package com.ibm.security.certclient.util;

import com.ibm.misc.Debug;
import com.ibm.security.certclient.base.PkConstants;
import com.ibm.security.certclient.base.PkException;
import com.ibm.security.certclient.base.PkNLSConstants;
import com.ibm.security.certclient.base.PkRejectionException;
import com.ibm.security.x509.AlgorithmId;
import com.ibm.security.x509.CertificateAlgorithmId;
import com.ibm.security.x509.CertificateExtensions;
import com.ibm.security.x509.CertificateIssuerName;
import com.ibm.security.x509.CertificateSerialNumber;
import com.ibm.security.x509.CertificateSubjectName;
import com.ibm.security.x509.CertificateValidity;
import com.ibm.security.x509.CertificateVersion;
import com.ibm.security.x509.CertificateX509Key;
import com.ibm.security.x509.DNSName;
import com.ibm.security.x509.ExtKeyUsageExtension;
import com.ibm.security.x509.GeneralNames;
import com.ibm.security.x509.IPAddressName;
import com.ibm.security.x509.KeyUsageExtension;
import com.ibm.security.x509.PKIXExtensions;
import com.ibm.security.x509.RFC822Name;
import com.ibm.security.x509.SubjectAlternativeNameExtension;
import com.ibm.security.x509.SubjectKeyIdentifierExtension;
import com.ibm.security.x509.URIName;
import com.ibm.security.x509.X500Name;
import com.ibm.security.x509.X509CertImpl;
import com.ibm.security.x509.X509CertInfo;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.InvalidParameterException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;

/* loaded from: input_file:efixes/PK36146_Windows_i386/components/prereq.jdk/update.jar:/java/jre/lib/ext/ibmkeycert.jar:com/ibm/security/certclient/util/PkSsCertFactory.class */
public final class PkSsCertFactory {

    /* loaded from: input_file:efixes/PK36146_Windows_i386/components/prereq.jdk/update.jar:/java/jre/lib/ext/ibmkeycert.jar:com/ibm/security/certclient/util/PkSsCertFactory$PkSsCertImpl.class */
    private static final class PkSsCertImpl implements PkSsCertificate, PkConstants {
        private KeyPair ssKey;
        private X509Certificate ssCert;
        private byte[] ssKeyIdentifier = null;
        private static final String DEFAULT_PROVIDER = "IBMJCE";
        private static final String DEFAULT_RNG = "IBMSecureRandom";
        private static final String RSA_KEY_TYPE = "RSA";
        private static final String DSA_KEY_TYPE = "DSA";
        private static final int DEFAULT_KEY_SIZE = 1024;
        private static final String DEFAULT_SIGN_ALGORITHM = "SHA1withRSA";
        private static final String DSA_SIGN_ALGORITHM = "SHA1withDSA";
        private static final int DEFAULT_LIFETIME = 365;
        private static List algList = new ArrayList(6);
        private static Debug debug = Debug.getInstance("keycertmanage");
        private static final Object className = "com.ibm.security.certclient.PkSsCertImpl";

        PkSsCertImpl(String str) throws PkRejectionException {
            X500Name validSubject = validSubject(str);
            this.ssKey = generateLocalKey(RSA_KEY_TYPE, 1024, DEFAULT_RNG, DEFAULT_PROVIDER);
            this.ssCert = generateSsCertificate(2, DEFAULT_SIGN_ALGORITHM, validSubject, this.ssKey.getPublic(), DEFAULT_LIFETIME, generateKID(false), null, null, null, DEFAULT_PROVIDER);
            ssCertSign(DEFAULT_SIGN_ALGORITHM, DEFAULT_PROVIDER);
        }

        PkSsCertImpl(int i, String str, int i2, boolean z, boolean z2, String str2) throws PkRejectionException {
            String str3;
            String str4;
            X500Name validSubject = validSubject(str);
            if (z) {
                str3 = RSA_KEY_TYPE;
                str4 = DEFAULT_SIGN_ALGORITHM;
            } else {
                str3 = DSA_KEY_TYPE;
                str4 = DSA_SIGN_ALGORITHM;
            }
            this.ssKey = generateLocalKey(str3, i, DEFAULT_RNG, str2);
            this.ssCert = generateSsCertificate(2, str4, validSubject, this.ssKey.getPublic(), i2, generateKID(z2), null, null, null, str2);
            ssCertSign(str4, str2);
        }

        PkSsCertImpl(int i, String str, int i2, boolean z, boolean z2, String str2, KeyPair keyPair) throws PkRejectionException {
            String str3;
            String str4;
            X500Name validSubject = validSubject(str);
            if (keyPair == null) {
                if (z) {
                    str4 = RSA_KEY_TYPE;
                    str3 = DEFAULT_SIGN_ALGORITHM;
                } else {
                    str4 = DSA_KEY_TYPE;
                    str3 = DSA_SIGN_ALGORITHM;
                }
                this.ssKey = generateLocalKey(str4, i, DEFAULT_RNG, str2);
            } else {
                str3 = keyPair.getPublic().getAlgorithm().equals(RSA_KEY_TYPE) ? DEFAULT_SIGN_ALGORITHM : DSA_SIGN_ALGORITHM;
                this.ssKey = keyPair;
            }
            this.ssCert = generateSsCertificate(2, str3, validSubject, this.ssKey.getPublic(), i2, generateKID(z2), null, null, null, str2);
            ssCertSign(str3, str2);
        }

        PkSsCertImpl(int i, String str, int i2, boolean z, boolean z2, List list, List list2, List list3, String str2) throws PkRejectionException {
            String str3;
            String str4;
            X500Name validSubject = validSubject(str);
            if (z) {
                str3 = RSA_KEY_TYPE;
                str4 = DEFAULT_SIGN_ALGORITHM;
            } else {
                str3 = DSA_KEY_TYPE;
                str4 = DSA_SIGN_ALGORITHM;
            }
            this.ssKey = generateLocalKey(str3, i, DEFAULT_RNG, str2);
            this.ssCert = generateSsCertificate(2, str4, validSubject, this.ssKey.getPublic(), i2, generateKID(z2), list, list2, list3, str2);
            ssCertSign(str4, str2);
        }

        PkSsCertImpl(int i, String str, int i2, boolean z, boolean z2, List list, List list2, List list3, String str2, KeyPair keyPair) throws PkRejectionException {
            String str3;
            String str4;
            X500Name validSubject = validSubject(str);
            if (keyPair == null) {
                if (z) {
                    str4 = RSA_KEY_TYPE;
                    str3 = DEFAULT_SIGN_ALGORITHM;
                } else {
                    str4 = DSA_KEY_TYPE;
                    str3 = DSA_SIGN_ALGORITHM;
                }
                this.ssKey = generateLocalKey(str4, i, DEFAULT_RNG, str2);
            } else {
                str3 = keyPair.getPublic().getAlgorithm().equals(RSA_KEY_TYPE) ? DEFAULT_SIGN_ALGORITHM : DSA_SIGN_ALGORITHM;
                this.ssKey = keyPair;
            }
            this.ssCert = generateSsCertificate(2, str3, validSubject, this.ssKey.getPublic(), i2, generateKID(z2), list, list2, list3, str2);
            ssCertSign(str3, str2);
        }

        private byte[] generateKID(boolean z) throws PkRejectionException {
            try {
                byte[] computeKID = PkCASetUp.computeKID(this.ssKey.getPublic(), z);
                if (debug != null) {
                    debug.text(0L, className, "generateKID", "Subject Key Identifier is {0}", computeKID);
                }
                return computeKID;
            } catch (NoSuchAlgorithmException e) {
                throw new PkRejectionException(PkNLSConstants.NO_SUCH_ALGORITHM_EXCEPTION, e);
            }
        }

        private X500Name validSubject(String str) throws PkRejectionException {
            try {
                X500Name x500Name = new X500Name(str);
                if (debug != null) {
                    debug.text(0L, className, "validSubject", "X500Name is {0}", x500Name);
                }
                return x500Name;
            } catch (IOException e) {
                throw new PkRejectionException(PkNLSConstants.INVALID_SUBJECT_NAME, e);
            }
        }

        private KeyPair generateLocalKey(String str, int i, String str2, String str3) throws PkRejectionException {
            String str4 = (str == null || str.length() == 0) ? RSA_KEY_TYPE : str;
            String str5 = (str3 == null || str3.length() == 0) ? DEFAULT_PROVIDER : str3;
            int i2 = i == 0 ? 1024 : i;
            if (i2 < 512) {
                throw new PkRejectionException(new StringBuffer().append(PkNLSConstants.INVALID_KEY_SIZE).append(i).toString());
            }
            if (debug != null) {
                debug.text(0L, className, "generateLocalKey", "Keytype is {0}", str4);
                debug.text(0L, className, "generateLocalKey", "Provider is {0}", str5);
                debug.text(0L, className, "generateLocalKey", "KeySize is {0}", new Integer(i2));
            }
            try {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str4, str3);
                SecureRandom secureRandom = (str2 == null || str2.length() == 0) ? SecureRandom.getInstance(str5) : SecureRandom.getInstance(str2, str5);
                if (debug != null) {
                    debug.text(0L, className, "generateLocalKey", "RNG is {0}", secureRandom);
                }
                keyPairGenerator.initialize(i, secureRandom);
                return keyPairGenerator.generateKeyPair();
            } catch (InvalidParameterException e) {
                throw new PkRejectionException(new StringBuffer().append(PkNLSConstants.INVALID_KEY_SIZE).append(i).toString(), e);
            } catch (NoSuchAlgorithmException e2) {
                throw new PkRejectionException(PkNLSConstants.NO_SUCH_ALGORITHM_EXCEPTION, e2);
            } catch (NoSuchProviderException e3) {
                throw new PkRejectionException(PkNLSConstants.INVALID_PROVIDER, e3);
            }
        }

        private X509Certificate generateSsCertificate(int i, String str, X500Name x500Name, PublicKey publicKey, int i2, byte[] bArr, List list, List list2, List list3, String str2) throws PkRejectionException {
            X509CertInfo x509CertInfo = new X509CertInfo();
            if (debug != null) {
                debug.text(0L, className, "generateSsCertificate", "Version is {0}", new Integer(i));
            }
            if (i != 2) {
                throw new PkRejectionException(PkNLSConstants.X509_CERT_VERSION_INVALID);
            }
            if (debug != null) {
                debug.text(0L, className, "generateSsCertificate", "Validity Period is {0}", new Integer(i2));
            }
            if (i2 <= 0) {
                throw new PkRejectionException(PkNLSConstants.VALIDITY_PERIOD_NOT_ALLOWED);
            }
            String str3 = (str2 == null || str2.length() == 0) ? DEFAULT_PROVIDER : str2;
            if (debug != null) {
                debug.text(0L, className, "createSubjectAltName", "Signing algorithm is {0}", str);
                debug.text(0L, className, "createSubjectAltName", "Provider is {0}", str3);
            }
            try {
                AlgorithmId algorithmId = AlgorithmId.get(str, str3);
                if (!algList.contains(algorithmId.getOID())) {
                    throw new PkRejectionException(PkNLSConstants.INCORRECT_SIGNATURE_ALGORITHM);
                }
                Date date = new Date();
                Date date2 = new Date();
                date2.setTime(date2.getTime() + (i2 * 24 * 60 * 60 * 1000));
                if (debug != null) {
                    debug.text(0L, className, "createSubjectAltName", "Start date {0}", date);
                    debug.text(0L, className, "createSubjectAltName", "End date {0}", date2);
                }
                CertificateValidity certificateValidity = new CertificateValidity(date, date2);
                CertificateExtensions certificateExtensions = new CertificateExtensions();
                try {
                    x509CertInfo.set("version", new CertificateVersion(i));
                    int time = (int) (date.getTime() / 1000);
                    x509CertInfo.set("serialNumber", new CertificateSerialNumber(time));
                    x509CertInfo.set("algorithmID", new CertificateAlgorithmId(algorithmId));
                    x509CertInfo.set("subject", new CertificateSubjectName(x500Name));
                    x509CertInfo.set("issuer", new CertificateIssuerName(x500Name));
                    x509CertInfo.set("key", new CertificateX509Key(publicKey));
                    x509CertInfo.set("validity", certificateValidity);
                    if (list != null && list.size() > 0) {
                        certificateExtensions.set("x509.info.extensions.SubjectAlternativeName", createSubjectAltName(list));
                    }
                    if (bArr != null) {
                        this.ssKeyIdentifier = bArr;
                        certificateExtensions.set("x509.info.extensions.SubjectKeyIdentifier", new SubjectKeyIdentifierExtension(bArr));
                    }
                    if (list2 != null && !list2.isEmpty()) {
                        certificateExtensions.set("x509.info.extensions.KeyUsage", setKeyUsageExt(list2));
                    }
                    if (list3 != null && !list3.isEmpty()) {
                        certificateExtensions.set("x509.info.extensions.ExtKeyUsage", setextKeyUsageExt(list3));
                    }
                    x509CertInfo.set("extensions", certificateExtensions);
                    if (debug != null) {
                        debug.text(0L, className, "createSubjectAltName", "Raw certificate request created with serial {0}", new Integer(time));
                    }
                    try {
                        return new X509CertImpl(x509CertInfo, str3);
                    } catch (CertificateEncodingException e) {
                        throw new PkRejectionException(PkNLSConstants.INVALID_CERTIFICATE, e);
                    } catch (CertificateParsingException e2) {
                        throw new PkRejectionException(PkNLSConstants.INVALID_CERTIFICATE, e2);
                    }
                } catch (IOException e3) {
                    throw new PkRejectionException(PkNLSConstants.INVALID_ATTRIBUTE, e3);
                } catch (CertificateException e4) {
                    throw new PkRejectionException(PkNLSConstants.INVALID_ATTRIBUTE, e4);
                } catch (Exception e5) {
                    throw new PkRejectionException(PkNLSConstants.INVALID_ATTRIBUTE, e5);
                }
            } catch (NoSuchAlgorithmException e6) {
                throw new PkRejectionException(PkNLSConstants.NO_SUCH_ALGORITHM_EXCEPTION, e6);
            }
        }

        private KeyUsageExtension setKeyUsageExt(List list) throws IOException, PkRejectionException {
            KeyUsageExtension keyUsageExtension = new KeyUsageExtension();
            Iterator it = list.iterator();
            while (it.hasNext()) {
                String str = (String) it.next();
                if (debug != null) {
                    debug.text(0L, className, "setKeyUsageExt", "Processing {0}", str);
                }
                if (str.equalsIgnoreCase(KeyUsageExtension.DIGITAL_SIGNATURE)) {
                    keyUsageExtension.set(KeyUsageExtension.DIGITAL_SIGNATURE, Boolean.TRUE);
                } else if (str.equalsIgnoreCase(KeyUsageExtension.DATA_ENCIPHERMENT)) {
                    keyUsageExtension.set(KeyUsageExtension.DATA_ENCIPHERMENT, Boolean.TRUE);
                } else if (str.equalsIgnoreCase(KeyUsageExtension.ENCIPHER_ONLY)) {
                    keyUsageExtension.set(KeyUsageExtension.ENCIPHER_ONLY, Boolean.TRUE);
                } else if (str.equalsIgnoreCase(KeyUsageExtension.DECIPHER_ONLY)) {
                    keyUsageExtension.set(KeyUsageExtension.DECIPHER_ONLY, Boolean.TRUE);
                } else if (str.equalsIgnoreCase(KeyUsageExtension.NON_REPUDIATION)) {
                    keyUsageExtension.set(KeyUsageExtension.NON_REPUDIATION, Boolean.TRUE);
                } else if (str.equalsIgnoreCase(KeyUsageExtension.KEY_ENCIPHERMENT)) {
                    keyUsageExtension.set(KeyUsageExtension.KEY_ENCIPHERMENT, Boolean.TRUE);
                } else {
                    if (!str.equalsIgnoreCase(KeyUsageExtension.KEY_AGREEMENT)) {
                        throw new PkRejectionException(PkNLSConstants.CERT_BAD_KEY_USAGE);
                    }
                    keyUsageExtension.set(KeyUsageExtension.KEY_AGREEMENT, Boolean.TRUE);
                }
            }
            return keyUsageExtension;
        }

        private ExtKeyUsageExtension setextKeyUsageExt(List list) throws IOException, PkRejectionException {
            ExtKeyUsageExtension extKeyUsageExtension = null;
            Vector vector = new Vector();
            Iterator it = list.iterator();
            while (it.hasNext()) {
                String str = (String) it.next();
                if (debug != null) {
                    debug.text(0L, className, "setextKeyUsageExt", "Processing {0}", str);
                }
                if (str.equalsIgnoreCase("ServerAuth_Id")) {
                    vector.add(PKIXExtensions.ServerAuth_Id);
                } else if (str.equalsIgnoreCase("ClientAuth_Id")) {
                    vector.add(PKIXExtensions.ClientAuth_Id);
                } else if (str.equalsIgnoreCase("CodeSigning_Id")) {
                    vector.add(PKIXExtensions.CodeSigning_Id);
                } else if (str.equalsIgnoreCase("EmailProtection_Id")) {
                    vector.add(PKIXExtensions.EmailProtection_Id);
                } else if (str.equalsIgnoreCase("IPSecEndSystem_Id")) {
                    vector.add(PKIXExtensions.IPSecEndSystem_Id);
                } else if (str.equalsIgnoreCase("IPSecTunnel_Id")) {
                    vector.add(PKIXExtensions.IPSecTunnel_Id);
                } else if (str.equalsIgnoreCase("IPSecUser_Id")) {
                    vector.add(PKIXExtensions.IPSecUser_Id);
                } else {
                    if (!str.equalsIgnoreCase("TimeStamping_Id")) {
                        throw new PkRejectionException(PkNLSConstants.CERT_BAD_KEY_USAGE);
                    }
                    vector.add(PKIXExtensions.TimeStamping_Id);
                }
            }
            if (vector.size() > 0) {
                extKeyUsageExtension = new ExtKeyUsageExtension(vector);
            }
            return extKeyUsageExtension;
        }

        private byte[] getIPAddress(String str) {
            String[] split = PkString.split(str, ".");
            return new byte[]{new Integer(split[0]).byteValue(), new Integer(split[1]).byteValue(), new Integer(split[2]).byteValue(), new Integer(split[3]).byteValue()};
        }

        private SubjectAlternativeNameExtension createSubjectAltName(List list) throws Exception {
            SubjectAlternativeNameExtension subjectAlternativeNameExtension = null;
            if (list != null) {
                GeneralNames generalNames = new GeneralNames();
                boolean z = false;
                int size = list.size();
                if (list.get(0) != null) {
                    if (debug != null) {
                        debug.text(0L, className, "createSubjectAltName", "Processing {0}", list.get(0));
                    }
                    generalNames.addElement(new RFC822Name((String) list.get(0)));
                    z = true;
                }
                if (size > 1 && list.get(1) != null) {
                    if (debug != null) {
                        debug.text(0L, className, "createSubjectAltName", "Processing {0}", list.get(1));
                    }
                    generalNames.addElement(new DNSName((String) list.get(1)));
                    z = true;
                }
                if (size > 2 && list.get(2) != null) {
                    if (debug != null) {
                        debug.text(0L, className, "createSubjectAltName", "Processing {0}", list.get(2));
                    }
                    generalNames.addElement(new URIName((String) list.get(2)));
                    z = true;
                }
                if (size > 3 && list.get(3) != null) {
                    if (debug != null) {
                        debug.text(0L, className, "createSubjectAltName", "Processing {0}", list.get(3));
                    }
                    generalNames.addElement(new IPAddressName(getIPAddress((String) list.get(3))));
                    z = true;
                }
                if (z) {
                    subjectAlternativeNameExtension = new SubjectAlternativeNameExtension(generalNames);
                }
            } else if (debug != null) {
                debug.text(0L, className, "createSubjectAltName", "No subject Alt Names provided");
            }
            return subjectAlternativeNameExtension;
        }

        private void ssCertSign(String str, String str2) throws PkRejectionException {
            if (debug != null) {
                debug.text(0L, className, "ssCertSign", "Signing with {0}", str);
            }
            try {
                ((X509CertImpl) this.ssCert).sign(this.ssKey.getPrivate(), str, str2);
                if (debug != null) {
                    debug.text(0L, className, "ssCertSign", "Signed OK by provider {0}", str2);
                }
            } catch (InvalidKeyException e) {
                throw new PkRejectionException(PkNLSConstants.CERT_BAD_KEY_USAGE, e);
            } catch (NoSuchAlgorithmException e2) {
                throw new PkRejectionException(PkNLSConstants.NO_SUCH_ALGORITHM_EXCEPTION, e2);
            } catch (NoSuchProviderException e3) {
                throw new PkRejectionException(PkNLSConstants.INVALID_PROVIDER, e3);
            } catch (SignatureException e4) {
                throw new PkRejectionException(PkNLSConstants.BAD_SS_CERT_SIGNATURE, e4);
            } catch (CertificateException e5) {
                throw new PkRejectionException(PkNLSConstants.INVALID_CERTIFICATE, e5);
            }
        }

        @Override // com.ibm.security.certclient.util.PkSsCertificate
        public PrivateKey getKey() {
            return this.ssKey.getPrivate();
        }

        @Override // com.ibm.security.certclient.util.PkSsCertificate
        public X509Certificate getCertificate() {
            return this.ssCert;
        }

        @Override // com.ibm.security.certclient.util.PkSsCertificate
        public PublicKey getPublicKey() {
            return this.ssKey.getPublic();
        }

        @Override // com.ibm.security.certclient.util.PkSsCertificate
        public String getSubjectName() {
            return this.ssCert.getSubjectDN().getName();
        }

        @Override // com.ibm.security.certclient.util.PkSsCertificate
        public String getSigAlg() {
            return this.ssCert.getSigAlgName();
        }

        @Override // com.ibm.security.certclient.util.PkSsCertificate
        public byte[] getSubjectKeyIdentifier() {
            return this.ssKeyIdentifier;
        }

        @Override // com.ibm.security.certclient.util.PkSsCertificate
        public void setToKeyStore(String str, String str2, KeyStore keyStore) throws PkException {
            if (str == null || str.length() == 0) {
                throw new PkException(PkNLSConstants.HTTP_BAD_OR_MISSING_ALIAS);
            }
            if (keyStore == null) {
                throw new PkException(PkNLSConstants.MISSING_KEYSTORE);
            }
            if (str2 == null || str2.length() == 0) {
                throw new PkException(PkNLSConstants.TUI_INVALIDPWD);
            }
            try {
                keyStore.setKeyEntry(str, this.ssKey.getPrivate(), str2.toCharArray(), new X509Certificate[]{this.ssCert});
            } catch (KeyStoreException e) {
                throw new PkException(PkNLSConstants.EE_INVALID_CONFIG_KEYSTORE);
            }
        }

        static {
            algList.add(AlgorithmId.sha1WithRSAEncryption_oid);
            algList.add(AlgorithmId.sha1WithRSAEncryption_OIW_oid);
            algList.add(AlgorithmId.sha1WithDSA_oid);
            algList.add(AlgorithmId.sha1WithDSA_OIW_oid);
            algList.add(AlgorithmId.shaWithDSA_OIW_oid);
            algList.add(AlgorithmId.md5WithRSAEncryption_oid);
        }
    }

    private PkSsCertFactory() {
        throw new UnsupportedOperationException();
    }

    public static PkSsCertificate newSsCert(String str) throws PkRejectionException {
        return new PkSsCertImpl(str);
    }

    public static PkSsCertificate newSsCert(int i, String str, int i2, boolean z, boolean z2, String str2) throws PkRejectionException {
        return new PkSsCertImpl(i, str, i2, z, z2, str2);
    }

    public static PkSsCertificate newSsCert(int i, String str, int i2, boolean z, boolean z2, String str2, KeyPair keyPair) throws PkRejectionException {
        return new PkSsCertImpl(i, str, i2, z, z2, str2, keyPair);
    }

    public static PkSsCertificate newSsCert(int i, String str, int i2, boolean z, boolean z2, List list, List list2, List list3, String str2) throws PkRejectionException {
        return new PkSsCertImpl(i, str, i2, z, z2, list, list2, list3, str2);
    }

    public static PkSsCertificate newSsCert(int i, String str, int i2, boolean z, boolean z2, List list, List list2, List list3, String str2, KeyPair keyPair) throws PkRejectionException {
        return new PkSsCertImpl(i, str, i2, z, z2, list, list2, list3, str2, keyPair);
    }
}
