package com.ibm.gsk.ikeyman.cli;

import com.ibm.gsk.ikeyman.basic.CMSKeyDatabase;
import com.ibm.gsk.ikeyman.basic.CertificateItem;
import com.ibm.gsk.ikeyman.basic.DNItem;
import com.ibm.gsk.ikeyman.basic.KMException;
import com.ibm.gsk.ikeyman.basic.KMSystem;
import com.ibm.gsk.ikeyman.basic.KMUtil;
import com.ibm.gsk.ikeyman.basic.KeyDatabaseException;
import com.ibm.gsk.ikeyman.basic.KeyDatabaseOperatorNullException;
import com.ibm.gsk.ikeyman.basic.KeyItem;
import com.ibm.gsk.ikeyman.basic.KeyStoreManager;
import com.ibm.gsk.ikeyman.basic.KeyStoreManagerException;
import com.ibm.gsk.ikeyman.ikeycmd;
import com.ibm.security.pkcs5.PKCS5;
import com.ibm.security.util.ObjectIdentifier;
import com.ibm.security.x509.GeneralName;
import com.ibm.security.x509.X500Name;
import com.ibm.security.x509.X509CertImpl;
import java.io.File;
import java.security.NoSuchProviderException;
import java.text.DateFormat;
import java.util.Calendar;
import java.util.Date;
import java.util.Enumeration;
import java.util.Vector;
import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import org.apache.xerces.impl.xs.SchemaSymbols;

/* loaded from: input_file:efixes/PK19794_Linux_s390/components/prereq.jdk/update.jar:/java/jre/lib/ext/gskikm.jar:com/ibm/gsk/ikeyman/cli/CLIKeyStoreCertificateManager.class */
public final class CLIKeyStoreCertificateManager implements CLIConstants {
    public static void create(CLICertificateInfo cLICertificateInfo) throws KeyStoreManagerException, KMException, Exception {
        cLICertificateInfo.init();
        String name = cLICertificateInfo.cliDb.getName();
        String password = cLICertificateInfo.cliDb.getPassword();
        int dbType = cLICertificateInfo.cliDb.getDbType();
        long expire = cLICertificateInfo.cliDb.getExpire();
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.create.KeyDbFileName: ").append(name).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.create.keyDbPassword: ").append(password).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.create.keyDbType:  ").append(dbType).toString());
        ikeycmd.debugMsg("\n");
        KeyStoreManager makeKeyDatabase = CLIKeyStoreManager.makeKeyDatabase(dbType, name, password, expire);
        String commonName = cLICertificateInfo.dn.getCommonName();
        String orgUnit = cLICertificateInfo.dn.getOrgUnit();
        String org2 = cLICertificateInfo.dn.getOrg();
        String locality = cLICertificateInfo.dn.getLocality();
        String state = cLICertificateInfo.dn.getState();
        String zipCode = cLICertificateInfo.dn.getZipCode();
        String country = cLICertificateInfo.dn.getCountry();
        cLICertificateInfo.dn.getEmail();
        cLICertificateInfo.dn.getOptions();
        DNItem dNItem = new DNItem(commonName, orgUnit, org2, locality, state, zipCode, country, null, null);
        int version = cLICertificateInfo.getVersion();
        String label = cLICertificateInfo.getLabel();
        boolean z = cLICertificateInfo.getDefault();
        int keySize = cLICertificateInfo.getKeySize();
        long expire2 = cLICertificateInfo.getExpire();
        String fileName = cLICertificateInfo.getFileName();
        boolean format = cLICertificateInfo.getFormat();
        String sanIpAddr = cLICertificateInfo.getSanIpAddr();
        String sanDnsName = cLICertificateInfo.getSanDnsName();
        String sanEmailAddr = cLICertificateInfo.getSanEmailAddr();
        makeKeyDatabase.open();
        ikeycmd.debugMsg(new StringBuffer().append("calling createNewSelfSignedCertificate with parms: \n \nversion: ").append(version).append(" \nlabel: ").append(label).append(" \nset as default: ").append(z).append(" \nkeySize: ").append(keySize).append(" \nexpire: ").append(expire2).append(" \ncertFileName: ").append(fileName).append(" \nis base 64 armored: ").append(format).toString());
        ikeycmd.debugMsg("\n");
        try {
            Vector myCertLabelList = makeKeyDatabase.getMyCertLabelList();
            if (myCertLabelList != null) {
                if (makeKeyDatabase.getType() == 2) {
                    Enumeration elements = myCertLabelList.elements();
                    Vector vector = new Vector();
                    while (elements.hasMoreElements()) {
                        vector.add(CLIKeyStoreManager.getMSTrimString(elements.nextElement().toString(), makeKeyDatabase.getType(), 1));
                    }
                    if (vector.contains(label)) {
                        ikeycmd.displayHelp(null, 191);
                    }
                } else if (myCertLabelList.contains(label)) {
                    ikeycmd.displayHelp(null, 191);
                }
            }
            if (makeKeyDatabase.getReqKeyLabelList() != null && makeKeyDatabase.getReqKeyLabelList().size() > 0 && makeKeyDatabase.getReqKeyLabelList().contains(label)) {
                ikeycmd.displayHelp(null, 191);
            }
            if (makeKeyDatabase.getCaCertLabelList() != null && makeKeyDatabase.getCaCertLabelList().size() > 0 && makeKeyDatabase.getCaCertLabelList().contains(label)) {
                ikeycmd.displayHelp(null, 191);
            }
            Vector vector2 = new Vector();
            if (CLIDefaults.subjectAltNameSupport) {
                KMUtil.addExtensions(vector2, 1, KMUtil.getStrings(sanEmailAddr));
                KMUtil.addExtensions(vector2, 7, KMUtil.getStrings(sanIpAddr));
                KMUtil.addExtensions(vector2, 2, KMUtil.getStrings(sanDnsName));
            }
            makeKeyDatabase.createNewSelfSignedCertificate(version, label, z, keySize, dNItem, (int) expire2, signatureAlg(), fileName, format, vector2);
            makeKeyDatabase.close();
            ikeycmd.debugMsg("returned from create self sign ok\n");
        } catch (KMException e) {
            ikeycmd.displayHelp(null, 190);
        }
    }

    public static void receive(CLICertificateInfo cLICertificateInfo) throws KeyStoreManagerException, KMException, Exception {
        cLICertificateInfo.init();
        String name = cLICertificateInfo.cliDb.getName();
        String password = cLICertificateInfo.cliDb.getPassword();
        int dbType = cLICertificateInfo.cliDb.getDbType();
        long expire = cLICertificateInfo.cliDb.getExpire();
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.receive.KeyDbFileName: ").append(name).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.receive.keyDbPassword: ").append(password).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.receive.keyDbType:  ").append(dbType).toString());
        ikeycmd.debugMsg("\n");
        KeyStoreManager makeKeyDatabase = CLIKeyStoreManager.makeKeyDatabase(dbType, name, password, expire);
        String fileName = cLICertificateInfo.getFileName();
        boolean format = cLICertificateInfo.getFormat();
        boolean z = cLICertificateInfo.getDefault();
        makeKeyDatabase.open();
        ikeycmd.debugMsg("Calling receive with params: ");
        ikeycmd.debugMsg(new StringBuffer().append("filename: ").append(fileName).toString());
        ikeycmd.debugMsg(new StringBuffer().append("format: ").append(format).toString());
        ikeycmd.debugMsg(new StringBuffer().append("default: ").append(z).toString());
        ikeycmd.debugMsg("\n");
        makeKeyDatabase.receiveCertificate(fileName, format, z);
        ikeycmd.debugMsg("returned from receive a cert ok\n");
        makeKeyDatabase.close();
    }

    public static void add(CLICertificateInfo cLICertificateInfo) throws KeyStoreManagerException, KMException, Exception {
        cLICertificateInfo.init();
        String name = cLICertificateInfo.cliDb.getName();
        String password = cLICertificateInfo.cliDb.getPassword();
        int dbType = cLICertificateInfo.cliDb.getDbType();
        long expire = cLICertificateInfo.cliDb.getExpire();
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.add.KeyDbFileName: ").append(name).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.add.keyDbPassword: ").append(password).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.add.keyDbType:  ").append(dbType).toString());
        ikeycmd.debugMsg("\n");
        KeyStoreManager makeKeyDatabase = CLIKeyStoreManager.makeKeyDatabase(dbType, name, password, expire);
        String label = cLICertificateInfo.getLabel();
        String fileName = cLICertificateInfo.getFileName();
        boolean format = cLICertificateInfo.getFormat();
        boolean trust = cLICertificateInfo.getTrust();
        makeKeyDatabase.open();
        ikeycmd.debugMsg(new StringBuffer().append("Calling addCACertificate(").append(label).append(", ").append(fileName).append("' ").append(format).append(")\n").toString());
        makeKeyDatabase.addCACertificate(label, fileName, format);
        if (dbType == 1) {
            makeKeyDatabase.setKeyTrust(label, trust);
        }
        makeKeyDatabase.keyDbChanged = true;
        ikeycmd.debugMsg("returned from receive a CA cert ok\n");
        makeKeyDatabase.close();
    }

    public static void list(CLICertificateInfo cLICertificateInfo) throws KeyStoreManagerException, KMException, Exception {
        Vector certificateChain;
        cLICertificateInfo.init();
        Vector vector = null;
        String name = cLICertificateInfo.cliDb.getName();
        String password = cLICertificateInfo.cliDb.getPassword();
        int dbType = cLICertificateInfo.cliDb.getDbType();
        long expire = cLICertificateInfo.cliDb.getExpire();
        boolean expiryShow = cLICertificateInfo.cliDb.getExpiryShow();
        int expiryTime = cLICertificateInfo.cliDb.getExpiryTime();
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.list.KeyDbFileName: ").append(name).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.list.keyDbPassword: ").append(password).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.list.keyDbType:  ").append(dbType).toString());
        ikeycmd.debugMsg("\n");
        KeyStoreManager makeKeyDatabase = CLIKeyStoreManager.makeKeyDatabase(dbType, name, password, expire);
        makeKeyDatabase.open();
        String list = cLICertificateInfo.getList();
        if (list.equalsIgnoreCase("all")) {
            vector = new Vector();
            Vector caCertLabelList = makeKeyDatabase.getCaCertLabelList();
            Vector siteCertLabelList = makeKeyDatabase.getSiteCertLabelList();
            Vector myCertLabelList = makeKeyDatabase.getMyCertLabelList();
            if (caCertLabelList != null) {
                for (int i = 0; i < caCertLabelList.size(); i++) {
                    vector.addElement((String) caCertLabelList.elementAt(i));
                }
            }
            if (siteCertLabelList != null) {
                for (int i2 = 0; i2 < siteCertLabelList.size(); i2++) {
                    vector.addElement((String) siteCertLabelList.elementAt(i2));
                }
            }
            if (myCertLabelList != null) {
                for (int i3 = 0; i3 < myCertLabelList.size(); i3++) {
                    vector.addElement((String) myCertLabelList.elementAt(i3));
                }
            }
        } else if (list.equalsIgnoreCase("CA")) {
            vector = makeKeyDatabase.getCaCertLabelList();
        } else if (list.equalsIgnoreCase("site")) {
            if (dbType == 1) {
                throw new KeyStoreManagerException(KMSystem.getNLSErrString("GSKKM_CLI_ERR_CMS_NO_GOOD"));
            }
            vector = makeKeyDatabase.getSiteCertLabelList();
        } else if (list.equalsIgnoreCase("personal")) {
            vector = makeKeyDatabase.getMyCertLabelList();
        }
        if (vector == null || vector.size() == 0) {
            throw new KeyStoreManagerException(KMSystem.getNLSErrString("GSKKM_ERR_KEYDB_NULL"));
        }
        System.out.println(new StringBuffer().append(KMSystem.getNLSErrString("GSKKM_CLI_CERT_LIST_MSG")).append(" ").append(name).toString());
        for (int i4 = 0; i4 < vector.size(); i4++) {
            String str = (String) vector.elementAt(i4);
            KeyItem keyItemByLabel = makeKeyDatabase.getKeyItemByLabel(str);
            if (!expiryShow) {
                System.out.println(new StringBuffer().append("   ").append(CLIKeyStoreManager.getMSTrimString(str, makeKeyDatabase.getType(), 3)).toString());
            } else if (keyItemByLabel != null && keyItemByLabel.hasCertificate() && (certificateChain = keyItemByLabel.getCertificateChain()) != null && certificateChain.size() > 0) {
                CertificateItem certificateItem = (CertificateItem) certificateChain.elementAt(0);
                Date validNotBefore = certificateItem.getValidNotBefore();
                Date validNotAfter = certificateItem.getValidNotAfter();
                if (validNotBefore != null && validNotAfter != null) {
                    Calendar calculatedExpiry = cLICertificateInfo.cliDb.getCalculatedExpiry();
                    Calendar calendar = Calendar.getInstance();
                    calendar.setTime(validNotAfter);
                    if (expiryTime < 0 || calendar.before(calculatedExpiry)) {
                        System.out.println(new StringBuffer().append("   ").append(CLIKeyStoreManager.getMSTrimString(str, makeKeyDatabase.getType(), 3)).toString());
                        System.out.println(new StringBuffer().append("      ").append(ikeycmd.getNLSResString("GUI_LABEL_VALIDITY")).toString());
                        System.out.println(new StringBuffer().append("      ").append(ikeycmd.getNLSResString("GUI_LABEL_NOT_BEFORE")).append(": ").append(validNotBefore.toString()).toString());
                        System.out.println(new StringBuffer().append("      ").append(ikeycmd.getNLSResString("GUI_LABEL_NOT_AFTER")).append(": ").append(validNotAfter.toString()).toString());
                    }
                }
            }
        }
        makeKeyDatabase.close();
        ikeycmd.debugMsg("returned from list cert ok\n");
    }

    public static String getGNValue(GeneralName generalName) throws Exception {
        switch (generalName.getType()) {
            case 1:
                return generalName.toString();
            case 2:
                return generalName.toString();
            case 3:
                return generalName.toString();
            case 4:
                return new StringBuffer().append("X500Name: ").append(generalName.toString()).toString();
            case 5:
                return generalName.toString();
            case 6:
                return generalName.toString();
            case 7:
                return generalName.toString();
            case 8:
                return generalName.toString();
            default:
                return new StringBuffer().append(" OtherName: ").append(generalName.toString()).toString();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Removed duplicated region for block: B:122:0x0b4e  */
    /* JADX WARN: Removed duplicated region for block: B:125:0x0b72 A[SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static void moreDetails(com.ibm.gsk.ikeyman.cli.CLICertificateInfo r6) throws com.ibm.gsk.ikeyman.basic.KeyStoreManagerException, com.ibm.gsk.ikeyman.basic.KMException, java.lang.Exception {
        /*
            Method dump skipped, instructions count: 3271
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.gsk.ikeyman.cli.CLIKeyStoreCertificateManager.moreDetails(com.ibm.gsk.ikeyman.cli.CLICertificateInfo):void");
    }

    private static String getAttributeName(ObjectIdentifier objectIdentifier) {
        String str = null;
        if (objectIdentifier != null) {
            str = objectIdentifier.equals(X500Name.commonName_oid) ? ikeycmd.getNLSResString("GUI_LABEL_COMMON_NAME") : objectIdentifier.equals(X500Name.serialNumber_oid) ? ikeycmd.getNLSResString("GUI_LABEL_SERIALNO") : objectIdentifier.equals(X500Name.countryName_oid) ? ikeycmd.getNLSResString("GUI_LABEL_COUNTRY") : objectIdentifier.equals(X500Name.localityName_oid) ? ikeycmd.getNLSResString("GUI_LABEL_LOCALITY") : objectIdentifier.equals(X500Name.stateName_oid) ? ikeycmd.getNLSResString("GUI_LABEL_STATE") : objectIdentifier.equals(X500Name.streetAddress_oid) ? ikeycmd.getNLSResString("GUI_LABEL_STREET") : objectIdentifier.equals(X500Name.orgName_oid) ? ikeycmd.getNLSResString("GUI_LABEL_ORG") : objectIdentifier.equals(X500Name.orgUnitName_oid) ? ikeycmd.getNLSResString("GUI_LABEL_ORG_UNIT") : objectIdentifier.equals(X500Name.title_oid) ? ikeycmd.getNLSResString("GUI_LABEL_TITLE2") : objectIdentifier.equals(X500Name.postalCode_oid) ? ikeycmd.getNLSResString("GUI_LABEL_ZIPCODE") : objectIdentifier.equals(X500Name.emailAddress_oid) ? ikeycmd.getNLSResString("GUI_LABEL_EMAIL_ADDRESS1") : objectIdentifier.toString();
        }
        return str;
    }

    private static String getHexDumpWithASCII(byte[] bArr) {
        String str = new String("");
        if (bArr != null && bArr.length > 0) {
            int i = 0;
            while (true) {
                int i2 = i;
                if (i2 >= bArr.length) {
                    break;
                }
                int length = i2 + 16 <= bArr.length ? 16 : bArr.length % 16;
                byte[] bArr2 = new byte[length];
                String str2 = "";
                for (int i3 = 0; i3 < bArr2.length; i3++) {
                    bArr2[i3] = bArr[i2 + i3];
                    str2 = (bArr2[i3] < 0 || Character.getType((char) bArr2[i3]) == 15) ? new StringBuffer().append(str2).append(".").toString() : new StringBuffer().append(str2).append((char) bArr2[i3]).toString();
                }
                String stringBuffer = new StringBuffer().append(str).append(getHexDumpForMoreDetails(bArr2)).toString();
                if (bArr2.length % 16 != 0) {
                    for (int i4 = 0; i4 < 16 - (bArr2.length % 16); i4++) {
                        stringBuffer = new StringBuffer().append(stringBuffer).append("   ").toString();
                    }
                }
                str = new StringBuffer().append(stringBuffer).append("    ").append(str2).toString();
                if (i2 + length < bArr.length) {
                    str = new StringBuffer().append(str).append("\n").toString();
                }
                i = i2 + length;
            }
        }
        return str;
    }

    private static String getHexDumpForMoreDetails(byte[] bArr) {
        String str = "";
        if (bArr != null && bArr.length > 0) {
            for (int i = 0; i < bArr.length; i++) {
                if (i % 16 != 0) {
                    str = new StringBuffer().append(str).append(" ").toString();
                } else if (i > 0 && i < bArr.length) {
                    str = new StringBuffer().append(str).append("\n").append("      ").toString();
                }
                int i2 = bArr[i] & 255;
                if (i2 < 16) {
                    str = new StringBuffer().append(str).append(SchemaSymbols.ATTVAL_FALSE_0).toString();
                }
                str = new StringBuffer().append(str).append(Integer.toHexString(i2).toUpperCase()).toString();
            }
        }
        return str;
    }

    public static void details(CLICertificateInfo cLICertificateInfo) throws KeyStoreManagerException, KMException, Exception {
        cLICertificateInfo.init();
        String name = cLICertificateInfo.cliDb.getName();
        String password = cLICertificateInfo.cliDb.getPassword();
        int dbType = cLICertificateInfo.cliDb.getDbType();
        long expire = cLICertificateInfo.cliDb.getExpire();
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.details.KeyDbFileName: ").append(name).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.details.keyDbPassword: ").append(password).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.details.keyDbType:  ").append(dbType).toString());
        ikeycmd.debugMsg("\n");
        KeyStoreManager makeKeyDatabase = CLIKeyStoreManager.makeKeyDatabase(dbType, name, password, expire);
        String label = cLICertificateInfo.getLabel();
        makeKeyDatabase.open();
        if (makeKeyDatabase.getType() == 2) {
            String mSKeyLabel = CLIKeyStoreManager.getMSKeyLabel(makeKeyDatabase.getMyCertLabelList(), label);
            if (mSKeyLabel == null || mSKeyLabel.equals("")) {
                mSKeyLabel = CLIKeyStoreManager.getMSKeyLabel(makeKeyDatabase.getCaCertLabelList(), label);
            }
            label = mSKeyLabel;
        }
        KeyItem keyItemByLabel = makeKeyDatabase.getKeyItemByLabel(label);
        if (keyItemByLabel == null || !keyItemByLabel.hasCertificate()) {
            ikeycmd.displayHelp(null, 189);
        } else {
            System.out.println("\n\n");
            if (keyItemByLabel.getKeyLabel().compareTo(label) == 0) {
                System.out.println(new StringBuffer().append(KMSystem.getNLSErrString("GSKKM_CLI_CERT_DETAILS_LABEL")).append(" ").append(CLIKeyStoreManager.getMSTrimString(keyItemByLabel.getKeyLabel(), makeKeyDatabase.getType(), 3)).toString());
                System.out.println(new StringBuffer().append(KMSystem.getNLSErrString("GSKKM_CLI_CERT_DETAILS_KEYSIZE")).append(" ").append((int) keyItemByLabel.getKeySize()).toString());
            }
            Vector certificateChain = keyItemByLabel.getCertificateChain();
            if (certificateChain != null && certificateChain.size() > 0) {
                CertificateItem certificateItem = (CertificateItem) certificateChain.elementAt(0);
                System.out.println(new StringBuffer().append(KMSystem.getNLSErrString("GSKKM_CLI_CERT_DETAILS_VERSION")).append(" X509 V").append((int) certificateItem.getVersion()).toString());
                try {
                    byte[] byteArray = new X509CertImpl(certificateItem.getEncoded()).getSerialNumber().toByteArray();
                    if (byteArray != null && byteArray.length > 0) {
                        System.out.println(new StringBuffer().append(KMSystem.getNLSErrString("GSKKM_CLI_CERT_DETAILS_SERIAL")).append(" ").append(getHexDumpForMoreDetails(byteArray)).toString());
                    }
                } catch (Exception e) {
                }
                DNItem issuer = certificateItem.getIssuer();
                if (issuer != null) {
                    System.out.println(new StringBuffer().append(KMSystem.getNLSErrString("GSKKM_CLI_CERT_DETAILS_ISSUER")).append(" ").append(issuer.toStringWithoutTag()).toString());
                }
                DNItem subject = certificateItem.getSubject();
                if (subject != null) {
                    System.out.println(new StringBuffer().append(KMSystem.getNLSErrString("GSKKM_CLI_CERT_DETAILS_SUBJECT")).append(" ").append(subject.toStringWithoutTag()).toString());
                }
                Date validNotBefore = certificateItem.getValidNotBefore();
                String format = DateFormat.getDateTimeInstance(0, 0, KMSystem.getLocale()).format(validNotBefore);
                Date validNotAfter = certificateItem.getValidNotAfter();
                String format2 = DateFormat.getDateTimeInstance(0, 0, KMSystem.getLocale()).format(validNotAfter);
                if (validNotBefore != null && validNotAfter != null) {
                    System.out.println(new StringBuffer().append(KMSystem.getNLSErrString("GSKKM_CLI_CERT_DETAILS_VALID")).append(" ").append(format).append(" ").append(KMSystem.getNLSErrString("GSKKM_CLI_CERT_DETAILS_TO")).append(" ").append(format2).toString());
                }
                String fingerPrint = certificateItem.getFingerPrint();
                if (fingerPrint != null) {
                    System.out.println(new StringBuffer().append(KMSystem.getNLSErrString("GSKKM_CLI_CERT_DETAILS_FINGER")).append(" ").append(fingerPrint).toString());
                }
                String sigAlgorithmIdOID = certificateItem.getSigAlgorithmIdOID();
                if (sigAlgorithmIdOID != null) {
                    System.out.println(new StringBuffer().append(KMSystem.getNLSErrString("GSKKM_CLI_CERT_DETAILS_SIG")).append(" ").append(sigAlgorithmIdOID).toString());
                }
                if (keyItemByLabel.isTrusted()) {
                    System.out.println(KMSystem.getNLSErrString("GSKKM_CLI_CERT_DETAILS_ENABLED"));
                } else {
                    System.out.println(KMSystem.getNLSErrString("GSKKM_CLI_CERT_DETAILS_DISABLED"));
                }
                System.out.println("\n");
            }
        }
        makeKeyDatabase.close();
        ikeycmd.debugMsg("returned from show details cert ok\n");
    }

    public static void delete(CLICertificateInfo cLICertificateInfo) throws KeyStoreManagerException, KMException, Exception {
        cLICertificateInfo.init();
        String name = cLICertificateInfo.cliDb.getName();
        String password = cLICertificateInfo.cliDb.getPassword();
        int dbType = cLICertificateInfo.cliDb.getDbType();
        long expire = cLICertificateInfo.cliDb.getExpire();
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.delete.KeyDbFileName: ").append(name).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.delete.keyDbPassword: ").append(password).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.delete.keyDbType:  ").append(dbType).toString());
        ikeycmd.debugMsg("\n");
        KeyStoreManager makeKeyDatabase = CLIKeyStoreManager.makeKeyDatabase(dbType, name, password, expire);
        String label = cLICertificateInfo.getLabel();
        makeKeyDatabase.open();
        if (makeKeyDatabase.getType() == 2) {
            String mSKeyLabel = CLIKeyStoreManager.getMSKeyLabel(makeKeyDatabase.getMyCertLabelList(), label);
            if (mSKeyLabel == null || mSKeyLabel.equals("")) {
                mSKeyLabel = CLIKeyStoreManager.getMSKeyLabel(makeKeyDatabase.getCaCertLabelList(), label);
            }
            label = mSKeyLabel;
        }
        if (label == null || label.equals("")) {
            throw new KeyStoreManagerException(KMSystem.getNLSErrString("GSKKM_ERR_KEYDB_NULL"));
        }
        ikeycmd.debugMsg(new StringBuffer().append("Deleteing Label: ").append(label).append("\n").toString());
        makeKeyDatabase.deleteKeyByLabel(label);
        makeKeyDatabase.close();
    }

    public static void modify(CLICertificateInfo cLICertificateInfo) throws KeyStoreManagerException, KMException, Exception {
        cLICertificateInfo.init();
        String name = cLICertificateInfo.cliDb.getName();
        String password = cLICertificateInfo.cliDb.getPassword();
        int dbType = cLICertificateInfo.cliDb.getDbType();
        long expire = cLICertificateInfo.cliDb.getExpire();
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.modify.KeyDbFileName: ").append(name).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.modify.keyDbPassword: ").append(password).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.modify.keyDbType:  ").append(dbType).toString());
        ikeycmd.debugMsg("\n");
        KeyStoreManager makeKeyDatabase = CLIKeyStoreManager.makeKeyDatabase(dbType, name, password, expire);
        boolean trust = cLICertificateInfo.getTrust();
        String label = cLICertificateInfo.getLabel();
        makeKeyDatabase.open();
        ikeycmd.debugMsg(new StringBuffer().append("Calling setKeyTrust(").append(label).append(", ").append(trust).append(")\n").toString());
        Vector myCertLabelList = makeKeyDatabase.getMyCertLabelList();
        if (myCertLabelList == null || !myCertLabelList.contains(label)) {
            makeKeyDatabase.keyDbChanged = true;
            makeKeyDatabase.setKeyTrust(label, trust);
        } else {
            System.out.println(KMSystem.getNLSErrString("GSKKM_CLI_TRUST_STATUS_NOT_APPLY"));
        }
        makeKeyDatabase.close();
        ikeycmd.debugMsg("returned from modify cert ok\n");
    }

    public static void importCert(CLICertificateInfo cLICertificateInfo) throws KeyStoreManagerException, KMException, Exception {
        String[] strArr;
        cLICertificateInfo.init();
        String name = cLICertificateInfo.cliDb.getName();
        String password = cLICertificateInfo.cliDb.getPassword();
        int dbType = cLICertificateInfo.cliDb.getDbType();
        long expire = cLICertificateInfo.cliDb.getExpire();
        boolean pfx = cLICertificateInfo.cliDb.getPfx();
        String newLabel = cLICertificateInfo.cliDb.getNewLabel();
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.importCert.databaseName: ").append(name).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.importCert.databasePassword: ").append(password).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.importCert.dbType:  ").append(dbType).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.importCert.pfx:  ").append(pfx).toString());
        ikeycmd.debugMsg("\n");
        String targetDb = cLICertificateInfo.getTargetDb();
        String targetPassword = cLICertificateInfo.getTargetPassword();
        int targetDbType = cLICertificateInfo.getTargetDbType();
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.importCert.KeyDbFileName: ").append(targetDb).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.importCert.keyDbPassword: ").append(targetPassword).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.importCert.keyDbType:  ").append(targetDbType).toString());
        ikeycmd.debugMsg("\n");
        String label = cLICertificateInfo.getLabel();
        cLICertificateInfo.getEncryption();
        cLICertificateInfo.getFormat();
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.importCert.label:  ").append(label).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.importCert.newLabel:  ").append(newLabel).toString());
        ikeycmd.debugMsg("\n");
        KeyStoreManager makeKeyDatabase = CLIKeyStoreManager.makeKeyDatabase(dbType, name, password, expire);
        KeyStoreManager makeKeyDatabase2 = CLIKeyStoreManager.makeKeyDatabase(targetDbType, targetDb, targetPassword, 0L);
        makeKeyDatabase.open();
        makeKeyDatabase2.open();
        String[] strArr2 = new String[1];
        if (dbType == 8) {
            if (label == null) {
                if (cLICertificateInfo.cliDb.getPfx()) {
                    makeKeyDatabase.doPfx();
                }
                String[] strArr3 = new String[makeKeyDatabase.getKeyLabelList().size()];
                int i = 0;
                Enumeration elements = makeKeyDatabase.getKeyLabelList().elements();
                while (elements.hasMoreElements()) {
                    strArr3[i] = elements.nextElement().toString();
                    i++;
                }
                strArr = strArr3;
            } else if (newLabel != null) {
                makeKeyDatabase.relabel(label, newLabel);
                strArr2[0] = newLabel;
                strArr = strArr2;
            } else {
                strArr2[0] = label;
                strArr = strArr2;
            }
        } else if (newLabel != null) {
            makeKeyDatabase.relabel(label, newLabel);
            strArr2[0] = newLabel;
            strArr = strArr2;
        } else {
            strArr2[0] = label;
            strArr = strArr2;
        }
        for (String str : strArr) {
            if (makeKeyDatabase2.getMyCertLabelList() != null && makeKeyDatabase2.getMyCertLabelList().size() > 0 && makeKeyDatabase2.getMyCertLabelList().contains(str)) {
                ikeycmd.displayHelp(null, 191);
            }
            if (makeKeyDatabase2.getReqKeyLabelList() != null && makeKeyDatabase2.getReqKeyLabelList().size() > 0 && makeKeyDatabase2.getReqKeyLabelList().contains(label)) {
                ikeycmd.displayHelp(null, 191);
            }
            if (makeKeyDatabase2.getCaCertLabelList() != null && makeKeyDatabase2.getCaCertLabelList().size() > 0 && makeKeyDatabase2.getCaCertLabelList().contains(label)) {
                ikeycmd.displayHelp(null, 191);
            }
        }
        makeKeyDatabase2.importKeyFromKeyStore(makeKeyDatabase, strArr, strArr);
        makeKeyDatabase2.close();
        if (!(cLICertificateInfo.cliDb.getPfx() && label == null) && newLabel == null) {
            makeKeyDatabase.close();
        }
    }

    public static void export(CLICertificateInfo cLICertificateInfo) throws KeyStoreManagerException, KMException, Exception {
        cLICertificateInfo.init();
        String name = cLICertificateInfo.cliDb.getName();
        String password = cLICertificateInfo.cliDb.getPassword();
        int dbType = cLICertificateInfo.cliDb.getDbType();
        long expire = cLICertificateInfo.cliDb.getExpire();
        String targetDb = cLICertificateInfo.getTargetDb();
        String targetPassword = cLICertificateInfo.getTargetPassword();
        int targetDbType = cLICertificateInfo.getTargetDbType();
        String label = cLICertificateInfo.getLabel();
        cLICertificateInfo.getEncryption();
        cLICertificateInfo.getFormat();
        cLICertificateInfo.getDefault();
        String[] strArr = {label};
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.exportCert.KeyDbFileName: ").append(name).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.exportCert.keyDbPassword: ").append(password).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.exportCert.keyDbType:  ").append(dbType).toString());
        ikeycmd.debugMsg("\n");
        KeyStoreManager makeKeyDatabase = CLIKeyStoreManager.makeKeyDatabase(dbType, name, password, expire);
        makeKeyDatabase.open();
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.exportCert.targetFileName: ").append(targetDb).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.exportCert.targetPassword: ").append(targetPassword).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.exportCert.targetDbType:  ").append(targetDbType).toString());
        ikeycmd.debugMsg("\n");
        KeyStoreManager makeKeyDatabase2 = CLIKeyStoreManager.makeKeyDatabase(targetDbType, targetDb, targetPassword, 0L);
        if (targetDbType != 8) {
            makeKeyDatabase2.open();
            if (makeKeyDatabase2.getMyCertLabelList() != null && makeKeyDatabase2.getMyCertLabelList().size() > 0 && makeKeyDatabase2.getMyCertLabelList().contains(label)) {
                ikeycmd.displayHelp(null, 191);
            }
            if (makeKeyDatabase2.getReqKeyLabelList() != null && makeKeyDatabase2.getReqKeyLabelList().size() > 0 && makeKeyDatabase2.getReqKeyLabelList().contains(label)) {
                ikeycmd.displayHelp(null, 191);
            }
            if (makeKeyDatabase2.getCaCertLabelList() != null && makeKeyDatabase2.getCaCertLabelList().size() > 0 && makeKeyDatabase2.getCaCertLabelList().contains(label)) {
                ikeycmd.displayHelp(null, 191);
            }
        } else {
            File file = new File(targetDb);
            try {
                Cipher.getInstance(PKCS5.CIPHER_ALGORITHM_DES, KeyStoreManager.JCEProvider);
                if (file.exists()) {
                    makeKeyDatabase2.open();
                } else {
                    makeKeyDatabase2.createKeyStoreWithoutIkeymanCaCerts();
                }
            } catch (NoSuchProviderException e) {
                KMUtil.debugMsg(new StringBuffer().append("KeyStoreManager::save() 0510-5-2, NoSuchProviderException=").append(e).toString());
                throw new KeyStoreManagerException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_EXPORT_KEY_TO_PFX"));
            } catch (NoSuchPaddingException e2) {
                KMUtil.debugMsg(new StringBuffer().append("KeyStoreManager::save() 0510-5-1, NoSuchPaddingException=").append(e2).toString());
                throw new KeyStoreManagerException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_EXPORT_KEY_TO_PFX"));
            }
        }
        if (makeKeyDatabase.getType() == 2) {
            String mSKeyLabel = CLIKeyStoreManager.getMSKeyLabel(makeKeyDatabase.getMyCertLabelList(), label);
            if (mSKeyLabel == null || mSKeyLabel.equals("")) {
                mSKeyLabel = CLIKeyStoreManager.getMSKeyLabel(makeKeyDatabase.getCaCertLabelList(), label);
            }
            strArr[0] = mSKeyLabel;
        }
        makeKeyDatabase.exportKeyToKeyStore(makeKeyDatabase2, strArr, null);
        makeKeyDatabase2.close();
        makeKeyDatabase.close();
    }

    public static void extract(CLICertificateInfo cLICertificateInfo) throws KeyStoreManagerException, KMException, Exception {
        cLICertificateInfo.init();
        String name = cLICertificateInfo.cliDb.getName();
        String password = cLICertificateInfo.cliDb.getPassword();
        int dbType = cLICertificateInfo.cliDb.getDbType();
        long expire = cLICertificateInfo.cliDb.getExpire();
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.extract.KeyDbFileName: ").append(name).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.extract.keyDbPassword: ").append(password).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.extract.keyDbType:  ").append(dbType).toString());
        ikeycmd.debugMsg("\n");
        KeyStoreManager makeKeyDatabase = CLIKeyStoreManager.makeKeyDatabase(dbType, name, password, expire);
        String label = cLICertificateInfo.getLabel();
        String extractTarget = cLICertificateInfo.getExtractTarget();
        boolean format = cLICertificateInfo.getFormat();
        makeKeyDatabase.open();
        if (makeKeyDatabase.getType() == 2) {
            String mSKeyLabel = CLIKeyStoreManager.getMSKeyLabel(makeKeyDatabase.getMyCertLabelList(), label);
            if (mSKeyLabel == null || mSKeyLabel.equals("")) {
                mSKeyLabel = CLIKeyStoreManager.getMSKeyLabel(makeKeyDatabase.getCaCertLabelList(), label);
            }
            label = mSKeyLabel;
        }
        ikeycmd.debugMsg(new StringBuffer().append("Calling extractCertificate(").append(label).append(", ").append(extractTarget).append(", ").append(format).append(")\n").toString());
        makeKeyDatabase.extractCertificate(label, extractTarget, format);
        makeKeyDatabase.close();
        ikeycmd.debugMsg("returned from modify cert ok\n");
    }

    public static void sign(CLICertificateInfo cLICertificateInfo) throws KeyDatabaseException, KeyDatabaseOperatorNullException {
        cLICertificateInfo.init();
        String name = cLICertificateInfo.cliDb.getName();
        String password = cLICertificateInfo.cliDb.getPassword();
        int dbType = cLICertificateInfo.cliDb.getDbType();
        long expire = cLICertificateInfo.cliDb.getExpire();
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.sign.KeyDbFileName: ").append(name).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.sign.keyDbPassword: ").append(password).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.sign.keyDbType:  ").append(dbType).toString());
        ikeycmd.debugMsg("\n");
        ikeycmd.debugMsg("Verifying that we have a CMS database\n");
        if (dbType != 1) {
            throw new KeyDatabaseException(KMSystem.getNLSErrString("GSKKM_CLI_ERR_SIGN_DB_TYPE"));
        }
        CMSKeyDatabase cMSKeyDatabase = new CMSKeyDatabase(name, password, expire);
        String label = cLICertificateInfo.getLabel();
        int version = cLICertificateInfo.getVersion();
        cMSKeyDatabase.getKeyDatabaseOperator().open();
        KeyItem keyItemByLabel = cMSKeyDatabase.getKeyItemByLabel(label);
        if (keyItemByLabel == null || !keyItemByLabel.hasCertificate()) {
            throw new KeyDatabaseException(KMSystem.getNLSErrString("GSKKM_ERR_KEY_GET_BY_LABEL"));
        }
        Vector certificateChain = keyItemByLabel.getCertificateChain();
        if (certificateChain == null || certificateChain.size() <= 0) {
            return;
        }
        CertificateItem certificateItem = (CertificateItem) certificateChain.elementAt(0);
        String serialNumber = cLICertificateInfo.getSerialNumber();
        if (serialNumber == null) {
            serialNumber = certificateItem.getSerialNumber();
        }
        int expire2 = (int) cLICertificateInfo.getExpire();
        String targetDb = cLICertificateInfo.getTargetDb();
        String fileName = cLICertificateInfo.getFileName();
        boolean format = cLICertificateInfo.getFormat();
        ikeycmd.debugMsg("Calling issueCertificate with params: ");
        ikeycmd.debugMsg(new StringBuffer().append("label: ").append(label).append(" \nversion: ").append(version).append(" \nserialNumber: ").append(serialNumber).append(" \nexpire: ").append(expire2).append(" \ntarget: ").append(targetDb).append(" \ncertFileName: ").append(fileName).append(" \nis base 64 armored: ").append(format).append("\n").toString());
        cMSKeyDatabase.issueCertificate(label, version, serialNumber, expire2, fileName, targetDb, format);
        cMSKeyDatabase.getKeyDatabaseOperator().close();
    }

    public static void setDefault(CLICertificateInfo cLICertificateInfo) throws KeyStoreManagerException, KMException, Exception {
        cLICertificateInfo.init();
        String name = cLICertificateInfo.cliDb.getName();
        String password = cLICertificateInfo.cliDb.getPassword();
        int dbType = cLICertificateInfo.cliDb.getDbType();
        long expire = cLICertificateInfo.cliDb.getExpire();
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.setDefault.KeyDbFileName: ").append(name).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.setDefault.keyDbPassword: ").append(password).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.setDefault.keyDbType:  ").append(dbType).toString());
        ikeycmd.debugMsg("\n");
        KeyStoreManager makeKeyDatabase = CLIKeyStoreManager.makeKeyDatabase(dbType, name, password, expire);
        String label = cLICertificateInfo.getLabel();
        makeKeyDatabase.open();
        ikeycmd.debugMsg(new StringBuffer().append("Calling setDefaultKey(").append(label).append(")\n").toString());
        makeKeyDatabase.setDefaultKey(label);
        makeKeyDatabase.close();
        ikeycmd.debugMsg("returned from setDefault ok\n");
    }

    public static void getDefault(CLICertificateInfo cLICertificateInfo) throws KeyStoreManagerException, KMException, Exception {
        cLICertificateInfo.init();
        String name = cLICertificateInfo.cliDb.getName();
        String password = cLICertificateInfo.cliDb.getPassword();
        int dbType = cLICertificateInfo.cliDb.getDbType();
        long expire = cLICertificateInfo.cliDb.getExpire();
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.getDefault.KeyDbFileName: ").append(name).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.getDefault.keyDbPassword: ").append(password).toString());
        ikeycmd.debugMsg(new StringBuffer().append("CLIKeyStoreCertificateManager.getDefault.keyDbType:  ").append(dbType).toString());
        ikeycmd.debugMsg("\n");
        KeyStoreManager makeKeyDatabase = CLIKeyStoreManager.makeKeyDatabase(dbType, name, password, expire);
        makeKeyDatabase.open();
        String keyLabel = makeKeyDatabase.getDefaultKeyItem().getKeyLabel();
        ikeycmd.debugMsg(new StringBuffer().append("Calling setLabel(").append(keyLabel).append(")\n").toString());
        cLICertificateInfo.setLabel(keyLabel);
        details(cLICertificateInfo);
        makeKeyDatabase.close();
        ikeycmd.debugMsg("returned from getDefault ok\n");
    }

    public static int signatureAlg() {
        int defaultSignatureAlg = KMSystem.getDefaultSignatureAlg();
        ikeycmd.debugMsg(new StringBuffer().append("254 CLI message returned check for slected algorithm= ").append(defaultSignatureAlg).toString());
        return defaultSignatureAlg;
    }
}
