensitive(true);
        argumentParser9.addArgument(stringArgument46);
        FileArgument fileArgument27 = new FileArgument(null, "keystore-password-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
        fileArgument27.addLongIdentifier("keystorePasswordFile", true);
        fileArgument27.addLongIdentifier("keystore-passphrase-file", true);
        fileArgument27.addLongIdentifier("keystorePassphraseFile", true);
        fileArgument27.addLongIdentifier("keystore-pin-file", true);
        fileArgument27.addLongIdentifier("keystorePINFile", true);
        argumentParser9.addArgument(fileArgument27);
        BooleanArgument booleanArgument27 = new BooleanArgument(null, "prompt-for-keystore-password", CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_PROMPT_FOR_KS_PW_DESC.get());
        booleanArgument27.addLongIdentifier("promptForKeystorePassword", true);
        booleanArgument27.addLongIdentifier("prompt-for-keystore-passphrase", true);
        booleanArgument27.addLongIdentifier("promptForKeystorePassphrase", true);
        booleanArgument27.addLongIdentifier("prompt-for-keystore-pin", true);
        booleanArgument27.addLongIdentifier("promptForKeystorePIN", true);
        argumentParser9.addArgument(booleanArgument27);
        StringArgument stringArgument47 = new StringArgument(null, "private-key-password", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_PK_PW_DESC.get());
        stringArgument47.addLongIdentifier("privateKeyPassword", true);
        stringArgument47.addLongIdentifier("private-key-passphrase", true);
        stringArgument47.addLongIdentifier("privateKeyPassphrase", true);
        stringArgument47.addLongIdentifier("private-key-pin", true);
        stringArgument47.addLongIdentifier("privateKeyPIN", true);
        stringArgument47.addLongIdentifier("key-password", true);
        stringArgument47.addLongIdentifier("keyPassword", true);
        stringArgument47.addLongIdentifier("key-passphrase", true);
        stringArgument47.addLongIdentifier("keyPassphrase", true);
        stringArgument47.addLongIdentifier("key-pin", true);
        stringArgument47.addLongIdentifier("keyPIN", true);
        stringArgument47.addLongIdentifier("keypass", true);
        stringArgument47.setSensitive(true);
        argumentParser9.addArgument(stringArgument47);
        FileArgument fileArgument28 = new FileArgument(null, "private-key-password-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_PK_PW_FILE_DESC.get(), true, true, true, false);
        fileArgument28.addLongIdentifier("privateKeyPasswordFile", true);
        fileArgument28.addLongIdentifier("private-key-passphrase-file", true);
        fileArgument28.addLongIdentifier("privateKeyPassphraseFile", true);
        fileArgument28.addLongIdentifier("private-key-pin-file", true);
        fileArgument28.addLongIdentifier("privateKeyPINFile", true);
        fileArgument28.addLongIdentifier("key-password-file", true);
        fileArgument28.addLongIdentifier("keyPasswordFile", true);
        fileArgument28.addLongIdentifier("key-passphrase-file", true);
        fileArgument28.addLongIdentifier("keyPassphraseFile", true);
        fileArgument28.addLongIdentifier("key-pin-file", true);
        fileArgument28.addLongIdentifier("keyPINFile", true);
        argumentParser9.addArgument(fileArgument28);
        BooleanArgument booleanArgument28 = new BooleanArgument(null, "prompt-for-private-key-password", CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_PROMPT_FOR_PK_PW_DESC.get());
        booleanArgument28.addLongIdentifier("promptForPrivateKeyPassword", true);
        booleanArgument28.addLongIdentifier("prompt-for-private-key-passphrase", true);
        booleanArgument28.addLongIdentifier("promptForPrivateKeyPassphrase", true);
        booleanArgument28.addLongIdentifier("prompt-for-private-key-pin", true);
        booleanArgument28.addLongIdentifier("promptForPrivateKeyPIN", true);
        booleanArgument28.addLongIdentifier("prompt-for-key-password", true);
        booleanArgument28.addLongIdentifier("promptForKeyPassword", true);
        booleanArgument28.addLongIdentifier("prompt-for-key-passphrase", true);
        booleanArgument28.addLongIdentifier("promptForKeyPassphrase", true);
        booleanArgument28.addLongIdentifier("prompt-for-key-pin", true);
        booleanArgument28.addLongIdentifier("promptForKeyPIN", true);
        argumentParser9.addArgument(booleanArgument28);
        StringArgument stringArgument48 = new StringArgument(null, "signing-certificate-alias", true, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_ALIAS_DESC.get());
        stringArgument48.addLongIdentifier("signingCertificateAlias", true);
        stringArgument48.addLongIdentifier("signing-certificate-nickname", true);
        stringArgument48.addLongIdentifier("signingCertificateNickname", true);
        stringArgument48.addLongIdentifier(MimeTypesReaderMetKeys.ALIAS_TAG, true);
        stringArgument48.addLongIdentifier("nickname", true);
        argumentParser9.addArgument(stringArgument48);
        DNArgument dNArgument3 = new DNArgument(null, "subject-dn", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_SUBJECT_DN_DESC.get());
        dNArgument3.addLongIdentifier("subjectDN", true);
        dNArgument3.addLongIdentifier("subject", true);
        dNArgument3.addLongIdentifier("dname", true);
        argumentParser9.addArgument(dNArgument3);
        IntegerArgument integerArgument6 = new IntegerArgument(null, "days-valid", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_DAYS_VALID_DESC.get(), 1, Integer.MAX_VALUE);
        integerArgument6.addLongIdentifier("daysValid", true);
        integerArgument6.addLongIdentifier("validity", true);
        argumentParser9.addArgument(integerArgument6);
        TimestampArgument timestampArgument2 = new TimestampArgument(null, "validity-start-time", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_TIMESTAMP.get(), CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_VALIDITY_START_TIME_DESC.get());
        timestampArgument2.addLongIdentifier("validityStartTime", true);
        timestampArgument2.addLongIdentifier("not-before", true);
        timestampArgument2.addLongIdentifier("notBefore", true);
        argumentParser9.addArgument(timestampArgument2);
        StringArgument stringArgument49 = new StringArgument(null, "signature-algorithm", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_SIG_ALG_DESC.get());
        stringArgument49.addLongIdentifier("signatureAlgorithm", true);
        stringArgument49.addLongIdentifier("signature-alg", true);
        stringArgument49.addLongIdentifier("signatureAlg", true);
        stringArgument49.addLongIdentifier("sig-alg", true);
        stringArgument49.addLongIdentifier("sigAlg", true);
        argumentParser9.addArgument(stringArgument49);
        BooleanArgument booleanArgument29 = new BooleanArgument(null, "include-requested-extensions", 1, CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_INCLUDE_EXT_DESC.get());
        booleanArgument29.addLongIdentifier("includeRequestedExtensions", true);
        argumentParser9.addArgument(booleanArgument29);
        StringArgument stringArgument50 = new StringArgument(null, "subject-alternative-name-dns", false, 0, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_SAN_DNS_DESC.get());
        stringArgument50.addLongIdentifier("subjectAlternativeNameDNS", true);
        stringArgument50.addLongIdentifier("subject-alt-name-dns", true);
        stringArgument50.addLongIdentifier("subjectAltNameDNS", true);
        stringArgument50.addLongIdentifier("subject-alternative-dns", true);
        stringArgument50.addLongIdentifier("subjectAlternativeDNS", true);
        stringArgument50.addLongIdentifier("subject-alt-dns", true);
        stringArgument50.addLongIdentifier("subjectAltDNS", true);
        stringArgument50.addLongIdentifier("san-dns", true);
        stringArgument50.addLongIdentifier("sanDNS", true);
        argumentParser9.addArgument(stringArgument50);
        StringArgument stringArgument51 = new StringArgument(null, "subject-alternative-name-ip-address", false, 0, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_SAN_IP_DESC.get());
        stringArgument51.addLongIdentifier("subjectAlternativeNameIPAddress", true);
        stringArgument51.addLongIdentifier("subject-alternative-name-ip", true);
        stringArgument51.addLongIdentifier("subjectAlternativeNameIP", true);
        stringArgument51.addLongIdentifier("subject-alt-name-ip-address", true);
        stringArgument51.addLongIdentifier("subjectAltNameIPAddress", true);
        stringArgument51.addLongIdentifier("subject-alt-name-ip", true);
        stringArgument51.addLongIdentifier("subjectAltNameIP", true);
        stringArgument51.addLongIdentifier("subject-alternative-ip-address", true);
        stringArgument51.addLongIdentifier("subjectAlternativeIPAddress", true);
        stringArgument51.addLongIdentifier("subject-alternative-ip", true);
        stringArgument51.addLongIdentifier("subjectAlternativeIP", true);
        stringArgument51.addLongIdentifier("subject-alt-ip-address", true);
        stringArgument51.addLongIdentifier("subjectAltIPAddress", true);
        stringArgument51.addLongIdentifier("subject-alt-ip", true);
        stringArgument51.addLongIdentifier("subjectAltIP", true);
        stringArgument51.addLongIdentifier("san-ip-address", true);
        stringArgument51.addLongIdentifier("sanIPAddress", true);
        stringArgument51.addLongIdentifier("san-ip", true);
        stringArgument51.addLongIdentifier("sanIP", true);
        stringArgument51.addValueValidator(new IPAddressArgumentValueValidator(true, true));
        argumentParser9.addArgument(stringArgument51);
        StringArgument stringArgument52 = new StringArgument(null, "subject-alternative-name-email-address", false, 0, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_SAN_EMAIL_DESC.get());
        stringArgument52.addLongIdentifier("subjectAlternativeNameEmailAddress", true);
        stringArgument52.addLongIdentifier("subject-alternative-name-email", true);
        stringArgument52.addLongIdentifier("subjectAlternativeNameEmail", true);
        stringArgument52.addLongIdentifier("subject-alt-name-email-address", true);
        stringArgument52.addLongIdentifier("subjectAltNameEmailAddress", true);
        stringArgument52.addLongIdentifier("subject-alt-name-email", true);
        stringArgument52.addLongIdentifier("subjectAltNameEmail", true);
        stringArgument52.addLongIdentifier("subject-alternative-email-address", true);
        stringArgument52.addLongIdentifier("subjectAlternativeEmailAddress", true);
        stringArgument52.addLongIdentifier("subject-alternative-email", true);
        stringArgument52.addLongIdentifier("subjectAlternativeEmail", true);
        stringArgument52.addLongIdentifier("subject-alt-email-address", true);
        stringArgument52.addLongIdentifier("subjectAltEmailAddress", true);
        stringArgument52.addLongIdentifier("subject-alt-email", true);
        stringArgument52.addLongIdentifier("subjectAltEmail", true);
        stringArgument52.addLongIdentifier("san-email-address", true);
        stringArgument52.addLongIdentifier("sanEmailAddress", true);
        stringArgument52.addLongIdentifier("san-email", true);
        stringArgument52.addLongIdentifier("sanEmail", true);
        argumentParser9.addArgument(stringArgument52);
        StringArgument stringArgument53 = new StringArgument(null, "subject-alternative-name-uri", false, 0, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_URI.get(), CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_SAN_URI_DESC.get());
        stringArgument53.addLongIdentifier("subjectAlternativeNameURI", true);
        stringArgument53.addLongIdentifier("subject-alt-name-uri", true);
        stringArgument53.addLongIdentifier("subjectAltNameURI", true);
        stringArgument53.addLongIdentifier("subject-alternative-uri", true);
        stringArgument53.addLongIdentifier("subjectAlternativeURI", true);
        stringArgument53.addLongIdentifier("subject-alt-uri", true);
        stringArgument53.addLongIdentifier("subjectAltURI", true);
        stringArgument53.addLongIdentifier("san-uri", true);
        stringArgument53.addLongIdentifier("sanURI", true);
        argumentParser9.addArgument(stringArgument53);
        StringArgument stringArgument54 = new StringArgument(null, "subject-alternative-name-oid", false, 0, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_OID.get(), CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_SAN_OID_DESC.get());
        stringArgument54.addLongIdentifier("subjectAlternativeNameOID", true);
        stringArgument54.addLongIdentifier("subject-alt-name-oid", true);
        stringArgument54.addLongIdentifier("subjectAltNameOID", true);
        stringArgument54.addLongIdentifier("subject-alternative-oid", true);
        stringArgument54.addLongIdentifier("subjectAlternativeOID", true);
        stringArgument54.addLongIdentifier("subject-alt-oid", true);
        stringArgument54.addLongIdentifier("subjectAltOID", true);
        stringArgument54.addLongIdentifier("san-oid", true);
        stringArgument54.addLongIdentifier("sanOID", true);
        stringArgument54.addValueValidator(new OIDArgumentValueValidator(true));
        argumentParser9.addArgument(stringArgument54);
        StringArgument stringArgument55 = new StringArgument(null, "issuer-alternative-name-dns", false, 0, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_IAN_DNS_DESC.get());
        stringArgument55.addLongIdentifier("issuerAlternativeNameDNS", true);
        stringArgument55.addLongIdentifier("issuer-alt-name-dns", true);
        stringArgument55.addLongIdentifier("issuerAltNameDNS", true);
        stringArgument55.addLongIdentifier("issuer-alternative-dns", true);
        stringArgument55.addLongIdentifier("issuerAlternativeDNS", true);
        stringArgument55.addLongIdentifier("issuer-alt-dns", true);
        stringArgument55.addLongIdentifier("issuerAltDNS", true);
        stringArgument55.addLongIdentifier("ian-dns", true);
        stringArgument55.addLongIdentifier("ianDNS", true);
        argumentParser9.addArgument(stringArgument55);
        StringArgument stringArgument56 = new StringArgument(null, "issuer-alternative-name-ip-address", false, 0, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_IAN_IP_DESC.get());
        stringArgument56.addLongIdentifier("issuerAlternativeNameIPAddress", true);
        stringArgument56.addLongIdentifier("issuer-alternative-name-ip", true);
        stringArgument56.addLongIdentifier("issuerAlternativeNameIP", true);
        stringArgument56.addLongIdentifier("issuer-alt-name-ip-address", true);
        stringArgument56.addLongIdentifier("issuerAltNameIPAddress", true);
        stringArgument56.addLongIdentifier("issuer-alt-name-ip", true);
        stringArgument56.addLongIdentifier("issuerAltNameIP", true);
        stringArgument56.addLongIdentifier("issuer-alternative-ip-address", true);
        stringArgument56.addLongIdentifier("issuerAlternativeIPAddress", true);
        stringArgument56.addLongIdentifier("issuer-alternative-ip", true);
        stringArgument56.addLongIdentifier("issuerAlternativeIP", true);
        stringArgument56.addLongIdentifier("issuer-alt-ip-address", true);
        stringArgument56.addLongIdentifier("issuerAltIPAddress", true);
        stringArgument56.addLongIdentifier("issuer-alt-ip", true);
        stringArgument56.addLongIdentifier("issuerAltIP", true);
        stringArgument56.addLongIdentifier("ian-ip-address", true);
        stringArgument56.addLongIdentifier("ianIPAddress", true);
        stringArgument56.addLongIdentifier("ian-ip", true);
        stringArgument56.addLongIdentifier("ianIP", true);
        stringArgument56.addValueValidator(new IPAddressArgumentValueValidator(true, true));
        argumentParser9.addArgument(stringArgument56);
        StringArgument stringArgument57 = new StringArgument(null, "issuer-alternative-name-email-address", false, 0, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_IAN_EMAIL_DESC.get());
        stringArgument57.addLongIdentifier("issuerAlternativeNameEmailAddress", true);
        stringArgument57.addLongIdentifier("issuer-alternative-name-email", true);
        stringArgument57.addLongIdentifier("issuerAlternativeNameEmail", true);
        stringArgument57.addLongIdentifier("issuer-alt-name-email-address", true);
        stringArgument57.addLongIdentifier("issuerAltNameEmailAddress", true);
        stringArgument57.addLongIdentifier("issuer-alt-name-email", true);
        stringArgument57.addLongIdentifier("issuerAltNameEmail", true);
        stringArgument57.addLongIdentifier("issuer-alternative-email-address", true);
        stringArgument57.addLongIdentifier("issuerAlternativeEmailAddress", true);
        stringArgument57.addLongIdentifier("issuer-alternative-email", true);
        stringArgument57.addLongIdentifier("issuerAlternativeEmail", true);
        stringArgument57.addLongIdentifier("issuer-alt-email-address", true);
        stringArgument57.addLongIdentifier("issuerAltEmailAddress", true);
        stringArgument57.addLongIdentifier("issuer-alt-email", true);
        stringArgument57.addLongIdentifier("issuerAltEmail", true);
        stringArgument57.addLongIdentifier("ian-email-address", true);
        stringArgument57.addLongIdentifier("ianEmailAddress", true);
        stringArgument57.addLongIdentifier("ian-email", true);
        stringArgument57.addLongIdentifier("ianEmail", true);
        argumentParser9.addArgument(stringArgument57);
        StringArgument stringArgument58 = new StringArgument(null, "issuer-alternative-name-uri", false, 0, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_URI.get(), CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_IAN_URI_DESC.get());
        stringArgument58.addLongIdentifier("issuerAlternativeNameURI", true);
        stringArgument58.addLongIdentifier("issuer-alt-name-uri", true);
        stringArgument58.addLongIdentifier("issuerAltNameURI", true);
        stringArgument58.addLongIdentifier("issuer-alternative-uri", true);
        stringArgument58.addLongIdentifier("issuerAlternativeURI", true);
        stringArgument58.addLongIdentifier("issuer-alt-uri", true);
        stringArgument58.addLongIdentifier("issuerAltURI", true);
        stringArgument58.addLongIdentifier("ian-uri", true);
        stringArgument58.addLongIdentifier("ianURI", true);
        argumentParser9.addArgument(stringArgument58);
        StringArgument stringArgument59 = new StringArgument(null, "issuer-alternative-name-oid", false, 0, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_OID.get(), CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_IAN_OID_DESC.get());
        stringArgument59.addLongIdentifier("issuerAlternativeNameOID", true);
        stringArgument59.addLongIdentifier("issuer-alt-name-oid", true);
        stringArgument59.addLongIdentifier("issuerAltNameOID", true);
        stringArgument59.addLongIdentifier("issuer-alternative-oid", true);
        stringArgument59.addLongIdentifier("issuerAlternativeOID", true);
        stringArgument59.addLongIdentifier("issuer-alt-oid", true);
        stringArgument59.addLongIdentifier("issuerAltOID", true);
        stringArgument59.addLongIdentifier("ian-oid", true);
        stringArgument59.addLongIdentifier("ianOID", true);
        stringArgument59.addValueValidator(new OIDArgumentValueValidator(true));
        argumentParser9.addArgument(stringArgument59);
        BooleanValueArgument booleanValueArgument3 = new BooleanValueArgument(null, "basic-constraints-is-ca", false, null, CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_BC_IS_CA_DESC.get());
        booleanValueArgument3.addLongIdentifier("basicConstraintsIsCA", true);
        booleanValueArgument3.addLongIdentifier("bc-is-ca", true);
        booleanValueArgument3.addLongIdentifier("bcIsCA", true);
        argumentParser9.addArgument(booleanValueArgument3);
        IntegerArgument integerArgument7 = new IntegerArgument(null, "basic-constraints-maximum-path-length", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_BC_PATH_LENGTH_DESC.get(), 1, Integer.MAX_VALUE);
        integerArgument7.addLongIdentifier("basicConstraintsMaximumPathLength", true);
        integerArgument7.addLongIdentifier("basic-constraints-max-path-length", true);
        integerArgument7.addLongIdentifier("basicConstraintsMaxPathLength", true);
        integerArgument7.addLongIdentifier("basic-constraints-path-length", true);
        integerArgument7.addLongIdentifier("basicConstraintsPathLength", true);
        integerArgument7.addLongIdentifier("bc-maximum-path-length", true);
        integerArgument7.addLongIdentifier("bcMaximumPathLength", true);
        integerArgument7.addLongIdentifier("bc-max-path-length", true);
        integerArgument7.addLongIdentifier("bcMaxPathLength", true);
        integerArgument7.addLongIdentifier("bc-path-length", true);
        integerArgument7.addLongIdentifier("bcPathLength", true);
        argumentParser9.addArgument(integerArgument7);
        StringArgument stringArgument60 = new StringArgument(null, "key-usage", false, 0, null, CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_KU_DESC.get());
        stringArgument60.addLongIdentifier("keyUsage", true);
        argumentParser9.addArgument(stringArgument60);
        StringArgument stringArgument61 = new StringArgument(null, "extended-key-usage", false, 0, null, CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_EKU_DESC.get());
        stringArgument61.addLongIdentifier("extendedKeyUsage", true);
        argumentParser9.addArgument(stringArgument61);
        StringArgument stringArgument62 = new StringArgument(null, "extension", false, 0, null, CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_EXT_DESC.get());
        stringArgument62.addLongIdentifier("ext", true);
        argumentParser9.addArgument(stringArgument62);
        BooleanArgument booleanArgument30 = new BooleanArgument(null, "no-prompt", 1, CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_NO_PROMPT_DESC.get());
        booleanArgument30.addLongIdentifier("noPrompt", true);
        argumentParser9.addArgument(booleanArgument30);
        BooleanArgument booleanArgument31 = new BooleanArgument(null, "display-keytool-command", 1, CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_DISPLAY_COMMAND_DESC.get());
        booleanArgument31.addLongIdentifier("displayKeytoolCommand", true);
        booleanArgument31.addLongIdentifier("show-keytool-command", true);
        booleanArgument31.addLongIdentifier("showKeytoolCommand", true);
        argumentParser9.addArgument(booleanArgument31);
        argumentParser9.addRequiredArgumentSet(stringArgument46, fileArgument27, booleanArgument27);
        argumentParser9.addExclusiveArgumentSet(stringArgument46, fileArgument27, booleanArgument27);
        argumentParser9.addExclusiveArgumentSet(stringArgument47, fileArgument28, booleanArgument28);
        argumentParser9.addDependentArgumentSet(integerArgument7, booleanValueArgument3, new Argument[0]);
        LinkedHashMap linkedHashMap8 = new LinkedHashMap(2);
        linkedHashMap8.put(new String[]{"sign-certificate-signing-request", "--request-input-file", "server-cert.csr", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--signing-certificate-alias", "ca-cert", "--include-requested-extensions"}, CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_EXAMPLE_1.get());
        linkedHashMap8.put(new String[]{"sign-certificate-signing-request", "--request-input-file", "server-cert.csr", "--certificate-output-file", "server-cert.der", "--output-format", "DER", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--signing-certificate-alias", "ca-cert", "--days-valid", "730", "--validity-start-time", "20170101000000", "--include-requested-extensions", "--issuer-alternative-name-email-address", "ca@example.com"}, CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_EXAMPLE_2.get());
        SubCommand subCommand8 = new SubCommand("sign-certificate-signing-request", CertMessages.INFO_MANAGE_CERTS_SC_SIGN_CSR_DESC.get(), argumentParser9, linkedHashMap8);
        subCommand8.addName("signCertificateSigningRequest", true);
        subCommand8.addName("sign-certificate-request", false);
        subCommand8.addName("signCertificateRequest", true);
        subCommand8.addName("sign-certificate", false);
        subCommand8.addName("signCertificate", true);
        subCommand8.addName("sign-csr", true);
        subCommand8.addName("signCSR", true);
        subCommand8.addName(EscapedFunctions.SIGN, false);
        subCommand8.addName("gencert", true);
        argumentParser.addSubCommand(subCommand8);
        ArgumentParser argumentParser10 = new ArgumentParser("change-certificate-alias", CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_DESC.get());
        FileArgument fileArgument29 = new FileArgument(null, "keystore", true, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_KS_DESC.get(), true, true, true, false);
        fileArgument29.addLongIdentifier("keystore-path", true);
        fileArgument29.addLongIdentifier("keystorePath", true);
        fileArgument29.addLongIdentifier("keystore-file", true);
        fileArgument29.addLongIdentifier("keystoreFile", true);
        argumentParser10.addArgument(fileArgument29);
        StringArgument stringArgument63 = new StringArgument(null, "keystore-password", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_KS_PW_DESC.get());
        stringArgument63.addLongIdentifier("keystorePassword", true);
        stringArgument63.addLongIdentifier("keystore-passphrase", true);
        stringArgument63.addLongIdentifier("keystorePassphrase", true);
        stringArgument63.addLongIdentifier("keystore-pin", true);
        stringArgument63.addLongIdentifier("keystorePIN", true);
        stringArgument63.addLongIdentifier("storepass", true);
        stringArgument63.setSensitive(true);
        argumentParser10.addArgument(stringArgument63);
        FileArgument fileArgument30 = new FileArgument(null, "keystore-password-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
        fileArgument30.addLongIdentifier("keystorePasswordFile", true);
        fileArgument30.addLongIdentifier("keystore-passphrase-file", true);
        fileArgument30.addLongIdentifier("keystorePassphraseFile", true);
        fileArgument30.addLongIdentifier("keystore-pin-file", true);
        fileArgument30.addLongIdentifier("keystorePINFile", true);
        argumentParser10.addArgument(fileArgument30);
        BooleanArgument booleanArgument32 = new BooleanArgument(null, "prompt-for-keystore-password", CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_PROMPT_FOR_KS_PW_DESC.get());
        booleanArgument32.addLongIdentifier("promptForKeystorePassword", true);
        booleanArgument32.addLongIdentifier("prompt-for-keystore-passphrase", true);
        booleanArgument32.addLongIdentifier("promptForKeystorePassphrase", true);
        booleanArgument32.addLongIdentifier("prompt-for-keystore-pin", true);
        booleanArgument32.addLongIdentifier("promptForKeystorePIN", true);
        argumentParser10.addArgument(booleanArgument32);
        StringArgument stringArgument64 = new StringArgument(null, "private-key-password", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_PK_PW_DESC.get());
        stringArgument64.addLongIdentifier("privateKeyPassword", true);
        stringArgument64.addLongIdentifier("private-key-passphrase", true);
        stringArgument64.addLongIdentifier("privateKeyPassphrase", true);
        stringArgument64.addLongIdentifier("private-key-pin", true);
        stringArgument64.addLongIdentifier("privateKeyPIN", true);
        stringArgument64.addLongIdentifier("key-password", true);
        stringArgument64.addLongIdentifier("keyPassword", true);
        stringArgument64.addLongIdentifier("key-passphrase", true);
        stringArgument64.addLongIdentifier("keyPassphrase", true);
        stringArgument64.addLongIdentifier("key-pin", true);
        stringArgument64.addLongIdentifier("keyPIN", true);
        stringArgument64.addLongIdentifier("keypass", true);
        stringArgument64.setSensitive(true);
        argumentParser10.addArgument(stringArgument64);
        FileArgument fileArgument31 = new FileArgument(null, "private-key-password-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_PK_PW_FILE_DESC.get(), true, true, true, false);
        fileArgument31.addLongIdentifier("privateKeyPasswordFile", true);
        fileArgument31.addLongIdentifier("private-key-passphrase-file", true);
        fileArgument31.addLongIdentifier("privateKeyPassphraseFile", true);
        fileArgument31.addLongIdentifier("private-key-pin-file", true);
        fileArgument31.addLongIdentifier("privateKeyPINFile", true);
        fileArgument31.addLongIdentifier("key-password-file", true);
        fileArgument31.addLongIdentifier("keyPasswordFile", true);
        fileArgument31.addLongIdentifier("key-passphrase-file", true);
        fileArgument31.addLongIdentifier("keyPassphraseFile", true);
        fileArgument31.addLongIdentifier("key-pin-file", true);
        fileArgument31.addLongIdentifier("keyPINFile", true);
        argumentParser10.addArgument(fileArgument31);
        BooleanArgument booleanArgument33 = new BooleanArgument(null, "prompt-for-private-key-password", CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_PROMPT_FOR_PK_PW_DESC.get());
        booleanArgument33.addLongIdentifier("promptForPrivateKeyPassword", true);
        booleanArgument33.addLongIdentifier("prompt-for-private-key-passphrase", true);
        booleanArgument33.addLongIdentifier("promptForPrivateKeyPassphrase", true);
        booleanArgument33.addLongIdentifier("prompt-for-private-key-pin", true);
        booleanArgument33.addLongIdentifier("promptForPrivateKeyPIN", true);
        booleanArgument33.addLongIdentifier("prompt-for-key-password", true);
        booleanArgument33.addLongIdentifier("promptForKeyPassword", true);
        booleanArgument33.addLongIdentifier("prompt-for-key-passphrase", true);
        booleanArgument33.addLongIdentifier("promptForKeyPassphrase", true);
        booleanArgument33.addLongIdentifier("prompt-for-key-pin", true);
        booleanArgument33.addLongIdentifier("promptForKeyPIN", true);
        argumentParser10.addArgument(booleanArgument33);
        StringArgument stringArgument65 = new StringArgument(null, "current-alias", true, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_CURRENT_ALIAS_DESC.get());
        stringArgument65.addLongIdentifier("currentAlias", true);
        stringArgument65.addLongIdentifier("old-alias", true);
        stringArgument65.addLongIdentifier("oldAlias", true);
        stringArgument65.addLongIdentifier("source-alias", true);
        stringArgument65.addLongIdentifier("sourceAlias", true);
        stringArgument65.addLongIdentifier(MimeTypesReaderMetKeys.ALIAS_TAG, true);
        stringArgument65.addLongIdentifier("current-nickname", true);
        stringArgument65.addLongIdentifier("currentNickname", true);
        stringArgument65.addLongIdentifier("old-nickname", true);
        stringArgument65.addLongIdentifier("oldNickname", true);
        stringArgument65.addLongIdentifier("source-nickname", true);
        stringArgument65.addLongIdentifier("sourceNickname", true);
        stringArgument65.addLongIdentifier("nickname", true);
        stringArgument65.addLongIdentifier("from", false);
        argumentParser10.addArgument(stringArgument65);
        StringArgument stringArgument66 = new StringArgument(null, "new-alias", true, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_NEW_ALIAS_DESC.get());
        stringArgument66.addLongIdentifier("newAlias", true);
        stringArgument66.addLongIdentifier("destination-alias", true);
        stringArgument66.addLongIdentifier("destinationAlias", true);
        stringArgument66.addLongIdentifier("new-nickname", true);
        stringArgument66.addLongIdentifier("newNickname", true);
        stringArgument66.addLongIdentifier("destination-nickname", true);
        stringArgument66.addLongIdentifier("destinationNickname", true);
        stringArgument66.addLongIdentifier("to", false);
        argumentParser10.addArgument(stringArgument66);
        BooleanArgument booleanArgument34 = new BooleanArgument(null, "display-keytool-command", 1, CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_DISPLAY_COMMAND_DESC.get());
        booleanArgument34.addLongIdentifier("displayKeytoolCommand", true);
        booleanArgument34.addLongIdentifier("show-keytool-command", true);
        booleanArgument34.addLongIdentifier("showKeytoolCommand", true);
        argumentParser10.addArgument(booleanArgument34);
        argumentParser10.addRequiredArgumentSet(stringArgument63, fileArgument30, booleanArgument32);
        argumentParser10.addExclusiveArgumentSet(stringArgument63, fileArgument30, booleanArgument32);
        argumentParser10.addExclusiveArgumentSet(stringArgument64, fileArgument31, booleanArgument33);
        LinkedHashMap linkedHashMap9 = new LinkedHashMap(1);
        linkedHashMap9.put(new String[]{"change-certificate-alias", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--current-alias", "server-cert", "--new-alias", "server-certificate", "--display-keytool-command"}, CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_EXAMPLE_1.get());
        SubCommand subCommand9 = new SubCommand("change-certificate-alias", CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_DESC.get(), argumentParser10, linkedHashMap9);
        subCommand9.addName("changeCertificateAlias", true);
        subCommand9.addName("change-alias", false);
        subCommand9.addName("changeAlias", true);
        subCommand9.addName("rename-certificate", true);
        subCommand9.addName("renameCertificate", true);
        subCommand9.addName("rename", false);
        argumentParser.addSubCommand(subCommand9);
        ArgumentParser argumentParser11 = new ArgumentParser("change-keystore-password", CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_DESC.get());
        FileArgument fileArgument32 = new FileArgument(null, "keystore", true, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_ARG_KS_DESC.get(), true, true, true, false);
        fileArgument32.addLongIdentifier("keystore-path", true);
        fileArgument32.addLongIdentifier("keystorePath", true);
        fileArgument32.addLongIdentifier("keystore-file", true);
        fileArgument32.addLongIdentifier("keystoreFile", true);
        argumentParser11.addArgument(fileArgument32);
        StringArgument stringArgument67 = new StringArgument(null, "current-keystore-password", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_ARG_CURRENT_PW_DESC.get());
        stringArgument67.addLongIdentifier("currentKeystorePassword", true);
        stringArgument67.addLongIdentifier("current-keystore-passphrase", true);
        stringArgument67.addLongIdentifier("currentKeystorePassphrase", true);
        stringArgument67.addLongIdentifier("current-keystore-pin", true);
        stringArgument67.addLongIdentifier("currentKeystorePIN", true);
        stringArgument67.addLongIdentifier("storepass", true);
        stringArgument67.setSensitive(true);
        argumentParser11.addArgument(stringArgument67);
        FileArgument fileArgument33 = new FileArgument(null, "current-keystore-password-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_ARG_CURRENT_PW_FILE_DESC.get(), true, true, true, false);
        fileArgument33.addLongIdentifier("currentKeystorePasswordFile", true);
        fileArgument33.addLongIdentifier("current-keystore-passphrase-file", true);
        fileArgument33.addLongIdentifier("currentKeystorePassphraseFile", true);
        fileArgument33.addLongIdentifier("current-keystore-pin-file", true);
        fileArgument33.addLongIdentifier("currentKeystorePINFile", true);
        argumentParser11.addArgument(fileArgument33);
        BooleanArgument booleanArgument35 = new BooleanArgument(null, "prompt-for-current-keystore-password", CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_ARG_PROMPT_FOR_CURRENT_PW_DESC.get());
        booleanArgument35.addLongIdentifier("promptForCurrentKeystorePassword", true);
        booleanArgument35.addLongIdentifier("prompt-for-current-keystore-passphrase", true);
        booleanArgument35.addLongIdentifier("promptForCurrentKeystorePassphrase", true);
        booleanArgument35.addLongIdentifier("prompt-for-current-keystore-pin", true);
        booleanArgument35.addLongIdentifier("promptForCurrentKeystorePIN", true);
        argumentParser11.addArgument(booleanArgument35);
        StringArgument stringArgument68 = new StringArgument(null, "new-keystore-password", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_ARG_NEW_PW_DESC.get());
        stringArgument68.addLongIdentifier("newKeystorePassword", true);
        stringArgument68.addLongIdentifier("new-keystore-passphrase", true);
        stringArgument68.addLongIdentifier("newKeystorePassphrase", true);
        stringArgument68.addLongIdentifier("new-keystore-pin", true);
        stringArgument68.addLongIdentifier("newKeystorePIN", true);
        stringArgument68.addLongIdentifier("new", true);
        stringArgument68.setSensitive(true);
        argumentParser11.addArgument(stringArgument68);
        FileArgument fileArgument34 = new FileArgument(null, "new-keystore-password-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_ARG_NEW_PW_FILE_DESC.get(), true, true, true, false);
        fileArgument34.addLongIdentifier("newKeystorePasswordFile", true);
        fileArgument34.addLongIdentifier("new-keystore-passphrase-file", true);
        fileArgument34.addLongIdentifier("newKeystorePassphraseFile", true);
        fileArgument34.addLongIdentifier("new-keystore-pin-file", true);
        fileArgument34.addLongIdentifier("newKeystorePINFile", true);
        argumentParser11.addArgument(fileArgument34);
        BooleanArgument booleanArgument36 = new BooleanArgument(null, "prompt-for-new-keystore-password", CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_ARG_PROMPT_FOR_NEW_PW_DESC.get());
        booleanArgument36.addLongIdentifier("promptForNewKeystorePassword", true);
        booleanArgument36.addLongIdentifier("prompt-for-new-keystore-passphrase", true);
        booleanArgument36.addLongIdentifier("promptForNewKeystorePassphrase", true);
        booleanArgument36.addLongIdentifier("prompt-for-new-keystore-pin", true);
        booleanArgument36.addLongIdentifier("promptForNewKeystorePIN", true);
        argumentParser11.addArgument(booleanArgument36);
        BooleanArgument booleanArgument37 = new BooleanArgument(null, "display-keytool-command", 1, CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_ARG_DISPLAY_COMMAND_DESC.get());
        booleanArgument37.addLongIdentifier("displayKeytoolCommand", true);
        booleanArgument37.addLongIdentifier("show-keytool-command", true);
        booleanArgument37.addLongIdentifier("showKeytoolCommand", true);
        argumentParser11.addArgument(booleanArgument37);
        argumentParser11.addRequiredArgumentSet(stringArgument67, fileArgument33, booleanArgument35);
        argumentParser11.addExclusiveArgumentSet(stringArgument67, fileArgument33, booleanArgument35);
        argumentParser11.addRequiredArgumentSet(stringArgument68, fileArgument34, booleanArgument36);
        argumentParser11.addExclusiveArgumentSet(stringArgument68, fileArgument34, booleanArgument36);
        LinkedHashMap linkedHashMap10 = new LinkedHashMap(1);
        linkedHashMap10.put(new String[]{"change-keystore-password", "--keystore", getPlatformSpecificPath("config", "keystore"), "--current-keystore-password-file", getPlatformSpecificPath("config", "current.pin"), "--new-keystore-password-file", getPlatformSpecificPath("config", "new.pin"), "--display-keytool-command"}, CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_EXAMPLE_1.get(getPlatformSpecificPath("config", "keystore"), getPlatformSpecificPath("config", "current.pin"), getPlatformSpecificPath("config", "new.pin")));
        SubCommand subCommand10 = new SubCommand("change-keystore-password", CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_DESC.get(), argumentParser11, linkedHashMap10);
        subCommand10.addName("changeKeystorePassword", true);
        subCommand10.addName("change-keystore-passphrase", true);
        subCommand10.addName("changeKeystorePassphrase", true);
        subCommand10.addName("change-keystore-pin", true);
        subCommand10.addName("changeKeystorePIN", true);
        subCommand10.addName("storepasswd", true);
        argumentParser.addSubCommand(subCommand10);
        ArgumentParser argumentParser12 = new ArgumentParser("change-private-key-password", CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_DESC.get());
        FileArgument fileArgument35 = new FileArgument(null, "keystore", true, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_KS_DESC.get(), true, true, true, false);
        fileArgument35.addLongIdentifier("keystore-path", true);
        fileArgument35.addLongIdentifier("keystorePath", true);
        fileArgument35.addLongIdentifier("keystore-file", true);
        fileArgument35.addLongIdentifier("keystoreFile", true);
        argumentParser12.addArgument(fileArgument35);
        StringArgument stringArgument69 = new StringArgument(null, "keystore-password", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_KS_PW_DESC.get());
        stringArgument69.addLongIdentifier("keystorePassword", true);
        stringArgument69.addLongIdentifier("keystore-passphrase", true);
        stringArgument69.addLongIdentifier("keystorePassphrase", true);
        stringArgument69.addLongIdentifier("keystore-pin", true);
        stringArgument69.addLongIdentifier("keystorePIN", true);
        stringArgument69.addLongIdentifier("storepass", true);
        stringArgument69.setSensitive(true);
        argumentParser12.addArgument(stringArgument69);
        FileArgument fileArgument36 = new FileArgument(null, "keystore-password-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
        fileArgument36.addLongIdentifier("keystorePasswordFile", true);
        fileArgument36.addLongIdentifier("keystore-passphrase-file", true);
        fileArgument36.addLongIdentifier("keystorePassphraseFile", true);
        fileArgument36.addLongIdentifier("keystore-pin-file", true);
        fileArgument36.addLongIdentifier("keystorePINFile", true);
        argumentParser12.addArgument(fileArgument36);
        BooleanArgument booleanArgument38 = new BooleanArgument(null, "prompt-for-keystore-password", CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_PROMPT_FOR_KS_PW_DESC.get());
        booleanArgument38.addLongIdentifier("promptForKeystorePassword", true);
        booleanArgument38.addLongIdentifier("prompt-for-keystore-passphrase", true);
        booleanArgument38.addLongIdentifier("promptForKeystorePassphrase", true);
        booleanArgument38.addLongIdentifier("prompt-for-keystore-pin", true);
        booleanArgument38.addLongIdentifier("promptForKeystorePIN", true);
        argumentParser12.addArgument(booleanArgument38);
        StringArgument stringArgument70 = new StringArgument(null, MimeTypesReaderMetKeys.ALIAS_TAG, true, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_ALIAS_DESC.get());
        stringArgument70.addLongIdentifier("nickname", true);
        argumentParser12.addArgument(stringArgument70);
        StringArgument stringArgument71 = new StringArgument(null, "current-private-key-password", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_CURRENT_PW_DESC.get());
        stringArgument71.addLongIdentifier("currentPrivateKeyPassword", true);
        stringArgument71.addLongIdentifier("current-private-key-passphrase", true);
        stringArgument71.addLongIdentifier("currentPrivateKeyPassphrase", true);
        stringArgument71.addLongIdentifier("current-private-key-pin", true);
        stringArgument71.addLongIdentifier("currentPrivateKeyPIN", true);
        stringArgument71.addLongIdentifier("keypass", true);
        stringArgument71.setSensitive(true);
        argumentParser12.addArgument(stringArgument71);
        FileArgument fileArgument37 = new FileArgument(null, "current-private-key-password-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_CURRENT_PW_FILE_DESC.get(), true, true, true, false);
        fileArgument37.addLongIdentifier("currentPrivateKeyPasswordFile", true);
        fileArgument37.addLongIdentifier("current-private-key-passphrase-file", true);
        fileArgument37.addLongIdentifier("currentPrivateKeyPassphraseFile", true);
        fileArgument37.addLongIdentifier("current-private-key-pin-file", true);
        fileArgument37.addLongIdentifier("currentPrivateKeyPINFile", true);
        argumentParser12.addArgument(fileArgument37);
        BooleanArgument booleanArgument39 = new BooleanArgument(null, "prompt-for-current-private-key-password", CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_PROMPT_FOR_CURRENT_PW_DESC.get());
        booleanArgument39.addLongIdentifier("promptForCurrentPrivateKeyPassword", true);
        booleanArgument39.addLongIdentifier("prompt-for-current-private-key-passphrase", true);
        booleanArgument39.addLongIdentifier("promptForCurrentPrivateKeyPassphrase", true);
        booleanArgument39.addLongIdentifier("prompt-for-current-private-key-pin", true);
        booleanArgument39.addLongIdentifier("promptForCurrentPrivateKeyPIN", true);
        argumentParser12.addArgument(booleanArgument39);
        StringArgument stringArgument72 = new StringArgument(null, "new-private-key-password", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_NEW_PW_DESC.get());
        stringArgument72.addLongIdentifier("newPrivateKeyPassword", true);
        stringArgument72.addLongIdentifier("new-private-key-passphrase", true);
        stringArgument72.addLongIdentifier("newPrivateKeyPassphrase", true);
        stringArgument72.addLongIdentifier("new-private-key-pin", true);
        stringArgument72.addLongIdentifier("newPrivateKeyPIN", true);
        stringArgument72.addLongIdentifier("new", true);
        stringArgument72.setSensitive(true);
        argumentParser12.addArgument(stringArgument72);
        FileArgument fileArgument38 = new FileArgument(null, "new-private-key-password-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_NEW_PW_FILE_DESC.get(), true, true, true, false);
        fileArgument38.addLongIdentifier("newPrivateKeyPasswordFile", true);
        fileArgument38.addLongIdentifier("new-private-key-passphrase-file", true);
        fileArgument38.addLongIdentifier("newPrivateKeyPassphraseFile", true);
        fileArgument38.addLongIdentifier("new-private-key-pin-file", true);
        fileArgument38.addLongIdentifier("newPrivateKeyPINFile", true);
        argumentParser12.addArgument(fileArgument38);
        BooleanArgument booleanArgument40 = new BooleanArgument(null, "prompt-for-new-private-key-password", CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_PROMPT_FOR_NEW_PW_DESC.get());
        booleanArgument40.addLongIdentifier("promptForNewPrivateKeyPassword", true);
        booleanArgument40.addLongIdentifier("prompt-for-new-private-key-passphrase", true);
        booleanArgument40.addLongIdentifier("promptForNewPrivateKeyPassphrase", true);
        booleanArgument40.addLongIdentifier("prompt-for-new-private-key-pin", true);
        booleanArgument40.addLongIdentifier("promptForNewPrivateKeyPIN", true);
        argumentParser12.addArgument(booleanArgument40);
        BooleanArgument booleanArgument41 = new BooleanArgument(null, "display-keytool-command", 1, CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_DISPLAY_COMMAND_DESC.get());
        booleanArgument41.addLongIdentifier("displayKeytoolCommand", true);
        booleanArgument41.addLongIdentifier("show-keytool-command", true);
        booleanArgument41.addLongIdentifier("showKeytoolCommand", true);
        argumentParser12.addArgument(booleanArgument41);
        argumentParser12.addRequiredArgumentSet(stringArgument69, fileArgument36, booleanArgument38);
        argumentParser12.addExclusiveArgumentSet(stringArgument69, fileArgument36, booleanArgument38);
        argumentParser12.addRequiredArgumentSet(stringArgument71, fileArgument37, booleanArgument39);
        argumentParser12.addExclusiveArgumentSet(stringArgument71, fileArgument37, booleanArgument39);
        argumentParser12.addRequiredArgumentSet(stringArgument72, fileArgument38, booleanArgument40);
        argumentParser12.addExclusiveArgumentSet(stringArgument72, fileArgument38, booleanArgument40);
        LinkedHashMap linkedHashMap11 = new LinkedHashMap(1);
        linkedHashMap11.put(new String[]{"change-private-key-password", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "server-cert", "--current-private-key-password-file", getPlatformSpecificPath("config", "current.pin"), "--new-private-key-password-file", getPlatformSpecificPath("config", "new.pin"), "--display-keytool-command"}, CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_EXAMPLE_1.get(getPlatformSpecificPath("config", "keystore"), getPlatformSpecificPath("config", "current.pin"), getPlatformSpecificPath("config", "new.pin")));
        SubCommand subCommand11 = new SubCommand("change-private-key-password", CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_DESC.get(), argumentParser12, linkedHashMap11);
        subCommand11.addName("changePrivateKeyPassword", true);
        subCommand11.addName("change-private-key-passphrase", true);
        subCommand11.addName("changePrivateKeyPassphrase", true);
        subCommand11.addName("change-private-key-pin", true);
        subCommand11.addName("changePrivateKeyPIN", true);
        subCommand11.addName("change-key-password", false);
        subCommand11.addName("changeKeyPassword", true);
        subCommand11.addName("change-key-passphrase", true);
        subCommand11.addName("changeKeyPassphrase", true);
        subCommand11.addName("change-key-pin", true);
        subCommand11.addName("changeKeyPIN", true);
        subCommand11.addName("keypasswd", true);
        argumentParser.addSubCommand(subCommand11);
        ArgumentParser argumentParser13 = new ArgumentParser("trust-server-certificate", CertMessages.INFO_MANAGE_CERTS_SC_TRUST_SERVER_DESC.get());
        StringArgument stringArgument73 = new StringArgument('h', Constants.HOSTNAME_KEY, true, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_HOST.get(), CertMessages.INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_HOSTNAME_DESC.get());
        stringArgument73.addLongIdentifier("server-address", true);
        stringArgument73.addLongIdentifier("serverAddress", true);
        stringArgument73.addLongIdentifier(IMAPStore.ID_ADDRESS, true);
        argumentParser13.addArgument(stringArgument73);
        IntegerArgument integerArgument8 = new IntegerArgument('p', "port", true, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_PORT.get(), CertMessages.INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_PORT_DESC.get(), 1, 65535);
        integerArgument8.addLongIdentifier("server-port", true);
        integerArgument8.addLongIdentifier("serverPort", true);
        argumentParser13.addArgument(integerArgument8);
        BooleanArgument booleanArgument42 = new BooleanArgument('q', "use-ldap-start-tls", 1, CertMessages.INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_USE_START_TLS_DESC.get());
        booleanArgument42.addLongIdentifier("use-ldap-starttls", true);
        booleanArgument42.addLongIdentifier("useLDAPStartTLS", true);
        booleanArgument42.addLongIdentifier("use-start-tls", true);
        booleanArgument42.addLongIdentifier("use-starttls", true);
        booleanArgument42.addLongIdentifier("useStartTLS", true);
        argumentParser13.addArgument(booleanArgument42);
        FileArgument fileArgument39 = new FileArgument(null, "keystore", true, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_KS_DESC.get(), false, true, true, false);
        fileArgument39.addLongIdentifier("keystore-path", true);
        fileArgument39.addLongIdentifier("keystorePath", true);
        fileArgument39.addLongIdentifier("keystore-file", true);
        fileArgument39.addLongIdentifier("keystoreFile", true);
        argumentParser13.addArgument(fileArgument39);
        StringArgument stringArgument74 = new StringArgument(null, "keystore-password", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), CertMessages.INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_KS_PW_DESC.get());
        stringArgument74.addLongIdentifier("keystorePassword", true);
        stringArgument74.addLongIdentifier("keystore-passphrase", true);
        stringArgument74.addLongIdentifier("keystorePassphrase", true);
        stringArgument74.addLongIdentifier("keystore-pin", true);
        stringArgument74.addLongIdentifier("keystorePIN", true);
        stringArgument74.addLongIdentifier("storepass", true);
        stringArgument74.setSensitive(true);
        argumentParser13.addArgument(stringArgument74);
        FileArgument fileArgument40 = new FileArgument(null, "keystore-password-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
        fileArgument40.addLongIdentifier("keystorePasswordFile", true);
        fileArgument40.addLongIdentifier("keystore-passphrase-file", true);
        fileArgument40.addLongIdentifier("keystorePassphraseFile", true);
        fileArgument40.addLongIdentifier("keystore-pin-file", true);
        fileArgument40.addLongIdentifier("keystorePINFile", true);
        argumentParser13.addArgument(fileArgument40);
        BooleanArgument booleanArgument43 = new BooleanArgument(null, "prompt-for-keystore-password", CertMessages.INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_PROMPT_FOR_KS_PW_DESC.get());
        booleanArgument43.addLongIdentifier("promptForKeystorePassword", true);
        booleanArgument43.addLongIdentifier("prompt-for-keystore-passphrase", true);
        booleanArgument43.addLongIdentifier("promptForKeystorePassphrase", true);
        booleanArgument43.addLongIdentifier("prompt-for-keystore-pin", true);
        booleanArgument43.addLongIdentifier("promptForKeystorePIN", true);
        argumentParser13.addArgument(booleanArgument43);
        LinkedHashSet linkedHashSet8 = new LinkedHashSet(2);
        linkedHashSet8.add("jks");
        linkedHashSet8.add("pkcs12");
        linkedHashSet8.add("pkcs 12");
        linkedHashSet8.add("pkcs#12");
        linkedHashSet8.add("pkcs #12");
        StringArgument stringArgument75 = new StringArgument((Character) null, "keystore-type", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), CertMessages.INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_KS_TYPE_DESC.get(), (Set<String>) linkedHashSet8);
        stringArgument75.addLongIdentifier("keystoreType", true);
        stringArgument75.addLongIdentifier("storetype", true);
        argumentParser13.addArgument(stringArgument75);
        StringArgument stringArgument76 = new StringArgument(null, MimeTypesReaderMetKeys.ALIAS_TAG, false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), CertMessages.INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_ALIAS_DESC.get());
        stringArgument76.addLongIdentifier("nickname", true);
        argumentParser13.addArgument(stringArgument76);
        BooleanArgument booleanArgument44 = new BooleanArgument(null, "issuers-only", 1, CertMessages.INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_ISSUERS_ONLY_DESC.get());
        booleanArgument44.addLongIdentifier("issuersOnly", true);
        booleanArgument44.addLongIdentifier("issuer-certificates-only", true);
        booleanArgument44.addLongIdentifier("issuerCertificatesOnly", true);
        booleanArgument44.addLongIdentifier("only-issuers", true);
        booleanArgument44.addLongIdentifier("onlyIssuers", true);
        booleanArgument44.addLongIdentifier("only-issuer-certificates", true);
        booleanArgument44.addLongIdentifier("onlyIssuerCertificates", true);
        argumentParser13.addArgument(booleanArgument44);
        argumentParser13.addArgument(new BooleanArgument(null, "verbose", 1, CertMessages.INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_VERBOSE_DESC.get()));
        BooleanArgument booleanArgument45 = new BooleanArgument(null, "no-prompt", 1, CertMessages.INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_NO_PROMPT_DESC.get());
        booleanArgument45.addLongIdentifier("noPrompt", true);
        argumentParser13.addArgument(booleanArgument45);
        argumentParser13.addRequiredArgumentSet(stringArgument74, fileArgument40, booleanArgument43);
        argumentParser13.addExclusiveArgumentSet(stringArgument74, fileArgument40, booleanArgument43);
        LinkedHashMap linkedHashMap12 = new LinkedHashMap(2);
        linkedHashMap12.put(new String[]{"trust-server-certificate", SelfSignedCertificateGenerator.CommandLineArgs.HOSTNAME, "ds.example.com", "--port", "636", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--verbose"}, CertMessages.INFO_MANAGE_CERTS_SC_TRUST_SERVER_EXAMPLE_1.get());
        linkedHashMap12.put(new String[]{"trust-server-certificate", SelfSignedCertificateGenerator.CommandLineArgs.HOSTNAME, "ds.example.com", "--port", "389", "--use-ldap-start-tls", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--issuers-only", BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "ds-start-tls-cert", "--no-prompt"}, CertMessages.INFO_MANAGE_CERTS_SC_TRUST_SERVER_EXAMPLE_2.get());
        SubCommand subCommand12 = new SubCommand("trust-server-certificate", CertMessages.INFO_MANAGE_CERTS_SC_TRUST_SERVER_DESC.get(), argumentParser13, linkedHashMap12);
        subCommand12.addName("trustServerCertificate", true);
        subCommand12.addName("trust-server", false);
        subCommand12.addName("trustServer", true);
        argumentParser.addSubCommand(subCommand12);
        ArgumentParser argumentParser14 = new ArgumentParser("check-certificate-usability", CertMessages.INFO_MANAGE_CERTS_SC_CHECK_USABILITY_DESC.get());
        FileArgument fileArgument41 = new FileArgument(null, "keystore", true, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_CHECK_USABILITY_ARG_KS_DESC.get(), true, true, true, false);
        fileArgument41.addLongIdentifier("keystore-path", true);
        fileArgument41.addLongIdentifier("keystorePath", true);
        fileArgument41.addLongIdentifier("keystore-file", true);
        fileArgument41.addLongIdentifier("keystoreFile", true);
        argumentParser14.addArgument(fileArgument41);
        StringArgument stringArgument77 = new StringArgument(null, "keystore-password", false, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), CertMessages.INFO_MANAGE_CERTS_SC_CHECK_USABILITY_ARG_KS_PW_DESC.get());
        stringArgument77.addLongIdentifier("keystorePassword", true);
        stringArgument77.addLongIdentifier("keystore-passphrase", true);
        stringArgument77.addLongIdentifier("keystorePassphrase", true);
        stringArgument77.addLongIdentifier("keystore-pin", true);
        stringArgument77.addLongIdentifier("keystorePIN", true);
        stringArgument77.addLongIdentifier("storepass", true);
        stringArgument77.setSensitive(true);
        argumentParser14.addArgument(stringArgument77);
        FileArgument fileArgument42 = new FileArgument(null, "keystore-password-file", false, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_CHECK_USABILITY_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
        fileArgument42.addLongIdentifier("keystorePasswordFile", true);
        fileArgument42.addLongIdentifier("keystore-passphrase-file", true);
        fileArgument42.addLongIdentifier("keystorePassphraseFile", true);
        fileArgument42.addLongIdentifier("keystore-pin-file", true);
        fileArgument42.addLongIdentifier("keystorePINFile", true);
        argumentParser14.addArgument(fileArgument42);
        BooleanArgument booleanArgument46 = new BooleanArgument(null, "prompt-for-keystore-password", CertMessages.INFO_MANAGE_CERTS_SC_CHECK_USABILITY_ARG_PROMPT_FOR_KS_PW_DESC.get());
        booleanArgument46.addLongIdentifier("promptForKeystorePassword", true);
        booleanArgument46.addLongIdentifier("prompt-for-keystore-passphrase", true);
        booleanArgument46.addLongIdentifier("promptForKeystorePassphrase", true);
        booleanArgument46.addLongIdentifier("prompt-for-keystore-pin", true);
        booleanArgument46.addLongIdentifier("promptForKeystorePIN", true);
        argumentParser14.addArgument(booleanArgument46);
        StringArgument stringArgument78 = new StringArgument(null, MimeTypesReaderMetKeys.ALIAS_TAG, true, 1, CertMessages.INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), CertMessages.INFO_MANAGE_CERTS_SC_CHECK_USABILITY_ARG_ALIAS_DESC.get());
        stringArgument78.addLongIdentifier("nickname", true);
        argumentParser14.addArgument(stringArgument78);
        argumentParser14.addRequiredArgumentSet(stringArgument77, fileArgument42, booleanArgument46);
        argumentParser14.addExclusiveArgumentSet(stringArgument77, fileArgument42, booleanArgument46);
        LinkedHashMap linkedHashMap13 = new LinkedHashMap(2);
        linkedHashMap13.put(new String[]{"check-certificate-usability", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "server-cert"}, CertMessages.INFO_MANAGE_CERTS_SC_CHECK_USABILITY_EXAMPLE_1.get());
        SubCommand subCommand13 = new SubCommand("check-certificate-usability", CertMessages.INFO_MANAGE_CERTS_SC_CHECK_USABILITY_DESC.get(), argumentParser14, linkedHashMap13);
        subCommand13.addName("checkCertificateUsability", true);
        subCommand13.addName("check-usability", true);
        subCommand13.addName("checkUsability", true);
        argumentParser.addSubCommand(subCommand13);
        ArgumentParser argumentParser15 = new ArgumentParser("display-certificate-file", CertMessages.INFO_MANAGE_CERTS_SC_DISPLAY_CERT_DESC.get());
        FileArgument fileArgument43 = new FileArgument(null, "certificate-file", true, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_DISPLAY_CERT_ARG_FILE_DESC.get(), true, true, true, false);
        fileArgument43.addLongIdentifier("certificateFile", true);
        fileArgument43.addLongIdentifier("input-file", true);
        fileArgument43.addLongIdentifier("inputFile", true);
        fileArgument43.addLongIdentifier("file", true);
        fileArgument43.addLongIdentifier(HttpPostBodyUtil.FILENAME, true);
        argumentParser15.addArgument(fileArgument43);
        argumentParser15.addArgument(new BooleanArgument(null, "verbose", 1, CertMessages.INFO_MANAGE_CERTS_SC_DISPLAY_CERT_ARG_VERBOSE_DESC.get()));
        BooleanArgument booleanArgument47 = new BooleanArgument(null, "display-keytool-command", 1, CertMessages.INFO_MANAGE_CERTS_SC_DISPLAY_CERT_ARG_DISPLAY_COMMAND_DESC.get());
        booleanArgument47.addLongIdentifier("displayKeytoolCommand", true);
        booleanArgument47.addLongIdentifier("show-keytool-command", true);
        booleanArgument47.addLongIdentifier("showKeytoolCommand", true);
        argumentParser15.addArgument(booleanArgument47);
        LinkedHashMap linkedHashMap14 = new LinkedHashMap(2);
        linkedHashMap14.put(new String[]{"display-certificate-file", "--certificate-file", "certificate.pem"}, CertMessages.INFO_MANAGE_CERTS_SC_DISPLAY_CERT_EXAMPLE_1.get("certificate.pem"));
        linkedHashMap14.put(new String[]{"display-certificate-file", "--certificate-file", "certificate.pem", "--verbose", "--display-keytool-command"}, CertMessages.INFO_MANAGE_CERTS_SC_DISPLAY_CERT_EXAMPLE_2.get("certificate.pem"));
        SubCommand subCommand14 = new SubCommand("display-certificate-file", CertMessages.INFO_MANAGE_CERTS_SC_DISPLAY_CERT_DESC.get(), argumentParser15, linkedHashMap14);
        subCommand14.addName("displayCertificateFile", true);
        subCommand14.addName("display-certificate", false);
        subCommand14.addName("displayCertificate", true);
        subCommand14.addName("display-certificates", true);
        subCommand14.addName("displayCertificates", true);
        subCommand14.addName("show-certificate", true);
        subCommand14.addName("showCertificate", true);
        subCommand14.addName("show-certificate-file", true);
        subCommand14.addName("showCertificateFile", true);
        subCommand14.addName("show-certificates", true);
        subCommand14.addName("showCertificates", true);
        subCommand14.addName("print-certificate-file", false);
        subCommand14.addName("printCertificateFile", true);
        subCommand14.addName("print-certificate", false);
        subCommand14.addName("printCertificate", true);
        subCommand14.addName("print-certificates", true);
        subCommand14.addName("printCertificates", true);
        subCommand14.addName("printcert", true);
        argumentParser.addSubCommand(subCommand14);
        ArgumentParser argumentParser16 = new ArgumentParser("display-certificate-signing-request-file", CertMessages.INFO_MANAGE_CERTS_SC_DISPLAY_CSR_DESC.get());
        FileArgument fileArgument44 = new FileArgument(null, "certificate-signing-request-file", true, 1, null, CertMessages.INFO_MANAGE_CERTS_SC_DISPLAY_CSR_ARG_FILE_DESC.get(), true, true, true, false);
        fileArgument44.addLongIdentifier("certificateSigningRequestFile", true);
        fileArgument44.addLongIdentifier("request-file", false);
        fileArgument44.addLongIdentifier("requestFile", true);
        fileArgument44.addLongIdentifier("input-file", true);
        fileArgument44.addLongIdentifier("inputFile", true);
        fileArgument44.addLongIdentifier("file", true);
        fileArgument44.addLongIdentifier(HttpPostBodyUtil.FILENAME, true);
        argumentParser16.addArgument(fileArgument44);
        argumentParser16.addArgument(new BooleanArgument(null, "verbose", 1, CertMessages.INFO_MANAGE_CERTS_SC_DISPLAY_CSR_ARG_VERBOSE_DESC.get()));
        BooleanArgument booleanArgument48 = new BooleanArgument(null, "display-keytool-command", 1, CertMessages.INFO_MANAGE_CERTS_SC_DISPLAY_CSR_ARG_DISPLAY_COMMAND_DESC.get());
        booleanArgument48.addLongIdentifier("displayKeytoolCommand", true);
        booleanArgument48.addLongIdentifier("show-keytool-command", true);
        booleanArgument48.addLongIdentifier("showKeytoolCommand", true);
        argumentParser16.addArgument(booleanArgument48);
        LinkedHashMap linkedHashMap15 = new LinkedHashMap(1);
        linkedHashMap15.put(new String[]{"display-certificate-signing-request-file", "--certificate-signing-request-file", "server-cert.csr", "--display-keytool-command"}, CertMessages.INFO_MANAGE_CERTS_SC_DISPLAY_CSR_EXAMPLE_1.get("server-cert.csr"));
        SubCommand subCommand15 = new SubCommand("display-certificate-signing-request-file", CertMessages.INFO_MANAGE_CERTS_SC_DISPLAY_CSR_DESC.get(), argumentParser16, linkedHashMap15);
        subCommand15.addName("displayCertificateSigningRequestFile", true);
        subCommand15.addName("display-certificate-signing-request", true);
        subCommand15.addName("displayCertificateSigningRequest", true);
        subCommand15.addName("display-certificate-request-file", true);
        subCommand15.addName("displayCertificateRequestFile", true);
        subCommand15.addName("display-certificate-request", false);
        subCommand15.addName("displayCertificateRequest", true);
        subCommand15.addName("display-csr-file", true);
        subCommand15.addName("displayCSRFile", true);
        subCommand15.addName("display-csr", true);
        subCommand15.addName("displayCSR", true);
        subCommand15.addName("show-certificate-signing-request-file", true);
        subCommand15.addName("showCertificateSigningRequestFile", true);
        subCommand15.addName("show-certificate-signing-request", true);
        subCommand15.addName("showCertificateSigningRequest", true);
        subCommand15.addName("show-certificate-request-file", true);
        subCommand15.addName("showCertificateRequestFile", true);
        subCommand15.addName("show-certificate-request", true);
        subCommand15.addName("showCertificateRequest", true);
        subCommand15.addName("show-csr-file", true);
        subCommand15.addName("showCSRFile", true);
        subCommand15.addName("show-csr", true);
        subCommand15.addName("showCSR", true);
        subCommand15.addName("print-certificate-signing-request-file", false);
        subCommand15.addName("printCertificateSigningRequestFile", true);
        subCommand15.addName("print-certificate-signing-request", true);
        subCommand15.addName("printCertificateSigningRequest", true);
        subCommand15.addName("print-certificate-request-file", true);
        subCommand15.addName("printCertificateRequestFile", true);
        subCommand15.addName("print-certificate-request", false);
        subCommand15.addName("printCertificateRequest", true);
        subCommand15.addName("print-csr-file", true);
        subCommand15.addName("printCSRFile", true);
        subCommand15.addName("print-csr", true);
        subCommand15.addName("printCSR", true);
        subCommand15.addName("printcertreq", true);
        argumentParser.addSubCommand(subCommand15);
    }

    private static String getPlatformSpecificPath(String... strArr) {
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < strArr.length; i++) {
            if (i > 0) {
                sb.append(File.separatorChar);
            }
            sb.append(strArr[i]);
        }
        return sb.toString();
    }

    @Override // com.unboundid.util.CommandLineTool
    public ResultCode doToolProcessing() {
        SubCommand selectedSubCommand = this.globalParser.getSelectedSubCommand();
        if (selectedSubCommand == null) {
            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_NO_SUBCOMMAND.get());
            return ResultCode.PARAM_ERROR;
        }
        this.subCommandParser = selectedSubCommand.getArgumentParser();
        if (selectedSubCommand.hasName("list-certificates")) {
            return doListCertificates();
        }
        if (selectedSubCommand.hasName("export-certificate")) {
            return doExportCertificate();
        }
        if (selectedSubCommand.hasName("export-private-key")) {
            return doExportPrivateKey();
        }
        if (selectedSubCommand.hasName("import-certificate")) {
            return doImportCertificate();
        }
        if (selectedSubCommand.hasName("delete-certificate")) {
            return doDeleteCertificate();
        }
        if (!selectedSubCommand.hasName("generate-self-signed-certificate") && !selectedSubCommand.hasName("generate-certificate-signing-request") && !selectedSubCommand.hasName("sign-certificate-signing-request")) {
            if (selectedSubCommand.hasName("change-certificate-alias")) {
                return doChangeCertificateAlias();
            }
            if (selectedSubCommand.hasName("change-keystore-password")) {
                return doChangeKeystorePassword();
            }
            if (selectedSubCommand.hasName("change-private-key-password")) {
                return doChangePrivateKeyPassword();
            }
            if (selectedSubCommand.hasName("trust-server-certificate")) {
                return doTrustServerCertificate();
            }
            if (selectedSubCommand.hasName("check-certificate-usability")) {
                return doCheckCertificateUsability();
            }
            if (selectedSubCommand.hasName("display-certificate-file")) {
                return doDisplayCertificateFile();
            }
            if (selectedSubCommand.hasName("display-certificate-signing-request-file")) {
                return doDisplayCertificateSigningRequestFile();
            }
            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_UNKNOWN_SUBCOMMAND.get(selectedSubCommand.getPrimaryName()));
            return ResultCode.PARAM_ERROR;
        }
        return doGenerateOrSignCertificateOrCSR();
    }

    private ResultCode doListCertificates() {
        Set emptySet;
        Map emptyMap;
        BooleanArgument booleanArgument = this.subCommandParser.getBooleanArgument("display-pem-certificate");
        boolean z = booleanArgument != null && booleanArgument.isPresent();
        BooleanArgument booleanArgument2 = this.subCommandParser.getBooleanArgument("verbose");
        boolean z2 = booleanArgument2 != null && booleanArgument2.isPresent();
        StringArgument stringArgument = this.subCommandParser.getStringArgument(MimeTypesReaderMetKeys.ALIAS_TAG);
        if (stringArgument == null || !stringArgument.isPresent()) {
            emptySet = Collections.emptySet();
            emptyMap = Collections.emptyMap();
        } else {
            List<String> values = stringArgument.getValues();
            emptySet = new LinkedHashSet(values.size());
            emptyMap = new LinkedHashMap(values.size());
            for (String str : values) {
                String lowerCase = StaticUtils.toLowerCase(str);
                emptySet.add(StaticUtils.toLowerCase(lowerCase));
                emptyMap.put(lowerCase, str);
            }
        }
        File keystorePath = getKeystorePath();
        try {
            String inferKeystoreType = inferKeystoreType(keystorePath);
            try {
                char[] keystorePassword = getKeystorePassword(keystorePath);
                BooleanArgument booleanArgument3 = this.subCommandParser.getBooleanArgument("display-keytool-command");
                if (booleanArgument3 != null && booleanArgument3.isPresent()) {
                    ArrayList arrayList = new ArrayList(10);
                    arrayList.add("-list");
                    arrayList.add("-keystore");
                    arrayList.add(keystorePath.getAbsolutePath());
                    arrayList.add("-storetype");
                    arrayList.add(inferKeystoreType);
                    if (keystorePassword != null) {
                        arrayList.add("-storepass");
                        arrayList.add("*****REDACTED*****");
                    }
                    for (String str2 : emptyMap.values()) {
                        arrayList.add("-alias");
                        arrayList.add(str2);
                    }
                    if (z) {
                        arrayList.add("-rfc");
                    }
                    if (z2) {
                        arrayList.add("-v");
                    }
                    displayKeytoolCommand(arrayList);
                }
                try {
                    KeyStore keystore = getKeystore(inferKeystoreType, keystorePath, keystorePassword);
                    try {
                        Enumeration<String> aliases = keystore.aliases();
                        int i = 0;
                        ResultCode resultCode = ResultCode.SUCCESS;
                        while (aliases.hasMoreElements()) {
                            String nextElement = aliases.nextElement();
                            String lowerCase2 = StaticUtils.toLowerCase(nextElement);
                            if (emptySet.isEmpty() || emptyMap.remove(lowerCase2) != null) {
                                try {
                                    Certificate[] certificateChain = keystore.getCertificateChain(nextElement);
                                    if (certificateChain == null || certificateChain.length == 0) {
                                        Certificate certificate = keystore.getCertificate(nextElement);
                                        if (certificate != null) {
                                            certificateChain = new Certificate[]{certificate};
                                        }
                                    }
                                    X509Certificate[] x509CertificateArr = new X509Certificate[certificateChain.length];
                                    for (int i2 = 0; i2 < certificateChain.length; i2++) {
                                        x509CertificateArr[i2] = new X509Certificate(certificateChain[i2].getEncoded());
                                    }
                                    i++;
                                    for (int i3 = 0; i3 < x509CertificateArr.length; i3++) {
                                        out(new Object[0]);
                                        if (x509CertificateArr.length == 1) {
                                            out(CertMessages.INFO_MANAGE_CERTS_LIST_CERTS_LABEL_ALIAS_WITHOUT_CHAIN.get(nextElement));
                                        } else {
                                            out(CertMessages.INFO_MANAGE_CERTS_LIST_CERTS_LABEL_ALIAS_WITH_CHAIN.get(nextElement, Integer.valueOf(i3 + 1), Integer.valueOf(x509CertificateArr.length)));
                                        }
                                        printCertificate(x509CertificateArr[i3], "", z2);
                                        if (i3 == 0) {
                                            if (hasKeyAlias(keystore, nextElement)) {
                                                out(CertMessages.INFO_MANAGE_CERTS_LIST_CERTS_LABEL_HAS_PK_YES.get());
                                            } else {
                                                out(CertMessages.INFO_MANAGE_CERTS_LIST_CERTS_LABEL_HAS_PK_NO.get());
                                            }
                                        }
                                        CertException certException = null;
                                        if (x509CertificateArr[i3].isSelfSigned()) {
                                            try {
                                                x509CertificateArr[i3].verifySignature(null);
                                            } catch (CertException e) {
                                                Debug.debugException(e);
                                                certException = e;
                                            }
                                        } else {
                                            X509Certificate x509Certificate = null;
                                            try {
                                                x509Certificate = getIssuerCertificate(x509CertificateArr[i3], keystore, new AtomicReference(), new AtomicReference());
                                            } catch (Exception e2) {
                                                Debug.debugException(e2);
                                            }
                                            if (x509Certificate == null) {
                                                certException = new CertException(CertMessages.ERR_MANAGE_CERTS_LIST_CERTS_VERIFY_SIGNATURE_NO_ISSUER.get(x509CertificateArr[i3].getIssuerDN()));
                                            } else {
                                                try {
                                                    x509CertificateArr[i3].verifySignature(x509Certificate);
                                                } catch (CertException e3) {
                                                    Debug.debugException(e3);
                                                    certException = e3;
                                                }
                                            }
                                        }
                                        if (certException == null) {
                                            wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_LIST_CERTS_SIGNATURE_VALID.get());
                                        } else {
                                            wrapErr(0, WRAP_COLUMN, certException.getMessage());
                                        }
                                        if (z) {
                                            out(CertMessages.INFO_MANAGE_CERTS_LIST_CERTS_LABEL_PEM.get());
                                            writePEMCertificate(getOut(), x509CertificateArr[i3].getX509CertificateBytes());
                                        }
                                    }
                                } catch (Exception e4) {
                                    Debug.debugException(e4);
                                    err(new Object[0]);
                                    wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_LIST_CERTS_ERROR_GETTING_CERT.get(nextElement, StaticUtils.getExceptionMessage(e4)));
                                    resultCode = ResultCode.LOCAL_ERROR;
                                }
                            }
                        }
                        if (!emptyMap.isEmpty()) {
                            err(new Object[0]);
                            Iterator it = emptyMap.values().iterator();
                            while (it.hasNext()) {
                                wrapErr(0, WRAP_COLUMN, CertMessages.WARN_MANAGE_CERTS_LIST_CERTS_ALIAS_NOT_IN_KS.get((String) it.next(), keystorePath.getAbsolutePath()));
                                resultCode = ResultCode.PARAM_ERROR;
                            }
                        } else if (i == 0) {
                            out(new Object[0]);
                            if (keystorePassword == null) {
                                wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_LIST_CERTS_NO_CERTS_OR_KEYS_WITHOUT_PW.get());
                            } else {
                                wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_LIST_CERTS_NO_CERTS_OR_KEYS_WITH_PW.get());
                            }
                        }
                        return resultCode;
                    } catch (Exception e5) {
                        Debug.debugException(e5);
                        err(new Object[0]);
                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_LIST_CERTS_CANNOT_GET_ALIASES.get(keystorePath.getAbsolutePath()));
                        e5.printStackTrace(getErr());
                        return ResultCode.LOCAL_ERROR;
                    }
                } catch (LDAPException e6) {
                    Debug.debugException(e6);
                    wrapErr(0, WRAP_COLUMN, e6.getMessage());
                    return e6.getResultCode();
                }
            } catch (LDAPException e7) {
                Debug.debugException(e7);
                wrapErr(0, WRAP_COLUMN, e7.getMessage());
                return e7.getResultCode();
            }
        } catch (LDAPException e8) {
            Debug.debugException(e8);
            wrapErr(0, WRAP_COLUMN, e8.getMessage());
            return e8.getResultCode();
        }
    }

    /* JADX WARN: Finally extract failed */
    private ResultCode doExportCertificate() {
        X509Certificate[] certificateChain;
        PrintStream printStream;
        String value = this.subCommandParser.getStringArgument(MimeTypesReaderMetKeys.ALIAS_TAG).getValue();
        BooleanArgument booleanArgument = this.subCommandParser.getBooleanArgument("export-certificate-chain");
        boolean z = booleanArgument != null && booleanArgument.isPresent();
        BooleanArgument booleanArgument2 = this.subCommandParser.getBooleanArgument("separate-file-per-certificate");
        boolean z2 = booleanArgument2 != null && booleanArgument2.isPresent();
        boolean z3 = true;
        StringArgument stringArgument = this.subCommandParser.getStringArgument("output-format");
        if (stringArgument != null && stringArgument.isPresent()) {
            String lowerCase = stringArgument.getValue().toLowerCase();
            if (lowerCase.equals("der") || lowerCase.equals("binary") || lowerCase.equals("bin")) {
                z3 = false;
            }
        }
        File file = null;
        FileArgument fileArgument = this.subCommandParser.getFileArgument("output-file");
        if (fileArgument != null && fileArgument.isPresent()) {
            file = fileArgument.getValue();
        }
        if (file == null && !z3) {
            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_EXPORT_CERT_NO_FILE_WITH_DER.get());
            return ResultCode.PARAM_ERROR;
        }
        File keystorePath = getKeystorePath();
        try {
            String inferKeystoreType = inferKeystoreType(keystorePath);
            try {
                char[] keystorePassword = getKeystorePassword(keystorePath);
                BooleanArgument booleanArgument3 = this.subCommandParser.getBooleanArgument("display-keytool-command");
                if (booleanArgument3 != null && booleanArgument3.isPresent()) {
                    ArrayList arrayList = new ArrayList(10);
                    arrayList.add("-list");
                    arrayList.add("-keystore");
                    arrayList.add(keystorePath.getAbsolutePath());
                    arrayList.add("-storetype");
                    arrayList.add(inferKeystoreType);
                    if (keystorePassword != null) {
                        arrayList.add("-storepass");
                        arrayList.add("*****REDACTED*****");
                    }
                    arrayList.add("-alias");
                    arrayList.add(value);
                    if (z3) {
                        arrayList.add("-rfc");
                    }
                    if (file != null) {
                        arrayList.add(SOSCmd.FLAG_FILE);
                        arrayList.add(file.getAbsolutePath());
                    }
                    displayKeytoolCommand(arrayList);
                }
                try {
                    KeyStore keystore = getKeystore(inferKeystoreType, keystorePath, keystorePassword);
                    DN dn = null;
                    if (z) {
                        try {
                            AtomicReference atomicReference = new AtomicReference();
                            certificateChain = getCertificateChain(value, keystore, atomicReference);
                            dn = (DN) atomicReference.get();
                        } catch (LDAPException e) {
                            Debug.debugException(e);
                            wrapErr(0, WRAP_COLUMN, e.getMessage());
                            return e.getResultCode();
                        }
                    } else {
                        try {
                            Certificate certificate = keystore.getCertificate(value);
                            certificateChain = certificate == null ? new X509Certificate[0] : new X509Certificate[]{new X509Certificate(certificate.getEncoded())};
                        } catch (Exception e2) {
                            Debug.debugException(e2);
                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_EXPORT_CERT_ERROR_GETTING_CERT.get(value, keystorePath.getAbsolutePath()));
                            e2.printStackTrace(getErr());
                            return ResultCode.LOCAL_ERROR;
                        }
                    }
                    if (certificateChain.length == 0) {
                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_EXPORT_CERT_NO_CERT_WITH_ALIAS.get(value, keystorePath.getAbsolutePath()));
                        return ResultCode.PARAM_ERROR;
                    }
                    int i = 1;
                    String str = null;
                    if (file == null) {
                        printStream = getOut();
                    } else {
                        try {
                            str = (certificateChain.length <= 1 || !z2) ? file.getAbsolutePath() : file.getAbsolutePath() + ".1";
                            printStream = new PrintStream(str);
                        } catch (Exception e3) {
                            Debug.debugException(e3);
                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_EXPORT_CERT_ERROR_OPENING_OUTPUT.get(file.getAbsolutePath()));
                            e3.printStackTrace(getErr());
                            return ResultCode.LOCAL_ERROR;
                        }
                    }
                    try {
                        for (X509Certificate x509Certificate : certificateChain) {
                            if (z2) {
                                try {
                                    if (certificateChain.length > 1) {
                                        if (i > 1) {
                                            printStream.close();
                                            str = file.getAbsolutePath() + '.' + i;
                                            printStream = new PrintStream(str);
                                        }
                                        i++;
                                    }
                                } catch (Exception e4) {
                                    Debug.debugException(e4);
                                    wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_EXPORT_CERT_ERROR_WRITING_CERT.get(value, x509Certificate.getSubjectDN()));
                                    e4.printStackTrace(getErr());
                                    ResultCode resultCode = ResultCode.LOCAL_ERROR;
                                    printStream.flush();
                                    if (file != null) {
                                        printStream.close();
                                    }
                                    return resultCode;
                                }
                            }
                            if (z3) {
                                writePEMCertificate(printStream, x509Certificate.getX509CertificateBytes());
                            } else {
                                printStream.write(x509Certificate.getX509CertificateBytes());
                            }
                            if (file != null) {
                                out(new Object[0]);
                                wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_EXPORT_CERT_EXPORT_SUCCESSFUL.get(str));
                                printCertificate(x509Certificate, "", false);
                            }
                        }
                        printStream.flush();
                        if (file != null) {
                            printStream.close();
                        }
                        if (dn == null) {
                            return ResultCode.SUCCESS;
                        }
                        err(new Object[0]);
                        wrapErr(0, WRAP_COLUMN, CertMessages.WARN_MANAGE_CERTS_EXPORT_CERT_MISSING_CERT_IN_CHAIN.get(dn, keystorePath.getAbsolutePath()));
                        return ResultCode.NO_SUCH_OBJECT;
                    } catch (Throwable th) {
                        printStream.flush();
                        if (file != null) {
                            printStream.close();
                        }
                        throw th;
                    }
                } catch (LDAPException e5) {
                    Debug.debugException(e5);
                    wrapErr(0, WRAP_COLUMN, e5.getMessage());
                    return e5.getResultCode();
                }
            } catch (LDAPException e6) {
                Debug.debugException(e6);
                wrapErr(0, WRAP_COLUMN, e6.getMessage());
                return e6.getResultCode();
            }
        } catch (LDAPException e7) {
            Debug.debugException(e7);
            wrapErr(0, WRAP_COLUMN, e7.getMessage());
            return e7.getResultCode();
        }
    }

    private ResultCode doExportPrivateKey() {
        PrintStream printStream;
        String value = this.subCommandParser.getStringArgument(MimeTypesReaderMetKeys.ALIAS_TAG).getValue();
        boolean z = true;
        StringArgument stringArgument = this.subCommandParser.getStringArgument("output-format");
        if (stringArgument != null && stringArgument.isPresent()) {
            String lowerCase = stringArgument.getValue().toLowerCase();
            if (lowerCase.equals("der") || lowerCase.equals("binary") || lowerCase.equals("bin")) {
                z = false;
            }
        }
        File file = null;
        FileArgument fileArgument = this.subCommandParser.getFileArgument("output-file");
        if (fileArgument != null && fileArgument.isPresent()) {
            file = fileArgument.getValue();
        }
        if (file == null && !z) {
            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_EXPORT_KEY_NO_FILE_WITH_DER.get());
            return ResultCode.PARAM_ERROR;
        }
        File keystorePath = getKeystorePath();
        try {
            String inferKeystoreType = inferKeystoreType(keystorePath);
            try {
                char[] keystorePassword = getKeystorePassword(keystorePath);
                try {
                    KeyStore keystore = getKeystore(inferKeystoreType, keystorePath, keystorePassword);
                    try {
                        try {
                            Key key = keystore.getKey(value, getPrivateKeyPassword(keystore, value, keystorePassword));
                            if (key == null) {
                                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_EXPORT_KEY_NO_KEY_WITH_ALIAS.get(value, keystorePath.getAbsolutePath()));
                                return ResultCode.PARAM_ERROR;
                            }
                            PrivateKey privateKey = (PrivateKey) key;
                            if (file == null) {
                                printStream = getOut();
                            } else {
                                try {
                                    printStream = new PrintStream(file);
                                } catch (Exception e) {
                                    Debug.debugException(e);
                                    wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_EXPORT_KEY_ERROR_OPENING_OUTPUT.get(file.getAbsolutePath()));
                                    e.printStackTrace(getErr());
                                    return ResultCode.LOCAL_ERROR;
                                }
                            }
                            try {
                                try {
                                    if (z) {
                                        writePEMPrivateKey(printStream, privateKey.getEncoded());
                                    } else {
                                        printStream.write(privateKey.getEncoded());
                                    }
                                    if (file != null) {
                                        out(new Object[0]);
                                        wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_EXPORT_KEY_EXPORT_SUCCESSFUL.get());
                                    }
                                    printStream.flush();
                                    if (file != null) {
                                        printStream.close();
                                    }
                                    return ResultCode.SUCCESS;
                                } catch (Exception e2) {
                                    Debug.debugException(e2);
                                    wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_EXPORT_KEY_ERROR_WRITING_KEY.get(value));
                                    e2.printStackTrace(getErr());
                                    ResultCode resultCode = ResultCode.LOCAL_ERROR;
                                    printStream.flush();
                                    if (file != null) {
                                        printStream.close();
                                    }
                                    return resultCode;
                                }
                            } catch (Throwable th) {
                                printStream.flush();
                                if (file != null) {
                                    printStream.close();
                                }
                                throw th;
                            }
                        } catch (UnrecoverableKeyException e3) {
                            Debug.debugException(e3);
                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_EXPORT_KEY_WRONG_KEY_PW.get(value, keystorePath.getAbsolutePath()));
                            return ResultCode.PARAM_ERROR;
                        } catch (Exception e4) {
                            Debug.debugException(e4);
                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_EXPORT_KEY_ERROR_GETTING_KEY.get(value, keystorePath.getAbsolutePath()));
                            e4.printStackTrace(getErr());
                            return ResultCode.LOCAL_ERROR;
                        }
                    } catch (LDAPException e5) {
                        Debug.debugException(e5);
                        wrapErr(0, WRAP_COLUMN, e5.getMessage());
                        return e5.getResultCode();
                    }
                } catch (LDAPException e6) {
                    Debug.debugException(e6);
                    wrapErr(0, WRAP_COLUMN, e6.getMessage());
                    return e6.getResultCode();
                }
            } catch (LDAPException e7) {
                Debug.debugException(e7);
                wrapErr(0, WRAP_COLUMN, e7.getMessage());
                return e7.getResultCode();
            }
        } catch (LDAPException e8) {
            Debug.debugException(e8);
            wrapErr(0, WRAP_COLUMN, e8.getMessage());
            return e8.getResultCode();
        }
    }

    private ResultCode doImportCertificate() {
        PKCS8PrivateKey readPrivateKeyFromFile;
        ArrayList arrayList;
        String value = this.subCommandParser.getStringArgument(MimeTypesReaderMetKeys.ALIAS_TAG).getValue();
        List<File> values = this.subCommandParser.getFileArgument("certificate-file").getValues();
        FileArgument fileArgument = this.subCommandParser.getFileArgument("private-key-file");
        File value2 = (fileArgument == null || !fileArgument.isPresent()) ? null : fileArgument.getValue();
        BooleanArgument booleanArgument = this.subCommandParser.getBooleanArgument("no-prompt");
        boolean z = booleanArgument != null && booleanArgument.isPresent();
        File keystorePath = getKeystorePath();
        boolean z2 = !keystorePath.exists();
        try {
            String inferKeystoreType = inferKeystoreType(keystorePath);
            try {
                char[] keystorePassword = getKeystorePassword(keystorePath);
                ArrayList arrayList2 = new ArrayList(5);
                for (File file : values) {
                    try {
                        List<X509Certificate> readCertificatesFromFile = readCertificatesFromFile(file);
                        if (readCertificatesFromFile.isEmpty()) {
                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_IMPORT_CERT_NO_CERTS_IN_FILE.get(file.getAbsolutePath()));
                            return ResultCode.PARAM_ERROR;
                        }
                        arrayList2.addAll(readCertificatesFromFile);
                    } catch (LDAPException e) {
                        Debug.debugException(e);
                        wrapErr(0, WRAP_COLUMN, e.getMessage());
                        return e.getResultCode();
                    }
                }
                if (value2 == null) {
                    readPrivateKeyFromFile = null;
                } else {
                    try {
                        readPrivateKeyFromFile = readPrivateKeyFromFile(value2);
                    } catch (LDAPException e2) {
                        Debug.debugException(e2);
                        wrapErr(0, WRAP_COLUMN, e2.getMessage());
                        return e2.getResultCode();
                    }
                }
                try {
                    KeyStore keystore = getKeystore(inferKeystoreType, keystorePath, keystorePassword);
                    try {
                        char[] privateKeyPassword = getPrivateKeyPassword(keystore, value, keystorePassword);
                        BooleanArgument booleanArgument2 = this.subCommandParser.getBooleanArgument("display-keytool-command");
                        if (booleanArgument2 != null && booleanArgument2.isPresent()) {
                            ArrayList arrayList3 = new ArrayList(10);
                            arrayList3.add("-import");
                            arrayList3.add("-keystore");
                            arrayList3.add(keystorePath.getAbsolutePath());
                            arrayList3.add("-storetype");
                            arrayList3.add(inferKeystoreType);
                            arrayList3.add("-storepass");
                            arrayList3.add("*****REDACTED*****");
                            arrayList3.add("-keypass");
                            arrayList3.add("*****REDACTED*****");
                            arrayList3.add("-alias");
                            arrayList3.add(value);
                            arrayList3.add(SOSCmd.FLAG_FILE);
                            arrayList3.add(values.get(0).getAbsolutePath());
                            arrayList3.add("-trustcacerts");
                            displayKeytoolCommand(arrayList3);
                        }
                        Iterator it = arrayList2.iterator();
                        X509Certificate x509Certificate = (X509Certificate) it.next();
                        while (true) {
                            X509Certificate x509Certificate2 = x509Certificate;
                            if (x509Certificate2.isSelfSigned() && it.hasNext()) {
                                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_IMPORT_CERT_SELF_SIGNED_NOT_LAST.get(x509Certificate2.getSubjectDN()));
                                return ResultCode.PARAM_ERROR;
                            }
                            if (!it.hasNext()) {
                                if (!((X509Certificate) arrayList2.get(arrayList2.size() - 1)).isSelfSigned()) {
                                    arrayList = new ArrayList(arrayList2.size() + 5);
                                    arrayList.addAll(arrayList2);
                                    AtomicReference atomicReference = new AtomicReference();
                                    AtomicReference atomicReference2 = new AtomicReference();
                                    X509Certificate x509Certificate3 = (X509Certificate) arrayList2.get(arrayList2.size() - 1);
                                    while (true) {
                                        X509Certificate x509Certificate4 = x509Certificate3;
                                        if (x509Certificate4.isSelfSigned()) {
                                            break;
                                        }
                                        try {
                                            X509Certificate issuerCertificate = getIssuerCertificate(x509Certificate4, keystore, atomicReference, atomicReference2);
                                            if (issuerCertificate == null) {
                                                byte[] authorityKeyIdentifier = getAuthorityKeyIdentifier(x509Certificate4);
                                                if (readPrivateKeyFromFile != null || hasKeyAlias(keystore, value)) {
                                                    if (authorityKeyIdentifier == null) {
                                                        err(new Object[0]);
                                                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_IMPORT_CERT_NO_ISSUER_NO_AKI.get(x509Certificate4.getIssuerDN()));
                                                    } else {
                                                        err(new Object[0]);
                                                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_IMPORT_CERT_NO_ISSUER_WITH_AKI.get(x509Certificate4.getIssuerDN(), toColonDelimitedHex(authorityKeyIdentifier)));
                                                    }
                                                    return ResultCode.PARAM_ERROR;
                                                }
                                                if (authorityKeyIdentifier == null) {
                                                    err(new Object[0]);
                                                    wrapErr(0, WRAP_COLUMN, CertMessages.WARN_MANAGE_CERTS_IMPORT_CERT_NO_ISSUER_NO_AKI.get(x509Certificate4.getIssuerDN()));
                                                } else {
                                                    err(new Object[0]);
                                                    wrapErr(0, WRAP_COLUMN, CertMessages.WARN_MANAGE_CERTS_IMPORT_CERT_NO_ISSUER_WITH_AKI.get(x509Certificate4.getIssuerDN(), toColonDelimitedHex(authorityKeyIdentifier)));
                                                }
                                            } else {
                                                arrayList.add(issuerCertificate);
                                                x509Certificate3 = issuerCertificate;
                                            }
                                        } catch (Exception e3) {
                                            Debug.debugException(e3);
                                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_IMPORT_CERT_CANNOT_GET_ISSUER.get(x509Certificate4.getIssuerDN()));
                                            e3.printStackTrace(getErr());
                                            return ResultCode.LOCAL_ERROR;
                                        }
                                    }
                                } else {
                                    arrayList = arrayList2;
                                }
                                if (readPrivateKeyFromFile != null) {
                                    if (hasKeyAlias(keystore, value)) {
                                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_IMPORT_CERT_WITH_PK_KEY_ALIAS_CONFLICT.get(value));
                                        return ResultCode.PARAM_ERROR;
                                    }
                                    if (hasCertificateAlias(keystore, value)) {
                                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_IMPORT_CERT_WITH_PK_CERT_ALIAS_CONFLICT.get(value));
                                        return ResultCode.PARAM_ERROR;
                                    }
                                    try {
                                        Key privateKey = readPrivateKeyFromFile.toPrivateKey();
                                        Certificate[] certificateArr = new Certificate[arrayList.size()];
                                        for (int i = 0; i < certificateArr.length; i++) {
                                            X509Certificate x509Certificate5 = (X509Certificate) arrayList.get(i);
                                            try {
                                                certificateArr[i] = x509Certificate5.toCertificate();
                                            } catch (Exception e4) {
                                                Debug.debugException(e4);
                                                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_IMPORT_CERT_ERROR_CONVERTING_CERT.get(x509Certificate5.getSubjectDN()));
                                                e4.printStackTrace(getErr());
                                                return ResultCode.LOCAL_ERROR;
                                            }
                                        }
                                        if (!z) {
                                            out(new Object[0]);
                                            wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_IMPORT_CERT_CONFIRM_IMPORT_CHAIN_NEW_KEY.get(value));
                                            Iterator it2 = arrayList.iterator();
                                            while (it2.hasNext()) {
                                                X509Certificate x509Certificate6 = (X509Certificate) it2.next();
                                                out(new Object[0]);
                                                printCertificate(x509Certificate6, "", false);
                                            }
                                            out(new Object[0]);
                                            try {
                                                if (!promptForYesNo(CertMessages.INFO_MANAGE_CERTS_IMPORT_CERT_PROMPT_IMPORT_CHAIN.get())) {
                                                    wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_IMPORT_CERT_CANCELED.get());
                                                    return ResultCode.USER_CANCELED;
                                                }
                                            } catch (LDAPException e5) {
                                                Debug.debugException(e5);
                                                err(new Object[0]);
                                                wrapErr(0, WRAP_COLUMN, e5.getMessage());
                                                return e5.getResultCode();
                                            }
                                        }
                                        try {
                                            keystore.setKeyEntry(value, privateKey, privateKeyPassword, certificateArr);
                                            try {
                                                writeKeystore(keystore, keystorePath, keystorePassword);
                                                if (z2) {
                                                    out(new Object[0]);
                                                    wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_IMPORT_CERT_CREATED_KEYSTORE.get(getUserFriendlyKeystoreType(inferKeystoreType)));
                                                }
                                                out(new Object[0]);
                                                wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_IMPORT_CERT_IMPORTED_CHAIN_WITH_PK.get());
                                                return ResultCode.SUCCESS;
                                            } catch (LDAPException e6) {
                                                Debug.debugException(e6);
                                                wrapErr(0, WRAP_COLUMN, e6.getMessage());
                                                return e6.getResultCode();
                                            }
                                        } catch (Exception e7) {
                                            Debug.debugException(e7);
                                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_IMPORT_CERT_ERROR_UPDATING_KS_WITH_CHAIN.get(value));
                                            e7.printStackTrace(getErr());
                                            return ResultCode.LOCAL_ERROR;
                                        }
                                    } catch (Exception e8) {
                                        Debug.debugException(e8);
                                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_IMPORT_CERT_ERROR_CONVERTING_KEY.get(value2.getAbsolutePath()));
                                        e8.printStackTrace(getErr());
                                        return ResultCode.LOCAL_ERROR;
                                    }
                                }
                                if (hasCertificateAlias(keystore, value)) {
                                    wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_IMPORT_CERT_WITH_CONFLICTING_CERT_ALIAS.get(value));
                                    return ResultCode.PARAM_ERROR;
                                }
                                if (!hasKeyAlias(keystore, value)) {
                                    LinkedHashMap linkedHashMap = new LinkedHashMap(arrayList2.size());
                                    int i2 = 0;
                                    while (i2 < arrayList2.size()) {
                                        X509Certificate x509Certificate7 = (X509Certificate) arrayList2.get(i2);
                                        try {
                                            Certificate certificate = x509Certificate7.toCertificate();
                                            String str = i2 == 0 ? value : arrayList2.size() > 2 ? value + "-issuer-" + i2 : value + "-issuer";
                                            linkedHashMap.put(str, x509Certificate7);
                                            if (hasKeyAlias(keystore, str) || hasCertificateAlias(keystore, str)) {
                                                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_IMPORT_CERT_WITH_CONFLICTING_ISSUER_ALIAS.get(x509Certificate7.getSubjectDN(), str));
                                                return ResultCode.PARAM_ERROR;
                                            }
                                            try {
                                                keystore.setCertificateEntry(str, certificate);
                                                i2++;
                                            } catch (Exception e9) {
                                                Debug.debugException(e9);
                                                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_IMPORT_CERT_ERROR_UPDATING_KS_WITH_CERT.get(x509Certificate7.getSubjectDN(), value));
                                                e9.printStackTrace(getErr());
                                                return ResultCode.LOCAL_ERROR;
                                            }
                                        } catch (Exception e10) {
                                            Debug.debugException(e10);
                                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_IMPORT_CERT_ERROR_CONVERTING_CERT.get(x509Certificate7.getSubjectDN()));
                                            e10.printStackTrace(getErr());
                                            return ResultCode.LOCAL_ERROR;
                                        }
                                    }
                                    if (!z) {
                                        out(new Object[0]);
                                        wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_IMPORT_CERT_CONFIRM_IMPORT_CHAIN_NO_KEY.get(value));
                                        for (Map.Entry entry : linkedHashMap.entrySet()) {
                                            out(new Object[0]);
                                            wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_IMPORT_CERT_LABEL_ALIAS.get(entry.getKey()));
                                            printCertificate((X509Certificate) entry.getValue(), "", false);
                                        }
                                        out(new Object[0]);
                                        try {
                                            if (!promptForYesNo(CertMessages.INFO_MANAGE_CERTS_IMPORT_CERT_PROMPT_IMPORT_CHAIN.get())) {
                                                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_IMPORT_CERT_CANCELED.get());
                                                return ResultCode.USER_CANCELED;
                                            }
                                        } catch (LDAPException e11) {
                                            Debug.debugException(e11);
                                            err(new Object[0]);
                                            wrapErr(0, WRAP_COLUMN, e11.getMessage());
                                            return e11.getResultCode();
                                        }
                                    }
                                    try {
                                        writeKeystore(keystore, keystorePath, keystorePassword);
                                        out(new Object[0]);
                                        if (z2) {
                                            wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_IMPORT_CERT_CREATED_KEYSTORE.get(getUserFriendlyKeystoreType(inferKeystoreType)));
                                        }
                                        wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_IMPORT_CERT_IMPORTED_CHAIN_WITHOUT_PK.get());
                                        return ResultCode.SUCCESS;
                                    } catch (LDAPException e12) {
                                        Debug.debugException(e12);
                                        wrapErr(0, WRAP_COLUMN, e12.getMessage());
                                        return e12.getResultCode();
                                    }
                                }
                                try {
                                    Key key = (PrivateKey) keystore.getKey(value, privateKeyPassword);
                                    if (!Arrays.equals(new X509Certificate(keystore.getCertificateChain(value)[0].getEncoded()).getEncodedPublicKey().getBits(), ((X509Certificate) arrayList.get(0)).getEncodedPublicKey().getBits())) {
                                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_IMPORT_CERT_INTO_KEY_ALIAS_KEY_MISMATCH.get(value));
                                        return ResultCode.PARAM_ERROR;
                                    }
                                    Certificate[] certificateArr2 = new Certificate[arrayList.size()];
                                    for (int i3 = 0; i3 < arrayList.size(); i3++) {
                                        X509Certificate x509Certificate8 = (X509Certificate) arrayList.get(i3);
                                        try {
                                            certificateArr2[i3] = x509Certificate8.toCertificate();
                                        } catch (Exception e13) {
                                            Debug.debugException(e13);
                                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_IMPORT_CERT_ERROR_CONVERTING_CERT.get(x509Certificate8.getSubjectDN()));
                                            e13.printStackTrace(getErr());
                                            return ResultCode.LOCAL_ERROR;
                                        }
                                    }
                                    if (!z) {
                                        out(new Object[0]);
                                        wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_IMPORT_CERT_CONFIRM_IMPORT_CHAIN_EXISTING_KEY.get(value));
                                        Iterator it3 = arrayList.iterator();
                                        while (it3.hasNext()) {
                                            X509Certificate x509Certificate9 = (X509Certificate) it3.next();
                                            out(new Object[0]);
                                            printCertificate(x509Certificate9, "", false);
                                        }
                                        out(new Object[0]);
                                        try {
                                            if (!promptForYesNo(CertMessages.INFO_MANAGE_CERTS_IMPORT_CERT_PROMPT_IMPORT_CHAIN.get())) {
                                                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_IMPORT_CERT_CANCELED.get());
                                                return ResultCode.USER_CANCELED;
                                            }
                                        } catch (LDAPException e14) {
                                            Debug.debugException(e14);
                                            err(new Object[0]);
                                            wrapErr(0, WRAP_COLUMN, e14.getMessage());
                                            return e14.getResultCode();
                                        }
                                    }
                                    try {
                                        keystore.setKeyEntry(value, key, privateKeyPassword, certificateArr2);
                                        try {
                                            writeKeystore(keystore, keystorePath, keystorePassword);
                                            out(new Object[0]);
                                            if (z2) {
                                                wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_IMPORT_CERT_CREATED_KEYSTORE.get(getUserFriendlyKeystoreType(inferKeystoreType)));
                                            }
                                            wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_IMPORT_CERT_IMPORTED_CHAIN_WITHOUT_PK.get());
                                            return ResultCode.SUCCESS;
                                        } catch (LDAPException e15) {
                                            Debug.debugException(e15);
                                            wrapErr(0, WRAP_COLUMN, e15.getMessage());
                                            return e15.getResultCode();
                                        }
                                    } catch (Exception e16) {
                                        Debug.debugException(e16);
                                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_IMPORT_CERT_ERROR_UPDATING_KS_WITH_CHAIN.get(value));
                                        e16.printStackTrace(getErr());
                                        return ResultCode.LOCAL_ERROR;
                                    }
                                } catch (Exception e17) {
                                    Debug.debugException(e17);
                                    wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_IMPORT_CERT_INTO_KEY_ALIAS_CANNOT_GET_KEY.get(value));
                                    e17.printStackTrace(getErr());
                                    return ResultCode.LOCAL_ERROR;
                                }
                            }
                            X509Certificate x509Certificate10 = (X509Certificate) it.next();
                            StringBuilder sb = new StringBuilder();
                            if (!x509Certificate10.isIssuerFor(x509Certificate2, sb)) {
                                if (!Arrays.equals(x509Certificate10.getX509CertificateBytes(), x509Certificate2.getX509CertificateBytes())) {
                                    wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_IMPORT_CERT_NEXT_NOT_ISSUER_OF_PREV.get(sb.toString()));
                                    return ResultCode.PARAM_ERROR;
                                }
                                it.remove();
                            }
                            x509Certificate = x509Certificate10;
                        }
                    } catch (LDAPException e18) {
                        Debug.debugException(e18);
                        wrapErr(0, WRAP_COLUMN, e18.getMessage());
                        return e18.getResultCode();
                    }
                } catch (LDAPException e19) {
                    Debug.debugException(e19);
                    wrapErr(0, WRAP_COLUMN, e19.getMessage());
                    return e19.getResultCode();
                }
            } catch (LDAPException e20) {
                Debug.debugException(e20);
                wrapErr(0, WRAP_COLUMN, e20.getMessage());
                return e20.getResultCode();
            }
        } catch (LDAPException e21) {
            Debug.debugException(e21);
            wrapErr(0, WRAP_COLUMN, e21.getMessage());
            return e21.getResultCode();
        }
    }

    private ResultCode doDeleteCertificate() {
        boolean z;
        String value = this.subCommandParser.getStringArgument(MimeTypesReaderMetKeys.ALIAS_TAG).getValue();
        BooleanArgument booleanArgument = this.subCommandParser.getBooleanArgument("no-prompt");
        boolean z2 = booleanArgument != null && booleanArgument.isPresent();
        File keystorePath = getKeystorePath();
        try {
            String inferKeystoreType = inferKeystoreType(keystorePath);
            try {
                char[] keystorePassword = getKeystorePassword(keystorePath);
                BooleanArgument booleanArgument2 = this.subCommandParser.getBooleanArgument("display-keytool-command");
                if (booleanArgument2 != null && booleanArgument2.isPresent()) {
                    ArrayList arrayList = new ArrayList(10);
                    arrayList.add("-delete");
                    arrayList.add("-keystore");
                    arrayList.add(keystorePath.getAbsolutePath());
                    arrayList.add("-storetype");
                    arrayList.add(inferKeystoreType);
                    arrayList.add("-storepass");
                    arrayList.add("*****REDACTED*****");
                    arrayList.add("-alias");
                    arrayList.add(value);
                    displayKeytoolCommand(arrayList);
                }
                try {
                    KeyStore keystore = getKeystore(inferKeystoreType, keystorePath, keystorePassword);
                    ArrayList arrayList2 = new ArrayList(5);
                    if (hasCertificateAlias(keystore, value)) {
                        try {
                            z = false;
                            arrayList2.add(new X509Certificate(keystore.getCertificate(value).getEncoded()));
                        } catch (Exception e) {
                            Debug.debugException(e);
                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_DELETE_CERT_ERROR_GETTING_CERT.get(value));
                            e.printStackTrace(getErr());
                            return ResultCode.LOCAL_ERROR;
                        }
                    } else {
                        if (!hasKeyAlias(keystore, value)) {
                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_DELETE_CERT_ERROR_ALIAS_NOT_CERT_OR_KEY.get(value));
                            return ResultCode.PARAM_ERROR;
                        }
                        try {
                            z = true;
                            for (Certificate certificate : keystore.getCertificateChain(value)) {
                                arrayList2.add(new X509Certificate(certificate.getEncoded()));
                            }
                        } catch (Exception e2) {
                            Debug.debugException(e2);
                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_DELETE_CERT_ERROR_GETTING_CHAIN.get(value));
                            e2.printStackTrace(getErr());
                            return ResultCode.LOCAL_ERROR;
                        }
                    }
                    if (!z2) {
                        out(new Object[0]);
                        if (z) {
                            wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_DELETE_CERT_CONFIRM_DELETE_CHAIN.get());
                        } else {
                            wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_DELETE_CERT_CONFIRM_DELETE_CERT.get());
                        }
                        Iterator it = arrayList2.iterator();
                        while (it.hasNext()) {
                            X509Certificate x509Certificate = (X509Certificate) it.next();
                            out(new Object[0]);
                            printCertificate(x509Certificate, "", false);
                        }
                        out(new Object[0]);
                        try {
                            if (!promptForYesNo(CertMessages.INFO_MANAGE_CERTS_DELETE_CERT_PROMPT_DELETE.get())) {
                                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_DELETE_CERT_CANCELED.get());
                                return ResultCode.USER_CANCELED;
                            }
                        } catch (LDAPException e3) {
                            Debug.debugException(e3);
                            err(new Object[0]);
                            wrapErr(0, WRAP_COLUMN, e3.getMessage());
                            return e3.getResultCode();
                        }
                    }
                    try {
                        keystore.deleteEntry(value);
                        try {
                            writeKeystore(keystore, keystorePath, keystorePassword);
                            if (arrayList2.size() == 1) {
                                out(new Object[0]);
                                wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_DELETE_CERT_DELETED_CERT.get());
                            } else {
                                out(new Object[0]);
                                wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_DELETE_CERT_DELETED_CHAIN.get());
                            }
                            return ResultCode.SUCCESS;
                        } catch (LDAPException e4) {
                            Debug.debugException(e4);
                            wrapErr(0, WRAP_COLUMN, e4.getMessage());
                            return e4.getResultCode();
                        }
                    } catch (Exception e5) {
                        Debug.debugException(e5);
                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_DELETE_CERT_DELETE_ERROR.get(value));
                        e5.printStackTrace(getErr());
                        return ResultCode.LOCAL_ERROR;
                    }
                } catch (LDAPException e6) {
                    Debug.debugException(e6);
                    wrapErr(0, WRAP_COLUMN, e6.getMessage());
                    return e6.getResultCode();
                }
            } catch (LDAPException e7) {
                Debug.debugException(e7);
                wrapErr(0, WRAP_COLUMN, e7.getMessage());
                return e7.getResultCode();
            }
        } catch (LDAPException e8) {
            Debug.debugException(e8);
            wrapErr(0, WRAP_COLUMN, e8.getMessage());
            return e8.getResultCode();
        }
    }

    private ResultCode doGenerateOrSignCertificateOrCSR() {
        boolean z;
        boolean z2;
        boolean z3;
        boolean z4;
        SubCommand selectedSubCommand = this.globalParser.getSelectedSubCommand();
        if (selectedSubCommand.hasName("generate-self-signed-certificate")) {
            z = true;
            z2 = false;
            z3 = false;
        } else if (selectedSubCommand.hasName("generate-certificate-signing-request")) {
            z = false;
            z2 = true;
            z3 = false;
        } else {
            Validator.ensureTrue(selectedSubCommand.hasName("sign-certificate-signing-request"));
            z = false;
            z2 = false;
            z3 = true;
        }
        String value = this.subCommandParser.getStringArgument(MimeTypesReaderMetKeys.ALIAS_TAG).getValue();
        File keystorePath = getKeystorePath();
        boolean z5 = !keystorePath.exists();
        DN dn = null;
        DNArgument dNArgument = this.subCommandParser.getDNArgument("subject-dn");
        if (dNArgument != null && dNArgument.isPresent()) {
            dn = dNArgument.getValue();
        }
        File file = null;
        FileArgument fileArgument = this.subCommandParser.getFileArgument("input-file");
        if (fileArgument != null && fileArgument.isPresent()) {
            file = fileArgument.getValue();
        }
        File file2 = null;
        FileArgument fileArgument2 = this.subCommandParser.getFileArgument("output-file");
        if (fileArgument2 != null && fileArgument2.isPresent()) {
            file2 = fileArgument2.getValue();
        }
        boolean z6 = true;
        StringArgument stringArgument = this.subCommandParser.getStringArgument("output-format");
        if (stringArgument != null && stringArgument.isPresent()) {
            String lowerCase = stringArgument.getValue().toLowerCase();
            if (lowerCase.equals("der") || lowerCase.equals("binary") || lowerCase.equals("bin")) {
                z6 = false;
            }
        }
        if (!z6 && file2 == null) {
            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_NO_FILE_WITH_DER.get());
            return ResultCode.PARAM_ERROR;
        }
        BooleanArgument booleanArgument = this.subCommandParser.getBooleanArgument("replace-existing-certificate");
        boolean z7 = booleanArgument != null && booleanArgument.isPresent();
        if (z7 && !keystorePath.exists()) {
            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_REPLACE_WITHOUT_KS.get());
            return ResultCode.PARAM_ERROR;
        }
        BooleanArgument booleanArgument2 = this.subCommandParser.getBooleanArgument("inherit-extensions");
        boolean z8 = booleanArgument2 != null && booleanArgument2.isPresent();
        BooleanArgument booleanArgument3 = this.subCommandParser.getBooleanArgument("include-requested-extensions");
        boolean z9 = booleanArgument3 != null && booleanArgument3.isPresent();
        BooleanArgument booleanArgument4 = this.subCommandParser.getBooleanArgument("no-prompt");
        boolean z10 = booleanArgument4 != null && booleanArgument4.isPresent();
        BooleanArgument booleanArgument5 = this.subCommandParser.getBooleanArgument("display-keytool-command");
        boolean z11 = booleanArgument5 != null && booleanArgument5.isPresent();
        int i = 365;
        IntegerArgument integerArgument = this.subCommandParser.getIntegerArgument("days-valid");
        if (integerArgument != null && integerArgument.isPresent()) {
            i = integerArgument.getValue().intValue();
        }
        Date date = null;
        TimestampArgument timestampArgument = this.subCommandParser.getTimestampArgument("validity-start-time");
        if (timestampArgument != null && timestampArgument.isPresent()) {
            date = timestampArgument.getValue();
        }
        PublicKeyAlgorithmIdentifier publicKeyAlgorithmIdentifier = null;
        String str = null;
        StringArgument stringArgument2 = this.subCommandParser.getStringArgument("key-algorithm");
        if (stringArgument2 != null && stringArgument2.isPresent()) {
            String value2 = stringArgument2.getValue();
            publicKeyAlgorithmIdentifier = PublicKeyAlgorithmIdentifier.forName(value2);
            if (publicKeyAlgorithmIdentifier == null) {
                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_UNKNOWN_KEY_ALG.get(value2));
                return ResultCode.PARAM_ERROR;
            }
            str = publicKeyAlgorithmIdentifier.getName();
        }
        Integer num = null;
        IntegerArgument integerArgument2 = this.subCommandParser.getIntegerArgument("key-size-bits");
        if (integerArgument2 != null && integerArgument2.isPresent()) {
            num = integerArgument2.getValue();
        }
        if (publicKeyAlgorithmIdentifier != null && publicKeyAlgorithmIdentifier != PublicKeyAlgorithmIdentifier.RSA && num == null) {
            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_NO_KEY_SIZE_FOR_NON_RSA_KEY.get());
            return ResultCode.PARAM_ERROR;
        }
        String str2 = null;
        SignatureAlgorithmIdentifier signatureAlgorithmIdentifier = null;
        StringArgument stringArgument3 = this.subCommandParser.getStringArgument("signature-algorithm");
        if (stringArgument3 != null && stringArgument3.isPresent()) {
            String value3 = stringArgument3.getValue();
            signatureAlgorithmIdentifier = SignatureAlgorithmIdentifier.forName(value3);
            if (signatureAlgorithmIdentifier == null) {
                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_UNKNOWN_SIG_ALG.get(value3));
                return ResultCode.PARAM_ERROR;
            }
            str2 = signatureAlgorithmIdentifier.getJavaName();
        }
        if (publicKeyAlgorithmIdentifier != null && publicKeyAlgorithmIdentifier != PublicKeyAlgorithmIdentifier.RSA && signatureAlgorithmIdentifier == null) {
            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_NO_SIG_ALG_FOR_NON_RSA_KEY.get());
            return ResultCode.PARAM_ERROR;
        }
        ArrayList arrayList = new ArrayList(10);
        GeneralNamesBuilder generalNamesBuilder = new GeneralNamesBuilder();
        LinkedHashSet linkedHashSet = new LinkedHashSet(10);
        StringArgument stringArgument4 = this.subCommandParser.getStringArgument("subject-alternative-name-dns");
        if (stringArgument4 != null && stringArgument4.isPresent()) {
            for (String str3 : stringArgument4.getValues()) {
                generalNamesBuilder.addDNSName(str3);
                linkedHashSet.add("DNS:" + str3);
            }
        }
        StringArgument stringArgument5 = this.subCommandParser.getStringArgument("subject-alternative-name-ip-address");
        if (stringArgument5 != null && stringArgument5.isPresent()) {
            for (String str4 : stringArgument5.getValues()) {
                try {
                    generalNamesBuilder.addIPAddress(InetAddress.getByName(str4));
                    linkedHashSet.add("IP:" + str4);
                } catch (Exception e) {
                    Debug.debugException(e);
                    throw new RuntimeException(e);
                }
            }
        }
        StringArgument stringArgument6 = this.subCommandParser.getStringArgument("subject-alternative-name-email-address");
        if (stringArgument6 != null && stringArgument6.isPresent()) {
            for (String str5 : stringArgument6.getValues()) {
                generalNamesBuilder.addRFC822Name(str5);
                linkedHashSet.add("EMAIL:" + str5);
            }
        }
        StringArgument stringArgument7 = this.subCommandParser.getStringArgument("subject-alternative-name-uri");
        if (stringArgument7 != null && stringArgument7.isPresent()) {
            for (String str6 : stringArgument7.getValues()) {
                generalNamesBuilder.addUniformResourceIdentifier(str6);
                linkedHashSet.add("URI:" + str6);
            }
        }
        StringArgument stringArgument8 = this.subCommandParser.getStringArgument("subject-alternative-name-oid");
        if (stringArgument8 != null && stringArgument8.isPresent()) {
            for (String str7 : stringArgument8.getValues()) {
                generalNamesBuilder.addRegisteredID(new OID(str7));
                linkedHashSet.add("OID:" + str7);
            }
        }
        if (!linkedHashSet.isEmpty()) {
            try {
                arrayList.add(new SubjectAlternativeNameExtension(false, generalNamesBuilder.build()));
            } catch (Exception e2) {
                Debug.debugException(e2);
                throw new RuntimeException(e2);
            }
        }
        GeneralNamesBuilder generalNamesBuilder2 = new GeneralNamesBuilder();
        LinkedHashSet linkedHashSet2 = new LinkedHashSet(10);
        StringArgument stringArgument9 = this.subCommandParser.getStringArgument("issuer-alternative-name-dns");
        if (stringArgument9 != null && stringArgument9.isPresent()) {
            for (String str8 : stringArgument9.getValues()) {
                generalNamesBuilder2.addDNSName(str8);
                linkedHashSet2.add("DNS:" + str8);
            }
        }
        StringArgument stringArgument10 = this.subCommandParser.getStringArgument("issuer-alternative-name-ip-address");
        if (stringArgument10 != null && stringArgument10.isPresent()) {
            for (String str9 : stringArgument10.getValues()) {
                try {
                    generalNamesBuilder2.addIPAddress(InetAddress.getByName(str9));
                    linkedHashSet2.add("IP:" + str9);
                } catch (Exception e3) {
                    Debug.debugException(e3);
                    throw new RuntimeException(e3);
                }
            }
        }
        StringArgument stringArgument11 = this.subCommandParser.getStringArgument("issuer-alternative-name-email-address");
        if (stringArgument11 != null && stringArgument11.isPresent()) {
            for (String str10 : stringArgument11.getValues()) {
                generalNamesBuilder2.addRFC822Name(str10);
                linkedHashSet2.add("EMAIL:" + str10);
            }
        }
        StringArgument stringArgument12 = this.subCommandParser.getStringArgument("issuer-alternative-name-uri");
        if (stringArgument12 != null && stringArgument12.isPresent()) {
            for (String str11 : stringArgument12.getValues()) {
                generalNamesBuilder2.addUniformResourceIdentifier(str11);
                linkedHashSet2.add("URI:" + str11);
            }
        }
        StringArgument stringArgument13 = this.subCommandParser.getStringArgument("issuer-alternative-name-oid");
        if (stringArgument13 != null && stringArgument13.isPresent()) {
            for (String str12 : stringArgument13.getValues()) {
                generalNamesBuilder2.addRegisteredID(new OID(str12));
                linkedHashSet2.add("OID:" + str12);
            }
        }
        if (!linkedHashSet2.isEmpty()) {
            try {
                arrayList.add(new IssuerAlternativeNameExtension(false, generalNamesBuilder2.build()));
            } catch (Exception e4) {
                Debug.debugException(e4);
                throw new RuntimeException(e4);
            }
        }
        BasicConstraintsExtension basicConstraintsExtension = null;
        BooleanValueArgument booleanValueArgument = this.subCommandParser.getBooleanValueArgument("basic-constraints-is-ca");
        if (booleanValueArgument != null && booleanValueArgument.isPresent()) {
            boolean booleanValue = booleanValueArgument.getValue().booleanValue();
            Integer num2 = null;
            IntegerArgument integerArgument3 = this.subCommandParser.getIntegerArgument("basic-constraints-maximum-path-length");
            if (integerArgument3 != null && integerArgument3.isPresent()) {
                if (!booleanValue) {
                    wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_BC_PATH_LENGTH_WITHOUT_CA.get());
                    return ResultCode.PARAM_ERROR;
                }
                num2 = integerArgument3.getValue();
            }
            basicConstraintsExtension = new BasicConstraintsExtension(false, booleanValue, num2);
            arrayList.add(basicConstraintsExtension);
        }
        KeyUsageExtension keyUsageExtension = null;
        StringArgument stringArgument14 = this.subCommandParser.getStringArgument("key-usage");
        if (stringArgument14 != null && stringArgument14.isPresent()) {
            boolean z12 = false;
            boolean z13 = false;
            boolean z14 = false;
            boolean z15 = false;
            boolean z16 = false;
            boolean z17 = false;
            boolean z18 = false;
            boolean z19 = false;
            boolean z20 = false;
            for (String str13 : stringArgument14.getValues()) {
                if (str13.equalsIgnoreCase("digital-signature") || str13.equalsIgnoreCase("digitalSignature")) {
                    z12 = true;
                } else if (str13.equalsIgnoreCase("non-repudiation") || str13.equalsIgnoreCase("nonRepudiation") || str13.equalsIgnoreCase("content-commitment") || str13.equalsIgnoreCase("contentCommitment")) {
                    z13 = true;
                } else if (str13.equalsIgnoreCase("key-encipherment") || str13.equalsIgnoreCase("keyEncipherment")) {
                    z14 = true;
                } else if (str13.equalsIgnoreCase("data-encipherment") || str13.equalsIgnoreCase("dataEncipherment")) {
                    z15 = true;
                } else if (str13.equalsIgnoreCase("key-agreement") || str13.equalsIgnoreCase("keyAgreement")) {
                    z16 = true;
                } else if (str13.equalsIgnoreCase("key-cert-sign") || str13.equalsIgnoreCase("keyCertSign")) {
                    z17 = true;
                } else if (str13.equalsIgnoreCase("crl-sign") || str13.equalsIgnoreCase("crlSign")) {
                    z18 = true;
                } else if (str13.equalsIgnoreCase("encipher-only") || str13.equalsIgnoreCase("encipherOnly")) {
                    z19 = true;
                } else {
                    if (!str13.equalsIgnoreCase("decipher-only") && !str13.equalsIgnoreCase("decipherOnly")) {
                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_INVALID_KEY_USAGE.get(str13));
                        return ResultCode.PARAM_ERROR;
                    }
                    z20 = true;
                }
            }
            keyUsageExtension = new KeyUsageExtension(false, z12, z13, z14, z15, z16, z17, z18, z19, z20);
            arrayList.add(keyUsageExtension);
        }
        ExtendedKeyUsageExtension extendedKeyUsageExtension = null;
        StringArgument stringArgument15 = this.subCommandParser.getStringArgument("extended-key-usage");
        if (stringArgument15 != null && stringArgument15.isPresent()) {
            List<String> values = stringArgument15.getValues();
            ArrayList arrayList2 = new ArrayList(values.size());
            for (String str14 : values) {
                if (str14.equalsIgnoreCase("server-auth") || str14.equalsIgnoreCase("serverAuth") || str14.equalsIgnoreCase("server-authentication") || str14.equalsIgnoreCase("serverAuthentication") || str14.equalsIgnoreCase("tls-server-authentication") || str14.equalsIgnoreCase("tlsServerAuthentication")) {
                    arrayList2.add(ExtendedKeyUsageID.TLS_SERVER_AUTHENTICATION.getOID());
                } else if (str14.equalsIgnoreCase("client-auth") || str14.equalsIgnoreCase("clientAuth") || str14.equalsIgnoreCase("client-authentication") || str14.equalsIgnoreCase("clientAuthentication") || str14.equalsIgnoreCase("tls-client-authentication") || str14.equalsIgnoreCase("tlsClientAuthentication")) {
                    arrayList2.add(ExtendedKeyUsageID.TLS_CLIENT_AUTHENTICATION.getOID());
                } else if (str14.equalsIgnoreCase("code-signing") || str14.equalsIgnoreCase("codeSigning")) {
                    arrayList2.add(ExtendedKeyUsageID.CODE_SIGNING.getOID());
                } else if (str14.equalsIgnoreCase("email-protection") || str14.equalsIgnoreCase("emailProtection")) {
                    arrayList2.add(ExtendedKeyUsageID.EMAIL_PROTECTION.getOID());
                } else if (str14.equalsIgnoreCase("time-stamping") || str14.equalsIgnoreCase("timeStamping")) {
                    arrayList2.add(ExtendedKeyUsageID.TIME_STAMPING.getOID());
                } else if (str14.equalsIgnoreCase("ocsp-signing") || str14.equalsIgnoreCase("ocspSigning")) {
                    arrayList2.add(ExtendedKeyUsageID.OCSP_SIGNING.getOID());
                } else {
                    if (!OID.isStrictlyValidNumericOID(str14)) {
                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_INVALID_EXTENDED_KEY_USAGE.get(str14));
                        return ResultCode.PARAM_ERROR;
                    }
                    arrayList2.add(new OID(str14));
                }
            }
            try {
                extendedKeyUsageExtension = new ExtendedKeyUsageExtension(false, arrayList2);
                arrayList.add(extendedKeyUsageExtension);
            } catch (Exception e5) {
                Debug.debugException(e5);
                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_EXTENDED_KEY_USAGE_ERROR.get());
                e5.printStackTrace(getErr());
                return ResultCode.PARAM_ERROR;
            }
        }
        ArrayList arrayList3 = new ArrayList(5);
        StringArgument stringArgument16 = this.subCommandParser.getStringArgument("extension");
        if (stringArgument16 != null && stringArgument16.isPresent()) {
            for (String str15 : stringArgument16.getValues()) {
                try {
                    int indexOf = str15.indexOf(58);
                    int indexOf2 = str15.indexOf(58, indexOf + 1);
                    OID oid = new OID(str15.substring(0, indexOf));
                    if (!oid.isStrictlyValidNumericOID()) {
                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_EXT_MALFORMED_OID.get(str15, oid.toString()));
                        return ResultCode.PARAM_ERROR;
                    }
                    String substring = str15.substring(indexOf + 1, indexOf2);
                    if (substring.equalsIgnoreCase("true") || substring.equalsIgnoreCase("t") || substring.equalsIgnoreCase("yes") || substring.equalsIgnoreCase("y") || substring.equalsIgnoreCase(PDPrintFieldAttributeObject.CHECKED_STATE_ON) || substring.equalsIgnoreCase("1")) {
                        z4 = true;
                    } else {
                        if (!substring.equalsIgnoreCase("false") && !substring.equalsIgnoreCase("f") && !substring.equalsIgnoreCase("no") && !substring.equalsIgnoreCase(OperatorName.ENDPATH) && !substring.equalsIgnoreCase(PDPrintFieldAttributeObject.CHECKED_STATE_OFF) && !substring.equalsIgnoreCase("0")) {
                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_EXT_INVALID_CRITICALITY.get(str15, substring));
                            return ResultCode.PARAM_ERROR;
                        }
                        z4 = false;
                    }
                    try {
                        X509CertificateExtension x509CertificateExtension = new X509CertificateExtension(oid, z4, StaticUtils.fromHex(str15.substring(indexOf2 + 1)));
                        arrayList3.add(x509CertificateExtension);
                        arrayList.add(x509CertificateExtension);
                    } catch (Exception e6) {
                        Debug.debugException(e6);
                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_EXT_INVALID_VALUE.get(str15));
                        return ResultCode.PARAM_ERROR;
                    }
                } catch (Exception e7) {
                    Debug.debugException(e7);
                    wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_EXT_MALFORMED.get(str15));
                    return ResultCode.PARAM_ERROR;
                }
            }
        }
        try {
            String inferKeystoreType = inferKeystoreType(keystorePath);
            try {
                char[] keystorePassword = getKeystorePassword(keystorePath);
                try {
                    KeyStore keystore = getKeystore(inferKeystoreType, keystorePath, keystorePassword);
                    try {
                        char[] privateKeyPassword = getPrivateKeyPassword(keystore, value, keystorePassword);
                        if (z7) {
                            if (!hasKeyAlias(keystore, value)) {
                                if (hasCertificateAlias(keystore, value)) {
                                    wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_REPLACE_ALIAS_IS_CERT.get(value, keystorePath.getAbsolutePath()));
                                    return ResultCode.PARAM_ERROR;
                                }
                                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_REPLACE_NO_SUCH_ALIAS.get(value, keystorePath.getAbsolutePath()));
                                return ResultCode.PARAM_ERROR;
                            }
                            try {
                                Certificate[] certificateChain = keystore.getCertificateChain(value);
                                X509Certificate x509Certificate = new X509Certificate(certificateChain[0].getEncoded());
                                KeyPair keyPair = new KeyPair(certificateChain[0].getPublicKey(), (PrivateKey) keystore.getKey(value, privateKeyPassword));
                                SignatureAlgorithmIdentifier forOID = SignatureAlgorithmIdentifier.forOID(x509Certificate.getSignatureAlgorithmOID());
                                if (forOID == null) {
                                    wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_UNKNOWN_SIG_ALG_IN_CERT.get(x509Certificate.getSignatureAlgorithmOID()));
                                    return ResultCode.PARAM_ERROR;
                                }
                                String javaName = forOID.getJavaName();
                                if (dn == null) {
                                    dn = x509Certificate.getSubjectDN();
                                }
                                if (z8) {
                                    for (X509CertificateExtension x509CertificateExtension2 : x509Certificate.getExtensions()) {
                                        if (!(x509CertificateExtension2 instanceof AuthorityKeyIdentifierExtension) && !(x509CertificateExtension2 instanceof IssuerAlternativeNameExtension) && !(x509CertificateExtension2 instanceof SubjectKeyIdentifierExtension)) {
                                            if (x509CertificateExtension2 instanceof BasicConstraintsExtension) {
                                                if (basicConstraintsExtension == null) {
                                                    basicConstraintsExtension = (BasicConstraintsExtension) x509CertificateExtension2;
                                                    arrayList.add(basicConstraintsExtension);
                                                }
                                            } else if (x509CertificateExtension2 instanceof ExtendedKeyUsageExtension) {
                                                if (extendedKeyUsageExtension == null) {
                                                    extendedKeyUsageExtension = (ExtendedKeyUsageExtension) x509CertificateExtension2;
                                                    arrayList.add(extendedKeyUsageExtension);
                                                }
                                            } else if (x509CertificateExtension2 instanceof KeyUsageExtension) {
                                                if (keyUsageExtension == null) {
                                                    keyUsageExtension = (KeyUsageExtension) x509CertificateExtension2;
                                                    arrayList.add(keyUsageExtension);
                                                }
                                            } else if (!(x509CertificateExtension2 instanceof SubjectAlternativeNameExtension)) {
                                                arrayList3.add(x509CertificateExtension2);
                                                arrayList.add(x509CertificateExtension2);
                                            } else if (linkedHashSet.isEmpty()) {
                                                SubjectAlternativeNameExtension subjectAlternativeNameExtension = (SubjectAlternativeNameExtension) x509CertificateExtension2;
                                                Iterator<String> it = subjectAlternativeNameExtension.getDNSNames().iterator();
                                                while (it.hasNext()) {
                                                    linkedHashSet.add("DNS:" + it.next());
                                                }
                                                Iterator<InetAddress> it2 = subjectAlternativeNameExtension.getIPAddresses().iterator();
                                                while (it2.hasNext()) {
                                                    linkedHashSet.add("IP:" + it2.next().getHostAddress());
                                                }
                                                Iterator<String> it3 = subjectAlternativeNameExtension.getRFC822Names().iterator();
                                                while (it3.hasNext()) {
                                                    linkedHashSet.add("EMAIL:" + it3.next());
                                                }
                                                Iterator<String> it4 = subjectAlternativeNameExtension.getUniformResourceIdentifiers().iterator();
                                                while (it4.hasNext()) {
                                                    linkedHashSet.add("URI:" + it4.next());
                                                }
                                                Iterator<OID> it5 = subjectAlternativeNameExtension.getRegisteredIDs().iterator();
                                                while (it5.hasNext()) {
                                                    linkedHashSet.add("OID:" + it5.next().toString());
                                                }
                                                arrayList.add(x509CertificateExtension2);
                                            }
                                        }
                                    }
                                }
                                X509CertificateExtension[] x509CertificateExtensionArr = new X509CertificateExtension[arrayList.size()];
                                arrayList.toArray(x509CertificateExtensionArr);
                                if (z) {
                                    if (z11) {
                                        ArrayList arrayList4 = new ArrayList(30);
                                        arrayList4.add("-selfcert");
                                        arrayList4.add("-keystore");
                                        arrayList4.add(keystorePath.getAbsolutePath());
                                        arrayList4.add("-storetype");
                                        arrayList4.add(inferKeystoreType);
                                        arrayList4.add("-storepass");
                                        arrayList4.add("*****REDACTED*****");
                                        arrayList4.add("-keypass");
                                        arrayList4.add("*****REDACTED*****");
                                        arrayList4.add("-alias");
                                        arrayList4.add(value);
                                        arrayList4.add("-dname");
                                        arrayList4.add(dn.toString());
                                        arrayList4.add("-sigalg");
                                        arrayList4.add(javaName);
                                        arrayList4.add("-validity");
                                        arrayList4.add(String.valueOf(i));
                                        if (date != null) {
                                            arrayList4.add("-startdate");
                                            arrayList4.add(formatValidityStartTime(date));
                                        }
                                        addExtensionArguments(arrayList4, basicConstraintsExtension, keyUsageExtension, extendedKeyUsageExtension, linkedHashSet, linkedHashSet2, arrayList3);
                                        displayKeytoolCommand(arrayList4);
                                    }
                                    long currentTimeMillis = System.currentTimeMillis();
                                    try {
                                        X509Certificate generateSelfSignedCertificate = X509Certificate.generateSelfSignedCertificate(forOID, keyPair, dn, currentTimeMillis, currentTimeMillis + TimeUnit.DAYS.toMillis(365L), x509CertificateExtensionArr);
                                        try {
                                            keystore.setKeyEntry(value, keyPair.getPrivate(), privateKeyPassword, new Certificate[]{generateSelfSignedCertificate.toCertificate()});
                                            writeKeystore(keystore, keystorePath, keystorePassword);
                                            out(new Object[0]);
                                            wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_GEN_CERT_SUCCESSFULLY_GENERATED_SELF_CERT.get());
                                            printCertificate(generateSelfSignedCertificate, "", false);
                                            return ResultCode.SUCCESS;
                                        } catch (Exception e8) {
                                            Debug.debugException(e8);
                                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_ERROR_UPDATING_KEYSTORE.get());
                                            e8.printStackTrace(getErr());
                                            return ResultCode.LOCAL_ERROR;
                                        }
                                    } catch (Exception e9) {
                                        Debug.debugException(e9);
                                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_ERROR_GENERATING_CERT.get());
                                        e9.printStackTrace(getErr());
                                        return ResultCode.LOCAL_ERROR;
                                    }
                                }
                                Validator.ensureTrue(z2);
                                if (z11) {
                                    ArrayList arrayList5 = new ArrayList(30);
                                    arrayList5.add("-certreq");
                                    arrayList5.add("-keystore");
                                    arrayList5.add(keystorePath.getAbsolutePath());
                                    arrayList5.add("-storetype");
                                    arrayList5.add(inferKeystoreType);
                                    arrayList5.add("-storepass");
                                    arrayList5.add("*****REDACTED*****");
                                    arrayList5.add("-keypass");
                                    arrayList5.add("*****REDACTED*****");
                                    arrayList5.add("-alias");
                                    arrayList5.add(value);
                                    arrayList5.add("-dname");
                                    arrayList5.add(dn.toString());
                                    arrayList5.add("-sigalg");
                                    arrayList5.add(javaName);
                                    addExtensionArguments(arrayList5, basicConstraintsExtension, keyUsageExtension, extendedKeyUsageExtension, linkedHashSet, linkedHashSet2, arrayList3);
                                    if (file2 != null) {
                                        arrayList5.add(SOSCmd.FLAG_FILE);
                                        arrayList5.add(file2.getAbsolutePath());
                                    }
                                    displayKeytoolCommand(arrayList5);
                                }
                                try {
                                    PKCS10CertificateSigningRequest generateCertificateSigningRequest = PKCS10CertificateSigningRequest.generateCertificateSigningRequest(forOID, keyPair, dn, x509CertificateExtensionArr);
                                    try {
                                        PrintStream out = file2 == null ? getOut() : new PrintStream(file2);
                                        if (z6) {
                                            writePEMCertificateSigningRequest(out, generateCertificateSigningRequest.getPKCS10CertificateSigningRequestBytes());
                                        } else {
                                            out.write(generateCertificateSigningRequest.getPKCS10CertificateSigningRequestBytes());
                                        }
                                        if (file2 != null) {
                                            out.close();
                                        }
                                        if (file2 != null) {
                                            out(new Object[0]);
                                            wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_GEN_CERT_SUCCESSFULLY_GENERATED_CSR.get(file2.getAbsolutePath()));
                                        }
                                        return ResultCode.SUCCESS;
                                    } catch (Exception e10) {
                                        Debug.debugException(e10);
                                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_ERROR_WRITING_CSR.get());
                                        e10.printStackTrace(getErr());
                                        return ResultCode.LOCAL_ERROR;
                                    }
                                } catch (Exception e11) {
                                    Debug.debugException(e11);
                                    wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_ERROR_GENERATING_CSR.get());
                                    e11.printStackTrace(getErr());
                                    return ResultCode.LOCAL_ERROR;
                                }
                            } catch (Exception e12) {
                                Debug.debugException(e12);
                                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_REPLACE_COULD_NOT_GET_CERT.get(value));
                                e12.printStackTrace(getErr());
                                return ResultCode.LOCAL_ERROR;
                            }
                        }
                        if (dn == null && !z3) {
                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_NO_SUBJECT_DN_WITHOUT_REPLACE.get());
                            return ResultCode.PARAM_ERROR;
                        }
                        if (publicKeyAlgorithmIdentifier == null) {
                            publicKeyAlgorithmIdentifier = PublicKeyAlgorithmIdentifier.RSA;
                            str = publicKeyAlgorithmIdentifier.getName();
                        }
                        if (num == null) {
                            num = 2048;
                        }
                        if (signatureAlgorithmIdentifier == null && !z3) {
                            signatureAlgorithmIdentifier = SignatureAlgorithmIdentifier.SHA_256_WITH_RSA;
                            str2 = signatureAlgorithmIdentifier.getJavaName();
                        }
                        if (z || z2) {
                            if (hasKeyAlias(keystore, value) || hasCertificateAlias(keystore, value)) {
                                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_ALIAS_EXISTS_WITHOUT_REPLACE.get(value));
                                return ResultCode.PARAM_ERROR;
                            }
                            if (z11) {
                                ArrayList arrayList6 = new ArrayList(30);
                                arrayList6.add("-genkeypair");
                                arrayList6.add("-keystore");
                                arrayList6.add(keystorePath.getAbsolutePath());
                                arrayList6.add("-storetype");
                                arrayList6.add(inferKeystoreType);
                                arrayList6.add("-storepass");
                                arrayList6.add("*****REDACTED*****");
                                arrayList6.add("-keypass");
                                arrayList6.add("*****REDACTED*****");
                                arrayList6.add("-alias");
                                arrayList6.add(value);
                                arrayList6.add("-dname");
                                arrayList6.add(dn.toString());
                                arrayList6.add("-keyalg");
                                arrayList6.add(str);
                                arrayList6.add("-keysize");
                                arrayList6.add(String.valueOf(num));
                                arrayList6.add("-sigalg");
                                arrayList6.add(str2);
                                arrayList6.add("-validity");
                                arrayList6.add(String.valueOf(i));
                                if (date != null) {
                                    arrayList6.add("-startdate");
                                    arrayList6.add(formatValidityStartTime(date));
                                }
                                addExtensionArguments(arrayList6, basicConstraintsExtension, keyUsageExtension, extendedKeyUsageExtension, linkedHashSet, linkedHashSet2, arrayList3);
                                displayKeytoolCommand(arrayList6);
                            }
                            long currentTimeMillis2 = date == null ? System.currentTimeMillis() : date.getTime();
                            long millis = currentTimeMillis2 + TimeUnit.DAYS.toMillis(i);
                            X509CertificateExtension[] x509CertificateExtensionArr2 = new X509CertificateExtension[arrayList.size()];
                            arrayList.toArray(x509CertificateExtensionArr2);
                            try {
                                ObjectPair<X509Certificate, KeyPair> generateSelfSignedCertificate2 = X509Certificate.generateSelfSignedCertificate(signatureAlgorithmIdentifier, publicKeyAlgorithmIdentifier, num.intValue(), dn, currentTimeMillis2, millis, x509CertificateExtensionArr2);
                                X509Certificate first = generateSelfSignedCertificate2.getFirst();
                                Certificate[] certificateArr = {first.toCertificate()};
                                KeyPair second = generateSelfSignedCertificate2.getSecond();
                                try {
                                    keystore.setKeyEntry(value, second.getPrivate(), privateKeyPassword, certificateArr);
                                    writeKeystore(keystore, keystorePath, keystorePassword);
                                    if (z5) {
                                        out(new Object[0]);
                                        wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_GEN_CERT_CERT_CREATED_KEYSTORE.get(getUserFriendlyKeystoreType(inferKeystoreType)));
                                    }
                                    if (z) {
                                        out(new Object[0]);
                                        wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_GEN_CERT_SUCCESSFULLY_GENERATED_SELF_CERT.get());
                                        printCertificate(first, "", false);
                                        return ResultCode.SUCCESS;
                                    }
                                    Validator.ensureTrue(z2);
                                    out(new Object[0]);
                                    wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_GEN_CERT_SUCCESSFULLY_GENERATED_KEYPAIR.get());
                                    if (z11) {
                                        ArrayList arrayList7 = new ArrayList(30);
                                        arrayList7.add("-certreq");
                                        arrayList7.add("-keystore");
                                        arrayList7.add(keystorePath.getAbsolutePath());
                                        arrayList7.add("-storetype");
                                        arrayList7.add(inferKeystoreType);
                                        arrayList7.add("-storepass");
                                        arrayList7.add("*****REDACTED*****");
                                        arrayList7.add("-keypass");
                                        arrayList7.add("*****REDACTED*****");
                                        arrayList7.add("-alias");
                                        arrayList7.add(value);
                                        arrayList7.add("-dname");
                                        arrayList7.add(dn.toString());
                                        arrayList7.add("-sigalg");
                                        arrayList7.add(str2);
                                        addExtensionArguments(arrayList7, basicConstraintsExtension, keyUsageExtension, extendedKeyUsageExtension, linkedHashSet, linkedHashSet2, arrayList3);
                                        if (file2 != null) {
                                            arrayList7.add(SOSCmd.FLAG_FILE);
                                            arrayList7.add(file2.getAbsolutePath());
                                        }
                                        displayKeytoolCommand(arrayList7);
                                    }
                                    try {
                                        PKCS10CertificateSigningRequest generateCertificateSigningRequest2 = PKCS10CertificateSigningRequest.generateCertificateSigningRequest(signatureAlgorithmIdentifier, second, dn, x509CertificateExtensionArr2);
                                        try {
                                            PrintStream out2 = file2 == null ? getOut() : new PrintStream(file2);
                                            if (z6) {
                                                writePEMCertificateSigningRequest(out2, generateCertificateSigningRequest2.getPKCS10CertificateSigningRequestBytes());
                                            } else {
                                                out2.write(generateCertificateSigningRequest2.getPKCS10CertificateSigningRequestBytes());
                                            }
                                            if (file2 != null) {
                                                out2.close();
                                            }
                                            if (file2 != null) {
                                                out(new Object[0]);
                                                wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_GEN_CERT_SUCCESSFULLY_GENERATED_CSR.get(file2.getAbsolutePath()));
                                            }
                                            return ResultCode.SUCCESS;
                                        } catch (Exception e13) {
                                            Debug.debugException(e13);
                                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_ERROR_WRITING_CSR.get());
                                            e13.printStackTrace(getErr());
                                            return ResultCode.LOCAL_ERROR;
                                        }
                                    } catch (Exception e14) {
                                        Debug.debugException(e14);
                                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_ERROR_GENERATING_CSR.get());
                                        e14.printStackTrace(getErr());
                                        return ResultCode.LOCAL_ERROR;
                                    }
                                } catch (Exception e15) {
                                    Debug.debugException(e15);
                                    wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_ERROR_UPDATING_KEYSTORE.get());
                                    e15.printStackTrace(getErr());
                                    return ResultCode.LOCAL_ERROR;
                                }
                            } catch (Exception e16) {
                                Debug.debugException(e16);
                                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_ERROR_GENERATING_CERT.get());
                                e16.printStackTrace(getErr());
                                return ResultCode.LOCAL_ERROR;
                            }
                        }
                        Validator.ensureTrue(z3);
                        if (!hasKeyAlias(keystore, value)) {
                            if (hasCertificateAlias(keystore, value)) {
                                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_SIGN_ALIAS_IS_CERT.get(value, keystorePath.getAbsolutePath()));
                                return ResultCode.PARAM_ERROR;
                            }
                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_SIGN_NO_SUCH_ALIAS.get(value, keystorePath.getAbsolutePath()));
                            return ResultCode.PARAM_ERROR;
                        }
                        try {
                            X509Certificate x509Certificate2 = new X509Certificate(keystore.getCertificateChain(value)[0].getEncoded());
                            PrivateKey privateKey = (PrivateKey) keystore.getKey(value, privateKeyPassword);
                            try {
                                PKCS10CertificateSigningRequest readCertificateSigningRequestFromFile = readCertificateSigningRequestFromFile(file);
                                try {
                                    readCertificateSigningRequestFromFile.verifySignature();
                                    if (!z10) {
                                        out(new Object[0]);
                                        wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_GEN_CERT_SIGN_CONFIRM.get());
                                        out(new Object[0]);
                                        printCertificateSigningRequest(readCertificateSigningRequestFromFile, false, "");
                                        out(new Object[0]);
                                        try {
                                            if (!promptForYesNo(CertMessages.INFO_MANAGE_CERTS_GEN_CERT_PROMPT_SIGN.get())) {
                                                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_SIGN_CANCELED.get());
                                                return ResultCode.USER_CANCELED;
                                            }
                                        } catch (LDAPException e17) {
                                            Debug.debugException(e17);
                                            err(new Object[0]);
                                            wrapErr(0, WRAP_COLUMN, e17.getMessage());
                                            return e17.getResultCode();
                                        }
                                    }
                                    if (dn == null || signatureAlgorithmIdentifier == null || z9) {
                                        if (dn == null) {
                                            dn = readCertificateSigningRequestFromFile.getSubjectDN();
                                        }
                                        if (signatureAlgorithmIdentifier == null) {
                                            signatureAlgorithmIdentifier = SignatureAlgorithmIdentifier.forOID(readCertificateSigningRequestFromFile.getSignatureAlgorithmOID());
                                            if (signatureAlgorithmIdentifier == null) {
                                                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_UNKNOWN_SIG_ALG_IN_CSR.get(readCertificateSigningRequestFromFile.getSignatureAlgorithmOID()));
                                                return ResultCode.PARAM_ERROR;
                                            }
                                            str2 = signatureAlgorithmIdentifier.getJavaName();
                                        }
                                        if (z9) {
                                            for (X509CertificateExtension x509CertificateExtension3 : readCertificateSigningRequestFromFile.getExtensions()) {
                                                if (!(x509CertificateExtension3 instanceof AuthorityKeyIdentifierExtension) && !(x509CertificateExtension3 instanceof IssuerAlternativeNameExtension) && !(x509CertificateExtension3 instanceof SubjectKeyIdentifierExtension)) {
                                                    if (x509CertificateExtension3 instanceof BasicConstraintsExtension) {
                                                        if (basicConstraintsExtension == null) {
                                                            basicConstraintsExtension = (BasicConstraintsExtension) x509CertificateExtension3;
                                                            arrayList.add(basicConstraintsExtension);
                                                        }
                                                    } else if (x509CertificateExtension3 instanceof ExtendedKeyUsageExtension) {
                                                        if (extendedKeyUsageExtension == null) {
                                                            extendedKeyUsageExtension = (ExtendedKeyUsageExtension) x509CertificateExtension3;
                                                            arrayList.add(extendedKeyUsageExtension);
                                                        }
                                                    } else if (x509CertificateExtension3 instanceof KeyUsageExtension) {
                                                        if (keyUsageExtension == null) {
                                                            keyUsageExtension = (KeyUsageExtension) x509CertificateExtension3;
                                                            arrayList.add(keyUsageExtension);
                                                        }
                                                    } else if (!(x509CertificateExtension3 instanceof SubjectAlternativeNameExtension)) {
                                                        arrayList3.add(x509CertificateExtension3);
                                                        arrayList.add(x509CertificateExtension3);
                                                    } else if (linkedHashSet.isEmpty()) {
                                                        SubjectAlternativeNameExtension subjectAlternativeNameExtension2 = (SubjectAlternativeNameExtension) x509CertificateExtension3;
                                                        for (String str16 : subjectAlternativeNameExtension2.getDNSNames()) {
                                                            generalNamesBuilder.addDNSName(str16);
                                                            linkedHashSet.add("DNS:" + str16);
                                                        }
                                                        for (InetAddress inetAddress : subjectAlternativeNameExtension2.getIPAddresses()) {
                                                            generalNamesBuilder.addIPAddress(inetAddress);
                                                            linkedHashSet.add("IP:" + inetAddress.getHostAddress());
                                                        }
                                                        for (String str17 : subjectAlternativeNameExtension2.getRFC822Names()) {
                                                            generalNamesBuilder.addRFC822Name(str17);
                                                            linkedHashSet.add("EMAIL:" + str17);
                                                        }
                                                        for (String str18 : subjectAlternativeNameExtension2.getUniformResourceIdentifiers()) {
                                                            generalNamesBuilder.addUniformResourceIdentifier(str18);
                                                            linkedHashSet.add("URI:" + str18);
                                                        }
                                                        for (OID oid2 : subjectAlternativeNameExtension2.getRegisteredIDs()) {
                                                            generalNamesBuilder.addRegisteredID(oid2);
                                                            linkedHashSet.add("OID:" + oid2.toString());
                                                        }
                                                        try {
                                                            arrayList.add(new SubjectAlternativeNameExtension(false, generalNamesBuilder.build()));
                                                        } catch (Exception e18) {
                                                            Debug.debugException(e18);
                                                            throw new RuntimeException(e18);
                                                        }
                                                    } else {
                                                        continue;
                                                    }
                                                }
                                            }
                                        }
                                    }
                                    ArrayList arrayList8 = new ArrayList(30);
                                    arrayList8.add("-gencert");
                                    arrayList8.add("-keystore");
                                    arrayList8.add(keystorePath.getAbsolutePath());
                                    arrayList8.add("-storetype");
                                    arrayList8.add(inferKeystoreType);
                                    arrayList8.add("-storepass");
                                    arrayList8.add("*****REDACTED*****");
                                    arrayList8.add("-keypass");
                                    arrayList8.add("*****REDACTED*****");
                                    arrayList8.add("-alias");
                                    arrayList8.add(value);
                                    arrayList8.add("-dname");
                                    arrayList8.add(dn.toString());
                                    arrayList8.add("-sigalg");
                                    arrayList8.add(str2);
                                    arrayList8.add("-validity");
                                    arrayList8.add(String.valueOf(i));
                                    if (date != null) {
                                        arrayList8.add("-startdate");
                                        arrayList8.add(formatValidityStartTime(date));
                                    }
                                    addExtensionArguments(arrayList8, basicConstraintsExtension, keyUsageExtension, extendedKeyUsageExtension, linkedHashSet, linkedHashSet2, arrayList3);
                                    arrayList8.add("-infile");
                                    arrayList8.add(file.getAbsolutePath());
                                    if (file2 != null) {
                                        arrayList8.add("-outfile");
                                        arrayList8.add(file2.getAbsolutePath());
                                    }
                                    if (z6) {
                                        arrayList8.add("-rfc");
                                    }
                                    if (z11) {
                                        displayKeytoolCommand(arrayList8);
                                    }
                                    long currentTimeMillis3 = date == null ? System.currentTimeMillis() : date.getTime();
                                    long millis2 = currentTimeMillis3 + TimeUnit.DAYS.toMillis(i);
                                    X509CertificateExtension[] x509CertificateExtensionArr3 = new X509CertificateExtension[arrayList.size()];
                                    arrayList.toArray(x509CertificateExtensionArr3);
                                    try {
                                        X509Certificate generateIssuerSignedCertificate = X509Certificate.generateIssuerSignedCertificate(signatureAlgorithmIdentifier, x509Certificate2, privateKey, readCertificateSigningRequestFromFile.getPublicKeyAlgorithmOID(), readCertificateSigningRequestFromFile.getPublicKeyAlgorithmParameters(), readCertificateSigningRequestFromFile.getEncodedPublicKey(), readCertificateSigningRequestFromFile.getDecodedPublicKey(), dn, currentTimeMillis3, millis2, x509CertificateExtensionArr3);
                                        try {
                                            PrintStream out3 = file2 == null ? getOut() : new PrintStream(file2);
                                            if (z6) {
                                                writePEMCertificate(out3, generateIssuerSignedCertificate.getX509CertificateBytes());
                                            } else {
                                                out3.write(generateIssuerSignedCertificate.getX509CertificateBytes());
                                            }
                                            if (file2 != null) {
                                                out3.close();
                                            }
                                            if (file2 != null) {
                                                out(new Object[0]);
                                                wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_GEN_CERT_SUCCESSFULLY_SIGNED_CERT.get(file2.getAbsolutePath()));
                                            }
                                            return ResultCode.SUCCESS;
                                        } catch (Exception e19) {
                                            Debug.debugException(e19);
                                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_ERROR_WRITING_SIGNED_CERT.get());
                                            e19.printStackTrace(getErr());
                                            return ResultCode.LOCAL_ERROR;
                                        }
                                    } catch (Exception e20) {
                                        Debug.debugException(e20);
                                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_ERROR_SIGNING_CERT.get());
                                        e20.printStackTrace(getErr());
                                        return ResultCode.LOCAL_ERROR;
                                    }
                                } catch (CertException e21) {
                                    Debug.debugException(e21);
                                    wrapErr(0, WRAP_COLUMN, e21.getMessage());
                                    return ResultCode.PARAM_ERROR;
                                }
                            } catch (LDAPException e22) {
                                Debug.debugException(e22);
                                wrapErr(0, WRAP_COLUMN, e22.getMessage());
                                return e22.getResultCode();
                            }
                        } catch (Exception e23) {
                            Debug.debugException(e23);
                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GEN_CERT_SIGN_CANNOT_GET_SIGNING_CERT.get(value));
                            e23.printStackTrace(getErr());
                            return ResultCode.LOCAL_ERROR;
                        }
                    } catch (LDAPException e24) {
                        Debug.debugException(e24);
                        wrapErr(0, WRAP_COLUMN, e24.getMessage());
                        return e24.getResultCode();
                    }
                } catch (LDAPException e25) {
                    Debug.debugException(e25);
                    wrapErr(0, WRAP_COLUMN, e25.getMessage());
                    return e25.getResultCode();
                }
            } catch (LDAPException e26) {
                Debug.debugException(e26);
                wrapErr(0, WRAP_COLUMN, e26.getMessage());
                return e26.getResultCode();
            }
        } catch (LDAPException e27) {
            Debug.debugException(e27);
            wrapErr(0, WRAP_COLUMN, e27.getMessage());
            return e27.getResultCode();
        }
    }

    private ResultCode doChangeCertificateAlias() {
        Certificate[] certificateChain;
        Key key;
        Certificate certificate;
        String value = this.subCommandParser.getStringArgument("current-alias").getValue();
        String value2 = this.subCommandParser.getStringArgument("new-alias").getValue();
        File keystorePath = getKeystorePath();
        try {
            String inferKeystoreType = inferKeystoreType(keystorePath);
            try {
                char[] keystorePassword = getKeystorePassword(keystorePath);
                try {
                    KeyStore keystore = getKeystore(inferKeystoreType, keystorePath, keystorePassword);
                    try {
                        char[] privateKeyPassword = getPrivateKeyPassword(keystore, value, keystorePassword);
                        try {
                            if (hasCertificateAlias(keystore, value)) {
                                certificate = keystore.getCertificate(value);
                                certificateChain = null;
                                key = null;
                            } else {
                                if (!hasKeyAlias(keystore, value)) {
                                    wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHANGE_ALIAS_NO_SUCH_ALIAS.get(value));
                                    return ResultCode.PARAM_ERROR;
                                }
                                certificateChain = keystore.getCertificateChain(value);
                                key = (PrivateKey) keystore.getKey(value, privateKeyPassword);
                                certificate = null;
                            }
                            if (hasCertificateAlias(keystore, value2) || hasKeyAlias(keystore, value2)) {
                                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHANGE_ALIAS_NEW_ALIAS_IN_USE.get(value2));
                                return ResultCode.PARAM_ERROR;
                            }
                            BooleanArgument booleanArgument = this.subCommandParser.getBooleanArgument("display-keytool-command");
                            if (booleanArgument != null && booleanArgument.isPresent()) {
                                ArrayList arrayList = new ArrayList(30);
                                arrayList.add("-changealias");
                                arrayList.add("-keystore");
                                arrayList.add(keystorePath.getAbsolutePath());
                                arrayList.add("-storetype");
                                arrayList.add(inferKeystoreType);
                                arrayList.add("-storepass");
                                arrayList.add("*****REDACTED*****");
                                arrayList.add("-keypass");
                                arrayList.add("*****REDACTED*****");
                                arrayList.add("-alias");
                                arrayList.add(value);
                                arrayList.add("-destalias");
                                arrayList.add(value2);
                                displayKeytoolCommand(arrayList);
                            }
                            try {
                                keystore.deleteEntry(value);
                                if (certificate != null) {
                                    keystore.setCertificateEntry(value2, certificate);
                                } else {
                                    keystore.setKeyEntry(value2, key, privateKeyPassword, certificateChain);
                                }
                                writeKeystore(keystore, keystorePath, keystorePassword);
                                wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_CHANGE_ALIAS_SUCCESSFUL.get(value, value2));
                                return ResultCode.SUCCESS;
                            } catch (Exception e) {
                                Debug.debugException(e);
                                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHANGE_ALIAS_CANNOT_UPDATE_KEYSTORE.get());
                                e.printStackTrace(getErr());
                                return ResultCode.LOCAL_ERROR;
                            }
                        } catch (Exception e2) {
                            Debug.debugException(e2);
                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHANGE_ALIAS_CANNOT_GET_EXISTING_ENTRY.get(value));
                            e2.printStackTrace(getErr());
                            return ResultCode.LOCAL_ERROR;
                        }
                    } catch (LDAPException e3) {
                        Debug.debugException(e3);
                        wrapErr(0, WRAP_COLUMN, e3.getMessage());
                        return e3.getResultCode();
                    }
                } catch (LDAPException e4) {
                    Debug.debugException(e4);
                    wrapErr(0, WRAP_COLUMN, e4.getMessage());
                    return e4.getResultCode();
                }
            } catch (LDAPException e5) {
                Debug.debugException(e5);
                wrapErr(0, WRAP_COLUMN, e5.getMessage());
                return e5.getResultCode();
            }
        } catch (LDAPException e6) {
            Debug.debugException(e6);
            wrapErr(0, WRAP_COLUMN, e6.getMessage());
            return e6.getResultCode();
        }
    }

    private ResultCode doChangeKeystorePassword() {
        File keystorePath = getKeystorePath();
        try {
            String inferKeystoreType = inferKeystoreType(keystorePath);
            try {
                char[] keystorePassword = getKeystorePassword(keystorePath, "current");
                try {
                    char[] keystorePassword2 = getKeystorePassword(keystorePath, "new");
                    try {
                        KeyStore keystore = getKeystore(inferKeystoreType, keystorePath, keystorePassword);
                        BooleanArgument booleanArgument = this.subCommandParser.getBooleanArgument("display-keytool-command");
                        if (booleanArgument != null && booleanArgument.isPresent()) {
                            ArrayList arrayList = new ArrayList(30);
                            arrayList.add("-storepasswd");
                            arrayList.add("-keystore");
                            arrayList.add(keystorePath.getAbsolutePath());
                            arrayList.add("-storetype");
                            arrayList.add(inferKeystoreType);
                            arrayList.add("-storepass");
                            arrayList.add("*****REDACTED*****");
                            arrayList.add("-new");
                            arrayList.add("*****REDACTED*****");
                            displayKeytoolCommand(arrayList);
                        }
                        try {
                            writeKeystore(keystore, keystorePath, keystorePassword2);
                            wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_CHANGE_KS_PW_SUCCESSFUL.get(keystorePath.getAbsolutePath()));
                            return ResultCode.SUCCESS;
                        } catch (LDAPException e) {
                            Debug.debugException(e);
                            wrapErr(0, WRAP_COLUMN, e.getMessage());
                            return e.getResultCode();
                        }
                    } catch (LDAPException e2) {
                        Debug.debugException(e2);
                        wrapErr(0, WRAP_COLUMN, e2.getMessage());
                        return e2.getResultCode();
                    }
                } catch (LDAPException e3) {
                    Debug.debugException(e3);
                    wrapErr(0, WRAP_COLUMN, e3.getMessage());
                    return e3.getResultCode();
                }
            } catch (LDAPException e4) {
                Debug.debugException(e4);
                wrapErr(0, WRAP_COLUMN, e4.getMessage());
                return e4.getResultCode();
            }
        } catch (LDAPException e5) {
            Debug.debugException(e5);
            wrapErr(0, WRAP_COLUMN, e5.getMessage());
            return e5.getResultCode();
        }
    }

    private ResultCode doChangePrivateKeyPassword() {
        String value = this.subCommandParser.getStringArgument(MimeTypesReaderMetKeys.ALIAS_TAG).getValue();
        File keystorePath = getKeystorePath();
        try {
            String inferKeystoreType = inferKeystoreType(keystorePath);
            try {
                char[] keystorePassword = getKeystorePassword(keystorePath);
                try {
                    KeyStore keystore = getKeystore(inferKeystoreType, keystorePath, keystorePassword);
                    if (hasCertificateAlias(keystore, value)) {
                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHANGE_PK_PW_ALIAS_IS_CERT.get(value));
                        return ResultCode.PARAM_ERROR;
                    }
                    if (!hasKeyAlias(keystore, value)) {
                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHANGE_PK_PW_NO_SUCH_ALIAS.get(value));
                        return ResultCode.PARAM_ERROR;
                    }
                    try {
                        char[] privateKeyPassword = getPrivateKeyPassword(keystore, value, "current", keystorePassword);
                        try {
                            char[] privateKeyPassword2 = getPrivateKeyPassword(keystore, value, "new", keystorePassword);
                            BooleanArgument booleanArgument = this.subCommandParser.getBooleanArgument("display-keytool-command");
                            if (booleanArgument != null && booleanArgument.isPresent()) {
                                ArrayList arrayList = new ArrayList(30);
                                arrayList.add("-keypasswd");
                                arrayList.add("-keystore");
                                arrayList.add(keystorePath.getAbsolutePath());
                                arrayList.add("-storetype");
                                arrayList.add(inferKeystoreType);
                                arrayList.add("-storepass");
                                arrayList.add("*****REDACTED*****");
                                arrayList.add("-alias");
                                arrayList.add(value);
                                arrayList.add("-keypass");
                                arrayList.add("*****REDACTED*****");
                                arrayList.add("-new");
                                arrayList.add("*****REDACTED*****");
                                displayKeytoolCommand(arrayList);
                            }
                            try {
                                Certificate[] certificateChain = keystore.getCertificateChain(value);
                                Key key = (PrivateKey) keystore.getKey(value, privateKeyPassword);
                                try {
                                    keystore.deleteEntry(value);
                                    keystore.setKeyEntry(value, key, privateKeyPassword2, certificateChain);
                                    writeKeystore(keystore, keystorePath, keystorePassword);
                                    wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_CHANGE_PK_PW_SUCCESSFUL.get(value));
                                    return ResultCode.SUCCESS;
                                } catch (Exception e) {
                                    Debug.debugException(e);
                                    wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHANGE_PK_PW_CANNOT_UPDATE_KS.get());
                                    e.printStackTrace(getErr());
                                    return ResultCode.LOCAL_ERROR;
                                }
                            } catch (UnrecoverableKeyException e2) {
                                Debug.debugException(e2);
                                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHANGE_PK_PW_WRONG_PK_PW.get(value));
                                return ResultCode.PARAM_ERROR;
                            } catch (Exception e3) {
                                Debug.debugException(e3);
                                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHANGE_PK_PW_CANNOT_GET_PK.get(value));
                                e3.printStackTrace(getErr());
                                return ResultCode.LOCAL_ERROR;
                            }
                        } catch (LDAPException e4) {
                            Debug.debugException(e4);
                            wrapErr(0, WRAP_COLUMN, e4.getMessage());
                            return e4.getResultCode();
                        }
                    } catch (LDAPException e5) {
                        Debug.debugException(e5);
                        wrapErr(0, WRAP_COLUMN, e5.getMessage());
                        return e5.getResultCode();
                    }
                } catch (LDAPException e6) {
                    Debug.debugException(e6);
                    wrapErr(0, WRAP_COLUMN, e6.getMessage());
                    return e6.getResultCode();
                }
            } catch (LDAPException e7) {
                Debug.debugException(e7);
                wrapErr(0, WRAP_COLUMN, e7.getMessage());
                return e7.getResultCode();
            }
        } catch (LDAPException e8) {
            Debug.debugException(e8);
            wrapErr(0, WRAP_COLUMN, e8.getMessage());
            return e8.getResultCode();
        }
    }

    private ResultCode doTrustServerCertificate() {
        String value = this.subCommandParser.getStringArgument(Constants.HOSTNAME_KEY).getValue();
        int intValue = this.subCommandParser.getIntegerArgument("port").getValue().intValue();
        StringArgument stringArgument = this.subCommandParser.getStringArgument(MimeTypesReaderMetKeys.ALIAS_TAG);
        String value2 = (stringArgument == null || !stringArgument.isPresent()) ? value + ':' + intValue : stringArgument.getValue();
        BooleanArgument booleanArgument = this.subCommandParser.getBooleanArgument("use-ldap-start-tls");
        boolean z = booleanArgument != null && booleanArgument.isPresent();
        BooleanArgument booleanArgument2 = this.subCommandParser.getBooleanArgument("issuers-only");
        boolean z2 = booleanArgument2 != null && booleanArgument2.isPresent();
        BooleanArgument booleanArgument3 = this.subCommandParser.getBooleanArgument("no-prompt");
        boolean z3 = booleanArgument3 != null && booleanArgument3.isPresent();
        BooleanArgument booleanArgument4 = this.subCommandParser.getBooleanArgument("verbose");
        boolean z4 = booleanArgument4 != null && booleanArgument4.isPresent();
        File keystorePath = getKeystorePath();
        boolean z5 = !keystorePath.exists();
        try {
            String inferKeystoreType = inferKeystoreType(keystorePath);
            try {
                char[] keystorePassword = getKeystorePassword(keystorePath);
                try {
                    KeyStore keystore = getKeystore(inferKeystoreType, keystorePath, keystorePassword);
                    if (hasCertificateAlias(keystore, value2) || hasKeyAlias(keystore, value2)) {
                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_TRUST_SERVER_ALIAS_IN_USE.get(value2));
                        return ResultCode.PARAM_ERROR;
                    }
                    LinkedBlockingQueue linkedBlockingQueue = new LinkedBlockingQueue(10);
                    new ManageCertificatesServerCertificateCollector(this, value, intValue, z, z4, linkedBlockingQueue).start();
                    Object obj = CertMessages.ERR_MANAGE_CERTS_TRUST_SERVER_NO_CERT_CHAIN_RECEIVED.get(value + ':' + intValue);
                    try {
                        obj = linkedBlockingQueue.poll(90L, TimeUnit.SECONDS);
                    } catch (Exception e) {
                        Debug.debugException(e);
                    }
                    if (!(obj instanceof X509Certificate[])) {
                        if (obj instanceof CertException) {
                            return ResultCode.LOCAL_ERROR;
                        }
                        wrapErr(0, WRAP_COLUMN, String.valueOf(obj));
                        return ResultCode.LOCAL_ERROR;
                    }
                    X509Certificate[] x509CertificateArr = (X509Certificate[]) obj;
                    if (!z3) {
                        out(new Object[0]);
                        wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_TRUST_SERVER_RETRIEVED_CHAIN.get(value + ':' + intValue));
                        boolean z6 = true;
                        for (X509Certificate x509Certificate : x509CertificateArr) {
                            out(new Object[0]);
                            if (z6) {
                                z6 = false;
                                if (z2 && x509CertificateArr.length > 1) {
                                    wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_TRUST_SERVER_NOTE_OMITTED.get());
                                    out(new Object[0]);
                                }
                            }
                            printCertificate(x509Certificate, "", z4);
                        }
                        out(new Object[0]);
                        try {
                            if (!promptForYesNo(CertMessages.INFO_MANAGE_CERTS_TRUST_SERVER_PROMPT_TRUST.get())) {
                                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_TRUST_SERVER_CHAIN_REJECTED.get());
                                return ResultCode.USER_CANCELED;
                            }
                        } catch (LDAPException e2) {
                            Debug.debugException(e2);
                            err(new Object[0]);
                            wrapErr(0, WRAP_COLUMN, e2.getMessage());
                            return e2.getResultCode();
                        }
                    }
                    LinkedHashMap linkedHashMap = new LinkedHashMap(x509CertificateArr.length);
                    for (int i = 0; i < x509CertificateArr.length; i++) {
                        if (i == 0) {
                            if (!z2 || x509CertificateArr.length <= 1) {
                                linkedHashMap.put(value2, x509CertificateArr[i]);
                            }
                        } else if (i == 1 && x509CertificateArr.length == 2) {
                            linkedHashMap.put(value2 + "-issuer", x509CertificateArr[i]);
                        } else {
                            linkedHashMap.put(value2 + "-issuer-" + i, x509CertificateArr[i]);
                        }
                    }
                    for (Map.Entry entry : linkedHashMap.entrySet()) {
                        String str = (String) entry.getKey();
                        X509Certificate x509Certificate2 = (X509Certificate) entry.getValue();
                        try {
                            Validator.ensureFalse(hasCertificateAlias(keystore, str) || hasKeyAlias(keystore, str), "ERROR:  Alias '" + str + "' is already in use in the keystore.");
                            keystore.setCertificateEntry(str, x509Certificate2.toCertificate());
                        } catch (Exception e3) {
                            Debug.debugException(e3);
                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_TRUST_SERVER_ERROR_ADDING_CERT_TO_KS.get(x509Certificate2.getSubjectDN()));
                            e3.printStackTrace(getErr());
                            return ResultCode.LOCAL_ERROR;
                        }
                    }
                    try {
                        writeKeystore(keystore, keystorePath, keystorePassword);
                        if (z5) {
                            out(new Object[0]);
                            wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_TRUST_SERVER_CERT_CREATED_KEYSTORE.get(getUserFriendlyKeystoreType(inferKeystoreType)));
                        }
                        out(new Object[0]);
                        if (linkedHashMap.size() == 1) {
                            wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_TRUST_SERVER_ADDED_CERT_TO_KS.get());
                        } else {
                            wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_TRUST_SERVER_ADDED_CERTS_TO_KS.get(Integer.valueOf(linkedHashMap.size())));
                        }
                        return ResultCode.SUCCESS;
                    } catch (LDAPException e4) {
                        Debug.debugException(e4);
                        wrapErr(0, WRAP_COLUMN, e4.getMessage());
                        return e4.getResultCode();
                    }
                } catch (LDAPException e5) {
                    Debug.debugException(e5);
                    wrapErr(0, WRAP_COLUMN, e5.getMessage());
                    return e5.getResultCode();
                }
            } catch (LDAPException e6) {
                Debug.debugException(e6);
                wrapErr(0, WRAP_COLUMN, e6.getMessage());
                return e6.getResultCode();
            }
        } catch (LDAPException e7) {
            Debug.debugException(e7);
            wrapErr(0, WRAP_COLUMN, e7.getMessage());
            return e7.getResultCode();
        }
    }

    private ResultCode doCheckCertificateUsability() {
        String value = this.subCommandParser.getStringArgument(MimeTypesReaderMetKeys.ALIAS_TAG).getValue();
        File keystorePath = getKeystorePath();
        try {
            try {
                try {
                    KeyStore keystore = getKeystore(inferKeystoreType(keystorePath), keystorePath, getKeystorePassword(keystorePath));
                    if (!hasKeyAlias(keystore, value)) {
                        if (hasCertificateAlias(keystore, value)) {
                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHECK_USABILITY_NO_PRIVATE_KEY.get(value));
                            return ResultCode.PARAM_ERROR;
                        }
                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHECK_USABILITY_NO_SUCH_ALIAS.get(value));
                        return ResultCode.PARAM_ERROR;
                    }
                    try {
                        Certificate[] certificateChain = keystore.getCertificateChain(value);
                        Validator.ensureTrue(certificateChain.length > 0, "ERROR:  The keystore has a private key entry for alias '" + value + "', but the associated certificate chain is empty.");
                        X509Certificate[] x509CertificateArr = new X509Certificate[certificateChain.length];
                        for (int i = 0; i < certificateChain.length; i++) {
                            x509CertificateArr[i] = new X509Certificate(certificateChain[i].getEncoded());
                        }
                        out(new Object[0]);
                        wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_CHECK_USABILITY_GOT_CHAIN.get(value));
                        for (X509Certificate x509Certificate : x509CertificateArr) {
                            out(new Object[0]);
                            printCertificate(x509Certificate, "", false);
                        }
                        int i2 = 0;
                        int i3 = 0;
                        if (x509CertificateArr[0].isSelfSigned()) {
                            err(new Object[0]);
                            wrapErr(0, WRAP_COLUMN, CertMessages.WARN_MANAGE_CERTS_CHECK_USABILITY_CERT_IS_SELF_SIGNED.get(x509CertificateArr[0].getSubjectDN()));
                            i2 = 0 + 1;
                        } else if (x509CertificateArr.length == 1 || !x509CertificateArr[x509CertificateArr.length - 1].isSelfSigned()) {
                            err(new Object[0]);
                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHECK_USABILITY_END_OF_CHAIN_NOT_SELF_SIGNED.get(value));
                            i3 = 0 + 1;
                        } else {
                            boolean z = false;
                            StringBuilder sb = new StringBuilder();
                            for (int i4 = 1; i4 < x509CertificateArr.length; i4++) {
                                if (!x509CertificateArr[i4].isIssuerFor(x509CertificateArr[i4 - 1], sb)) {
                                    err(new Object[0]);
                                    wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHECK_USABILITY_CHAIN_ISSUER_MISMATCH.get(value, x509CertificateArr[i4].getSubjectDN(), x509CertificateArr[i4 - 1].getSubjectDN(), sb));
                                    i3++;
                                    z = true;
                                }
                            }
                            if (!z) {
                                out(new Object[0]);
                                wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_CHECK_USABILITY_CHAIN_COMPLETE.get());
                            }
                        }
                        for (int i5 = 0; i5 < x509CertificateArr.length; i5++) {
                            X509Certificate x509Certificate2 = x509CertificateArr[i5];
                            try {
                                if (x509Certificate2.isSelfSigned()) {
                                    x509Certificate2.verifySignature(null);
                                } else if (i5 + 1 < x509CertificateArr.length) {
                                    x509Certificate2.verifySignature(x509CertificateArr[i5 + 1]);
                                }
                                out(new Object[0]);
                                wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_CHECK_USABILITY_CERT_SIGNATURE_VALID.get(x509Certificate2.getSubjectDN()));
                            } catch (CertException e) {
                                err(new Object[0]);
                                wrapErr(0, WRAP_COLUMN, e.getMessage());
                                i3++;
                            }
                        }
                        long currentTimeMillis = System.currentTimeMillis();
                        long j = currentTimeMillis + DateUtility.monthsToMillis;
                        for (int i6 = 0; i6 < x509CertificateArr.length; i6++) {
                            X509Certificate x509Certificate3 = x509CertificateArr[i6];
                            if (x509Certificate3.getNotBeforeTime() > currentTimeMillis) {
                                err(new Object[0]);
                                if (i6 == 0) {
                                    wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHECK_USABILITY_END_CERT_NOT_YET_VALID.get(x509Certificate3.getSubjectDN(), formatDateAndTime(x509Certificate3.getNotBeforeDate())));
                                } else {
                                    wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHECK_USABILITY_ISSUER_CERT_NOT_YET_VALID.get(x509Certificate3.getSubjectDN(), formatDateAndTime(x509Certificate3.getNotBeforeDate())));
                                }
                                i3++;
                            } else if (x509Certificate3.getNotAfterTime() < currentTimeMillis) {
                                err(new Object[0]);
                                if (i6 == 0) {
                                    wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHECK_USABILITY_END_CERT_EXPIRED.get(x509Certificate3.getSubjectDN(), formatDateAndTime(x509Certificate3.getNotAfterDate())));
                                } else {
                                    wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHECK_USABILITY_ISSUER_CERT_EXPIRED.get(x509Certificate3.getSubjectDN(), formatDateAndTime(x509Certificate3.getNotAfterDate())));
                                }
                                i3++;
                            } else if (x509Certificate3.getNotAfterTime() < j) {
                                err(new Object[0]);
                                if (i6 == 0) {
                                    wrapErr(0, WRAP_COLUMN, CertMessages.WARN_MANAGE_CERTS_CHECK_USABILITY_END_CERT_NEAR_EXPIRATION.get(x509Certificate3.getSubjectDN(), formatDateAndTime(x509Certificate3.getNotAfterDate())));
                                } else {
                                    wrapErr(0, WRAP_COLUMN, CertMessages.WARN_MANAGE_CERTS_CHECK_USABILITY_ISSUER_CERT_NEAR_EXPIRATION.get(x509Certificate3.getSubjectDN(), formatDateAndTime(x509Certificate3.getNotAfterDate())));
                                }
                                i2++;
                            } else if (i6 == 0) {
                                out(new Object[0]);
                                wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_CHECK_USABILITY_END_CERT_VALIDITY_OK.get(x509Certificate3.getSubjectDN(), formatDateAndTime(x509Certificate3.getNotAfterDate())));
                            } else {
                                out(new Object[0]);
                                wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_CHECK_USABILITY_ISSUER_CERT_VALIDITY_OK.get(x509Certificate3.getSubjectDN(), formatDateAndTime(x509Certificate3.getNotAfterDate())));
                            }
                        }
                        for (int i7 = 0; i7 < x509CertificateArr.length; i7++) {
                            boolean z2 = false;
                            boolean z3 = false;
                            boolean z4 = false;
                            X509Certificate x509Certificate4 = x509CertificateArr[i7];
                            for (X509CertificateExtension x509CertificateExtension : x509Certificate4.getExtensions()) {
                                if (x509CertificateExtension instanceof ExtendedKeyUsageExtension) {
                                    z3 = true;
                                    if (i7 == 0) {
                                        if (((ExtendedKeyUsageExtension) x509CertificateExtension).getKeyPurposeIDs().contains(ExtendedKeyUsageID.TLS_SERVER_AUTHENTICATION.getOID())) {
                                            out(new Object[0]);
                                            wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_CHECK_USABILITY_END_CERT_GOOD_EKU.get(x509Certificate4.getSubjectDN()));
                                        } else {
                                            err(new Object[0]);
                                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHECK_USABILITY_END_CERT_BAD_EKU.get(x509Certificate4.getSubjectDN()));
                                            i3++;
                                        }
                                    }
                                } else if (x509CertificateExtension instanceof BasicConstraintsExtension) {
                                    z2 = true;
                                    if (i7 > 0) {
                                        BasicConstraintsExtension basicConstraintsExtension = (BasicConstraintsExtension) x509CertificateExtension;
                                        if (!basicConstraintsExtension.isCA()) {
                                            err(new Object[0]);
                                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHECK_USABILITY_ISSUER_CERT_BAD_BC_CA.get(x509Certificate4.getSubjectDN()));
                                            i3++;
                                        } else if (basicConstraintsExtension.getPathLengthConstraint() == null || x509CertificateArr.length <= basicConstraintsExtension.getPathLengthConstraint().intValue()) {
                                            out(new Object[0]);
                                            wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_CHECK_USABILITY_ISSUER_CERT_GOOD_BC.get(x509Certificate4.getSubjectDN()));
                                        } else {
                                            err(new Object[0]);
                                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHECK_USABILITY_ISSUER_CERT_BAD_BC_LENGTH.get(x509Certificate4.getSubjectDN(), basicConstraintsExtension.getPathLengthConstraint(), Integer.valueOf(x509CertificateArr.length)));
                                            i3++;
                                        }
                                    }
                                } else if (x509CertificateExtension instanceof KeyUsageExtension) {
                                    z4 = true;
                                    if (i7 > 0) {
                                        if (((KeyUsageExtension) x509CertificateExtension).isKeyCertSignBitSet()) {
                                            out(new Object[0]);
                                            wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_CHECK_USABILITY_ISSUER_GOOD_KU.get(x509Certificate4.getSubjectDN()));
                                        } else {
                                            err(new Object[0]);
                                            wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHECK_USABILITY_ISSUER_NO_CERT_SIGN_KU.get(x509Certificate4.getSubjectDN()));
                                            i3++;
                                        }
                                    }
                                }
                            }
                            if (i7 != 0) {
                                if (!z2) {
                                    err(new Object[0]);
                                    wrapErr(0, WRAP_COLUMN, CertMessages.WARN_MANAGE_CERTS_CHECK_USABILITY_NO_BC.get(x509Certificate4.getSubjectDN()));
                                    i2++;
                                }
                                if (!z4) {
                                    err(new Object[0]);
                                    wrapErr(0, WRAP_COLUMN, CertMessages.WARN_MANAGE_CERTS_CHECK_USABILITY_NO_KU.get(x509Certificate4.getSubjectDN()));
                                    i2++;
                                }
                            } else if (!z3) {
                                err(new Object[0]);
                                wrapErr(0, WRAP_COLUMN, CertMessages.WARN_MANAGE_CERTS_CHECK_USABILITY_NO_EKU.get(x509Certificate4.getSubjectDN()));
                                i2++;
                            }
                        }
                        for (X509Certificate x509Certificate5 : x509CertificateArr) {
                            OID signatureAlgorithmOID = x509Certificate5.getSignatureAlgorithmOID();
                            SignatureAlgorithmIdentifier forOID = SignatureAlgorithmIdentifier.forOID(signatureAlgorithmOID);
                            if (forOID != null) {
                                switch (forOID) {
                                    case MD2_WITH_RSA:
                                    case MD5_WITH_RSA:
                                    case SHA_1_WITH_RSA:
                                    case SHA_1_WITH_DSA:
                                    case SHA_1_WITH_ECDSA:
                                        err(new Object[0]);
                                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHECK_USABILITY_WEAK_SIG_ALG.get(x509Certificate5.getSubjectDN(), forOID.getUserFriendlyName()));
                                        i3++;
                                        break;
                                    case SHA_224_WITH_RSA:
                                    case SHA_224_WITH_DSA:
                                    case SHA_224_WITH_ECDSA:
                                    case SHA_256_WITH_RSA:
                                    case SHA_256_WITH_DSA:
                                    case SHA_256_WITH_ECDSA:
                                    case SHA_384_WITH_RSA:
                                    case SHA_384_WITH_ECDSA:
                                    case SHA_512_WITH_RSA:
                                    case SHA_512_WITH_ECDSA:
                                        out(new Object[0]);
                                        wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_CHECK_USABILITY_SIG_ALG_OK.get(x509Certificate5.getSubjectDN(), forOID.getUserFriendlyName()));
                                        break;
                                }
                            } else {
                                err(new Object[0]);
                                wrapErr(0, WRAP_COLUMN, CertMessages.WARN_MANAGE_CERTS_CHECK_USABILITY_UNKNOWN_SIG_ALG.get(x509Certificate5.getSubjectDN(), signatureAlgorithmOID));
                                i2++;
                            }
                        }
                        for (X509Certificate x509Certificate6 : x509CertificateArr) {
                            if (x509Certificate6.getDecodedPublicKey() != null && (x509Certificate6.getDecodedPublicKey() instanceof RSAPublicKey)) {
                                byte[] byteArray = ((RSAPublicKey) x509Certificate6.getDecodedPublicKey()).getModulus().toByteArray();
                                int length = byteArray.length * 8;
                                if (byteArray.length % 2 != 0 && byteArray[0] == 0) {
                                    length -= 8;
                                }
                                if (length < 2048) {
                                    err(new Object[0]);
                                    wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHECK_USABILITY_WEAK_RSA_MODULUS.get(x509Certificate6.getSubjectDN(), Integer.valueOf(length)));
                                    i3++;
                                } else {
                                    out(new Object[0]);
                                    wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_CHECK_USABILITY_RSA_MODULUS_OK.get(x509Certificate6.getSubjectDN(), Integer.valueOf(length)));
                                }
                            }
                        }
                        switch (i3) {
                            case 0:
                                switch (i2) {
                                    case 0:
                                        out(new Object[0]);
                                        wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_CHECK_USABILITY_NO_ERRORS_OR_WARNINGS.get());
                                        return ResultCode.SUCCESS;
                                    case 1:
                                        err(new Object[0]);
                                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHECK_USABILITY_ONE_WARNING.get());
                                        return ResultCode.PARAM_ERROR;
                                    default:
                                        err(new Object[0]);
                                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHECK_USABILITY_MULTIPLE_WARNINGS.get(Integer.valueOf(i2)));
                                        return ResultCode.PARAM_ERROR;
                                }
                            case 1:
                                err(new Object[0]);
                                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHECK_USABILITY_ONE_ERROR.get());
                                return ResultCode.PARAM_ERROR;
                            default:
                                err(new Object[0]);
                                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHECK_USABILITY_MULTIPLE_ERRORS.get(Integer.valueOf(i3)));
                                return ResultCode.PARAM_ERROR;
                        }
                    } catch (Exception e2) {
                        Debug.debugException(e2);
                        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_CHECK_USABILITY_CANNOT_GET_CHAIN.get(value));
                        e2.printStackTrace(getErr());
                        return ResultCode.LOCAL_ERROR;
                    }
                } catch (LDAPException e3) {
                    Debug.debugException(e3);
                    wrapErr(0, WRAP_COLUMN, e3.getMessage());
                    return e3.getResultCode();
                }
            } catch (LDAPException e4) {
                Debug.debugException(e4);
                wrapErr(0, WRAP_COLUMN, e4.getMessage());
                return e4.getResultCode();
            }
        } catch (LDAPException e5) {
            Debug.debugException(e5);
            wrapErr(0, WRAP_COLUMN, e5.getMessage());
            return e5.getResultCode();
        }
    }

    private ResultCode doDisplayCertificateFile() {
        File value = this.subCommandParser.getFileArgument("certificate-file").getValue();
        BooleanArgument booleanArgument = this.subCommandParser.getBooleanArgument("verbose");
        boolean z = booleanArgument != null && booleanArgument.isPresent();
        BooleanArgument booleanArgument2 = this.subCommandParser.getBooleanArgument("display-keytool-command");
        if (booleanArgument2 != null && booleanArgument2.isPresent()) {
            ArrayList arrayList = new ArrayList(10);
            arrayList.add("-printcert");
            arrayList.add(SOSCmd.FLAG_FILE);
            arrayList.add(value.getAbsolutePath());
            if (z) {
                arrayList.add("-v");
            }
            displayKeytoolCommand(arrayList);
        }
        try {
            List<X509Certificate> readCertificatesFromFile = readCertificatesFromFile(value);
            if (readCertificatesFromFile.isEmpty()) {
                wrapOut(0, WRAP_COLUMN, CertMessages.INFO_MANAGE_CERTS_DISPLAY_CERT_NO_CERTS.get(value.getAbsolutePath()));
            } else {
                for (X509Certificate x509Certificate : readCertificatesFromFile) {
                    out(new Object[0]);
                    printCertificate(x509Certificate, "", z);
                }
            }
            return ResultCode.SUCCESS;
        } catch (LDAPException e) {
            Debug.debugException(e);
            wrapErr(0, WRAP_COLUMN, e.getMessage());
            return e.getResultCode();
        }
    }

    private ResultCode doDisplayCertificateSigningRequestFile() {
        File value = this.subCommandParser.getFileArgument("certificate-signing-request-file").getValue();
        BooleanArgument booleanArgument = this.subCommandParser.getBooleanArgument("verbose");
        boolean z = booleanArgument != null && booleanArgument.isPresent();
        BooleanArgument booleanArgument2 = this.subCommandParser.getBooleanArgument("display-keytool-command");
        if (booleanArgument2 != null && booleanArgument2.isPresent()) {
            ArrayList arrayList = new ArrayList(10);
            arrayList.add("-printcertreq");
            arrayList.add(SOSCmd.FLAG_FILE);
            arrayList.add(value.getAbsolutePath());
            arrayList.add("-v");
            displayKeytoolCommand(arrayList);
        }
        try {
            PKCS10CertificateSigningRequest readCertificateSigningRequestFromFile = readCertificateSigningRequestFromFile(value);
            out(new Object[0]);
            printCertificateSigningRequest(readCertificateSigningRequestFromFile, z, "");
            return ResultCode.SUCCESS;
        } catch (LDAPException e) {
            Debug.debugException(e);
            wrapErr(0, WRAP_COLUMN, e.getMessage());
            return e.getResultCode();
        }
    }

    private void printCertificate(X509Certificate x509Certificate, String str, boolean z) {
        String aSN1BitString;
        String aSN1BitString2;
        String aSN1BitString3;
        if (z) {
            out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_VERSION.get(x509Certificate.getVersion().getName()));
        }
        out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_SUBJECT_DN.get(x509Certificate.getSubjectDN()));
        out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_ISSUER_DN.get(x509Certificate.getIssuerDN()));
        if (z) {
            out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_SERIAL_NUMBER.get(toColonDelimitedHex(x509Certificate.getSerialNumber().toByteArray())));
        }
        out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_VALIDITY_START.get(formatDateAndTime(x509Certificate.getNotBeforeDate())));
        out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_VALIDITY_END.get(formatDateAndTime(x509Certificate.getNotAfterDate())));
        long currentTimeMillis = System.currentTimeMillis();
        if (currentTimeMillis < x509Certificate.getNotBeforeTime()) {
            out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_VALIDITY_STATE_NOT_YET_VALID.get());
        } else if (currentTimeMillis > x509Certificate.getNotAfterTime()) {
            out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_VALIDITY_STATE_EXPIRED.get());
        } else {
            out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_VALIDITY_STATE_VALID.get());
        }
        out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_SIG_ALG.get(x509Certificate.getSignatureAlgorithmNameOrOID()));
        if (z) {
            try {
                aSN1BitString = toColonDelimitedHex(x509Certificate.getSignatureValue().getBytes());
            } catch (Exception e) {
                Debug.debugException(e);
                aSN1BitString = x509Certificate.getSignatureValue().toString();
            }
            out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_SIG_VALUE.get());
            Iterator<String> it = StaticUtils.wrapLine(aSN1BitString, 78).iterator();
            while (it.hasNext()) {
                out(str + ValidationFailedException.INDENT_SPACES + it.next());
            }
        }
        String publicKeySummary = getPublicKeySummary(x509Certificate.getPublicKeyAlgorithmOID(), x509Certificate.getDecodedPublicKey(), x509Certificate.getPublicKeyAlgorithmParameters());
        out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_PK_ALG.get(publicKeySummary == null ? x509Certificate.getPublicKeyAlgorithmNameOrOID() : x509Certificate.getPublicKeyAlgorithmNameOrOID() + " (" + publicKeySummary + ')'));
        if (z) {
            printPublicKey(x509Certificate.getEncodedPublicKey(), x509Certificate.getDecodedPublicKey(), x509Certificate.getPublicKeyAlgorithmParameters(), str);
            if (x509Certificate.getSubjectUniqueID() != null) {
                try {
                    aSN1BitString2 = toColonDelimitedHex(x509Certificate.getSubjectUniqueID().getBytes());
                } catch (Exception e2) {
                    Debug.debugException(e2);
                    aSN1BitString2 = x509Certificate.getSubjectUniqueID().toString();
                }
                out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_SUBJECT_UNIQUE_ID.get());
                Iterator<String> it2 = StaticUtils.wrapLine(aSN1BitString2, 78).iterator();
                while (it2.hasNext()) {
                    out(str + ValidationFailedException.INDENT_SPACES + it2.next());
                }
            }
            if (x509Certificate.getIssuerUniqueID() != null) {
                try {
                    aSN1BitString3 = toColonDelimitedHex(x509Certificate.getIssuerUniqueID().getBytes());
                } catch (Exception e3) {
                    Debug.debugException(e3);
                    aSN1BitString3 = x509Certificate.getIssuerUniqueID().toString();
                }
                out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_ISSUER_UNIQUE_ID.get());
                Iterator<String> it3 = StaticUtils.wrapLine(aSN1BitString3, 78).iterator();
                while (it3.hasNext()) {
                    out(str + ValidationFailedException.INDENT_SPACES + it3.next());
                }
            }
            printExtensions(x509Certificate.getExtensions(), str);
        }
        try {
            out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_FINGERPRINT.get("SHA-1", toColonDelimitedHex(x509Certificate.getSHA1Fingerprint())));
        } catch (Exception e4) {
            Debug.debugException(e4);
        }
        try {
            out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_FINGERPRINT.get("SHA-256", toColonDelimitedHex(x509Certificate.getSHA256Fingerprint())));
        } catch (Exception e5) {
            Debug.debugException(e5);
        }
    }

    private void printCertificateSigningRequest(PKCS10CertificateSigningRequest pKCS10CertificateSigningRequest, boolean z, String str) {
        String aSN1BitString;
        out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CSR_LABEL_VERSION.get(pKCS10CertificateSigningRequest.getVersion().getName()));
        out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_SUBJECT_DN.get(pKCS10CertificateSigningRequest.getSubjectDN()));
        out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_SIG_ALG.get(pKCS10CertificateSigningRequest.getSignatureAlgorithmNameOrOID()));
        if (z) {
            try {
                aSN1BitString = toColonDelimitedHex(pKCS10CertificateSigningRequest.getSignatureValue().getBytes());
            } catch (Exception e) {
                Debug.debugException(e);
                aSN1BitString = pKCS10CertificateSigningRequest.getSignatureValue().toString();
            }
            out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_SIG_VALUE.get());
            Iterator<String> it = StaticUtils.wrapLine(aSN1BitString, 78).iterator();
            while (it.hasNext()) {
                out(str + ValidationFailedException.INDENT_SPACES + it.next());
            }
        }
        String publicKeySummary = getPublicKeySummary(pKCS10CertificateSigningRequest.getPublicKeyAlgorithmOID(), pKCS10CertificateSigningRequest.getDecodedPublicKey(), pKCS10CertificateSigningRequest.getPublicKeyAlgorithmParameters());
        out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_PK_ALG.get(publicKeySummary == null ? pKCS10CertificateSigningRequest.getPublicKeyAlgorithmNameOrOID() : pKCS10CertificateSigningRequest.getPublicKeyAlgorithmNameOrOID() + " (" + publicKeySummary + ')'));
        if (z) {
            printPublicKey(pKCS10CertificateSigningRequest.getEncodedPublicKey(), pKCS10CertificateSigningRequest.getDecodedPublicKey(), pKCS10CertificateSigningRequest.getPublicKeyAlgorithmParameters(), str);
            printExtensions(pKCS10CertificateSigningRequest.getExtensions(), str);
        }
    }

    private void printPublicKey(ASN1BitString aSN1BitString, DecodedPublicKey decodedPublicKey, ASN1Element aSN1Element, String str) {
        String aSN1BitString2;
        if (decodedPublicKey == null) {
            try {
                aSN1BitString2 = toColonDelimitedHex(aSN1BitString.getBytes());
            } catch (Exception e) {
                Debug.debugException(e);
                aSN1BitString2 = aSN1BitString.toString();
            }
            out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_ENCODED_PK.get());
            Iterator<String> it = StaticUtils.wrapLine(aSN1BitString2, 78).iterator();
            while (it.hasNext()) {
                out(str + ValidationFailedException.INDENT_SPACES + it.next());
            }
            return;
        }
        if (!(decodedPublicKey instanceof RSAPublicKey)) {
            if (decodedPublicKey instanceof EllipticCurvePublicKey) {
                EllipticCurvePublicKey ellipticCurvePublicKey = (EllipticCurvePublicKey) decodedPublicKey;
                out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EC_IS_COMPRESSED.get(String.valueOf(ellipticCurvePublicKey.usesCompressedForm())));
                out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EC_X.get(String.valueOf(ellipticCurvePublicKey.getXCoordinate())));
                if (ellipticCurvePublicKey.getYCoordinate() == null) {
                    out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EC_Y_IS_EVEN.get(String.valueOf(ellipticCurvePublicKey.yCoordinateIsEven())));
                    return;
                } else {
                    out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EC_Y.get(String.valueOf(ellipticCurvePublicKey.getYCoordinate())));
                    return;
                }
            }
            return;
        }
        RSAPublicKey rSAPublicKey = (RSAPublicKey) decodedPublicKey;
        byte[] byteArray = rSAPublicKey.getModulus().toByteArray();
        int length = byteArray.length * 8;
        if (byteArray.length % 2 != 0 && byteArray[0] == 0) {
            length -= 8;
        }
        out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_RSA_MODULUS.get(Integer.valueOf(length)));
        Iterator<String> it2 = StaticUtils.wrapLine(toColonDelimitedHex(byteArray), 78).iterator();
        while (it2.hasNext()) {
            out(str + ValidationFailedException.INDENT_SPACES + it2.next());
        }
        out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_RSA_EXPONENT.get(toColonDelimitedHex(rSAPublicKey.getPublicExponent().toByteArray())));
    }

    static String getPublicKeySummary(OID oid, DecodedPublicKey decodedPublicKey, ASN1Element aSN1Element) {
        if (decodedPublicKey instanceof RSAPublicKey) {
            byte[] byteArray = ((RSAPublicKey) decodedPublicKey).getModulus().toByteArray();
            int length = byteArray.length * 8;
            if (byteArray.length % 2 != 0 && byteArray[0] == 0) {
                length -= 8;
            }
            return CertMessages.INFO_MANAGE_CERTS_GET_PK_SUMMARY_RSA_MODULUS_SIZE.get(Integer.valueOf(length));
        }
        if (aSN1Element == null || !oid.equals(PublicKeyAlgorithmIdentifier.EC.getOID())) {
            return null;
        }
        try {
            return NamedCurve.getNameOrOID(aSN1Element.decodeAsObjectIdentifier().getOID());
        } catch (Exception e) {
            Debug.debugException(e);
            return null;
        }
    }

    void printExtensions(List<X509CertificateExtension> list, String str) {
        if (list.isEmpty()) {
            return;
        }
        out(str + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXTENSIONS.get());
        for (X509CertificateExtension x509CertificateExtension : list) {
            if (x509CertificateExtension instanceof AuthorityKeyIdentifierExtension) {
                out(str + ValidationFailedException.INDENT_SPACES + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_AUTH_KEY_ID_EXT.get());
                out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_OID.get(x509CertificateExtension.getOID().toString()));
                out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_IS_CRITICAL.get(String.valueOf(x509CertificateExtension.isCritical())));
                AuthorityKeyIdentifierExtension authorityKeyIdentifierExtension = (AuthorityKeyIdentifierExtension) x509CertificateExtension;
                if (authorityKeyIdentifierExtension.getKeyIdentifier() != null) {
                    out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_AUTH_KEY_ID_ID.get());
                    Iterator<String> it = StaticUtils.wrapLine(toColonDelimitedHex(authorityKeyIdentifierExtension.getKeyIdentifier().getValue()), 78).iterator();
                    while (it.hasNext()) {
                        out(str + "               " + it.next());
                    }
                }
                if (authorityKeyIdentifierExtension.getAuthorityCertIssuer() != null) {
                    out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_AUTH_KEY_ID_ISSUER.get());
                    printGeneralNames(authorityKeyIdentifierExtension.getAuthorityCertIssuer(), str + "               ");
                }
                if (authorityKeyIdentifierExtension.getAuthorityCertSerialNumber() != null) {
                    out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_AUTH_KEY_ID_SERIAL.get(toColonDelimitedHex(authorityKeyIdentifierExtension.getAuthorityCertSerialNumber().toByteArray())));
                }
            } else if (x509CertificateExtension instanceof BasicConstraintsExtension) {
                out(str + ValidationFailedException.INDENT_SPACES + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_BASIC_CONST_EXT.get());
                out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_OID.get(x509CertificateExtension.getOID().toString()));
                out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_IS_CRITICAL.get(String.valueOf(x509CertificateExtension.isCritical())));
                BasicConstraintsExtension basicConstraintsExtension = (BasicConstraintsExtension) x509CertificateExtension;
                out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_BASIC_CONST_IS_CA.get(String.valueOf(basicConstraintsExtension.isCA())));
                if (basicConstraintsExtension.getPathLengthConstraint() != null) {
                    out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_BASIC_CONST_LENGTH.get(basicConstraintsExtension.getPathLengthConstraint()));
                }
            } else if (x509CertificateExtension instanceof CRLDistributionPointsExtension) {
                out(str + ValidationFailedException.INDENT_SPACES + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_CRL_DP_EXT.get());
                out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_OID.get(x509CertificateExtension.getOID().toString()));
                out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_IS_CRITICAL.get(String.valueOf(x509CertificateExtension.isCritical())));
                for (CRLDistributionPoint cRLDistributionPoint : ((CRLDistributionPointsExtension) x509CertificateExtension).getCRLDistributionPoints()) {
                    out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_CRL_DP_HEADER.get());
                    if (cRLDistributionPoint.getFullName() != null) {
                        out(str + "               " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_CRL_DP_FULL_NAME.get());
                        printGeneralNames(cRLDistributionPoint.getFullName(), str + "                    ");
                    }
                    if (cRLDistributionPoint.getNameRelativeToCRLIssuer() != null) {
                        out(str + "               " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_CRL_DP_REL_NAME.get(cRLDistributionPoint.getNameRelativeToCRLIssuer()));
                    }
                    if (!cRLDistributionPoint.getPotentialRevocationReasons().isEmpty()) {
                        out(str + "               " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_CRL_DP_REASON.get());
                        Iterator<CRLDistributionPointRevocationReason> it2 = cRLDistributionPoint.getPotentialRevocationReasons().iterator();
                        while (it2.hasNext()) {
                            out(str + "                    " + it2.next().getName());
                        }
                    }
                    if (cRLDistributionPoint.getCRLIssuer() != null) {
                        out(str + "              " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_CRL_DP_CRL_ISSUER.get());
                        printGeneralNames(cRLDistributionPoint.getCRLIssuer(), str + "                    ");
                    }
                }
            } else if (x509CertificateExtension instanceof ExtendedKeyUsageExtension) {
                out(str + ValidationFailedException.INDENT_SPACES + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_EKU_EXT.get());
                out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_OID.get(x509CertificateExtension.getOID().toString()));
                out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_IS_CRITICAL.get(String.valueOf(x509CertificateExtension.isCritical())));
                for (OID oid : ((ExtendedKeyUsageExtension) x509CertificateExtension).getKeyPurposeIDs()) {
                    ExtendedKeyUsageID forOID = ExtendedKeyUsageID.forOID(oid);
                    if (forOID == null) {
                        out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_EKU_ID.get(oid));
                    } else {
                        out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_EKU_ID.get(forOID.getName()));
                    }
                }
            } else if (x509CertificateExtension instanceof IssuerAlternativeNameExtension) {
                out(str + ValidationFailedException.INDENT_SPACES + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_IAN_EXT.get());
                out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_OID.get(x509CertificateExtension.getOID().toString()));
                out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_IS_CRITICAL.get(String.valueOf(x509CertificateExtension.isCritical())));
                printGeneralNames(((IssuerAlternativeNameExtension) x509CertificateExtension).getGeneralNames(), str + "          ");
            } else if (x509CertificateExtension instanceof KeyUsageExtension) {
                out(str + ValidationFailedException.INDENT_SPACES + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_KU_EXT.get());
                out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_OID.get(x509CertificateExtension.getOID().toString()));
                out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_IS_CRITICAL.get(String.valueOf(x509CertificateExtension.isCritical())));
                out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_KU_USAGES.get());
                KeyUsageExtension keyUsageExtension = (KeyUsageExtension) x509CertificateExtension;
                if (keyUsageExtension.isDigitalSignatureBitSet()) {
                    out(str + "               " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_KU_DS.get());
                }
                if (keyUsageExtension.isNonRepudiationBitSet()) {
                    out(str + "               " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_KU_NR.get());
                }
                if (keyUsageExtension.isKeyEnciphermentBitSet()) {
                    out(str + "               " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_KU_KE.get());
                }
                if (keyUsageExtension.isDataEnciphermentBitSet()) {
                    out(str + "               " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_KU_DE.get());
                }
                if (keyUsageExtension.isKeyCertSignBitSet()) {
                    out(str + "               " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_KU_KCS.get());
                }
                if (keyUsageExtension.isCRLSignBitSet()) {
                    out(str + "               " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_KU_CRL_SIGN.get());
                }
                if (keyUsageExtension.isEncipherOnlyBitSet()) {
                    out(str + "               " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_KU_EO.get());
                }
                if (keyUsageExtension.isDecipherOnlyBitSet()) {
                    out(str + "               " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_KU_DO.get());
                }
            } else if (x509CertificateExtension instanceof SubjectAlternativeNameExtension) {
                out(str + ValidationFailedException.INDENT_SPACES + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_SAN_EXT.get());
                out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_OID.get(x509CertificateExtension.getOID().toString()));
                out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_IS_CRITICAL.get(String.valueOf(x509CertificateExtension.isCritical())));
                printGeneralNames(((SubjectAlternativeNameExtension) x509CertificateExtension).getGeneralNames(), str + "          ");
            } else if (x509CertificateExtension instanceof SubjectKeyIdentifierExtension) {
                out(str + ValidationFailedException.INDENT_SPACES + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_SKI_EXT.get());
                out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_OID.get(x509CertificateExtension.getOID().toString()));
                out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_IS_CRITICAL.get(String.valueOf(x509CertificateExtension.isCritical())));
                String colonDelimitedHex = toColonDelimitedHex(((SubjectKeyIdentifierExtension) x509CertificateExtension).getKeyIdentifier().getValue());
                out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_SKI_ID.get());
                Iterator<String> it3 = StaticUtils.wrapLine(colonDelimitedHex, 78).iterator();
                while (it3.hasNext()) {
                    out(str + "               " + it3.next());
                }
            } else {
                out(str + ValidationFailedException.INDENT_SPACES + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_GENERIC.get());
                out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_OID.get(x509CertificateExtension.getOID().toString()));
                out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_IS_CRITICAL.get(String.valueOf(x509CertificateExtension.isCritical())));
                toColonDelimitedHex(x509CertificateExtension.getValue());
                out(str + "          " + CertMessages.INFO_MANAGE_CERTS_PRINT_CERT_LABEL_EXT_VALUE.get());
                getOut().print(StaticUtils.toHexPlusASCII(x509CertificateExtension.getValue(), str.length() + 15));
            }
        }
    }

    private void printGeneralNames(GeneralNames generalNames, String str) {
        Iterator<String> it = generalNames.getDNSNames().iterator();
        while (it.hasNext()) {
            out(str + CertMessages.INFO_MANAGE_CERTS_GENERAL_NAMES_LABEL_DNS.get(it.next()));
        }
        Iterator<InetAddress> it2 = generalNames.getIPAddresses().iterator();
        while (it2.hasNext()) {
            out(str + CertMessages.INFO_MANAGE_CERTS_GENERAL_NAMES_LABEL_IP.get(it2.next().getHostAddress()));
        }
        Iterator<String> it3 = generalNames.getRFC822Names().iterator();
        while (it3.hasNext()) {
            out(str + CertMessages.INFO_MANAGE_CERTS_GENERAL_NAMES_LABEL_RFC_822_NAME.get(it3.next()));
        }
        Iterator<DN> it4 = generalNames.getDirectoryNames().iterator();
        while (it4.hasNext()) {
            out(str + CertMessages.INFO_MANAGE_CERTS_GENERAL_NAMES_LABEL_DIRECTORY_NAME.get(String.valueOf(it4.next())));
        }
        Iterator<String> it5 = generalNames.getUniformResourceIdentifiers().iterator();
        while (it5.hasNext()) {
            out(str + CertMessages.INFO_MANAGE_CERTS_GENERAL_NAMES_LABEL_URI.get(it5.next()));
        }
        Iterator<OID> it6 = generalNames.getRegisteredIDs().iterator();
        while (it6.hasNext()) {
            out(str + CertMessages.INFO_MANAGE_CERTS_GENERAL_NAMES_LABEL_REGISTERED_ID.get(it6.next().toString()));
        }
        if (!generalNames.getOtherNames().isEmpty()) {
            out(str + CertMessages.INFO_MANAGE_CERTS_GENERAL_NAMES_LABEL_OTHER_NAME_COUNT.get(Integer.valueOf(generalNames.getOtherNames().size())));
        }
        if (!generalNames.getX400Addresses().isEmpty()) {
            out(str + CertMessages.INFO_MANAGE_CERTS_GENERAL_NAMES_LABEL_X400_ADDR_COUNT.get(Integer.valueOf(generalNames.getX400Addresses().size())));
        }
        if (generalNames.getEDIPartyNames().isEmpty()) {
            return;
        }
        out(str + CertMessages.INFO_MANAGE_CERTS_GENERAL_NAMES_LABEL_EDI_PARTY_NAME_COUNT.get(Integer.valueOf(generalNames.getEDIPartyNames().size())));
    }

    private static void writePEMCertificate(PrintStream printStream, byte[] bArr) {
        String encode = Base64.encode(bArr);
        printStream.println("-----BEGIN CERTIFICATE-----");
        Iterator<String> it = StaticUtils.wrapLine(encode, 64).iterator();
        while (it.hasNext()) {
            printStream.println(it.next());
        }
        printStream.println("-----END CERTIFICATE-----");
    }

    private static void writePEMCertificateSigningRequest(PrintStream printStream, byte[] bArr) {
        String encode = Base64.encode(bArr);
        printStream.println("-----BEGIN CERTIFICATE REQUEST-----");
        Iterator<String> it = StaticUtils.wrapLine(encode, 64).iterator();
        while (it.hasNext()) {
            printStream.println(it.next());
        }
        printStream.println("-----END CERTIFICATE REQUEST-----");
    }

    private static void writePEMPrivateKey(PrintStream printStream, byte[] bArr) {
        String encode = Base64.encode(bArr);
        printStream.println("-----BEGIN PRIVATE KEY-----");
        Iterator<String> it = StaticUtils.wrapLine(encode, 64).iterator();
        while (it.hasNext()) {
            printStream.println(it.next());
        }
        printStream.println("-----END PRIVATE KEY-----");
    }

    private void displayKeytoolCommand(List<String> list) {
        StringBuilder sb = new StringBuilder();
        sb.append("#      keytool");
        boolean z = false;
        for (String str : list) {
            if (str.startsWith("-")) {
                sb.append(" \\");
                sb.append(StaticUtils.EOL);
                sb.append("#           ");
                sb.append(str);
                z = true;
            } else if (z) {
                sb.append(' ');
                sb.append(StaticUtils.cleanExampleCommandLineArgument(str));
                z = false;
            } else {
                sb.append(" \\");
                sb.append(StaticUtils.EOL);
                sb.append("#           ");
                sb.append(str);
                z = false;
            }
        }
        out(new Object[0]);
        out(CertMessages.INFO_MANAGE_CERTS_APPROXIMATE_KEYTOOL_COMMAND.get());
        out(sb);
        out(new Object[0]);
    }

    private File getKeystorePath() {
        FileArgument fileArgument = this.subCommandParser.getFileArgument("keystore");
        if (fileArgument != null) {
            return fileArgument.getValue();
        }
        return null;
    }

    private char[] getKeystorePassword(File file) throws LDAPException {
        return getKeystorePassword(file, null);
    }

    /* JADX WARN: Failed to calculate best type for var: r16v5 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Failed to calculate best type for var: r17v1 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException
     */
    /* JADX WARN: Not initialized variable reg: 16, insn: 0x0187: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r16 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:59:0x0187 */
    /* JADX WARN: Not initialized variable reg: 17, insn: 0x018c: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r17 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:61:0x018c */
    /* JADX WARN: Type inference failed for: r16v5, types: [java.io.BufferedReader] */
    /* JADX WARN: Type inference failed for: r17v1, types: [java.lang.Throwable] */
    private char[] getKeystorePassword(File file, String str) throws LDAPException {
        ?? r16;
        ?? r17;
        String str2 = str == null ? "" : str + '-';
        StringArgument stringArgument = this.subCommandParser.getStringArgument(str2 + "keystore-password");
        if (stringArgument != null && stringArgument.isPresent()) {
            char[] charArray = stringArgument.getValue().toCharArray();
            if (file.exists() || charArray.length >= 6) {
                return charArray;
            }
            throw new LDAPException(ResultCode.PARAM_ERROR, CertMessages.ERR_MANAGE_CERTS_GET_KS_PW_TOO_SHORT.get());
        }
        FileArgument fileArgument = this.subCommandParser.getFileArgument(str2 + "keystore-password-file");
        if (fileArgument != null && fileArgument.isPresent()) {
            File value = fileArgument.getValue();
            try {
                try {
                    BufferedReader bufferedReader = new BufferedReader(new FileReader(value));
                    Throwable th = null;
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        throw new LDAPException(ResultCode.PARAM_ERROR, CertMessages.ERR_MANAGE_CERTS_GET_KS_PW_EMPTY_FILE.get(value.getAbsolutePath()));
                    }
                    if (bufferedReader.readLine() != null) {
                        throw new LDAPException(ResultCode.PARAM_ERROR, CertMessages.ERR_MANAGE_CERTS_GET_KS_PW_MULTI_LINE_FILE.get(value.getAbsolutePath()));
                    }
                    if (readLine.isEmpty()) {
                        throw new LDAPException(ResultCode.PARAM_ERROR, CertMessages.ERR_MANAGE_CERTS_GET_KS_PW_EMPTY_FILE.get(value.getAbsolutePath()));
                    }
                    if (!file.exists() && readLine.length() < 6) {
                        throw new LDAPException(ResultCode.PARAM_ERROR, CertMessages.ERR_MANAGE_CERTS_GET_KS_PW_TOO_SHORT.get());
                    }
                    char[] charArray2 = readLine.toCharArray();
                    if (bufferedReader != null) {
                        if (0 != 0) {
                            try {
                                bufferedReader.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            bufferedReader.close();
                        }
                    }
                    return charArray2;
                } catch (Throwable th3) {
                    if (r16 != 0) {
                        if (r17 != 0) {
                            try {
                                r16.close();
                            } catch (Throwable th4) {
                                r17.addSuppressed(th4);
                            }
                        } else {
                            r16.close();
                        }
                    }
                    throw th3;
                }
            } catch (LDAPException e) {
                Debug.debugException(e);
                throw e;
            } catch (Exception e2) {
                Debug.debugException(e2);
                throw new LDAPException(ResultCode.LOCAL_ERROR, CertMessages.ERR_MANAGE_CERTS_GET_KS_PW_ERROR_READING_FILE.get(value.getAbsolutePath(), StaticUtils.getExceptionMessage(e2)), e2);
            }
        }
        BooleanArgument booleanArgument = this.subCommandParser.getBooleanArgument("prompt-for-" + str2 + "keystore-password");
        if (booleanArgument == null || !booleanArgument.isPresent()) {
            return null;
        }
        out(new Object[0]);
        if (file.exists() && !"new".equals(str)) {
            return (str == null || !str.equals("current")) ? promptForPassword(CertMessages.INFO_MANAGE_CERTS_KEY_KS_PW_EXISTING_PROMPT.get(file.getAbsolutePath()), false) : promptForPassword(CertMessages.INFO_MANAGE_CERTS_KEY_KS_PW_EXISTING_CURRENT_PROMPT.get(file.getAbsolutePath()), false);
        }
        while (true) {
            char[] promptForPassword = promptForPassword("new".equals(str) ? CertMessages.INFO_MANAGE_CERTS_KEY_KS_PW_EXISTING_NEW_PROMPT.get() : CertMessages.INFO_MANAGE_CERTS_KEY_KS_PW_NEW_PROMPT_1.get(file.getAbsolutePath()), false);
            if (promptForPassword.length < 6) {
                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GET_KS_PW_TOO_SHORT.get());
                err(new Object[0]);
            } else {
                char[] promptForPassword2 = promptForPassword(CertMessages.INFO_MANAGE_CERTS_KEY_KS_PW_NEW_PROMPT_2.get(), true);
                if (Arrays.equals(promptForPassword, promptForPassword2)) {
                    Arrays.fill(promptForPassword2, (char) 0);
                    return promptForPassword;
                }
                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_KEY_KS_PW_PROMPT_MISMATCH.get());
                err(new Object[0]);
            }
        }
    }

    private char[] promptForPassword(String str, boolean z) throws LDAPException {
        Iterator<String> it = StaticUtils.wrapLine(str, WRAP_COLUMN).iterator();
        while (it.hasNext()) {
            String next = it.next();
            if (it.hasNext()) {
                out(next);
            } else {
                getOut().print(next);
            }
        }
        char[] readPasswordChars = PasswordReader.readPasswordChars();
        if (readPasswordChars.length != 0 || z) {
            return readPasswordChars;
        }
        wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_PROMPT_FOR_PW_EMPTY_PW.get());
        err(new Object[0]);
        return promptForPassword(str, z);
    }

    private boolean promptForYesNo(String str) throws LDAPException {
        while (true) {
            Iterator<String> it = StaticUtils.wrapLine(str + ' ', WRAP_COLUMN).iterator();
            while (it.hasNext()) {
                String next = it.next();
                if (it.hasNext()) {
                    out(next);
                } else {
                    getOut().print(next);
                }
            }
            try {
                String readLineFromIn = readLineFromIn();
                if (readLineFromIn.equalsIgnoreCase("yes") || readLineFromIn.equalsIgnoreCase("y")) {
                    return true;
                }
                if (readLineFromIn.equalsIgnoreCase("no") || readLineFromIn.equalsIgnoreCase(OperatorName.ENDPATH)) {
                    return false;
                }
                err(new Object[0]);
                wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_PROMPT_FOR_YES_NO_INVALID_RESPONSE.get());
                err(new Object[0]);
            } catch (Exception e) {
                Debug.debugException(e);
                throw new LDAPException(ResultCode.LOCAL_ERROR, CertMessages.ERR_MANAGE_CERTS_PROMPT_FOR_YES_NO_READ_ERROR.get(StaticUtils.getExceptionMessage(e)), e);
            }
        }
    }

    private String readLineFromIn() throws IOException {
        ByteStringBuffer byteStringBuffer = new ByteStringBuffer();
        while (true) {
            int read = this.in.read();
            if (read < 0) {
                if (byteStringBuffer.isEmpty()) {
                    return null;
                }
                return byteStringBuffer.toString();
            }
            if (read == 10) {
                return byteStringBuffer.toString();
            }
            if (read == 13) {
                int read2 = this.in.read();
                Validator.ensureTrue(read2 < 0 || read2 == 10, "ERROR:  Read a carriage return from standard input that was not followed by a new line.");
                return byteStringBuffer.toString();
            }
            byteStringBuffer.append((byte) (read & 255));
        }
    }

    private char[] getPrivateKeyPassword(KeyStore keyStore, String str, char[] cArr) throws LDAPException {
        return getPrivateKeyPassword(keyStore, str, null, cArr);
    }

    /* JADX WARN: Failed to calculate best type for var: r18v10 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Failed to calculate best type for var: r19v1 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException
     */
    /* JADX WARN: Not initialized variable reg: 18, insn: 0x019d: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r18 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:63:0x019d */
    /* JADX WARN: Not initialized variable reg: 19, insn: 0x01a2: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r19 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:65:0x01a2 */
    /* JADX WARN: Type inference failed for: r18v10, types: [java.io.BufferedReader] */
    /* JADX WARN: Type inference failed for: r19v1, types: [java.lang.Throwable] */
    private char[] getPrivateKeyPassword(KeyStore keyStore, String str, String str2, char[] cArr) throws LDAPException {
        String str3 = str2 == null ? "" : str2 + '-';
        StringArgument stringArgument = this.subCommandParser.getStringArgument(str3 + "private-key-password");
        if (stringArgument != null && stringArgument.isPresent()) {
            char[] charArray = stringArgument.getValue().toCharArray();
            if (charArray.length >= 6 || hasCertificateAlias(keyStore, str) || hasKeyAlias(keyStore, str)) {
                return charArray;
            }
            throw new LDAPException(ResultCode.PARAM_ERROR, CertMessages.ERR_MANAGE_CERTS_GET_PK_PW_TOO_SHORT.get());
        }
        FileArgument fileArgument = this.subCommandParser.getFileArgument(str3 + "private-key-password-file");
        if (fileArgument != null && fileArgument.isPresent()) {
            File value = fileArgument.getValue();
            try {
                try {
                    BufferedReader bufferedReader = new BufferedReader(new FileReader(value));
                    Throwable th = null;
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        throw new LDAPException(ResultCode.PARAM_ERROR, CertMessages.ERR_MANAGE_CERTS_GET_PK_PW_EMPTY_FILE.get(value.getAbsolutePath()));
                    }
                    if (bufferedReader.readLine() != null) {
                        throw new LDAPException(ResultCode.PARAM_ERROR, CertMessages.ERR_MANAGE_CERTS_GET_PK_PW_MULTI_LINE_FILE.get(value.getAbsolutePath()));
                    }
                    if (readLine.isEmpty()) {
                        throw new LDAPException(ResultCode.PARAM_ERROR, CertMessages.ERR_MANAGE_CERTS_GET_PK_PW_EMPTY_FILE.get(value.getAbsolutePath()));
                    }
                    if (readLine.length() < 6 && !hasCertificateAlias(keyStore, str) && !hasKeyAlias(keyStore, str)) {
                        throw new LDAPException(ResultCode.PARAM_ERROR, CertMessages.ERR_MANAGE_CERTS_GET_PK_PW_TOO_SHORT.get());
                    }
                    char[] charArray2 = readLine.toCharArray();
                    if (bufferedReader != null) {
                        if (0 != 0) {
                            try {
                                bufferedReader.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            bufferedReader.close();
                        }
                    }
                    return charArray2;
                } finally {
                }
            } catch (LDAPException e) {
                Debug.debugException(e);
                throw e;
            } catch (Exception e2) {
                Debug.debugException(e2);
                throw new LDAPException(ResultCode.LOCAL_ERROR, CertMessages.ERR_MANAGE_CERTS_GET_PK_PW_ERROR_READING_FILE.get(value.getAbsolutePath(), StaticUtils.getExceptionMessage(e2)), e2);
            }
        }
        BooleanArgument booleanArgument = this.subCommandParser.getBooleanArgument("prompt-for-" + str3 + "private-key-password");
        if (booleanArgument == null || !booleanArgument.isPresent()) {
            return cArr;
        }
        out(new Object[0]);
        try {
            if ((hasKeyAlias(keyStore, str) || hasCertificateAlias(keyStore, str)) && !"new".equals(str2)) {
                return promptForPassword("current".equals(str2) ? CertMessages.INFO_MANAGE_CERTS_GET_PK_PW_CURRENT_PROMPT.get(str) : CertMessages.INFO_MANAGE_CERTS_GET_PK_PW_EXISTING_PROMPT.get(str), false);
            }
            while (true) {
                char[] promptForPassword = promptForPassword("new".equals(str2) ? CertMessages.INFO_MANAGE_CERTS_GET_PK_PW_NEW_PROMPT.get() : CertMessages.INFO_MANAGE_CERTS_GET_PK_PW_NEW_PROMPT_1.get(str), false);
                if (promptForPassword.length < 6) {
                    wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GET_PK_PW_TOO_SHORT.get());
                    err(new Object[0]);
                } else {
                    char[] promptForPassword2 = promptForPassword(CertMessages.INFO_MANAGE_CERTS_GET_PK_PW_NEW_PROMPT_2.get(), true);
                    if (Arrays.equals(promptForPassword, promptForPassword2)) {
                        Arrays.fill(promptForPassword2, (char) 0);
                        return promptForPassword;
                    }
                    wrapErr(0, WRAP_COLUMN, CertMessages.ERR_MANAGE_CERTS_GET_PK_PW_PROMPT_MISMATCH.get());
                    err(new Object[0]);
                }
            }
        } catch (LDAPException e3) {
            Debug.debugException(e3);
            throw e3;
        } catch (Exception e4) {
            Debug.debugException(e4);
            throw new LDAPException(ResultCode.LOCAL_ERROR, CertMessages.ERR_MANAGE_CERTS_GET_PK_PW_PROMPT_ERROR.get(str, StaticUtils.getExceptionMessage(e4)), e4);
        }
    }

    /* JADX WARN: Failed to calculate best type for var: r12v2 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Failed to calculate best type for var: r13v0 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException
     */
    /* JADX WARN: Not initialized variable reg: 12, insn: 0x0115: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r12 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:64:0x0115 */
    /* JADX WARN: Not initialized variable reg: 13, insn: 0x0119: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r13 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:66:0x0119 */
    /* JADX WARN: Type inference failed for: r12v2, types: [java.io.FileInputStream] */
    /* JADX WARN: Type inference failed for: r13v0, types: [java.lang.Throwable] */
    private String inferKeystoreType(File file) throws LDAPException {
        ?? r12;
        ?? r13;
        if (!file.exists()) {
            StringArgument stringArgument = this.subCommandParser.getStringArgument("keystore-type");
            if (stringArgument == null || !stringArgument.isPresent()) {
                return DEFAULT_KEYSTORE_TYPE;
            }
            String value = stringArgument.getValue();
            return (value.equalsIgnoreCase("PKCS12") || value.equalsIgnoreCase("PKCS 12") || value.equalsIgnoreCase("PKCS#12") || value.equalsIgnoreCase("PKCS #12")) ? "PKCS12" : SslConfigurationDefaults.KEYSTORE_TYPE;
        }
        try {
            try {
                FileInputStream fileInputStream = new FileInputStream(file);
                Throwable th = null;
                int read = fileInputStream.read();
                if (read < 0) {
                    throw new LDAPException(ResultCode.PARAM_ERROR, CertMessages.ERR_MANAGE_CERTS_INFER_KS_TYPE_EMPTY_FILE.get(file.getAbsolutePath()));
                }
                if (read == 48) {
                    if (fileInputStream != null) {
                        if (0 != 0) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                    return "PKCS12";
                }
                if (read != 254) {
                    throw new LDAPException(ResultCode.PARAM_ERROR, CertMessages.ERR_MANAGE_CERTS_INFER_KS_TYPE_UNEXPECTED_FIRST_BYTE.get(file.getAbsolutePath(), StaticUtils.toHex((byte) (read & 255))));
                }
                if (fileInputStream != null) {
                    if (0 != 0) {
                        try {
                            fileInputStream.close();
                        } catch (Throwable th3) {
                            th.addSuppressed(th3);
                        }
                    } else {
                        fileInputStream.close();
                    }
                }
                return SslConfigurationDefaults.KEYSTORE_TYPE;
            } catch (Throwable th4) {
                if (r12 != 0) {
                    if (r13 != 0) {
                        try {
                            r12.close();
                        } catch (Throwable th5) {
                            r13.addSuppressed(th5);
                        }
                    } else {
                        r12.close();
                    }
                }
                throw th4;
            }
        } catch (LDAPException e) {
            Debug.debugException(e);
            throw e;
        } catch (Exception e2) {
            Debug.debugException(e2);
            throw new LDAPException(ResultCode.LOCAL_ERROR, CertMessages.ERR_MANAGE_CERTS_INFER_KS_TYPE_ERROR_READING_FILE.get(file.getAbsolutePath(), StaticUtils.getExceptionMessage(e2)), e2);
        }
    }

    static String getUserFriendlyKeystoreType(String str) {
        return str.equalsIgnoreCase(SslConfigurationDefaults.KEYSTORE_TYPE) ? SslConfigurationDefaults.KEYSTORE_TYPE : (str.equalsIgnoreCase("PKCS12") || str.equalsIgnoreCase("PKCS 12") || str.equalsIgnoreCase("PKCS#12") || str.equalsIgnoreCase("PKCS #12")) ? "PKCS #12" : str;
    }

    static KeyStore getKeystore(String str, File file, char[] cArr) throws LDAPException {
        try {
            KeyStore keyStore = KeyStore.getInstance(str);
            try {
                FileInputStream fileInputStream = file.exists() ? new FileInputStream(file) : null;
                try {
                    try {
                        keyStore.load(fileInputStream, cArr);
                        return keyStore;
                    } finally {
                        if (fileInputStream != null) {
                            try {
                                fileInputStream.close();
                            } catch (Exception e) {
                                Debug.debugException(e);
                            }
                        }
                    }
                } catch (Exception e2) {
                    Debug.debugException(e2);
                    Throwable cause = e2.getCause();
                    if (!(e2 instanceof IOException) || cause == null || !(cause instanceof UnrecoverableKeyException) || cArr == null) {
                        throw new LDAPException(ResultCode.PARAM_ERROR, CertMessages.ERR_MANAGE_CERTS_ERROR_CANNOT_LOAD_KS.get(file.getAbsolutePath(), StaticUtils.getExceptionMessage(e2)), e2);
                    }
                    throw new LDAPException(ResultCode.PARAM_ERROR, CertMessages.ERR_MANAGE_CERTS_CANNOT_LOAD_KS_WRONG_PW.get(file.getAbsolutePath()), e2);
                }
            } catch (Exception e3) {
                Debug.debugException(e3);
                throw new LDAPException(ResultCode.LOCAL_ERROR, CertMessages.ERR_MANAGE_CERTS_CANNOT_OPEN_KS_FILE_FOR_READING.get(file.getAbsolutePath(), StaticUtils.getExceptionMessage(e3)), e3);
            }
        } catch (Exception e4) {
            Debug.debugException(e4);
            throw new LDAPException(ResultCode.LOCAL_ERROR, CertMessages.ERR_MANAGE_CERTS_CANNOT_INSTANTIATE_KS_TYPE.get(str, StaticUtils.getExceptionMessage(e4)), e4);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:77:0x0131, code lost:
    
        if (r16 == false) goto L46;
     */
    /* JADX WARN: Code restructure failed: missing block: B:79:0x014f, code lost:
    
        throw new com.unboundid.ldap.sdk.LDAPException(com.unboundid.ldap.sdk.ResultCode.PARAM_ERROR, com.unboundid.util.ssl.cert.CertMessages.ERR_MANAGE_CERTS_READ_CERTS_FROM_FILE_EOF_WITHOUT_END.get(r9.getAbsolutePath()));
     */
    /* JADX WARN: Code restructure failed: missing block: B:81:0x0156, code lost:
    
        if (r0 == null) goto L54;
     */
    /* JADX WARN: Code restructure failed: missing block: B:83:0x015b, code lost:
    
        if (0 == 0) goto L53;
     */
    /* JADX WARN: Code restructure failed: missing block: B:84:0x0172, code lost:
    
        r0.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:86:0x015e, code lost:
    
        r0.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:88:0x0166, code lost:
    
        r20 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:89:0x0168, code lost:
    
        r0.addSuppressed(r20);
     */
    /* JADX WARN: Failed to calculate best type for var: r14v1 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Failed to calculate best type for var: r15v3 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException
     */
    /* JADX WARN: Not initialized variable reg: 14, insn: 0x02d2: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r14 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:106:0x02d2 */
    /* JADX WARN: Not initialized variable reg: 15, insn: 0x02d7: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r15 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:108:0x02d7 */
    /* JADX WARN: Type inference failed for: r14v1, types: [java.io.BufferedReader] */
    /* JADX WARN: Type inference failed for: r15v3, types: [java.lang.Throwable] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    static java.util.List<com.unboundid.util.ssl.cert.X509Certificate> readCertificatesFromFile(java.io.File r9) throws com.unboundid.ldap.sdk.LDAPException {
        /*
            Method dump skipped, instructions count: 848
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.unboundid.util.ssl.cert.ManageCertificates.readCertificatesFromFile(java.io.File):java.util.List");
    }

    /* JADX WARN: Code restructure failed: missing block: B:109:0x015e, code lost:
    
        if (r16 == false) goto L46;
     */
    /* JADX WARN: Code restructure failed: missing block: B:111:0x017c, code lost:
    
        throw new com.unboundid.ldap.sdk.LDAPException(com.unboundid.ldap.sdk.ResultCode.PARAM_ERROR, com.unboundid.util.ssl.cert.CertMessages.ERR_MANAGE_CERTS_READ_PK_FROM_FILE_EOF_WITHOUT_END.get(r9.getAbsolutePath()));
     */
    /* JADX WARN: Code restructure failed: missing block: B:113:0x017f, code lost:
    
        if (r13 != null) goto L50;
     */
    /* JADX WARN: Code restructure failed: missing block: B:115:0x019d, code lost:
    
        throw new com.unboundid.ldap.sdk.LDAPException(com.unboundid.ldap.sdk.ResultCode.PARAM_ERROR, com.unboundid.util.ssl.cert.CertMessages.ERR_MANAGE_CERTS_READ_PK_FROM_FILE_EMPTY_FILE.get(r9.getAbsolutePath()));
     */
    /* JADX WARN: Code restructure failed: missing block: B:116:0x019e, code lost:
    
        r0 = r13;
     */
    /* JADX WARN: Code restructure failed: missing block: B:117:0x01a4, code lost:
    
        if (r0 == null) goto L58;
     */
    /* JADX WARN: Code restructure failed: missing block: B:119:0x01a9, code lost:
    
        if (0 == 0) goto L57;
     */
    /* JADX WARN: Code restructure failed: missing block: B:120:0x01c0, code lost:
    
        r0.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:122:0x01ac, code lost:
    
        r0.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:124:0x01b4, code lost:
    
        r20 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:125:0x01b6, code lost:
    
        r0.addSuppressed(r20);
     */
    /* JADX WARN: Code restructure failed: missing block: B:29:0x008a, code lost:
    
        if (r13 != null) goto L19;
     */
    /* JADX WARN: Code restructure failed: missing block: B:31:0x00a8, code lost:
    
        throw new com.unboundid.ldap.sdk.LDAPException(com.unboundid.ldap.sdk.ResultCode.PARAM_ERROR, com.unboundid.util.ssl.cert.CertMessages.ERR_MANAGE_CERTS_READ_PK_FROM_FILE_EMPTY_FILE.get(r9.getAbsolutePath()));
     */
    /* JADX WARN: Failed to calculate best type for var: r14v0 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Failed to calculate best type for var: r15v0 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException
     */
    /* JADX WARN: Not initialized variable reg: 14, insn: 0x033d: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r14 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:142:0x033d */
    /* JADX WARN: Not initialized variable reg: 15, insn: 0x0342: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r15 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:144:0x0342 */
    /* JADX WARN: Type inference failed for: r14v0, types: [java.io.BufferedReader] */
    /* JADX WARN: Type inference failed for: r15v0, types: [java.lang.Throwable] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    static com.unboundid.util.ssl.cert.PKCS8PrivateKey readPrivateKeyFromFile(java.io.File r9) throws com.unboundid.ldap.sdk.LDAPException {
        /*
            Method dump skipped, instructions count: 955
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.unboundid.util.ssl.cert.ManageCertificates.readPrivateKeyFromFile(java.io.File):com.unboundid.util.ssl.cert.PKCS8PrivateKey");
    }

    /* JADX WARN: Code restructure failed: missing block: B:113:0x015e, code lost:
    
        if (r16 == false) goto L46;
     */
    /* JADX WARN: Code restructure failed: missing block: B:115:0x017c, code lost:
    
        throw new com.unboundid.ldap.sdk.LDAPException(com.unboundid.ldap.sdk.ResultCode.PARAM_ERROR, com.unboundid.util.ssl.cert.CertMessages.ERR_MANAGE_CERTS_READ_CSR_FROM_FILE_EOF_WITHOUT_END.get(r9.getAbsolutePath()));
     */
    /* JADX WARN: Code restructure failed: missing block: B:117:0x017f, code lost:
    
        if (r13 != null) goto L50;
     */
    /* JADX WARN: Code restructure failed: missing block: B:119:0x019d, code lost:
    
        throw new com.unboundid.ldap.sdk.LDAPException(com.unboundid.ldap.sdk.ResultCode.PARAM_ERROR, com.unboundid.util.ssl.cert.CertMessages.ERR_MANAGE_CERTS_READ_CSR_FROM_FILE_EMPTY_FILE.get(r9.getAbsolutePath()));
     */
    /* JADX WARN: Code restructure failed: missing block: B:120:0x019e, code lost:
    
        r0 = r13;
     */
    /* JADX WARN: Code restructure failed: missing block: B:121:0x01a4, code lost:
    
        if (r0 == null) goto L58;
     */
    /* JADX WARN: Code restructure failed: missing block: B:123:0x01a9, code lost:
    
        if (0 == 0) goto L57;
     */
    /* JADX WARN: Code restructure failed: missing block: B:124:0x01c0, code lost:
    
        r0.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:126:0x01ac, code lost:
    
        r0.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:128:0x01b4, code lost:
    
        r20 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:129:0x01b6, code lost:
    
        r0.addSuppressed(r20);
     */
    /* JADX WARN: Code restructure failed: missing block: B:29:0x008a, code lost:
    
        if (r13 != null) goto L19;
     */
    /* JADX WARN: Code restructure failed: missing block: B:31:0x00a8, code lost:
    
        throw new com.unboundid.ldap.sdk.LDAPException(com.unboundid.ldap.sdk.ResultCode.PARAM_ERROR, com.unboundid.util.ssl.cert.CertMessages.ERR_MANAGE_CERTS_READ_CSR_FROM_FILE_EMPTY_FILE.get(r9.getAbsolutePath()));
     */
    /* JADX WARN: Failed to calculate best type for var: r14v0 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Failed to calculate best type for var: r15v0 ??
    java.lang.NullPointerException
     */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException
     */
    /* JADX WARN: Not initialized variable reg: 14, insn: 0x0353: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r14 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:146:0x0353 */
    /* JADX WARN: Not initialized variable reg: 15, insn: 0x0358: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r15 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:148:0x0358 */
    /* JADX WARN: Type inference failed for: r14v0, types: [java.io.BufferedReader] */
    /* JADX WARN: Type inference failed for: r15v0, types: [java.lang.Throwable] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    static com.unboundid.util.ssl.cert.PKCS10CertificateSigningRequest readCertificateSigningRequestFromFile(java.io.File r9) throws com.unboundid.ldap.sdk.LDAPException {
        /*
            Method dump skipped, instructions count: 977
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.unboundid.util.ssl.cert.ManageCertificates.readCertificateSigningRequestFromFile(java.io.File):com.unboundid.util.ssl.cert.PKCS10CertificateSigningRequest");
    }

    private static String toColonDelimitedHex(byte... bArr) {
        StringBuilder sb = new StringBuilder(bArr.length * 3);
        StaticUtils.toHex(bArr, ":", sb);
        return sb.toString();
    }

    private static String formatDateAndTime(Date date) {
        String format = new SimpleDateFormat("EEEE, MMMM d, yyyy").format(date);
        String format2 = new SimpleDateFormat("hh:mm:ss aa z").format(date);
        long time = date.getTime();
        long currentTimeMillis = System.currentTimeMillis();
        if (time > currentTimeMillis) {
            return CertMessages.INFO_MANAGE_CERTS_FORMAT_DATE_AND_TIME_IN_FUTURE.get(format, format2, StaticUtils.secondsToHumanReadableDuration((time - currentTimeMillis) / 1000));
        }
        return CertMessages.INFO_MANAGE_CERTS_FORMAT_DATE_AND_TIME_IN_PAST.get(format, format2, StaticUtils.secondsToHumanReadableDuration((currentTimeMillis - time) / 1000));
    }

    private static String formatValidityStartTime(Date date) {
        return new SimpleDateFormat("yyyy'/'MM'/'dd HH':'mm':'ss").format(date);
    }

    private static X509Certificate[] getCertificateChain(String str, KeyStore keyStore, AtomicReference<DN> atomicReference) throws LDAPException {
        try {
            Certificate[] certificateChain = keyStore.getCertificateChain(str);
            if (certificateChain != null && certificateChain.length > 0) {
                X509Certificate[] x509CertificateArr = new X509Certificate[certificateChain.length];
                for (int i = 0; i < certificateChain.length; i++) {
                    x509CertificateArr[i] = new X509Certificate(certificateChain[i].getEncoded());
                }
                return x509CertificateArr;
            }
            Certificate certificate = keyStore.getCertificate(str);
            if (certificate == null) {
                return new X509Certificate[0];
            }
            ArrayList arrayList = new ArrayList(5);
            X509Certificate x509Certificate = new X509Certificate(certificate.getEncoded());
            arrayList.add(x509Certificate);
            AtomicReference atomicReference2 = new AtomicReference();
            while (true) {
                X509Certificate issuerCertificate = getIssuerCertificate(x509Certificate, keyStore, atomicReference2, atomicReference);
                if (issuerCertificate == null) {
                    return (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]);
                }
                arrayList.add(issuerCertificate);
                x509Certificate = issuerCertificate;
            }
        } catch (Exception e) {
            Debug.debugException(e);
            throw new LDAPException(ResultCode.LOCAL_ERROR, CertMessages.ERR_MANAGE_CERTS_GET_CHAIN_ERROR.get(str, StaticUtils.getExceptionMessage(e)), e);
        }
    }

    private static X509Certificate getIssuerCertificate(X509Certificate x509Certificate, KeyStore keyStore, AtomicReference<KeyStore> atomicReference, AtomicReference<DN> atomicReference2) throws Exception {
        DN subjectDN = x509Certificate.getSubjectDN();
        DN issuerDN = x509Certificate.getIssuerDN();
        if (subjectDN.equals(issuerDN)) {
            return null;
        }
        X509Certificate issuerCertificate = getIssuerCertificate(x509Certificate, keyStore);
        if (issuerCertificate != null) {
            return issuerCertificate;
        }
        KeyStore keyStore2 = atomicReference.get();
        if (keyStore2 == null) {
            if (JVM_DEFAULT_CACERTS_FILE == null) {
                atomicReference2.set(issuerDN);
                return null;
            }
            for (String str : new String[]{SslConfigurationDefaults.KEYSTORE_TYPE, "PKCS12"}) {
                KeyStore keyStore3 = KeyStore.getInstance(str);
                try {
                    FileInputStream fileInputStream = new FileInputStream(JVM_DEFAULT_CACERTS_FILE);
                    Throwable th = null;
                    try {
                        keyStore3.load(fileInputStream, null);
                        keyStore2 = keyStore3;
                        atomicReference.set(keyStore2);
                        if (fileInputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileInputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileInputStream.close();
                            }
                        }
                        break;
                    } finally {
                    }
                } catch (Exception e) {
                    Debug.debugException(e);
                }
            }
        }
        if (keyStore2 != null) {
            issuerCertificate = getIssuerCertificate(x509Certificate, keyStore2);
        }
        if (issuerCertificate == null) {
            atomicReference2.set(issuerDN);
        }
        return issuerCertificate;
    }

    private static X509Certificate getIssuerCertificate(X509Certificate x509Certificate, KeyStore keyStore) throws Exception {
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            Certificate[] certificateArr = null;
            if (hasCertificateAlias(keyStore, nextElement)) {
                Certificate certificate = keyStore.getCertificate(nextElement);
                if (certificate == null) {
                    continue;
                } else {
                    certificateArr = new Certificate[]{certificate};
                }
            } else if (hasKeyAlias(keyStore, nextElement)) {
                certificateArr = keyStore.getCertificateChain(nextElement);
            }
            if (certificateArr != null) {
                for (Certificate certificate2 : certificateArr) {
                    X509Certificate x509Certificate2 = new X509Certificate(certificate2.getEncoded());
                    if (x509Certificate2.isIssuerFor(x509Certificate)) {
                        return x509Certificate2;
                    }
                }
            } else {
                continue;
            }
        }
        return null;
    }

    private static byte[] getAuthorityKeyIdentifier(X509Certificate x509Certificate) {
        for (X509CertificateExtension x509CertificateExtension : x509Certificate.getExtensions()) {
            if (x509CertificateExtension instanceof AuthorityKeyIdentifierExtension) {
                AuthorityKeyIdentifierExtension authorityKeyIdentifierExtension = (AuthorityKeyIdentifierExtension) x509CertificateExtension;
                if (authorityKeyIdentifierExtension.getKeyIdentifier() != null) {
                    return authorityKeyIdentifierExtension.getKeyIdentifier().getValue();
                }
            }
        }
        return null;
    }

    static void writeKeystore(KeyStore keyStore, File file, char[] cArr) throws LDAPException {
        FileOutputStream fileOutputStream;
        if (!file.exists()) {
            try {
                fileOutputStream = new FileOutputStream(file);
                Throwable th = null;
                try {
                    try {
                        keyStore.store(fileOutputStream, cArr);
                        if (fileOutputStream != null) {
                            if (0 != 0) {
                                try {
                                    fileOutputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileOutputStream.close();
                            }
                        }
                        return;
                    } catch (Throwable th3) {
                        th = th3;
                        throw th3;
                    }
                } finally {
                    if (fileOutputStream != null) {
                        if (th != null) {
                            try {
                                fileOutputStream.close();
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                            }
                        } else {
                            fileOutputStream.close();
                        }
                    }
                }
            } catch (Exception e) {
                Debug.debugException(e);
                throw new LDAPException(ResultCode.LOCAL_ERROR, CertMessages.ERR_MANAGE_CERTS_WRITE_KS_ERROR_WRITING_TO_NEW_FILE.get(file.getAbsolutePath(), StaticUtils.getExceptionMessage(e)), e);
            }
        }
        String encodeGeneralizedTime = StaticUtils.encodeGeneralizedTime(System.currentTimeMillis());
        File file2 = new File(file.getAbsolutePath() + ".new-" + encodeGeneralizedTime);
        try {
            fileOutputStream = new FileOutputStream(file2);
            Throwable th5 = null;
            try {
                try {
                    keyStore.store(fileOutputStream, cArr);
                    if (fileOutputStream != null) {
                        if (0 != 0) {
                            try {
                                fileOutputStream.close();
                            } catch (Throwable th6) {
                                th5.addSuppressed(th6);
                            }
                        } else {
                            fileOutputStream.close();
                        }
                    }
                    File file3 = new File(file.getAbsolutePath() + ".old-" + encodeGeneralizedTime);
                    if (!file.renameTo(file3)) {
                        throw new LDAPException(ResultCode.LOCAL_ERROR, CertMessages.ERR_MANAGE_CERTS_WRITE_KS_ERROR_RENAMING_EXISTING_FILE.get(file.getAbsolutePath(), file3.getAbsolutePath(), file2.getAbsolutePath()));
                    }
                    if (!file2.renameTo(file)) {
                        throw new LDAPException(ResultCode.LOCAL_ERROR, CertMessages.ERR_MANAGE_CERTS_WRITE_KS_ERROR_RENAMING_NEW_FILE.get(file2.getAbsolutePath(), file.getAbsolutePath(), file3.getAbsolutePath()));
                    }
                    if (!file3.delete()) {
                        throw new LDAPException(ResultCode.LOCAL_ERROR, CertMessages.ERR_MANAGE_CERTS_WRITE_KS_ERROR_DELETING_FILE.get(file3.getAbsolutePath()));
                    }
                } catch (Throwable th7) {
                    th5 = th7;
                    throw th7;
                }
            } finally {
            }
        } catch (Exception e2) {
            Debug.debugException(e2);
            throw new LDAPException(ResultCode.LOCAL_ERROR, CertMessages.ERR_MANAGE_CERTS_WRITE_KS_ERROR_WRITING_TO_TEMP_FILE.get(file2.getAbsolutePath(), StaticUtils.getExceptionMessage(e2)), e2);
        }
    }

    private static boolean hasCertificateAlias(KeyStore keyStore, String str) {
        try {
            return keyStore.isCertificateEntry(str);
        } catch (Exception e) {
            Debug.debugException(e);
            return false;
        }
    }

    private static boolean hasKeyAlias(KeyStore keyStore, String str) {
        try {
            return keyStore.isKeyEntry(str);
        } catch (Exception e) {
            Debug.debugException(e);
            return false;
        }
    }

    private static void addExtensionArguments(List<String> list, BasicConstraintsExtension basicConstraintsExtension, KeyUsageExtension keyUsageExtension, ExtendedKeyUsageExtension extendedKeyUsageExtension, Set<String> set, Set<String> set2, List<X509CertificateExtension> list2) {
        if (basicConstraintsExtension != null) {
            StringBuilder sb = new StringBuilder();
            sb.append("ca:");
            sb.append(basicConstraintsExtension.isCA());
            if (basicConstraintsExtension.getPathLengthConstraint() != null) {
                sb.append(",pathlen:");
                sb.append(basicConstraintsExtension.getPathLengthConstraint());
            }
            list.add("-ext");
            list.add("BasicConstraints=" + ((Object) sb));
        }
        if (keyUsageExtension != null) {
            StringBuilder sb2 = new StringBuilder();
            if (keyUsageExtension.isDigitalSignatureBitSet()) {
                commaAppend(sb2, "digitalSignature");
            }
            if (keyUsageExtension.isNonRepudiationBitSet()) {
                commaAppend(sb2, "nonRepudiation");
            }
            if (keyUsageExtension.isKeyEnciphermentBitSet()) {
                commaAppend(sb2, "keyEncipherment");
            }
            if (keyUsageExtension.isDataEnciphermentBitSet()) {
                commaAppend(sb2, "dataEncipherment");
            }
            if (keyUsageExtension.isKeyAgreementBitSet()) {
                commaAppend(sb2, "keyAgreement");
            }
            if (keyUsageExtension.isKeyCertSignBitSet()) {
                commaAppend(sb2, "keyCertSign");
            }
            if (keyUsageExtension.isCRLSignBitSet()) {
                commaAppend(sb2, "cRLSign");
            }
            if (keyUsageExtension.isEncipherOnlyBitSet()) {
                commaAppend(sb2, "encipherOnly");
            }
            if (keyUsageExtension.isEncipherOnlyBitSet()) {
                commaAppend(sb2, "decipherOnly");
            }
            list.add("-ext");
            list.add("KeyUsage=" + ((Object) sb2));
        }
        if (extendedKeyUsageExtension != null) {
            StringBuilder sb3 = new StringBuilder();
            for (OID oid : extendedKeyUsageExtension.getKeyPurposeIDs()) {
                ExtendedKeyUsageID forOID = ExtendedKeyUsageID.forOID(oid);
                if (forOID != null) {
                    switch (forOID) {
                        case TLS_SERVER_AUTHENTICATION:
                            commaAppend(sb3, "serverAuth");
                            break;
                        case TLS_CLIENT_AUTHENTICATION:
                            commaAppend(sb3, "clientAuth");
                            break;
                        case CODE_SIGNING:
                            commaAppend(sb3, "codeSigning");
                            break;
                        case EMAIL_PROTECTION:
                            commaAppend(sb3, "emailProtection");
                            break;
                        case TIME_STAMPING:
                            commaAppend(sb3, "timeStamping");
                            break;
                        case OCSP_SIGNING:
                            commaAppend(sb3, "OCSPSigning");
                            break;
                        default:
                            commaAppend(sb3, forOID.getOID().toString());
                            break;
                    }
                } else {
                    commaAppend(sb3, oid.toString());
                }
            }
            list.add("-ext");
            list.add("ExtendedKeyUsage=" + ((Object) sb3));
        }
        if (!set.isEmpty()) {
            StringBuilder sb4 = new StringBuilder();
            Iterator<String> it = set.iterator();
            while (it.hasNext()) {
                commaAppend(sb4, it.next());
            }
            list.add("-ext");
            list.add("SAN=" + ((Object) sb4));
        }
        if (!set2.isEmpty()) {
            StringBuilder sb5 = new StringBuilder();
            Iterator<String> it2 = set2.iterator();
            while (it2.hasNext()) {
                commaAppend(sb5, it2.next());
            }
            list.add("-ext");
            list.add("IAN=" + ((Object) sb5));
        }
        for (X509CertificateExtension x509CertificateExtension : list2) {
            list.add("-ext");
            if (x509CertificateExtension.isCritical()) {
                list.add(x509CertificateExtension.getOID().toString() + ":critical=" + toColonDelimitedHex(x509CertificateExtension.getValue()));
            } else {
                list.add(x509CertificateExtension.getOID().toString() + '=' + toColonDelimitedHex(x509CertificateExtension.getValue()));
            }
        }
    }

    private static void commaAppend(StringBuilder sb, String str) {
        if (sb.length() > 0) {
            sb.append(',');
        }
        sb.append(str);
    }

    @Override // com.unboundid.util.CommandLineTool
    public LinkedHashMap<String[], String> getExampleUsages() {
        String platformSpecificPath = getPlatformSpecificPath("config", "keystore");
        String platformSpecificPath2 = getPlatformSpecificPath("config", "keystore.pin");
        String platformSpecificPath3 = getPlatformSpecificPath("config", "server-cert-private-key.pin");
        String platformSpecificPath4 = getPlatformSpecificPath("server-cert.crt");
        String platformSpecificPath5 = getPlatformSpecificPath("server-cert.private-key");
        String platformSpecificPath6 = getPlatformSpecificPath("server-cert.csr");
        LinkedHashMap<String[], String> linkedHashMap = new LinkedHashMap<>(20);
        linkedHashMap.put(new String[]{"list-certificates", "--keystore", platformSpecificPath, "--keystore-password-file", platformSpecificPath2, "--verbose", "--display-keytool-command"}, CertMessages.INFO_MANAGE_CERTS_EXAMPLE_LIST_1.get(platformSpecificPath));
        linkedHashMap.put(new String[]{"export-certificate", "--keystore", platformSpecificPath, "--keystore-password-file", platformSpecificPath2, BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "server-cert", "--output-file", platformSpecificPath4, "--output-format", "PEM", "--verbose", "--display-keytool-command"}, CertMessages.INFO_MANAGE_CERTS_EXAMPLE_EXPORT_CERT_1.get(platformSpecificPath, platformSpecificPath4));
        linkedHashMap.put(new String[]{"export-private-key", "--keystore", platformSpecificPath, "--keystore-password-file", platformSpecificPath2, "--private-key-password-file", platformSpecificPath3, BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "server-cert", "--output-file", platformSpecificPath5, "--output-format", "PEM", "--verbose", "--display-keytool-command"}, CertMessages.INFO_MANAGE_CERTS_EXAMPLE_EXPORT_KEY_1.get(platformSpecificPath, platformSpecificPath5));
        linkedHashMap.put(new String[]{"import-certificate", "--keystore", platformSpecificPath, "--keystore-type", SslConfigurationDefaults.KEYSTORE_TYPE, "--keystore-password-file", platformSpecificPath2, BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "server-cert", "--certificate-file", platformSpecificPath4, "--private-key-file", platformSpecificPath5, "--display-keytool-command"}, CertMessages.INFO_MANAGE_CERTS_EXAMPLE_IMPORT_1.get(platformSpecificPath4, platformSpecificPath5, platformSpecificPath));
        linkedHashMap.put(new String[]{"delete-certificate", "--keystore", platformSpecificPath, "--keystore-password-file", platformSpecificPath2, BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "server-cert"}, CertMessages.INFO_MANAGE_CERTS_EXAMPLE_DELETE_1.get(platformSpecificPath));
        linkedHashMap.put(new String[]{"generate-self-signed-certificate", "--keystore", platformSpecificPath, "--keystore-type", "PKCS12", "--keystore-password-file", platformSpecificPath2, BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "ca-cert", "--subject-dn", "CN=Example Authority,O=Example Corporation,C=US", "--days-valid", "7300", "--validity-start-time", "20170101000000", "--key-algorithm", "RSA", "--key-size-bits", "4096", "--signature-algorithm", "SHA256withRSA", "--basic-constraints-is-ca", "true", "--key-usage", "key-cert-sign", "--key-usage", "crl-sign", "--display-keytool-command"}, CertMessages.INFO_MANAGE_CERTS_EXAMPLE_GEN_CERT_1.get(platformSpecificPath));
        linkedHashMap.put(new String[]{"generate-certificate-signing-request", "--keystore", platformSpecificPath, "--keystore-type", "PKCS12", "--keystore-password-file", platformSpecificPath2, "--output-file", platformSpecificPath6, BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "server-cert", "--subject-dn", "CN=ldap.example.com,O=Example Corporation,C=US", "--key-algorithm", "EC", "--key-size-bits", "256", "--signature-algorithm", "SHA256withECDSA", "--subject-alternative-name-dns", "ldap1.example.com", "--subject-alternative-name-dns", "ldap2.example.com", "--extended-key-usage", "server-auth", "--extended-key-usage", "client-auth", "--display-keytool-command"}, CertMessages.INFO_MANAGE_CERTS_EXAMPLE_GEN_CSR_1.get(platformSpecificPath, platformSpecificPath6));
        linkedHashMap.put(new String[]{"generate-certificate-signing-request", "--keystore", platformSpecificPath, "--keystore-password-file", platformSpecificPath2, BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "server-cert", "--replace-existing-certificate", "--inherit-extensions", "--display-keytool-command"}, CertMessages.INFO_MANAGE_CERTS_EXAMPLE_GEN_CSR_2.get(platformSpecificPath));
        linkedHashMap.put(new String[]{"sign-certificate-signing-request", "--keystore", platformSpecificPath, "--keystore-password-file", platformSpecificPath2, "--request-input-file", platformSpecificPath6, "--certificate-output-file", platformSpecificPath4, BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "ca-cert", "--days-valid", "730", "--include-requested-extensions", "--display-keytool-command"}, CertMessages.INFO_MANAGE_CERTS_EXAMPLE_SIGN_CERT_1.get(platformSpecificPath, platformSpecificPath6, platformSpecificPath4));
        linkedHashMap.put(new String[]{"change-certificate-alias", "--keystore", platformSpecificPath, "--keystore-password-file", platformSpecificPath2, "--current-alias", "server-cert", "--new-alias", "server-certificate", "--display-keytool-command"}, CertMessages.INFO_MANAGE_CERTS_EXAMPLE_CHANGE_ALIAS_1.get(platformSpecificPath, platformSpecificPath6, platformSpecificPath4));
        linkedHashMap.put(new String[]{"change-keystore-password", "--keystore", getPlatformSpecificPath("config", "keystore"), "--current-keystore-password-file", getPlatformSpecificPath("config", "current.pin"), "--new-keystore-password-file", getPlatformSpecificPath("config", "new.pin"), "--display-keytool-command"}, CertMessages.INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_EXAMPLE_1.get(getPlatformSpecificPath("config", "keystore"), getPlatformSpecificPath("config", "current.pin"), getPlatformSpecificPath("config", "new.pin")));
        linkedHashMap.put(new String[]{"trust-server-certificate", SelfSignedCertificateGenerator.CommandLineArgs.HOSTNAME, "ldap.example.com", "--port", "636", "--keystore", platformSpecificPath, "--keystore-password-file", platformSpecificPath2, BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "ldap.example.com:636"}, CertMessages.INFO_MANAGE_CERTS_EXAMPLE_TRUST_SERVER_1.get(platformSpecificPath));
        linkedHashMap.put(new String[]{"check-certificate-usability", "--keystore", platformSpecificPath, "--keystore-password-file", platformSpecificPath2, BasicKeystoreKeyStrategyTool.CommandLineArgs.KEY_ALIAS, "server-cert"}, CertMessages.INFO_MANAGE_CERTS_EXAMPLE_CHECK_USABILITY_1.get(platformSpecificPath));
        linkedHashMap.put(new String[]{"display-certificate-file", "--certificate-file", platformSpecificPath4, "--verbose", "--display-keytool-command"}, CertMessages.INFO_MANAGE_CERTS_EXAMPLE_DISPLAY_CERT_1.get(platformSpecificPath));
        linkedHashMap.put(new String[]{"display-certificate-signing-request-file", "--certificate-signing-request-file", platformSpecificPath6, "--display-keytool-command"}, CertMessages.INFO_MANAGE_CERTS_EXAMPLE_DISPLAY_CSR_1.get(platformSpecificPath));
        linkedHashMap.put(new String[]{"--help-subcommands"}, CertMessages.INFO_MANAGE_CERTS_EXAMPLE_HELP_SUBCOMMANDS_1.get(platformSpecificPath));
        return linkedHashMap;
    }

    static {
        File file;
        try {
            file = JVMDefaultTrustManager.getInstance().getCACertsFile();
        } catch (Exception e) {
            Debug.debugException(e);
            file = null;
        }
        JVM_DEFAULT_CACERTS_FILE = file;
        PROPERTY_DEFAULT_KEYSTORE_TYPE = ManageCertificates.class.getName() + ".defaultKeystoreType";
        String property = System.getProperty(PROPERTY_DEFAULT_KEYSTORE_TYPE);
        if (property == null || !(property.equalsIgnoreCase("PKCS12") || property.equalsIgnoreCase("PKCS#12") || property.equalsIgnoreCase("PKCS #12") || property.equalsIgnoreCase("PKCS 12"))) {
            DEFAULT_KEYSTORE_TYPE = SslConfigurationDefaults.KEYSTORE_TYPE;
        } else {
            DEFAULT_KEYSTORE_TYPE = "PKCS12";
        }
        WRAP_COLUMN = StaticUtils.TERMINAL_WIDTH_COLUMNS - 1;
    }
}
