package com.ibm.gsk.ikeyman.basic;

import com.ibm.rmi.util.Utility;
import com.ibm.security.pkcs8.PrivateKeyInfo;
import com.ibm.security.pkcsutil.PKCSAttribute;
import com.ibm.security.pkcsutil.PKCSAttributes;
import com.ibm.security.pkcsutil.PKCSOID;
import com.ibm.security.util.DerOutputStream;
import com.ibm.security.util.DerValue;
import com.ibm.security.x509.CertificateExtensions;
import com.ibm.security.x509.DNSName;
import com.ibm.security.x509.GeneralName;
import com.ibm.security.x509.GeneralNameInterface;
import com.ibm.security.x509.GeneralNames;
import com.ibm.security.x509.IPAddressName;
import com.ibm.security.x509.RFC822Name;
import com.ibm.security.x509.SubjectAlternativeNameExtension;
import java.io.File;
import java.io.IOException;
import java.util.Enumeration;
import java.util.Random;
import java.util.StringTokenizer;
import java.util.Vector;

/* loaded from: input_file:efixes/PQ87578_nd_linux_ppc32/components/prereq.jdk/update.jar:/java/jre/lib/ext/gskikm.jar:com/ibm/gsk/ikeyman/basic/CMSKeyDatabase.class */
public class CMSKeyDatabase extends KeyDatabase implements KeyDatabaseOperator {
    public native int c_CreateNewKeyDb(String str, String str2, long j);

    public native int c_OpenKeyDb(String str, String str2);

    public native int c_BuildKeyLabelList(String str, String str2);

    public native KeyItem c_GetKeyItemByLabel(String str, String str2, String str3, boolean z);

    public native KeyItem c_GetDefaultKeyItem(String str, String str2);

    public native KeyItem[] c_GetKeyItemsByPublicKey(String str, String str2, int i, byte[] bArr);

    public native boolean c_ChangeKeyDbPwd(String str, String str2, String str3, long j);

    public static native boolean c_StashKeyDbPwd(String str, String str2);

    public native int c_CreateNewSelfSignedCertificate(String str, String str2, int i, String str3, boolean z, int i2, DNItem dNItem, int i3, String str4, boolean z2);

    public native int c_CreateNewSelfSignedCertificateSigExt(String str, String str2, int i, String str3, boolean z, int i2, DNItem dNItem, int i3, int i4, int i5, byte[] bArr, String str4, boolean z2);

    public native int c_CreateNewCertRequest(String str, String str2, String str3, int i, DNItem dNItem, String str4, boolean z);

    public native int c_CreateNewCertRequestSigExt(String str, String str2, String str3, int i, DNItem dNItem, int i2, int i3, byte[] bArr, String str4, boolean z);

    public native int c_IssueCertificate(String str, String str2, String str3, int i, String str4, int i2, String str5, String str6, boolean z);

    public native int c_IssueCertificateSig(String str, String str2, String str3, int i, String str4, int i2, int i3, String str5, String str6, boolean z);

    public native boolean c_IsPrivateKeyPresent(String str, String str2, String str3);

    public native int c_InsertKey(String str, String str2, String str3, int i, byte[] bArr, int i2, byte[] bArr2, boolean z, boolean z2);

    public native int c_InsertReqKey(String str, String str2, String str3, int i, byte[] bArr, int i2, byte[] bArr2);

    public native int c_DeleteKeyByLabel(String str, String str2, String str3, boolean z);

    public native int c_SetDefaultKey(String str, String str2, String str3);

    public native int c_SetKeyTrust(String str, String str2, String str3, boolean z);

    public native int c_ExportToPFXFile(String str, String str2, String str3, String str4, String[] strArr);

    public native int c_ImportFromPFXFile(String str, String str2, String str3, String str4);

    public native int c_ReceiveCert(String str, String str2, String str3, boolean z, boolean z2);

    public native int c_AddCaCert(String str, String str2, String str3, String str4, boolean z);

    public native int c_ExtractCert(String str, String str2, String str3, String str4, boolean z);

    public native int c_ExtractCertReq(String str, String str2, String str3, String str4);

    public native int c_ExtractCertReqSig(String str, String str2, String str3, int i, String str4);

    public native boolean c_CheckCertAsRenewal(String str, String str2, int i, byte[] bArr);

    public native int c_RenewCert(String str, String str2, int i, byte[] bArr);

    public static native int c_Kyr2Kdb(String str, String str2, String str3, String str4);

    public static native int c_Kdb2Kyr(String str, String str2, String str3, String str4);

    public static native PrivateKeyInfoItem c_DecryptPrivateKey(int i, byte[] bArr, String str);

    public static native EncryptedPrivateKeyInfoItem c_EncryptPrivateKey(int i, byte[] bArr, String str);

    public native KeyItem[] c_GetKeyItemListByLabel(String str, String str2, String str3);

    public static native CertificateItem[] c_ExtractCertFromPKCS7Data(String str, boolean z);

    public native boolean c_ValidateCertificateChain(String str, String str2, byte[] bArr, int i);

    public static native boolean c_IsPasswordRequired(String str);

    public CMSKeyDatabase() {
        this.type = 1;
        this.op = this;
    }

    public CMSKeyDatabase(KeyDatabase keyDatabase) {
        super(keyDatabase);
        this.type = 1;
        this.op = this;
    }

    public CMSKeyDatabase(String str, String str2) {
        super(1, str, str2);
        this.op = this;
    }

    public CMSKeyDatabase(String str, String str2, long j) {
        super(1, str, str2, j);
        this.op = this;
    }

    public CMSKeyDatabase(String str) {
        super(1, str);
        this.op = this;
    }

    public static boolean isPasswordNeeded(String str) {
        KMUtil.debugMsg("CMSKeyDatabase::isPasswordNeeded(), before calling c_IsPasswordRequired()");
        return c_IsPasswordRequired(str);
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public void create() throws CMSKeyDatabaseException {
        KMUtil.debugMsg("CMSKeyDatabase::create() 0000");
        int c_CreateNewKeyDb = c_CreateNewKeyDb(this.keyDbFileName, this.keyDbPwd, this.keyDbPwdExpireTime);
        if (c_CreateNewKeyDb != 0) {
            KMUtil.debugMsg(new StringBuffer().append("CMSKeyDatabase::create() 9999-1, errCode=").append(c_CreateNewKeyDb).toString());
            throw new CMSKeyDatabaseException(c_CreateNewKeyDb, KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_CREATE"));
        }
        buildKeyLabelList();
        KMUtil.debugMsg("CMSKeyDatabase::create() 9999");
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public void open() throws CMSKeyDatabaseException {
        KMUtil.debugMsg(new StringBuffer().append("CMSKeyDatabase::open() 0000, keyDbFileName=").append(this.keyDbFileName).append(", keyDbPwd=").append(this.keyDbPwd).toString());
        int c_OpenKeyDb = c_OpenKeyDb(this.keyDbFileName, this.keyDbPwd);
        if (c_OpenKeyDb != 0) {
            KMUtil.debugMsg(new StringBuffer().append("CMSKeyDatabase::open() 9999-1, errCode=").append(c_OpenKeyDb).toString());
            throw new CMSKeyDatabaseException(c_OpenKeyDb, KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_OPEN"));
        }
        buildKeyLabelList();
        KMUtil.debugMsg("CMSKeyDatabase::open() 9999");
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public void close() {
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public void save() {
    }

    public void rename(String str) throws IOException {
        File file = new File(this.keyDbFileName);
        String canonicalPath = file.getCanonicalPath();
        String changeFileNameExtension = KMUtil.changeFileNameExtension(canonicalPath, ".rdb");
        String changeFileNameExtension2 = KMUtil.changeFileNameExtension(canonicalPath, ".crl");
        File file2 = new File(changeFileNameExtension);
        File file3 = new File(changeFileNameExtension2);
        File file4 = new File(str);
        String canonicalPath2 = file4.getCanonicalPath();
        String changeFileNameExtension3 = KMUtil.changeFileNameExtension(canonicalPath2, ".rdb");
        String changeFileNameExtension4 = KMUtil.changeFileNameExtension(canonicalPath2, ".crl");
        File file5 = new File(changeFileNameExtension3);
        File file6 = new File(changeFileNameExtension4);
        if (file.exists()) {
            file.renameTo(file4);
        }
        if (file2.exists()) {
            file2.renameTo(file5);
        }
        if (file3.exists()) {
            file3.renameTo(file6);
        }
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabase
    public void delete() throws IOException, CMSKeyDatabaseException {
        File file = new File(this.keyDbFileName);
        String canonicalPath = file.getCanonicalPath();
        if (!file.exists()) {
            throw new CMSKeyDatabaseException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_FILE_NOT_FOUND"));
        }
        file.delete();
        File file2 = new File(KMUtil.changeFileNameExtension(canonicalPath, ".rdb"));
        if (file2.exists()) {
            file2.delete();
        }
        File file3 = new File(KMUtil.changeFileNameExtension(canonicalPath, ".crl"));
        if (file3.exists()) {
            file3.delete();
        }
    }

    public void makeCopyFromKyr(WEBDBKeyDatabase wEBDBKeyDatabase) throws CMSKeyDatabaseException {
        try {
            String tmpFileName = KMUtil.getTmpFileName(this.keyDbFileName, new StringBuffer().append("_tmp").append(KeyDatabase.DEFAULT_KEYDB_NAME_EXT_CMS).toString());
            int c_Kyr2Kdb = c_Kyr2Kdb(wEBDBKeyDatabase.getKeyDbFileName(), wEBDBKeyDatabase.getKeyDbPwd(), tmpFileName, this.keyDbPwd);
            if (c_Kyr2Kdb != 0) {
                throw new CMSKeyDatabaseException(c_Kyr2Kdb, KMSystem.getNLSErrString("GSKKM_ERR_KYR2KDB"));
            }
            CMSKeyDatabase cMSKeyDatabase = new CMSKeyDatabase(tmpFileName, this.keyDbPwd, 0L);
            cMSKeyDatabase.buildKeyLabelList();
            try {
                delete();
            } catch (KeyDatabaseException e) {
            }
            copyKeyLabelLists(cMSKeyDatabase);
            cMSKeyDatabase.rename(this.keyDbFileName);
        } catch (IOException e2) {
            throw new CMSKeyDatabaseException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_SAVEAS"));
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public void reCreate(KeyDatabase keyDatabase) throws CMSKeyDatabaseException {
        if (this.keyDbFileName == null || this.keyDbFileName.equals(keyDatabase.getKeyDbFileName())) {
            throw new CMSKeyDatabaseException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_INVALID_FILE_NAME"));
        }
        KeyDatabaseOperator keyDatabaseOperator = (KeyDatabaseOperator) keyDatabase;
        try {
            if (this.type == keyDatabase.getType()) {
                c_Kdb2Kyr(keyDatabase.getKeyDbFileName(), keyDatabase.getKeyDbPwd(), "temp", "0909");
                c_Kyr2Kdb("temp", "0909", this.keyDbFileName, this.keyDbPwd);
                buildKeyLabelList();
                File file = new File("temp");
                if (file.exists()) {
                    file.delete();
                }
            } else if (keyDatabase.getType() == 2) {
                int c_Kyr2Kdb = c_Kyr2Kdb(keyDatabase.getKeyDbFileName(), keyDatabase.getKeyDbPwd(), this.keyDbFileName, this.keyDbPwd);
                if (c_Kyr2Kdb != 0) {
                    throw new CMSKeyDatabaseException(c_Kyr2Kdb, KMSystem.getNLSErrString("GSKKM_ERR_KYR2KDB"));
                }
                buildKeyLabelList();
            } else {
                if (keyDatabase.getType() != 3) {
                    throw new CMSKeyDatabaseException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_INVALID_TYPE"));
                }
                keyDatabaseOperator.open();
                create();
                Vector keyLabelList = getKeyLabelList();
                String[] strArr = new String[30];
                Vector vector = new Vector();
                for (int i = 0; i < keyLabelList.size(); i++) {
                    strArr[i] = (String) keyLabelList.elementAt(i);
                }
                for (String str : strArr) {
                    deleteKeyByLabel(str);
                }
                String str2 = null;
                Enumeration[] enumerationArr = new Enumeration[3];
                Vector caCertLabelList = keyDatabase.getCaCertLabelList();
                if (caCertLabelList != null) {
                    enumerationArr[0] = caCertLabelList.elements();
                }
                Vector myCertLabelList = keyDatabase.getMyCertLabelList();
                if (myCertLabelList != null) {
                    enumerationArr[1] = myCertLabelList.elements();
                }
                Vector reqKeyLabelList = keyDatabase.getReqKeyLabelList();
                if (reqKeyLabelList != null) {
                    enumerationArr[2] = reqKeyLabelList.elements();
                }
                for (int i2 = 0; i2 < 3; i2++) {
                    if (enumerationArr[i2] != null) {
                        while (enumerationArr[i2].hasMoreElements()) {
                            KeyItem keyItemByLabel = keyDatabaseOperator.getKeyItemByLabel((String) enumerationArr[i2].nextElement());
                            if (keyItemByLabel.isDefault()) {
                                str2 = keyItemByLabel.getKeyLabel();
                            }
                            if (keyItemByLabel.hasPrivateKey()) {
                                keyItemByLabel.setEncryptedPrivateKeyInfoItem(encryptPrivateKey(new PrivateKeyInfoItem(new PrivateKeyInfo(keyItemByLabel.getEncryptedPrivateKeyInfoItem().getEncoded()).getKeyBytes())));
                            }
                            if (i2 == 1 && keyItemByLabel.hasMultipleCertificateChain()) {
                                KeyItem[] keyItemsForCertChain = keyItemByLabel.getKeyItemsForCertChain();
                                for (int length = keyItemsForCertChain.length - 1; length >= 0; length--) {
                                    if (keyItemsForCertChain[length].getKeyLabel() != null) {
                                        try {
                                            keyItemsForCertChain[length].setTrusted(true);
                                            insertKey(keyItemsForCertChain[length]);
                                        } catch (CMSKeyDatabaseException e) {
                                            String errKey = CMSKeyDatabaseException.getErrKey(e.getErrCode());
                                            if (errKey.equals("GSKKM_ERR_DATABASE_DUPLICATE_KEY")) {
                                                if (length == 0) {
                                                    throw e;
                                                }
                                            } else if (!errKey.equals("GSKKM_ERR_DATABASE_DUPLICATE_KEY_SIGNATURE")) {
                                                for (int length2 = keyItemsForCertChain.length - 1; length2 >= length; length2--) {
                                                    try {
                                                        deleteKeyByLabel(keyItemsForCertChain[i2].getKeyLabel());
                                                    } catch (CMSKeyDatabaseException e2) {
                                                    }
                                                }
                                                throw e;
                                            }
                                        }
                                    }
                                }
                            } else if (i2 != 0) {
                                insertKey(keyItemByLabel);
                            } else if (((CertificateItem) keyItemByLabel.getCertificateChain().elementAt(0)).getIssuer().toString().equals(((CertificateItem) keyItemByLabel.getCertificateChain().elementAt(0)).getSubject().toString())) {
                                insertKey(keyItemByLabel);
                            } else {
                                vector.addElement(keyItemByLabel);
                            }
                        }
                        if (vector != null) {
                            for (int i3 = 0; i3 < vector.size(); i3++) {
                                insertKey((KeyItem) vector.elementAt(i3));
                            }
                            vector = null;
                        }
                    }
                }
                keyDatabaseOperator.close();
                save();
                if (str2 != null) {
                    setDefaultKey(str2);
                }
                buildKeyLabelList();
            }
        } catch (CMSKeyDatabaseException e3) {
            e3.printStackTrace();
            throw e3;
        } catch (KeyDatabaseException e4) {
            e4.printStackTrace();
            throw new CMSKeyDatabaseException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_SAVEAS"));
        } catch (IOException e5) {
            e5.printStackTrace();
        }
    }

    public void changeKeyDbPwd(String str, long j) throws CMSKeyDatabaseException {
        changeKeyDbPwd(null, str, j);
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public void changeKeyDbPwd(String str, String str2, long j) throws CMSKeyDatabaseException {
        if (str != null && !str.equals(this.keyDbPwd)) {
            throw new CMSKeyDatabaseException(KMSystem.getNLSErrString("GSKKM_ERR_OLD_PASSWORD"));
        }
        if (!c_ChangeKeyDbPwd(this.keyDbFileName, this.keyDbPwd, str2, j)) {
            throw new CMSKeyDatabaseException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_PWDCHG"));
        }
        this.keyDbPwd = str2;
        this.keyDbPwdExpireTime = j;
    }

    public static boolean stashKeyDbPwd(String str, String str2) {
        if (str == null || str2 == null || str2.length() == 0 || str.length() == 0) {
            return false;
        }
        return c_StashKeyDbPwd(str, str2);
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public void createNewSelfSignedCertificate(int i, String str, boolean z, int i2, DNItem dNItem, int i3, String str2, boolean z2) throws CMSKeyDatabaseException {
        int c_CreateNewSelfSignedCertificate = c_CreateNewSelfSignedCertificate(this.keyDbFileName, this.keyDbPwd, i - 1, str, z, i2, dNItem, i3, str2, z2);
        if (c_CreateNewSelfSignedCertificate != 0) {
            throw new CMSKeyDatabaseException(c_CreateNewSelfSignedCertificate, KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_NEW_SSCERT"));
        }
        addKeyLabelAt(str, 0);
        addMyCertLabelAt(str, 0);
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public void createNewSelfSignedCertificate(int i, String str, boolean z, int i2, DNItem dNItem, int i3, int i4, String str2, boolean z2, Vector vector) throws CMSKeyDatabaseException {
        byte[] encodeExtensions = encodeExtensions(vector);
        int i5 = 0;
        if (encodeExtensions != null) {
            i5 = encodeExtensions.length;
        }
        int c_CreateNewSelfSignedCertificateSigExt = c_CreateNewSelfSignedCertificateSigExt(this.keyDbFileName, this.keyDbPwd, i - 1, str, z, i2, dNItem, i3, i4, i5, encodeExtensions, str2, z2);
        if (c_CreateNewSelfSignedCertificateSigExt != 0) {
            throw new CMSKeyDatabaseException(c_CreateNewSelfSignedCertificateSigExt, KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_NEW_SSCERT"));
        }
        addKeyLabelAt(str, 0);
        addMyCertLabelAt(str, 0);
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public void createNewCertRequest(String str, int i, DNItem dNItem, String str2, boolean z) throws CMSKeyDatabaseException {
        int c_CreateNewCertRequest = c_CreateNewCertRequest(this.keyDbFileName, this.keyDbPwd, str, i, dNItem, str2, z);
        if (c_CreateNewCertRequest != 0) {
            throw new CMSKeyDatabaseException(c_CreateNewCertRequest, KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_NEW_CERTREQ"));
        }
        if (z) {
            addReqKeyLabelAt(str, 0);
        }
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public void createNewCertRequest(String str, int i, DNItem dNItem, int i2, String str2, boolean z, Vector vector) throws CMSKeyDatabaseException {
        byte[] encodeAttributes = encodeAttributes(vector);
        int i3 = 0;
        if (encodeAttributes != null) {
            i3 = encodeAttributes.length;
        }
        int c_CreateNewCertRequestSigExt = c_CreateNewCertRequestSigExt(this.keyDbFileName, this.keyDbPwd, str, i, dNItem, i2, i3, encodeAttributes, str2, z);
        if (c_CreateNewCertRequestSigExt != 0) {
            throw new CMSKeyDatabaseException(c_CreateNewCertRequestSigExt, KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_NEW_CERTREQ"));
        }
        if (z) {
            addReqKeyLabelAt(str, 0);
        }
    }

    public void createNewCertRequest(String str, int i, DNItem dNItem, int i2, String str2, boolean z, byte[] bArr) throws CMSKeyDatabaseException {
        int i3 = 0;
        if (bArr != null) {
            i3 = bArr.length;
        }
        int c_CreateNewCertRequestSigExt = c_CreateNewCertRequestSigExt(this.keyDbFileName, this.keyDbPwd, str, i, dNItem, i2, i3, bArr, str2, z);
        if (c_CreateNewCertRequestSigExt != 0) {
            throw new CMSKeyDatabaseException(c_CreateNewCertRequestSigExt, KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_NEW_CERTREQ"));
        }
        if (z) {
            addReqKeyLabelAt(str, 0);
        }
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabase
    public void issueCertificate(String str, int i, String str2, int i2, String str3, String str4, boolean z) throws CMSKeyDatabaseException {
        int c_IssueCertificate = c_IssueCertificate(this.keyDbFileName, this.keyDbPwd, str, i - 1, str2, i2, str3, str4, z);
        if (c_IssueCertificate != 0) {
            throw new CMSKeyDatabaseException(c_IssueCertificate);
        }
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabase
    public void issueCertificate(String str, int i, String str2, int i2, int i3, String str3, String str4, boolean z) throws CMSKeyDatabaseException {
        int c_IssueCertificateSig = c_IssueCertificateSig(this.keyDbFileName, this.keyDbPwd, str, i - 1, str2, i2, i3, str3, str4, z);
        if (c_IssueCertificateSig != 0) {
            throw new CMSKeyDatabaseException(c_IssueCertificateSig);
        }
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public boolean isPrivateKeyPresent(String str) {
        return c_IsPrivateKeyPresent(this.keyDbFileName, this.keyDbPwd, str);
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public void buildKeyLabelList() throws CMSKeyDatabaseException {
        KMUtil.debugMsg("CMSKeyDatabase::buildKeyLabelList() 0000");
        if (this.keyLabelList != null) {
            KMUtil.debugMsg("CMSKeyDatabase::buildKeyLabelList() 9999-1");
            return;
        }
        this.keyLabelList = new Vector();
        int c_BuildKeyLabelList = c_BuildKeyLabelList(this.keyDbFileName, this.keyDbPwd);
        if (c_BuildKeyLabelList != 0) {
            KMUtil.debugMsg(new StringBuffer().append("CMSKeyDatabase::buildKeyLabelList() 9999-2, errCode=").append(c_BuildKeyLabelList).toString());
            throw new CMSKeyDatabaseException(c_BuildKeyLabelList, KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_BUILD_KEYLIST"));
        }
        classifyKeyLabels();
        KMUtil.debugMsg("CMSKeyDatabase::buildKeyLabelList() 9999");
    }

    public void classifyKeyLabels() {
        KMUtil.debugMsg("CMSKeyDatabase::classifyKeyLabels() 0000");
        this.myCertLabelList = null;
        this.caCertLabelList = null;
        if (this.keyLabelList == null) {
            KMUtil.debugMsg("CMSKeyDatabase::classifyKeyLabels() 9999-1");
            return;
        }
        int size = this.keyLabelList.size();
        for (int i = 0; i < size; i++) {
            String str = (String) this.keyLabelList.elementAt(i);
            if (isPrivateKeyPresent(str)) {
                addMyCertLabel(str);
            } else {
                addCaCertLabel(str);
            }
        }
        KMUtil.debugMsg("CMSKeyDatabase::classifyKeyLabels() 9999");
    }

    public void refreshKeyLabelList() throws CMSKeyDatabaseException {
        if (this.keyLabelList == null) {
            this.keyLabelList = new Vector();
        } else {
            this.keyLabelList.removeAllElements();
        }
        if (this.reqKeyLabelList == null) {
            this.reqKeyLabelList = new Vector();
        } else {
            this.reqKeyLabelList.removeAllElements();
        }
        int c_BuildKeyLabelList = c_BuildKeyLabelList(this.keyDbFileName, this.keyDbPwd);
        if (c_BuildKeyLabelList != 0) {
            throw new CMSKeyDatabaseException(c_BuildKeyLabelList, KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_BUILD_KEYLIST"));
        }
        classifyKeyLabels();
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public KeyItem getKeyItemByLabel(String str) throws CMSKeyDatabaseException {
        boolean z = false;
        if (this.reqKeyLabelList != null && this.reqKeyLabelList.contains(str)) {
            z = true;
        }
        KeyItem c_GetKeyItemByLabel = c_GetKeyItemByLabel(this.keyDbFileName, this.keyDbPwd, str, z);
        if (c_GetKeyItemByLabel == null) {
            throw new CMSKeyDatabaseException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_GET_KEY_BY_LABEL"));
        }
        return c_GetKeyItemByLabel;
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public Vector getKeyItemsByPublicKey(BERObject bERObject) throws CMSKeyDatabaseException {
        KeyItem[] c_GetKeyItemsByPublicKey = c_GetKeyItemsByPublicKey(this.keyDbFileName, this.keyDbPwd, bERObject.getLength(), bERObject.getEncoded());
        if (c_GetKeyItemsByPublicKey == null) {
            throw new CMSKeyDatabaseException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_GET_KEY_BY_PUBKEY"));
        }
        Vector vector = new Vector(c_GetKeyItemsByPublicKey.length);
        for (KeyItem keyItem : c_GetKeyItemsByPublicKey) {
            vector.addElement(keyItem);
        }
        return vector;
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public KeyItem getDefaultKeyItem() throws CMSKeyDatabaseException {
        KeyItem c_GetDefaultKeyItem = c_GetDefaultKeyItem(this.keyDbFileName, this.keyDbPwd);
        if (c_GetDefaultKeyItem == null) {
            throw new CMSKeyDatabaseException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_GET_DEFAULT_KEY"));
        }
        return c_GetDefaultKeyItem;
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public synchronized KeyItem getFirstKeyItem() throws CMSKeyDatabaseException {
        String str;
        this.currentKeyIndex = 0;
        if (this.keyLabelList == null || (str = (String) this.keyLabelList.elementAt(0)) == null) {
            return null;
        }
        return getKeyItemByLabel(str);
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public synchronized KeyItem getNextKeyItem() throws CMSKeyDatabaseException {
        String str;
        this.currentKeyIndex++;
        if (this.currentKeyIndex >= this.keyLabelList.size() || (str = (String) this.keyLabelList.elementAt(this.currentKeyIndex)) == null) {
            return null;
        }
        return getKeyItemByLabel(str);
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public void deleteKeyByLabel(String str) throws CMSKeyDatabaseException {
        if (str == null) {
            return;
        }
        boolean z = false;
        if (this.reqKeyLabelList != null && this.reqKeyLabelList.contains(str)) {
            z = true;
        }
        int c_DeleteKeyByLabel = c_DeleteKeyByLabel(this.keyDbFileName, this.keyDbPwd, str, z);
        if (c_DeleteKeyByLabel != 0) {
            throw new CMSKeyDatabaseException(c_DeleteKeyByLabel, KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_KEY_DELETE"));
        }
        if (z) {
            this.reqKeyLabelList.removeElement(str);
            return;
        }
        this.keyLabelList.removeElement(str);
        if (this.caCertLabelList != null && this.caCertLabelList.contains(str)) {
            this.caCertLabelList.removeElement(str);
        } else {
            if (this.myCertLabelList == null || !this.myCertLabelList.contains(str)) {
                throw new CMSKeyDatabaseException(KMSystem.getNLSErrString("GSKKM_ERR_LABEL_LIST_CORRUPT"));
            }
            this.myCertLabelList.removeElement(str);
        }
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public void insertKey(KeyItem keyItem) throws CMSKeyDatabaseException {
        KMUtil.debugMsg("CMSKeyDatabase::insertKey 0000");
        int i = 0;
        if (keyItem == null) {
            return;
        }
        String keyLabel = keyItem.getKeyLabel();
        int i2 = 0;
        byte[] bArr = null;
        EncryptedPrivateKeyInfoItem encryptedPrivateKeyInfoItem = keyItem.getEncryptedPrivateKeyInfoItem();
        if (encryptedPrivateKeyInfoItem != null) {
            bArr = encryptedPrivateKeyInfoItem.getEncoded();
            i2 = encryptedPrivateKeyInfoItem.getLength();
        }
        KMUtil.debugMsg("CMSKeyDatabase::insertKey 0100");
        if (keyItem.hasCertificate()) {
            KMUtil.debugMsg("CMSKeyDatabase::insertKey 0110");
            CertificateItem certificateItem = (CertificateItem) keyItem.getCertificateChain().elementAt(0);
            int length = certificateItem.getLength();
            byte[] encoded = certificateItem.getEncoded();
            boolean isTrusted = keyItem.isTrusted();
            boolean isDefault = keyItem.isDefault();
            KMUtil.debugMsg(new StringBuffer().append("CMSKeyDatabase::insertKey 0200, keyLabel=").append(keyLabel).toString());
            i = c_InsertKey(this.keyDbFileName, this.keyDbPwd, keyLabel, length, encoded, i2, bArr, isTrusted, isDefault);
            if (i == 0) {
                KMUtil.debugMsg(new StringBuffer().append("CMSKeyDatabase::insertKey 0210, keyLabel=").append(keyLabel).toString());
                addKeyLabelAt(keyLabel, 0);
                if (i2 > 0) {
                    addMyCertLabelAt(keyLabel, 0);
                } else {
                    addCaCertLabelAt(keyLabel, 0);
                }
            }
        } else if (keyItem.getCertificateRequestItem() != null) {
            KMUtil.debugMsg("CMSKeyDatabase::insertKey 0220");
            CertificateRequestItem certificateRequestItem = keyItem.getCertificateRequestItem();
            int length2 = certificateRequestItem.getLength();
            byte[] encoded2 = certificateRequestItem.getEncoded();
            KMUtil.debugMsg("CMSKeyDatabase::insertKey 0300");
            i = c_InsertReqKey(this.keyDbFileName, this.keyDbPwd, keyLabel, length2, encoded2, i2, bArr);
            if (i == 0) {
                KMUtil.debugMsg("CMSKeyDatabase::insertKey 0310");
                addReqKeyLabelAt(keyLabel, 0);
            }
        }
        if (i != 0) {
            KMUtil.debugMsg(new StringBuffer().append("CMSKeyDatabase::insertKey 1000, errCode=").append(i).toString());
            throw new CMSKeyDatabaseException(i, KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_KEY_INSERT"));
        }
        KMUtil.debugMsg("CMSKeyDatabase::insertKey 9999");
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public void setDefaultKey(String str) throws CMSKeyDatabaseException {
        int c_SetDefaultKey = c_SetDefaultKey(this.keyDbFileName, this.keyDbPwd, str);
        if (c_SetDefaultKey != 0) {
            throw new CMSKeyDatabaseException(c_SetDefaultKey, KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_SET_DEFAULT_KEY"));
        }
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public void setKeyTrust(String str, boolean z) throws CMSKeyDatabaseException {
        int c_SetKeyTrust = c_SetKeyTrust(this.keyDbFileName, this.keyDbPwd, str, z);
        if (c_SetKeyTrust != 0) {
            throw new CMSKeyDatabaseException(c_SetKeyTrust, KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_SET_TRUST_KEY"));
        }
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public void exportToPFXFile(String str, String str2, String[] strArr) throws CMSKeyDatabaseException {
        for (String str3 : strArr) {
            try {
                exportPKCSFile(str, str2, str3, 1);
            } catch (Exception e) {
                throw new CMSKeyDatabaseException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_EXPORT_KEY_TO_PFX"));
            }
        }
    }

    public void exportPKCSFile(String str, String str2, String str3, int i) throws CMSKeyDatabaseException, Exception {
        String str4;
        int i2;
        if (str3 == null || str3.length() <= 0) {
            throw new CMSKeyDatabaseException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_EXPORT_KEY_TO_PFX"));
        }
        KeyItem[] keyItemListByLabel = getKeyItemListByLabel(str3);
        if (keyItemListByLabel == null || keyItemListByLabel.length <= 0) {
            return;
        }
        if (i == 1) {
            str4 = KeyDatabase.DEFAULT_1_BROWSER_ENC_ALGORITHM;
            i2 = KeyDatabase.DEFAULT_1_BROWSER_ITERATION_COUNT;
        } else {
            str4 = KeyDatabase.DEFAULT_2_IKEYMAN_ENC_ALGORITHM;
            i2 = KeyDatabase.DEFAULT_2_IKEYMAN_ITERATION_COUNT;
        }
        KMpkcs12 kMpkcs12 = new KMpkcs12(str, str2, keyItemListByLabel, decryptPrivateKey(keyItemListByLabel[0].getEncryptedPrivateKeyInfoItem()));
        kMpkcs12.setIteration(i2);
        kMpkcs12.setEncAlg(str4);
        kMpkcs12.encode();
        kMpkcs12.destroyPvtKey();
        kMpkcs12.writeFile();
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public void importFromPFXFile(String str, String str2) throws CMSKeyDatabaseException {
        try {
            importFromPKCSFile(new KMpkcs12(str, str2));
        } catch (Exception e) {
            throw new CMSKeyDatabaseException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_IMPORT_KEY_FROM_PFX"));
        }
    }

    public void importFromPKCSFile(KMpkcs12 kMpkcs12) throws KeyDatabaseException, Exception {
        kMpkcs12.decode();
        KeyItem[] keyItemChain = kMpkcs12.getKeyItemChain();
        EncryptedPrivateKeyInfoItem encryptPrivateKey = encryptPrivateKey(kMpkcs12.getPvtKey());
        kMpkcs12.destroyPvtKey();
        if (keyItemChain == null || keyItemChain.length <= 0) {
            return;
        }
        keyItemChain[0].setEncryptedPrivateKeyInfoItem(encryptPrivateKey);
        boolean[] insertKeyItemList = insertKeyItemList(keyItemChain, true);
        if (insertKeyItemList == null || insertKeyItemList.length <= 0) {
            return;
        }
        Vector vector = new Vector();
        for (int length = insertKeyItemList.length - 1; length > 0; length--) {
            if (insertKeyItemList[length]) {
                vector.addElement(keyItemChain[length].getKeyLabel());
            }
        }
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public KeyItem[] getKeyItemListByLabel(String str) throws CMSKeyDatabaseException {
        KeyItem[] c_GetKeyItemListByLabel = c_GetKeyItemListByLabel(this.keyDbFileName, this.keyDbPwd, str);
        if (c_GetKeyItemListByLabel == null) {
            throw new CMSKeyDatabaseException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_EXPORT_KEY_TO_PFX"));
        }
        return c_GetKeyItemListByLabel;
    }

    public PrivateKeyInfoItem decryptPrivateKey(EncryptedPrivateKeyInfoItem encryptedPrivateKeyInfoItem) throws CMSKeyDatabaseException {
        PrivateKeyInfoItem privateKeyInfoItem = null;
        if (encryptedPrivateKeyInfoItem != null) {
            privateKeyInfoItem = c_DecryptPrivateKey(encryptedPrivateKeyInfoItem.getLength(), encryptedPrivateKeyInfoItem.getEncoded(), this.keyDbPwd);
        }
        if (privateKeyInfoItem == null) {
            throw new CMSKeyDatabaseException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_EXPORT_KEY_TO_PFX"));
        }
        return privateKeyInfoItem;
    }

    public EncryptedPrivateKeyInfoItem encryptPrivateKey(PrivateKeyInfoItem privateKeyInfoItem) throws CMSKeyDatabaseException {
        return encryptPrivateKey(privateKeyInfoItem, this.keyDbPwd);
    }

    public static EncryptedPrivateKeyInfoItem encryptPrivateKey(PrivateKeyInfoItem privateKeyInfoItem, String str) throws CMSKeyDatabaseException {
        EncryptedPrivateKeyInfoItem encryptedPrivateKeyInfoItem = null;
        if (privateKeyInfoItem != null) {
            encryptedPrivateKeyInfoItem = c_EncryptPrivateKey(privateKeyInfoItem.getLength(), privateKeyInfoItem.getEncoded(), str);
        }
        if (encryptedPrivateKeyInfoItem == null) {
            throw new CMSKeyDatabaseException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_IMPORT_KEY_FROM_PFX"));
        }
        return encryptedPrivateKeyInfoItem;
    }

    public String resolveLabelConflict(KeyItem keyItem) {
        KeyItem keyItem2;
        DNItem subject;
        Vector keyLabelList = getKeyLabelList();
        String keyLabel = keyItem.getKeyLabel();
        if (keyLabel == null) {
            if (keyItem.hasCertificate() && (subject = ((CertificateItem) keyItem.getCertificateChain().elementAt(0)).getSubject()) != null) {
                keyLabel = subject.getCommonName();
            }
            if (keyLabel == null || keyLabel.equals("")) {
                keyLabel = new StringBuffer().append("Dummy Key Label_").append(Integer.toString(Math.abs(new Random().nextInt()))).toString();
            }
        }
        if (keyLabelList != null && keyLabelList.contains(keyLabel)) {
            try {
                keyItem2 = getKeyItemByLabel(keyLabel);
            } catch (CMSKeyDatabaseException e) {
                keyItem2 = null;
            }
            if (keyItem2 == null || keyItem.equalsCert(keyItem2)) {
                keyLabel = null;
            } else {
                for (int i = 0; keyLabelList.contains(keyLabel) && i < 1000; i++) {
                    keyLabel = new StringBuffer().append(keyLabel).append(Utility.STUB_PREFIX).append(Integer.toString(new Random().nextInt())).toString();
                }
            }
        }
        return keyLabel;
    }

    public boolean[] insertKeyItemList(KeyItem[] keyItemArr) throws CMSKeyDatabaseException {
        return insertKeyItemList(keyItemArr, false);
    }

    public boolean[] insertKeyItemList(KeyItem[] keyItemArr, boolean z) throws CMSKeyDatabaseException {
        boolean[] zArr = null;
        if (keyItemArr != null && keyItemArr.length > 0) {
            zArr = new boolean[keyItemArr.length];
            for (int length = keyItemArr.length - 1; length >= 0; length--) {
                zArr[length] = false;
                if (keyItemArr[length].getKeyLabel() == null && !z) {
                    keyItemArr[length].setKeyLabel(resolveLabelConflict(keyItemArr[length]));
                }
                if (keyItemArr[length].getKeyLabel() != null) {
                    try {
                        keyItemArr[length].setTrusted(true);
                        insertKey(keyItemArr[length]);
                        zArr[length] = true;
                    } catch (CMSKeyDatabaseException e) {
                        if (!CMSKeyDatabaseException.getErrKey(e.getErrCode()).equals("GSKKM_ERR_DATABASE_DUPLICATE_KEY")) {
                            zArr[length] = false;
                            for (int length2 = keyItemArr.length - 1; length2 >= length; length2--) {
                                if (zArr[length2]) {
                                    try {
                                        deleteKeyByLabel(keyItemArr[length2].getKeyLabel());
                                        zArr[length2] = false;
                                    } catch (CMSKeyDatabaseException e2) {
                                    }
                                }
                            }
                            throw e;
                        }
                        zArr[length] = false;
                        if (length == 0) {
                            throw e;
                        }
                    }
                }
            }
        }
        return zArr;
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public void receiveCertificate(String str, boolean z, boolean z2) throws CMSKeyDatabaseException {
        int c_ReceiveCert = c_ReceiveCert(this.keyDbFileName, this.keyDbPwd, str, z, z2);
        if (c_ReceiveCert != 0) {
            throw new CMSKeyDatabaseException(c_ReceiveCert, KMSystem.getNLSErrString("GSKKM_ERR_CMN_CERT_RECV"));
        }
        refreshKeyLabelList();
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public void addCACertificate(String str, String str2, boolean z) throws CMSKeyDatabaseException {
        int c_AddCaCert = c_AddCaCert(this.keyDbFileName, this.keyDbPwd, str, str2, z);
        if (c_AddCaCert != 0) {
            throw new CMSKeyDatabaseException(c_AddCaCert, KMSystem.getNLSErrString("GSKKM_ERR_CMN_CERT_STORE"));
        }
        addCaCertLabelAt(str, 0);
        addKeyLabelAt(str, 0);
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public void extractCertificate(String str, String str2, boolean z) throws CMSKeyDatabaseException {
        int c_ExtractCert = c_ExtractCert(this.keyDbFileName, this.keyDbPwd, str, str2, z);
        if (c_ExtractCert != 0) {
            throw new CMSKeyDatabaseException(c_ExtractCert, KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYREC_EXTRACT_CERT"));
        }
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public void extractCertificateRequest(String str, String str2) throws CMSKeyDatabaseException {
        int c_ExtractCertReq = c_ExtractCertReq(this.keyDbFileName, this.keyDbPwd, str, str2);
        if (c_ExtractCertReq != 0) {
            throw new CMSKeyDatabaseException(c_ExtractCertReq, KMSystem.getNLSErrString("GSKKM_ERR_CMN_RECREATE_CERTREQ"));
        }
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public void extractCertificateRequest(String str, int i, String str2) throws CMSKeyDatabaseException {
        int c_ExtractCertReqSig = c_ExtractCertReqSig(this.keyDbFileName, this.keyDbPwd, str, i, str2);
        if (c_ExtractCertReqSig != 0) {
            throw new CMSKeyDatabaseException(c_ExtractCertReqSig, KMSystem.getNLSErrString("GSKKM_ERR_CMN_RECREATE_CERTREQ"));
        }
    }

    public boolean checkCertAsRenewal(String str, boolean z) throws CMSKeyDatabaseException {
        try {
            byte[] base64DearmorFileToBuf = z ? SSLightKeyDatabase.base64DearmorFileToBuf(str) : SSLightKeyDatabase.fileToBuf(str);
            if (base64DearmorFileToBuf == null || base64DearmorFileToBuf.length <= 0) {
                throw new CMSKeyDatabaseException(0, KMSystem.getNLSErrString("GSKKM_ERR_CMN_INVALID_INPUT"));
            }
            return c_CheckCertAsRenewal(this.keyDbFileName, this.keyDbPwd, base64DearmorFileToBuf.length, base64DearmorFileToBuf);
        } catch (SSLightKeyDatabaseException e) {
            throw new CMSKeyDatabaseException(0, KMSystem.getNLSErrString("GSKKM_ERR_BASE64_INVALID_DATA"));
        }
    }

    public void renewCert(String str, boolean z) throws CMSKeyDatabaseException {
        try {
            byte[] base64DearmorFileToBuf = z ? SSLightKeyDatabase.base64DearmorFileToBuf(str) : SSLightKeyDatabase.fileToBuf(str);
            if (base64DearmorFileToBuf == null || base64DearmorFileToBuf.length <= 0) {
                throw new CMSKeyDatabaseException(0, KMSystem.getNLSErrString("GSKKM_ERR_CMN_INVALID_INPUT"));
            }
            int c_RenewCert = c_RenewCert(this.keyDbFileName, this.keyDbPwd, base64DearmorFileToBuf.length, base64DearmorFileToBuf);
            if (c_RenewCert != 0) {
                throw new CMSKeyDatabaseException(c_RenewCert, KMSystem.getNLSErrString("GSKKM_ERR_CMN_RENEW_CERT"));
            }
        } catch (SSLightKeyDatabaseException e) {
            throw new CMSKeyDatabaseException(0, KMSystem.getNLSErrString("GSKKM_ERR_BASE64_INVALID_DATA"));
        }
    }

    public CertificateItem[] receivePKCS7CertChain(String str, boolean z) throws CMSKeyDatabaseException {
        return buildPKCS7CertChain(str, z);
    }

    public static CertificateItem[] buildPKCS7CertChain(String str, boolean z) throws CMSKeyDatabaseException {
        KMUtil.debugMsg(new StringBuffer().append("CMSKeyDatabase::buildPKCS7CertChain() 0000, inputCertFileName=").append(str).append(", isBase64Armored=").append(z).toString());
        if (str == null) {
            KMUtil.debugMsg("CMSKeyDatabase::buildPKCS7CertChain() 9999-1");
            throw new CMSKeyDatabaseException(0, KMSystem.getNLSErrString("GSKKM_ERR_CMN_INVALID_INPUT"));
        }
        CertificateItem[] c_ExtractCertFromPKCS7Data = c_ExtractCertFromPKCS7Data(str, z);
        if (c_ExtractCertFromPKCS7Data != null) {
            KMUtil.debugMsg("CMSKeyDatabase::buildPKCS7CertChain() 9999-2");
            return c_ExtractCertFromPKCS7Data;
        }
        KMUtil.debugMsg(new StringBuffer().append("CMSKeyDatabase::buildPKCS7CertChain() 9999-3, errCoe=").append(0).toString());
        throw new CMSKeyDatabaseException(0, KMSystem.getNLSErrString("GSKKM_ERR_CMN_INVALID_INPUT"));
    }

    @Override // com.ibm.gsk.ikeyman.basic.KeyDatabaseOperator
    public void addSiteCertificate(String str, String str2, boolean z) throws CMSKeyDatabaseException {
        throw new CMSKeyDatabaseException(KMSystem.getNLSErrString("GSKKM_ERR_CMN_KEYDB_OP_NULL"));
    }

    public boolean ValidateKeyItemList(KeyItem[] keyItemArr) {
        int i = 0;
        int i2 = -1;
        int i3 = -1;
        int length = keyItemArr.length;
        CertificateItem[] certificateItemArr = new CertificateItem[length];
        CertificateItem[] certificateItemArr2 = new CertificateItem[length];
        System.out.println("Start ValidateKeyItemList()");
        for (int i4 = 0; i4 < length; i4++) {
            CertificateItem certificateItem = (CertificateItem) keyItemArr[i4].getCertificateChain().elementAt(0);
            i += certificateItem.berData.length;
            certificateItemArr[i4] = certificateItem;
        }
        if (i == 0) {
            return false;
        }
        System.out.println(new StringBuffer().append("The total cert length is ").append(i).toString());
        DNItem dNItem = null;
        int i5 = 0;
        while (true) {
            if (i5 >= length) {
                break;
            }
            DNItem subject = certificateItemArr[i5].getSubject();
            DNItem issuer = certificateItemArr[i5].getIssuer();
            if (subject.toString().equals(issuer.toString())) {
                i2 = length - 1;
                certificateItemArr2[i2] = certificateItemArr[i5];
                i3 = i5;
                dNItem = issuer;
                break;
            }
            i5++;
        }
        if (i3 == -1) {
            System.out.println("Root not found in the chain, validation failed..");
            return false;
        }
        if (length != 1) {
            int i6 = 0;
            while (i2 != 0) {
                if (i6 != i3 && certificateItemArr[i6].getIssuer().toString().equals(dNItem.toString())) {
                    i2--;
                    certificateItemArr2[i2] = certificateItemArr[i6];
                    dNItem = certificateItemArr[i6].getSubject();
                }
                i6++;
                if (i6 == length) {
                    i6 = 0;
                }
            }
        }
        byte[] bArr = new byte[i + (length * 3)];
        int i7 = 0;
        for (int i8 = 0; i8 < length; i8++) {
            int i9 = 3;
            do {
                int i10 = i7;
                i7++;
                i9--;
                bArr[i10] = (byte) (certificateItemArr2[i8].berData.length >>> (i9 * 8));
            } while (i9 > 0);
            System.arraycopy(certificateItemArr2[i8].berData, 0, bArr, i7, certificateItemArr2[i8].berData.length);
            i7 += certificateItemArr2[i8].berData.length;
        }
        System.out.println("Upon to call ValidateCertificateChain()");
        return ValidateCertificateChain(bArr);
    }

    public boolean ValidateCertificateChain(byte[] bArr) {
        int length = bArr.length;
        System.out.println(new StringBuffer().append("Start ValidateCertificateChain() with byte length ").append(length).toString());
        return c_ValidateCertificateChain(this.keyDbFileName, this.keyDbPwd, bArr, length);
    }

    public byte[] encodeExtensions(Vector vector) throws CMSKeyDatabaseException {
        byte[] bArr = null;
        if (vector != null) {
            try {
                if (vector.size() > 0) {
                    GeneralNames generalNames = new GeneralNames();
                    for (int i = 0; i < vector.size(); i++) {
                        GeneralNameInterface generalNameInterface = null;
                        int fieldType = ((KMExtensionItem) vector.elementAt(i)).getFieldType();
                        String str = (String) ((KMExtensionItem) vector.elementAt(i)).getFieldValue();
                        if (fieldType == 1) {
                            generalNameInterface = new RFC822Name(str);
                        } else if (fieldType == 7) {
                            if (new StringTokenizer(str, ".").countTokens() == 4) {
                                KMUtil.debugMsg(new StringBuffer().append("KeyStoreManager::createNewSelfSignedCertificate an Valid ipv4").append(str).toString());
                                String str2 = str;
                                byte[] bArr2 = new byte[4];
                                int i2 = 0;
                                while (i2 < 3) {
                                    int indexOf = str2.indexOf(".");
                                    String substring = str2.substring(0, indexOf);
                                    str2 = str2.substring(indexOf + 1);
                                    bArr2[i2] = (byte) Integer.parseInt(substring);
                                    i2++;
                                }
                                bArr2[i2] = (byte) Integer.parseInt(str2);
                                generalNameInterface = new IPAddressName(new DerValue((byte) 4, bArr2));
                            } else {
                                generalNameInterface = new IPAddressName(str);
                            }
                        } else if (fieldType == 2) {
                            generalNameInterface = new DNSName(str);
                        }
                        generalNames.addElement(new GeneralName(generalNameInterface));
                    }
                    SubjectAlternativeNameExtension subjectAlternativeNameExtension = new SubjectAlternativeNameExtension(generalNames);
                    CertificateExtensions certificateExtensions = new CertificateExtensions();
                    certificateExtensions.set(SubjectAlternativeNameExtension.NAME, subjectAlternativeNameExtension);
                    DerOutputStream derOutputStream = new DerOutputStream();
                    certificateExtensions.encode(derOutputStream, true);
                    bArr = new BERObject(derOutputStream.toByteArray()).getEncoded();
                }
            } catch (Exception e) {
                throw new CMSKeyDatabaseException(KMSystem.getNLSErrString("GSKKM_ERR_ASN"));
            }
        }
        return bArr;
    }

    public byte[] encodeAttributes(Vector vector) throws CMSKeyDatabaseException {
        byte[] bArr = null;
        if (vector != null) {
            try {
                if (vector.size() > 0) {
                    String str = "";
                    for (int i = 0; i < vector.size(); i++) {
                        str = new StringBuffer().append(str).append("<").append((String) ((KMExtensionItem) vector.elementAt(i)).getFieldValue()).append(">").toString();
                    }
                    bArr = new PKCSAttributes(new PKCSAttribute[]{new PKCSAttribute(PKCSOID.EXTENSION_REQUEST_OID, new DerValue((byte) 49, new DerValue((byte) 19, str).toByteArray()).toByteArray())}).generateDerEncoding();
                }
            } catch (IOException e) {
                e.printStackTrace();
            }
        }
        return bArr;
    }
}
