package com.ibm.gsk.ikeyman.basic;

import com.ibm.rmi.util.Utility;
import com.ibm.security.pkcs8.PrivateKeyInfo;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.text.MessageFormat;
import java.util.Enumeration;
import java.util.Random;
import java.util.Vector;

/* loaded from: input_file:efixes/PK19794_Linux_i386/components/prereq.jdk/update.jar:/java/jre/lib/ext/gskikm.jar:com/ibm/gsk/ikeyman/basic/CryptographicToken.class */
public class CryptographicToken {
    private static boolean isInitialized = false;
    private static String moduleName = null;
    private static Vector tokenLabelList = null;
    private static boolean isAnyPasswordRequired = false;
    private String label;
    private boolean isPasswordRequired;
    private String password;
    private boolean isOpen;
    private Vector personalKeyLabelList;
    private Vector requestKeyLabelList;
    private Vector signerKeyLabelList;

    public static native int c_GetCryptoTokenLabelList(String str);

    public static native boolean c_IsPasswordRequired(String str, String str2);

    public native int c_BuildKeyLabelList(String str, String str2, String str3);

    public native int c_ChangeKeyDbPwd(String str, String str2, String str3, String str4);

    public native int c_ReceivePersonalCertificate(String str, String str2, String str3, String str4, String str5, String str6, boolean z);

    public native boolean c_IsPersonalCertificateRenewal(String str, String str2, String str3, int i, byte[] bArr);

    public native int c_RenewPersonalCertificate(String str, String str2, String str3, int i, byte[] bArr);

    public native int c_DeleteKeyItemByLabel(String str, String str2, String str3, String str4, boolean z);

    public native KeyItem c_GetKeyItemByLabel(String str, String str2, String str3, String str4, boolean z);

    public native int c_ImportCertificate(String str, String str2, String str3, String str4, String str5, String str6, int i, byte[] bArr, int i2, byte[] bArr2);

    public native int c_ImportPersonalCertificateRequest(String str, String str2, String str3, String str4, int i, byte[] bArr, int i2, byte[] bArr2);

    public native int c_RecreatePersonalCertificateRequest(String str, String str2, String str3, String str4, int i, String str5);

    public native int c_CreateSelfSignedCertificate(String str, String str2, String str3, int i, String str4, int i2, DNItem dNItem, int i3, int i4);

    public native int c_ExtractCertificate(String str, String str2, String str3, String str4, String str5, boolean z);

    public native int c_CreatePersonalCertificateRequest(String str, String str2, String str3, String str4, int i, DNItem dNItem, int i2, String str5);

    public native int c_ExtractPersonalCertificateRequest(String str, String str2, String str3, String str4, String str5);

    public native int c_AddSignerCertificate(String str, String str2, String str3, String str4, String str5, boolean z);

    public static void init() throws KMException {
        isInitialized = false;
        moduleName = null;
        tokenLabelList = null;
        isAnyPasswordRequired = false;
        if (isInitialized) {
            return;
        }
        moduleName = KMSystem.getInitSetting("DEFAULT_CRYPTOGRAPHIC_MODULE");
        if (moduleName != null && moduleName.length() == 0) {
            moduleName = null;
        }
        if (moduleName == null || !KMSystem.isJNIEnabled()) {
            return;
        }
        tokenLabelList = new Vector();
        int c_GetCryptoTokenLabelList = c_GetCryptoTokenLabelList(moduleName);
        if (c_GetCryptoTokenLabelList != 0) {
            String errKey = CMSKeyDatabaseException.getErrKey(c_GetCryptoTokenLabelList);
            KMException kMException = new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_INITIALIZATION_FAILED"), errKey);
            if (errKey.equals("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_LIBRARY_NOT_LOADED")) {
                String format = MessageFormat.format(KMSystem.getNLSErrString(errKey), new Object[]{moduleName});
                kMException.setNLSErrString(format);
                IkeymanLogger.error("CryptographicToken", "init() Line 234", new StringBuffer().append("The cryptographic token library was not loaded. ").append(format).toString());
            }
            IkeymanLogger.error("CryptographicToken", "init() Line 237", new StringBuffer().append("The cryptographic token initialisation failed., CryptographicToken.moduleName=").append(moduleName).toString());
            throw kMException;
        }
        int i = 0;
        while (true) {
            if (i >= tokenLabelList.size()) {
                break;
            }
            if (c_IsPasswordRequired(moduleName, (String) tokenLabelList.elementAt(i))) {
                isAnyPasswordRequired = true;
                break;
            }
            i++;
        }
        isInitialized = true;
    }

    public static void refresh() throws KMException {
        tokenLabelList = new Vector();
        int c_GetCryptoTokenLabelList = c_GetCryptoTokenLabelList(moduleName);
        if (c_GetCryptoTokenLabelList != 0) {
            KMException kMException = new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_INITIALIZATION_FAILED"), CMSKeyDatabaseException.getErrKey(c_GetCryptoTokenLabelList));
            IkeymanLogger.error("CryptographicToken", "refresh() Line 256", new StringBuffer().append("The cryptographic token initialisation failed during refresh., CryptographicToken.moduleName=").append(moduleName).toString());
            throw kMException;
        }
    }

    public static void init(String str) throws KMException {
        isInitialized = false;
        moduleName = null;
        tokenLabelList = null;
        isAnyPasswordRequired = false;
        if (isInitialized) {
            return;
        }
        moduleName = str;
        if (moduleName == null || !KMSystem.isJNIEnabled()) {
            return;
        }
        KMUtil.debugMsg(new StringBuffer().append("CryptographicToken::init(String) 00010, moduleName=").append(str).toString());
        tokenLabelList = new Vector();
        int c_GetCryptoTokenLabelList = c_GetCryptoTokenLabelList(moduleName);
        if (c_GetCryptoTokenLabelList != 0) {
            String errKey = CMSKeyDatabaseException.getErrKey(c_GetCryptoTokenLabelList);
            KMException kMException = new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_INITIALIZATION_FAILED"), errKey);
            IkeymanLogger.error("CryptographicToken", "init(String) line 303", new StringBuffer().append("The cryptographic token initialisation failed. CryptographicToken.moduleName=").append(moduleName).toString());
            if (errKey.equals("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_LIBRARY_NOT_LOADED")) {
                String format = MessageFormat.format(KMSystem.getNLSErrString(errKey), new Object[]{moduleName});
                kMException.setNLSErrString(format);
                IkeymanLogger.error("CryptographicToken", "init(String) line 312", new StringBuffer().append("The cryptographic token library was not loaded during initialisation. ").append(format).toString());
            }
            throw kMException;
        }
        int i = 0;
        while (true) {
            if (i >= tokenLabelList.size()) {
                break;
            }
            if (c_IsPasswordRequired(moduleName, (String) tokenLabelList.elementAt(i))) {
                isAnyPasswordRequired = true;
                break;
            }
            i++;
        }
        isInitialized = true;
    }

    public static String getCryptographicModuleName() {
        KMUtil.debugMsg(new StringBuffer().append("CryptographicToken::getCryptographicModuleName(), moduleName=").append(moduleName).toString());
        return moduleName;
    }

    public static void addTokenLabel(String str) {
        if (str != null) {
            if (tokenLabelList == null) {
                tokenLabelList = new Vector();
            }
            tokenLabelList.addElement(str);
        }
    }

    public static boolean exists() throws KMException {
        if (isInitialized) {
            return tokenLabelList != null && tokenLabelList.size() > 0;
        }
        throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_INITIALIZED"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_INITIALIZED");
    }

    public static boolean tokenLabelExists(String str) throws KMException {
        if (!isInitialized) {
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_INITIALIZED"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_INITIALIZED");
        }
        boolean z = false;
        if (exists()) {
            int i = 0;
            while (true) {
                if (i >= tokenLabelList.size()) {
                    break;
                }
                if (str.equals(tokenLabelList.elementAt(i))) {
                    z = true;
                    break;
                }
                i++;
            }
        }
        return z;
    }

    public static Vector getTokenLabelList() throws KMException {
        if (isInitialized) {
            return tokenLabelList;
        }
        throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_INITIALIZED"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_INITIALIZED");
    }

    public static boolean isAnyPasswordRequired() throws KMException {
        if (isInitialized) {
            return isAnyPasswordRequired;
        }
        throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_INITIALIZED"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_INITIALIZED");
    }

    public CryptographicToken(String str) throws KMException {
        this.label = null;
        this.isPasswordRequired = false;
        this.password = null;
        this.isOpen = false;
        this.personalKeyLabelList = null;
        this.requestKeyLabelList = null;
        this.signerKeyLabelList = null;
        if (!isInitialized) {
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_INITIALIZED"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_INITIALIZED");
        }
        this.label = str;
        if (!tokenLabelExists(str)) {
            throw buildNewKMException("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_LABEL_NOT_EXIST", "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_LABEL_NOT_EXIST");
        }
        this.isPasswordRequired = c_IsPasswordRequired(moduleName, this.label);
        this.password = null;
        this.isOpen = false;
        this.personalKeyLabelList = null;
        this.requestKeyLabelList = null;
        this.signerKeyLabelList = null;
    }

    public boolean isPasswordRequired() {
        return this.isPasswordRequired;
    }

    public boolean isOpen() {
        KMUtil.debugMsg(new StringBuffer().append("CryptographicToken::isOpen(), isOpen=").append(this.isOpen).toString());
        return this.isOpen;
    }

    public void open() throws KMException {
        open(null);
    }

    public void open(String str) throws KMException {
        if (isOpen()) {
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_ALREADY_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_ALREADY_OPEN");
        }
        if (isPasswordRequired() && str == null) {
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_PASSWORD_REQUIRED"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_PASSWORD_REQUIRED");
        }
        if (!isPasswordRequired() && str != null) {
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_PASSWORD_NOT_REQUIRED"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_PASSWORD_NOT_REQUIRED");
        }
        this.password = str;
        try {
            buildKeyLabelList();
            this.isOpen = true;
        } catch (KMException e) {
            this.password = null;
            throw buildNewKMException("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_OPEN_FAILED", e.getErrCodeName());
        }
    }

    private void buildKeyLabelList() throws KMException {
        this.personalKeyLabelList = new Vector();
        this.requestKeyLabelList = new Vector();
        this.signerKeyLabelList = new Vector();
        int c_BuildKeyLabelList = c_BuildKeyLabelList(moduleName, this.label, this.password);
        if (c_BuildKeyLabelList != 0) {
            String errKey = CMSKeyDatabaseException.getErrKey(c_BuildKeyLabelList);
            IkeymanLogger.error("CryptographicToken", "buildKeyLabelList() Line 566", new StringBuffer().append("There was an error building the key label list. CryptographicToken.moduleName=").append(moduleName).append(" label=").append(this.label).append(" password=").append(this.password).toString());
            throw new KMException(KMSystem.getNLSErrString(errKey), errKey);
        }
    }

    public void close() throws KMException {
        if (!isOpen()) {
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN");
        }
        this.password = null;
        this.personalKeyLabelList = null;
        this.requestKeyLabelList = null;
        this.signerKeyLabelList = null;
        this.isOpen = false;
    }

    public void changePassword(String str) throws KMException {
        if (!isOpen()) {
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN");
        }
        if (!isPasswordRequired()) {
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_PASSWORD_NOT_REQUIRED"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_PASSWORD_NOT_REQUIRED");
        }
        int c_ChangeKeyDbPwd = c_ChangeKeyDbPwd(moduleName, this.label, this.password, str);
        if (c_ChangeKeyDbPwd != 0) {
            throw buildNewKMException("GSKKM_ERR_CMN_PWDCHG", CMSKeyDatabaseException.getErrKey(c_ChangeKeyDbPwd));
        }
        this.password = str;
    }

    public String getLabel() {
        return this.label;
    }

    public Vector getPersonalKeyLabelList() throws KMException {
        if (isOpen()) {
            return this.personalKeyLabelList;
        }
        throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN");
    }

    public Vector getRequestKeyLabelList() throws KMException {
        if (isOpen()) {
            return this.requestKeyLabelList;
        }
        throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN");
    }

    public Vector getSignerKeyLabelList() throws KMException {
        if (isOpen()) {
            return this.signerKeyLabelList;
        }
        throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN");
    }

    public void receivePersonalCertificate(String str, boolean z) throws KMException {
        receivePersonalCertificate((KeyDatabase) null, str, z);
    }

    public void receivePersonalCertificate(KeyDatabase keyDatabase, String str, boolean z) throws KMException {
        KMUtil.debugMsg("CryptographicToken::receivePersonalCertificate(3 args) 0000");
        if (!isOpen()) {
            KMUtil.debugMsg("CryptographicToken::receivePersonalCertificate(3 args) 9999-1");
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN");
        }
        if (keyDatabase != null && keyDatabase.getType() != 1) {
            KMUtil.debugMsg("CryptographicToken::receivePersonalCertificate(3 args) 9999-2");
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_INVALID_TYPE"), "GSKKM_ERR_CMN_KEYDB_INVALID_TYPE");
        }
        String str2 = null;
        String str3 = null;
        if (keyDatabase != null) {
            str2 = keyDatabase.getKeyDbFileName();
            str3 = keyDatabase.getKeyDbPwd();
        }
        int c_ReceivePersonalCertificate = c_ReceivePersonalCertificate(moduleName, this.label, this.password, str2, str3, str, z);
        if (c_ReceivePersonalCertificate != 0) {
            if (c_ReceivePersonalCertificate == 146) {
                KMUtil.debugMsg("CryptographicToken::receivePersonalCertificate(3 args) 9999-3");
                throw buildNewKMException("GSKKM_ERR_ADD_ROOTCA_FIRST_RECEIVE", CMSKeyDatabaseException.getErrKey(c_ReceivePersonalCertificate));
            }
            KMUtil.debugMsg("CryptographicToken::receivePersonalCertificate(3 args) 9999-4");
            throw buildNewKMException("GSKKM_ERR_CMN_CERT_RECV", CMSKeyDatabaseException.getErrKey(c_ReceivePersonalCertificate));
        }
        try {
            buildKeyLabelList();
            KMUtil.debugMsg("CryptographicToken::receivePersonalCertificate(3 args) 9999");
        } catch (KMException e) {
            throw buildNewKMException("GSKKM_ERR_CMN_CERT_RECV", e.getErrCodeName());
        }
    }

    public void receivePersonalCertificate(KeyStoreManager keyStoreManager, String str, boolean z) throws KMException {
        if (!isOpen()) {
            IkeymanLogger.error("CryptographicToken", "receivePersonalCertificate(KeyStoreManager,String,boolean) Line 773", new StringBuffer().append("There was an error while receiving a personal certificate because the cryptographic token was not open.  inputCertFileName: ").append(str).toString());
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN");
        }
        if (keyStoreManager != null && keyStoreManager.getType() != 1) {
            IkeymanLogger.error("CryptographicToken", "receivePersonalCertificate(KeyStoreManager,String,boolean) Line 784", new StringBuffer().append("There was an error while receiving a personal certificate because the secondary key database type was not CMS; it was ").append(keyStoreManager.getType()).toString());
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_INVALID_TYPE"), "GSKKM_ERR_CMN_KEYDB_INVALID_TYPE");
        }
        String str2 = null;
        String str3 = null;
        if (keyStoreManager != null) {
            str2 = keyStoreManager.getKeyDbFileName();
            str3 = keyStoreManager.getKeyDbPwd();
        }
        int c_ReceivePersonalCertificate = c_ReceivePersonalCertificate(moduleName, this.label, this.password, str2, str3, str, z);
        if (c_ReceivePersonalCertificate != 0) {
            IkeymanLogger.error("CryptographicToken", "receivePersonalCertificate(KeyStoreManager,String,boolean) Line 809", new StringBuffer().append("Receiving a personal certificate into the secondary key database was not successful.  These are the variables used:  CryptographicToken.moduleName=").append(moduleName).append(" label=").append(this.label).append(" password=").append(this.password).append(" secondaryKeyDbFileName=").append(str2).append(" secondaryKeyDbFilePassword=").append(str3).append(" inputCertFileName=").append(str).append(" isBase64Armored=").append(z).toString());
            throw buildNewKMException("GSKKM_ERR_CMN_CERT_RECV", CMSKeyDatabaseException.getErrKey(c_ReceivePersonalCertificate));
        }
        try {
            buildKeyLabelList();
        } catch (KMException e) {
            throw buildNewKMException("GSKKM_ERR_CMN_CERT_RECV", e.getErrCodeName());
        }
    }

    public boolean isPersonalCertificateRenewal(String str, boolean z) throws KMException {
        KMUtil.debugMsg(new StringBuffer().append("CryptographicToken::isPersonalCertificateRenewal() 0000, inputCertFileName=").append(str).append(", isBase64Armored=").append(z).toString());
        if (!isOpen()) {
            KMUtil.debugMsg("CryptographicToken::isPersonalCertificateRenewal() 9999-1");
            IkeymanLogger.error("CryptographicToken", "isPersonalCertificateRenewal(String,boolean) Line 860", new StringBuffer().append("The cryptographic token was not open., inputCertFileName=").append(str).append(", isBase64Armored=").append(z).toString());
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN");
        }
        byte[] certBERData = getCertBERData(str, z);
        boolean c_IsPersonalCertificateRenewal = c_IsPersonalCertificateRenewal(moduleName, this.label, this.password, certBERData.length, certBERData);
        KMUtil.debugMsg(new StringBuffer().append("CryptographicToken::isPersonalCertificateRenewal() 9999, retval=").append(c_IsPersonalCertificateRenewal).toString());
        return c_IsPersonalCertificateRenewal;
    }

    private byte[] getCertBERData(String str, boolean z) throws KMException {
        try {
            byte[] cryptoBase64DearmorFileToBuf = z ? cryptoBase64DearmorFileToBuf(str) : cryptoFileToBuf(str);
            if (cryptoBase64DearmorFileToBuf != null && cryptoBase64DearmorFileToBuf.length > 0) {
                return cryptoBase64DearmorFileToBuf;
            }
            IkeymanLogger.error("CryptographicToken", "getCertBERData(String,boolean) Line 913", new StringBuffer().append("Certificate data was invalid., inputCertFileName=").append(str).append(", isBase64Armored=").append(z).toString());
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_INVALID_INPUT"), "GSKKM_ERR_CMN_INVALID_INPUT");
        } catch (SSLightKeyDatabaseException e) {
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_BASE64_INVALID_DATA"), "GSKKM_ERR_BASE64_INVALID_DATA");
        }
    }

    public void renewPersonalCertificate(String str, boolean z) throws KMException {
        if (!isOpen()) {
            IkeymanLogger.error("CryptographicToken", "renewPersonalCertificate(String,boolean) Line 930", new StringBuffer().append("The cryptographic token was not open., inputCertFileName=").append(str).append(", isBase64Armored=").append(z).toString());
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN");
        }
        byte[] certBERData = getCertBERData(str, z);
        int c_RenewPersonalCertificate = c_RenewPersonalCertificate(moduleName, this.label, this.password, certBERData.length, certBERData);
        if (c_RenewPersonalCertificate != 0) {
            throw buildNewKMException("GSKKM_ERR_CMN_RENEW_CERT", CMSKeyDatabaseException.getErrKey(c_RenewPersonalCertificate));
        }
    }

    public void deleteKeyItemByLabel(String str) throws KMException {
        if (!isOpen()) {
            IkeymanLogger.error("CryptographicToken", "deleteKeyItemByLabel(String) Line 962", "Can't delete a certificate or personal certificate request because the cryptographic token is not open.");
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN");
        }
        KeyItem keyItemByLabel = getKeyItemByLabel(str);
        boolean z = false;
        if (this.requestKeyLabelList != null && this.requestKeyLabelList.contains(str)) {
            z = true;
        }
        int c_DeleteKeyItemByLabel = c_DeleteKeyItemByLabel(moduleName, this.label, this.password, str, z);
        if (c_DeleteKeyItemByLabel != 0) {
            throw buildNewKMException("GSKKM_ERR_CMN_KEYDB_KEY_DELETE", CMSKeyDatabaseException.getErrKey(c_DeleteKeyItemByLabel));
        }
        deleteKeyLabel(keyItemByLabel.hasCertificate() ? keyItemByLabel.hasPrivateKey() ? this.personalKeyLabelList : this.signerKeyLabelList : this.requestKeyLabelList, str);
    }

    public KeyItem getKeyItemByLabel(String str) throws KMException {
        if (!isOpen()) {
            IkeymanLogger.error("CryptographicToken", "getKeyItemByLabel(String) Line 1019", "Can't return a certificate or personal certificate request because the cryptographic token is not open.");
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN");
        }
        KeyItem c_GetKeyItemByLabel = c_GetKeyItemByLabel(moduleName, this.label, this.password, str, containsKeyLabel(this.requestKeyLabelList, str));
        if (c_GetKeyItemByLabel == null) {
            throw buildNewKMException("GSKKM_ERR_CMN_KEYDB_GET_KEY_BY_LABEL", "GSKKM_ERR_CMN_KEYDB_GET_KEY_BY_LABEL");
        }
        return c_GetKeyItemByLabel;
    }

    public void importKeyItems(KeyDatabase keyDatabase, String[] strArr) throws KMException {
        importKeyItems((KeyDatabase) null, keyDatabase, strArr, (String[]) null);
    }

    public void importKeyItems(KeyDatabase keyDatabase, String[] strArr, String[] strArr2) throws KMException {
        importKeyItems((KeyDatabase) null, keyDatabase, strArr, strArr2);
    }

    public void importKeyItems(KeyStoreManager keyStoreManager, String[] strArr) throws KMException {
        importKeyItems((KeyStoreManager) null, keyStoreManager, strArr, (String[]) null);
    }

    public void importKeyItems(KeyStoreManager keyStoreManager, String[] strArr, String[] strArr2) throws KMException {
        importKeyItems((KeyStoreManager) null, keyStoreManager, strArr, strArr2);
    }

    public void importKeyItems(KeyDatabase keyDatabase, KeyDatabase keyDatabase2, String[] strArr) throws KMException {
        importKeyItems(keyDatabase, keyDatabase2, strArr, (String[]) null);
    }

    /* JADX WARN: Multi-variable type inference failed */
    public void importKeyItems(KeyDatabase keyDatabase, KeyDatabase keyDatabase2, String[] strArr, String[] strArr2) throws KMException {
        PrivateKeyInfoItem decryptPrivateKey;
        if (!isOpen()) {
            IkeymanLogger.error("CryptographicToken", "importKeyItems(KeyDatabase,KeyDatabase,String[]) Line 1081", "Can't import a certificate or personal certificate request because the cryptographic token is not open.");
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN");
        }
        if (keyDatabase != null && keyDatabase.getType() != 1) {
            IkeymanLogger.error("CryptographicToken", "importKeyItems(KeyDatabase,KeyDatabase,String[]) Line 1091", new StringBuffer().append("The secondary key database ").append(keyDatabase.getKeyDbFileName()).append(" was not a CMS type: ").append(keyDatabase.getType()).toString());
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_INVALID_TYPE"), "GSKKM_ERR_CMN_KEYDB_INVALID_TYPE");
        }
        if (keyDatabase2 == 0 || keyDatabase2.getType() == 0) {
            IkeymanLogger.error("CryptographicToken", "importKeyItems(KeyDatabase,KeyDatabase,String[]) Line 1101", new StringBuffer().append("The source key database ").append(keyDatabase2.getKeyDbFileName()).append(" was an unknown database type: ").append(keyDatabase2.getType()).append(" or was null.").toString());
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_INVALID_TYPE"), "GSKKM_ERR_CMN_KEYDB_INVALID_TYPE");
        }
        if (strArr == null || strArr.length == 0) {
            return;
        }
        String str = null;
        String str2 = null;
        if (keyDatabase != null) {
            str = keyDatabase.getKeyDbFileName();
            str2 = keyDatabase.getKeyDbPwd();
        }
        String keyDbFileName = keyDatabase2.getKeyDbFileName();
        keyDatabase2.getKeyDbPwd();
        for (int i = 0; i < strArr.length; i++) {
            String str3 = strArr2 == null ? strArr[i] : strArr2[i];
            KeyItem keyItemByLabel = ((KeyDatabaseOperator) keyDatabase2).getKeyItemByLabel(strArr[i]);
            if (keyItemByLabel.hasPrivateKey()) {
                switch (keyDatabase2.getType()) {
                    case 1:
                        decryptPrivateKey = ((CMSKeyDatabase) keyDatabase2).decryptPrivateKey(keyItemByLabel.getEncryptedPrivateKeyInfoItem());
                        break;
                    case 2:
                        decryptPrivateKey = ((WEBDBKeyDatabase) keyDatabase2).decryptPrivateKey(keyItemByLabel.getEncryptedPrivateKeyInfoItem());
                        break;
                    default:
                        IkeymanLogger.error("CryptographicToken", "importKeyItems(KeyDatabase,KeyDatabase,String[]) Line 1172", new StringBuffer().append("There was an error converting the private key in the source key database (").append(keyDbFileName).append(") to a cryptographic token.  ").append("The source key database type was invalid: ").append(keyDatabase2.getType()).toString());
                        throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_INVALID_TYPE"), "GSKKM_ERR_CMN_KEYDB_INVALID_TYPE");
                }
                keyItemByLabel.setEncryptedPrivateKeyInfoItem(encryptPrivateKey(decryptPrivateKey));
            }
            if (keyItemByLabel.hasCertificate()) {
                importCertificate(str, str2, keyItemByLabel, str3);
            } else {
                importPersonalCertificateRequest(keyItemByLabel);
            }
        }
    }

    public void importKeyItems(KeyStoreManager keyStoreManager, KeyStoreManager keyStoreManager2, String[] strArr) throws KMException {
        importKeyItems(keyStoreManager, keyStoreManager2, strArr, (String[]) null);
    }

    public void importKeyItems(KeyStoreManager keyStoreManager, KeyStoreManager keyStoreManager2, String[] strArr, String[] strArr2) throws KMException {
        if (!isOpen()) {
            IkeymanLogger.error("CryptographicToken", "importKeyItems(KeyStoreManager,KeyStoreManager,String[]) Line 1202", "Can't import a certificate or personal certificate request because the cryptographic token is not open.");
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN");
        }
        if (keyStoreManager != null && keyStoreManager.getType() != 1) {
            IkeymanLogger.error("CryptographicToken", "importKeyItems(KeyStoreManager,KeyStoreManager,String[]) Line 1212", new StringBuffer().append("The secondary key database ").append(keyStoreManager.getKeyDbFileName()).append(" was not a CMS type: ").append(keyStoreManager.getType()).toString());
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_INVALID_TYPE"), "GSKKM_ERR_CMN_KEYDB_INVALID_TYPE");
        }
        if (keyStoreManager2 == null || keyStoreManager2.getType() == 0) {
            IkeymanLogger.error("CryptographicToken", "importKeyItems(KeyStoreManager,KeyStoreManager,String[]) Line 1222", new StringBuffer().append("The source key database ").append(keyStoreManager2.getKeyDbFileName()).append(" was an unknown database type: ").append(keyStoreManager2.getType()).append(" or was null.").toString());
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_INVALID_TYPE"), "GSKKM_ERR_CMN_KEYDB_INVALID_TYPE");
        }
        if (strArr == null || strArr.length == 0) {
            return;
        }
        String str = null;
        String str2 = null;
        if (keyStoreManager != null) {
            str = keyStoreManager.getKeyDbFileName();
            str2 = keyStoreManager.getKeyDbPwd();
        }
        String keyDbFileName = keyStoreManager2.getKeyDbFileName();
        keyStoreManager2.getKeyDbPwd();
        for (int i = 0; i < strArr.length; i++) {
            String str3 = strArr2 == null ? strArr[i] : strArr2[i];
            KeyItem keyItemByLabel = keyStoreManager2.getKeyItemByLabel(strArr[i]);
            if (keyItemByLabel.hasPrivateKey()) {
                try {
                    keyItemByLabel.setEncryptedPrivateKeyInfoItem(encryptPrivateKey(new PrivateKeyInfoItem(new PrivateKeyInfo(keyStoreManager2.getKeyStoreInstance().getKey(strArr[i], keyStoreManager2.getKeyDbPwd().toCharArray()).getEncoded()).getEncoded())));
                } catch (IOException e) {
                    IkeymanLogger.error("CryptographicToken", "importKeyItems(KeyStoreManager,KeyStoreManager,String[]) Line 1310", new StringBuffer().append("There was an IOException caught while attempting to convert private key to cryptographic token: sourceKeyDbFileName=").append(keyDbFileName).append(" secondaryKeyDbFileName=").append(str).append(" ").append("The key database may have an invalid name, or you don't have permsission to access it.").toString());
                    throw new KeyStoreManagerException(KMSystem.getNLSErrString("GSKKM_ERR_INVALID_KEYDB_NAME"));
                } catch (KeyStoreException e2) {
                    if (!e2.getMessage().equals("User canceled")) {
                        IkeymanLogger.error("CryptographicToken", "importKeyItems(KeyStoreManager,KeyStoreManager,String[]) Line 1341", new StringBuffer().append("There was an Exception caught while attempting to convert private key to cryptographic token: sourceKeyDbFileName=").append(keyDbFileName).append(" secondaryKeyDbFileName=").append(str).toString());
                        throw new KeyStoreManagerException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_KEY_INSERT"));
                    }
                } catch (NoSuchAlgorithmException e3) {
                    IkeymanLogger.error("CryptographicToken", "importKeyItems(KeyStoreManager,KeyStoreManager,String[]) Line 1320", new StringBuffer().append("There was a NoSuchAlgorithmException caught while attempting to convert private key to cryptographic token: sourceKeyDbFileName=").append(keyDbFileName).append(" secondaryKeyDbFileName=").append(str).append(" ").append("The private key may not be a known type.").toString());
                    throw new KeyStoreManagerException(KMSystem.getNLSErrString("GSKKM_ERR_UNDEFINED_KEY_TYPE"));
                } catch (UnrecoverableKeyException e4) {
                    IkeymanLogger.error("CryptographicToken", "importKeyItems(KeyStoreManager,KeyStoreManager,String[]) Line 1330", new StringBuffer().append("There was an UnrecoverableKeyException caught while attempting to convert private key to cryptographic token: sourceKeyDbFileName=").append(keyDbFileName).append(" secondaryKeyDbFileName=").append(str).append("The private key may not be a known type.").toString());
                    throw new KeyStoreManagerException(KMSystem.getNLSErrString("GSKKM_ERR_UNDEFINED_KEY_TYPE"));
                }
            }
            if (keyItemByLabel.hasCertificate()) {
                importCertificate(str, str2, keyItemByLabel, str3);
            } else {
                importPersonalCertificateRequest(keyItemByLabel);
            }
        }
    }

    private void importCertificate(String str, String str2, KeyItem keyItem, String str3) throws KMException {
        if (!isOpen()) {
            IkeymanLogger.error("CryptographicToken", "importCertificate(String,String,KeyItem) Line 1374", "Can't import a certificate because the cryptographic token is not open.");
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN");
        }
        if (keyItem == null || !keyItem.hasCertificate()) {
            IkeymanLogger.error("CryptographicToken", "importCertificate(String,String,KeyItem) Line 1384", "Can't import a certificate because the keyitem is null or doesn't have certificates.");
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_KEY_INSERT"), "GSKKM_ERR_CMN_KEYDB_KEY_INSERT");
        }
        String keyLabel = keyItem.getKeyLabel();
        if (str3 == null) {
            str3 = keyLabel;
        }
        CertificateItem certificateItem = (CertificateItem) keyItem.getCertificateChain().elementAt(0);
        int length = certificateItem.getLength();
        byte[] encoded = certificateItem.getEncoded();
        int i = 0;
        byte[] bArr = null;
        EncryptedPrivateKeyInfoItem encryptedPrivateKeyInfoItem = keyItem.getEncryptedPrivateKeyInfoItem();
        if (encryptedPrivateKeyInfoItem != null) {
            bArr = encryptedPrivateKeyInfoItem.getEncoded();
            i = encryptedPrivateKeyInfoItem.getLength();
        }
        int c_ImportCertificate = c_ImportCertificate(moduleName, this.label, this.password, str, str2, str3, length, encoded, i, bArr);
        if (c_ImportCertificate != 0) {
            IkeymanLogger.error("CryptographicToken", "importCertificate(String,String,KeyItem) Line 1418", new StringBuffer().append("There was an error while importing a certificate.  secondaryKeyDbFileName=").append(str).append(" keyLabel=").append(keyLabel).append(" CryptographicToken.moduleName= ").append(moduleName).append(" label=").append(this.label).toString());
            throw buildNewKMException("GSKKM_ERR_CMN_KEYDB_KEY_INSERT", CMSKeyDatabaseException.getErrKey(c_ImportCertificate));
        }
        if (i > 0) {
            addPersonalKeyLabel(str3);
        } else {
            addSignerKeyLabel(str3);
        }
    }

    private void importPersonalCertificateRequest(KeyItem keyItem) throws KMException {
        if (!isOpen()) {
            IkeymanLogger.error("CryptographicToken", "importPersonalCertificateRequest(KeyItem) Line 1444", "Can't import a personal certificate request because the cryptographic token is not open.");
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN");
        }
        if (keyItem == null) {
            return;
        }
        if (keyItem == null || keyItem.hasCertificate()) {
            IkeymanLogger.error("CryptographicToken", "importPersonalCertificateRequest(KeyItem) Line 1459", "Can't import a personal certificate request because the keyitem is null or has certificates.");
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_KEY_INSERT"), "GSKKM_ERR_CMN_KEYDB_KEY_INSERT");
        }
        String keyLabel = keyItem.getKeyLabel();
        CertificateRequestItem certificateRequestItem = keyItem.getCertificateRequestItem();
        if (certificateRequestItem != null) {
            int length = certificateRequestItem.getLength();
            byte[] encoded = certificateRequestItem.getEncoded();
            int i = 0;
            byte[] bArr = null;
            EncryptedPrivateKeyInfoItem encryptedPrivateKeyInfoItem = keyItem.getEncryptedPrivateKeyInfoItem();
            if (encryptedPrivateKeyInfoItem != null) {
                bArr = encryptedPrivateKeyInfoItem.getEncoded();
                i = encryptedPrivateKeyInfoItem.getLength();
            }
            int c_ImportPersonalCertificateRequest = c_ImportPersonalCertificateRequest(moduleName, this.label, this.password, keyLabel, length, encoded, i, bArr);
            if (c_ImportPersonalCertificateRequest != 0) {
                IkeymanLogger.error("CryptographicToken", "importPersonalCertificateRequest(KeyItem) Line 1493", new StringBuffer().append("There was an error while importing a personal certificate request.  CryptographicToken.moduleName= ").append(moduleName).append(" keyLabel=").append(keyLabel).toString());
                throw buildNewKMException("GSKKM_ERR_CMN_KEYDB_KEY_INSERT", CMSKeyDatabaseException.getErrKey(c_ImportPersonalCertificateRequest));
            }
            addRequestKeyLabel(keyLabel);
        }
    }

    public void importCertificate(KeyItem keyItem) throws KMException {
        importCertificate((KeyDatabase) null, keyItem);
    }

    public void importCertificate(KeyDatabase keyDatabase, KeyItem keyItem) throws KMException {
        if (!isOpen()) {
            IkeymanLogger.error("CryptographicToken", "importCertificate(KeyDatabase,KeyItem) Line 1524", "Can't import a certificate because the cryptographic token is not open.");
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN");
        }
        if (keyDatabase != null && keyDatabase.getType() != 1) {
            IkeymanLogger.error("CryptographicToken", "importCertificate(KeyDatabase,KeyItem) Line 1533", new StringBuffer().append("Can't import a certificate because the key database (").append(keyDatabase.getKeyDbFileName()).append(") is the wrong type:").append(keyDatabase.getType()).toString());
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_INVALID_TYPE"), "GSKKM_ERR_CMN_KEYDB_INVALID_TYPE");
        }
        if (keyItem == null || !keyItem.hasCertificate()) {
            IkeymanLogger.error("CryptographicToken", "importCertificate(KeyDatabase,KeyItem) Line 1544", new StringBuffer().append("Can't import a certificate because the key item (").append(keyItem.getKeyLabel()).append(") has no certificates.").toString());
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_INVALID_TYPE"), "GSKKM_ERR_CMN_KEYDB_INVALID_TYPE");
        }
        String str = null;
        String str2 = null;
        if (keyDatabase != null) {
            str = keyDatabase.getKeyDbFileName();
            str2 = keyDatabase.getKeyDbPwd();
        }
        importCertificate(str, str2, keyItem, null);
    }

    public void importCertificate(KeyStoreManager keyStoreManager, KeyItem keyItem) throws KMException {
        if (!isOpen()) {
            IkeymanLogger.error("CryptographicToken", "importCertificate(KeyStoreManager,KeyItem) Line 1569", "Can't import a certificate because the cryptographic token is not open.");
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN");
        }
        if (keyStoreManager != null && keyStoreManager.getType() != 1) {
            IkeymanLogger.error("CryptographicToken", "importCertificate(KeyStoreManager,KeyItem) Line 1579", new StringBuffer().append("Can't import a certificate because the key database (").append(keyStoreManager.getKeyDbFileName()).append(") is the wrong type:").append(keyStoreManager.getType()).toString());
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_INVALID_TYPE"), "GSKKM_ERR_CMN_KEYDB_INVALID_TYPE");
        }
        if (keyItem == null || !keyItem.hasCertificate()) {
            IkeymanLogger.error("CryptographicToken", "importCertificate(KeyDatabase,KeyItem) Line 1589", new StringBuffer().append("Can't import a certificate because the key item (").append(keyItem.getKeyLabel()).append(") has no certificates.").toString());
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_INVALID_TYPE"), "GSKKM_ERR_CMN_KEYDB_INVALID_TYPE");
        }
        String str = null;
        String str2 = null;
        if (keyStoreManager != null) {
            str = keyStoreManager.getKeyDbFileName();
            str2 = keyStoreManager.getKeyDbPwd();
        }
        importCertificate(str, str2, keyItem, null);
    }

    public String resolveLabelConflict(KeyItem keyItem) throws KMException {
        KeyItem keyItem2;
        DNItem subject;
        if (!isOpen()) {
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN");
        }
        Vector vector = new Vector();
        if (this.personalKeyLabelList != null && this.personalKeyLabelList.size() > 0) {
            Enumeration elements = this.personalKeyLabelList.elements();
            while (elements.hasMoreElements()) {
                String str = (String) elements.nextElement();
                if (str != null && str.length() > 0) {
                    vector.addElement(str);
                }
            }
        }
        if (this.signerKeyLabelList != null && this.signerKeyLabelList.size() > 0) {
            Enumeration elements2 = this.signerKeyLabelList.elements();
            while (elements2.hasMoreElements()) {
                String str2 = (String) elements2.nextElement();
                if (str2 != null && str2.length() > 0) {
                    vector.addElement(str2);
                }
            }
        }
        String keyLabel = keyItem.getKeyLabel();
        if (keyLabel == null) {
            if (keyItem.hasCertificate() && (subject = ((CertificateItem) keyItem.getCertificateChain().elementAt(0)).getSubject()) != null) {
                keyLabel = subject.getCommonName();
            }
            if (keyLabel == null || keyLabel.length() == 0) {
                keyLabel = new StringBuffer().append("Dummy Key Label_").append(Integer.toString(Math.abs(new Random().nextInt()))).toString();
            }
        }
        if (vector != null && vector.contains(keyLabel)) {
            try {
                keyItem2 = getKeyItemByLabel(keyLabel);
            } catch (KMException e) {
                keyItem2 = null;
            }
            if (keyItem2 == null || keyItem.equalsCert(keyItem2)) {
                keyLabel = null;
            } else {
                for (int i = 0; vector.contains(keyLabel) && i < 1000; i++) {
                    keyLabel = new StringBuffer().append(keyLabel).append(Utility.STUB_PREFIX).append(Integer.toString(new Random().nextInt())).toString();
                }
            }
        }
        return keyLabel;
    }

    public EncryptedPrivateKeyInfoItem encryptPrivateKey(PrivateKeyInfoItem privateKeyInfoItem) throws KMException {
        if (!isOpen()) {
            IkeymanLogger.error("CryptographicToken", "encryptPrivateKey(PrivateKeyInfoItem) Line 1744", "Can't encrypt the private key because the cryptographic token is not open.");
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN");
        }
        try {
            return CMSKeyDatabase.encryptPrivateKey(privateKeyInfoItem, moduleName);
        } catch (CMSKeyDatabaseException e) {
            IkeymanLogger.error("CryptographicToken", "encryptPrivateKey(PrivateKeyInfoItem) Line 1760", new StringBuffer().append("There was an error trying to encrypt the private key:  CryptographicToken.moduleName=").append(moduleName).toString());
            throw new KMException(e.getNLSErrString(), e.getErrCodeName());
        }
    }

    public void recreatePersonalCertificateRequest(String str, int i, String str2) throws KMException {
        if (!isOpen()) {
            IkeymanLogger.error("CryptographicToken", "recreatePersonalCertificateRequest(String,int,String) Line 1778", "Can't recreate the personal certficiate request because the cryptographic token is not open.");
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN");
        }
        int c_RecreatePersonalCertificateRequest = c_RecreatePersonalCertificateRequest(moduleName, this.label, this.password, str, i, str2);
        if (c_RecreatePersonalCertificateRequest != 0) {
            IkeymanLogger.error("CryptographicToken", "recreatePersonalCertificateRequest(String,int,String) Line 1794", new StringBuffer().append("There was an error in recreating a personal certficiate request:  CryptographicToken.moduleName=").append(moduleName).append(" label=").append(this.label).append(" ").append(" keyLabel=").append(str).append(" signatureAlg=").append(i).append(" certReqFileName=").append(str2).toString());
            throw buildNewKMException("GSKKM_ERR_CMN_RECREATE_CERTREQ", CMSKeyDatabaseException.getErrKey(c_RecreatePersonalCertificateRequest));
        }
        addRequestKeyLabel(str);
    }

    public void createSelfSignedCertificate(int i, String str, int i2, DNItem dNItem, int i3, int i4) throws KMException {
        if (!isOpen()) {
            IkeymanLogger.error("CryptographicToken", "createSelfSignedCertificate(int,String,int,DNItem,int,int) Line 1820", "Can't create self signed certificate because the cryptographic token is not open.");
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN");
        }
        int c_CreateSelfSignedCertificate = c_CreateSelfSignedCertificate(moduleName, this.label, this.password, i - 1, str, i2, dNItem, i3, i4);
        if (c_CreateSelfSignedCertificate != 0) {
            IkeymanLogger.error("CryptographicToken", "createSelfSignedCertificate(int,String,int,DNItem,int,int) Line 1839", new StringBuffer().append("There was an error in creating a self signed certificate:  CryptographicToken.moduleName=").append(moduleName).append(" label=").append(this.label).append(" ").append(" keyLabel=").append(str).append(" keySize=").append(i2).append("subjectDNItem=").append(dNItem).append("numValidDays=").append(i3).append(" signatureAlg=").append(i4).toString());
            throw buildNewKMException("GSKKM_ERR_CMN_KEYDB_NEW_SSCERT", CMSKeyDatabaseException.getErrKey(c_CreateSelfSignedCertificate));
        }
        addPersonalKeyLabel(str);
    }

    public void extractCertificate(String str, String str2, boolean z) throws KMException {
        if (!isOpen()) {
            IkeymanLogger.error("CryptographicToken", "extractCertificate(String,String,boolean) Line 1857", "Can't extract a certificate because the cryptographic token is not open.");
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN");
        }
        int c_ExtractCertificate = c_ExtractCertificate(moduleName, this.label, this.password, str, str2, z);
        if (c_ExtractCertificate != 0) {
            IkeymanLogger.error("CryptographicToken", "extractCertificate(String,String,boolean) Line 1878", new StringBuffer().append("There was an error in creating a self signed certificate:  CryptographicToken.moduleName=").append(moduleName).append(" label=").append(this.label).append(" ").append(" keyLabel=").append(str).append(" outputCertFileName=").append(str2).append(" isBase64Armored=").append(z).toString());
            throw buildNewKMException("GSKKM_ERR_CMN_KEYREC_EXTRACT_CERT", CMSKeyDatabaseException.getErrKey(c_ExtractCertificate));
        }
    }

    public void createPersonalCertificateRequest(String str, int i, DNItem dNItem, int i2, String str2) throws KMException {
        if (!isOpen()) {
            IkeymanLogger.error("CryptographicToken", "createPersonalCertificateRequest(String,int,DNItem,int,String) Line 1890", "Can't create a personal certificate because the cryptographic token is not open.");
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN");
        }
        int c_CreatePersonalCertificateRequest = c_CreatePersonalCertificateRequest(moduleName, this.label, this.password, str, i, dNItem, i2, str2);
        if (c_CreatePersonalCertificateRequest != 0) {
            IkeymanLogger.error("CryptographicToken", "createPersonalCertificateRequest(String,int,DNItem,int,String) Line 1917", new StringBuffer().append("There was an error while creating a personal certificate request certificate:  CryptographicToken.moduleName=").append(moduleName).append(" label=").append(this.label).append(" keyLabel=").append(str).append(" signatureAlg=").append(i2).append(" certReqFileName=").append(str2).toString());
            throw buildNewKMException("GSKKM_ERR_CMN_KEYDB_NEW_CERTREQ", CMSKeyDatabaseException.getErrKey(c_CreatePersonalCertificateRequest));
        }
        addRequestKeyLabel(str);
    }

    public void extractPersonalCertificateRequest(String str, int i, String str2) throws KMException {
        if (!isOpen()) {
            IkeymanLogger.error("CryptographicToken", "extractPersonalCertificateRequest(String,int,String) Line 1940", "Can't extract a personal certificate request because the cryptographic token is not open.");
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN");
        }
        int c_ExtractPersonalCertificateRequest = c_ExtractPersonalCertificateRequest(moduleName, this.label, this.password, str, str2);
        if (c_ExtractPersonalCertificateRequest != 0) {
            IkeymanLogger.error("CryptographicToken", "extractPersonalCertificateRequest(String,int,String) Line 1955", new StringBuffer().append("There was an error in trying to extract a personal certificate request:  CryptographicToken.moduleName=").append(moduleName).append(" label=").append(this.label).append(" keyLabel=").append(str).append(" outputCertReqFileName=").append(str2).toString());
            throw buildNewKMException("GSKKM_ERR_CMN_RECREATE_CERTREQ", CMSKeyDatabaseException.getErrKey(c_ExtractPersonalCertificateRequest));
        }
    }

    public void addSignerCertificate(String str, String str2, boolean z) throws KMException {
        if (!isOpen()) {
            IkeymanLogger.error("CryptographicToken", "addSignerCertificate(String,String,boolean) Line 1974", "Can't add a signer certificate request because the cryptographic token is not open.");
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN"), "GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_NOT_OPEN");
        }
        int c_AddSignerCertificate = c_AddSignerCertificate(moduleName, this.label, this.password, str, str2, z);
        if (c_AddSignerCertificate != 0) {
            IkeymanLogger.error("CryptographicToken", "addSignerCertificate(String,String,boolean) Line 1990", new StringBuffer().append("There was a problem trying to add a signer certificate:  CryptographicToken.moduleName=").append(moduleName).append(" label=").append(this.label).append(" keyLabel=").append(str).append(" inputSignerCertFileName=").append(str2).toString());
            throw buildNewKMException("GSKKM_ERR_CMN_CERT_STORE", CMSKeyDatabaseException.getErrKey(c_AddSignerCertificate));
        }
        addSignerKeyLabel(str);
    }

    private boolean containsKeyLabel(Vector vector, String str) {
        if (vector == null || str == null) {
            return false;
        }
        for (int i = 0; i < vector.size(); i++) {
            if (str.equals(vector.elementAt(i))) {
                return true;
            }
        }
        return false;
    }

    private void deleteKeyLabel(Vector vector, String str) {
        if (vector == null || str == null) {
            return;
        }
        for (int i = 0; i < vector.size(); i++) {
            if (str.equals(vector.elementAt(i))) {
                vector.removeElementAt(i);
                return;
            }
        }
    }

    public void addPersonalKeyLabel(String str) {
        if (str != null) {
            if (this.personalKeyLabelList == null) {
                this.personalKeyLabelList = new Vector();
            }
            this.personalKeyLabelList.addElement(str);
        }
    }

    public void addRequestKeyLabel(String str) {
        if (str != null) {
            if (this.requestKeyLabelList == null) {
                this.requestKeyLabelList = new Vector();
            }
            this.requestKeyLabelList.addElement(str);
        }
    }

    public void addSignerKeyLabel(String str) {
        if (str != null) {
            if (this.signerKeyLabelList == null) {
                this.signerKeyLabelList = new Vector();
            }
            this.signerKeyLabelList.addElement(str);
        }
    }

    private KMException buildNewKMException(String str, String str2) {
        KMUtil.debugMsg(new StringBuffer().append("CryptographicToken::buildNewKMException() 0000, msgName=").append(str).append(", errCodeName=").append(str2).toString());
        KMException kMException = new KMException(KMSystem.getNLSErrString(str), str2);
        kMException.setNLSErrString(KMSystem.getNLSErrString(str));
        if (str2.equals("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_LABEL_NOT_EXIST")) {
            kMException.setNLSErrString(MessageFormat.format(KMSystem.getNLSErrString(str2), new Object[]{this.label}));
        }
        if (str2.equals("GSKKM_ERR_CRYPTOGRAPHIC_TOKEN_LIBRARY_NOT_LOADED")) {
            kMException.setNLSErrString(MessageFormat.format(KMSystem.getNLSErrString(str2), new Object[]{moduleName}));
        }
        KMUtil.debugMsg("CryptographicToken::buildNewKMException() 9999");
        return kMException;
    }

    private byte[] cryptoBase64DearmorFileToBuf(String str) throws KMException {
        byte[] bArr;
        byte[] cryptoFileToBuf = cryptoFileToBuf(str);
        if (cryptoFileToBuf == null) {
            return null;
        }
        int[] iArr = new int[2];
        cryptoFindCertificateBeginEnd(cryptoFileToBuf, iArr);
        int i = iArr[0];
        int i2 = iArr[1];
        if (i == -1 || i2 == -1) {
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_BASE64_INVALID_DATA"));
        }
        int i3 = i2 - i;
        byte[] bArr2 = new byte[i3];
        int i4 = 0;
        for (int i5 = i; i5 < i3 + i; i5++) {
            int indexOf = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/".indexOf(cryptoFileToBuf[i5]);
            if (indexOf != -1) {
                bArr2[i4] = (byte) indexOf;
                i4++;
            }
        }
        int i6 = i4;
        int i7 = i6 % 4;
        int i8 = ((i6 - i7) * 3) / 4;
        if (i7 == 1) {
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_BASE64_INVALID_DATA"));
        }
        if (i7 == 2) {
            int i9 = i8 + 1;
            bArr = new byte[i9];
            bArr[i9 - 1] = (byte) ((bArr2[i4 - 2] << 2) | (bArr2[i4 - 1] >>> 4));
        } else if (i7 == 3) {
            int i10 = i8 + 2;
            bArr = new byte[i10];
            bArr[i10 - 2] = (byte) ((bArr2[i4 - 3] << 2) | (bArr2[i4 - 2] >>> 4));
            bArr[i10 - 1] = (byte) ((bArr2[i4 - 2] << 4) | (bArr2[i4 - 1] >>> 2));
        } else {
            bArr = new byte[i8];
        }
        int i11 = 0;
        int i12 = 0;
        while (i11 + 3 < i6) {
            bArr[i12] = (byte) ((bArr2[i11] << 2) | (bArr2[i11 + 1] >>> 4));
            bArr[i12 + 1] = (byte) ((bArr2[i11 + 1] << 4) | (bArr2[i11 + 2] >>> 2));
            bArr[i12 + 2] = (byte) ((bArr2[i11 + 2] << 6) | bArr2[i11 + 3]);
            i11 += 4;
            i12 += 3;
        }
        return bArr;
    }

    private byte[] cryptoFileToBuf(String str) throws KMException {
        int i;
        int read;
        File file = new File(str);
        if (!file.exists()) {
            throw new KMException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_FILE_NOT_FOUND"));
        }
        InputStream inputStream = null;
        byte[] bArr = new byte[(int) file.length()];
        try {
            FileInputStream fileInputStream = new FileInputStream(file);
            i = 0;
            while (i < bArr.length && (read = fileInputStream.read(bArr, i, bArr.length - i)) != -1) {
                i += read;
            }
            fileInputStream.close();
            inputStream = null;
        } catch (IOException e) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e2) {
                }
            }
            i = 0;
        }
        if (i != bArr.length) {
            return null;
        }
        return bArr;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void cryptoFindCertificateBeginEnd(byte[] bArr, int[] iArr) {
        iArr[0] = -1;
        iArr[1] = -1;
        int i = 0;
        String[] strArr = {new String[]{"-----BEGIN PRIVACY-ENHANCED MESSAGE-----", "-----END PRIVACY-ENHANCED MESSAGE-----"}, new String[]{"-----BEGIN PKCS #7 SIGNED DATA-----", "-----END PKCS #7 SIGNED DATA-----"}, new String[]{"-----BEGIN X509 CERTIFICATE-----", "-----END X509 CERTIFICATE-----"}, new String[]{"-----BEGIN CERTIFICATE-----", "-----END CERTIFICATE-----"}, new String[]{"-----BEGIN", "-----END"}};
        for (int i2 = 0; i2 < bArr.length && iArr[0] == -1; i2++) {
            i = 0;
            while (i < strArr.length && iArr[0] == -1) {
                if (bArr[i2] == ((byte) strArr[i][0].charAt(0))) {
                    int i3 = 0;
                    while (i3 + i2 < bArr.length && i3 < strArr[i][0].length() && Character.toUpperCase((char) bArr[i2 + i3]) == strArr[i][0].charAt(i3)) {
                        i3++;
                    }
                    if (i3 == strArr[i][0].length()) {
                        iArr[0] = i2 + strArr[i][0].length();
                    }
                }
                i++;
            }
        }
        if (iArr[0] != -1) {
            int i4 = i - 1;
            byte charAt = (byte) strArr[i4][1].charAt(0);
            for (int i5 = iArr[0]; i5 < bArr.length && iArr[1] == -1; i5++) {
                if (bArr[i5] == charAt) {
                    int i6 = 0;
                    while (i6 + i5 < bArr.length && i6 < strArr[i4][1].length() && Character.toUpperCase((char) bArr[i5 + i6]) == strArr[i4][1].charAt(i6)) {
                        i6++;
                    }
                    if (i6 == strArr[i4][1].length()) {
                        iArr[1] = i5;
                    }
                }
            }
        }
    }
}
