package com.ibm.gsk.ikeyman.basic;

import com.ibm.security.x509.CertificateExtensions;
import com.ibm.security.x509.GeneralName;
import com.ibm.security.x509.GeneralNames;
import com.ibm.security.x509.IPAddressName;
import com.ibm.security.x509.SubjectAlternativeNameExtension;
import com.ibm.security.x509.X509CertImpl;
import com.ibm.security.x509.X509CertInfo;
import java.util.Vector;

/* loaded from: input_file:efixes/PQ89734_nd_linux_i386/components/prereq.jdk/update.jar:/java/jre/lib/ext/gskikm.jar:com/ibm/gsk/ikeyman/basic/KeyItem.class */
public class KeyItem {
    public static final int RSA_KEY_ENTRY = 1;
    public static final int DES_KEY_ENTRY = 2;
    public static final int CRL_ENTRY = 3;
    private int itemType;
    private String keyLabel;
    private short uniqueId;
    private short keySize;
    private boolean isTrustedRoot;
    private boolean isDefault;
    private boolean hasPrivateKey;
    private boolean hasCertificate;
    private boolean isUserDefinedFieldPresent;
    private boolean isSiteCertificate;
    private EncryptedPrivateKeyInfoItem epkiItem;
    private BERObject udfBER;
    private Vector certificatesChain;
    private CertificateRequestItem certReq;
    private boolean hasCRL;
    private String desKey;
    private String subAltEmail;
    private String subAltIP;
    private String subAltDNS;
    private boolean subAltNamesParsed;

    public KeyItem() {
        this((String) null, (short) 0, (short) 0, (EncryptedPrivateKeyInfoItem) null, (Vector) null, (BERObject) null, false, false);
    }

    public KeyItem(String str, short s, short s2, EncryptedPrivateKeyInfoItem encryptedPrivateKeyInfoItem, Vector vector, BERObject bERObject, boolean z, boolean z2) {
        this.subAltEmail = null;
        this.subAltIP = null;
        this.subAltDNS = null;
        this.subAltNamesParsed = false;
        this.itemType = 1;
        this.keyLabel = str;
        this.uniqueId = s;
        this.keySize = s2;
        this.epkiItem = encryptedPrivateKeyInfoItem;
        setCertificateChain(vector);
        this.udfBER = bERObject;
        this.isTrustedRoot = z;
        this.isDefault = z2;
        if (bERObject != null) {
            this.isUserDefinedFieldPresent = true;
        } else {
            this.isUserDefinedFieldPresent = false;
        }
        if (this.certificatesChain == null || this.certificatesChain.isEmpty()) {
            this.hasCertificate = false;
        } else {
            this.hasCertificate = true;
        }
        this.isSiteCertificate = false;
        if (encryptedPrivateKeyInfoItem != null) {
            this.hasPrivateKey = true;
        } else {
            this.hasPrivateKey = false;
        }
        this.certReq = null;
        this.desKey = null;
        this.hasCRL = false;
    }

    public KeyItem(String str, short s, short s2, EncryptedPrivateKeyInfoItem encryptedPrivateKeyInfoItem, CertificateItem[] certificateItemArr, BERObject bERObject, boolean z, boolean z2) {
        this.subAltEmail = null;
        this.subAltIP = null;
        this.subAltDNS = null;
        this.subAltNamesParsed = false;
        this.itemType = 1;
        this.keyLabel = str;
        this.uniqueId = s;
        this.keySize = s2;
        this.epkiItem = encryptedPrivateKeyInfoItem;
        setCertificateChain(certificateItemArr);
        this.udfBER = bERObject;
        this.isTrustedRoot = z;
        this.isDefault = z2;
        if (bERObject != null) {
            this.isUserDefinedFieldPresent = true;
        } else {
            this.isUserDefinedFieldPresent = false;
        }
        if (this.certificatesChain == null || this.certificatesChain.isEmpty()) {
            this.hasCertificate = false;
        } else {
            this.hasCertificate = true;
        }
        this.isSiteCertificate = false;
        if (encryptedPrivateKeyInfoItem != null) {
            this.hasPrivateKey = true;
        } else {
            this.hasPrivateKey = false;
        }
        this.certReq = null;
        this.desKey = null;
        this.hasCRL = false;
    }

    public KeyItem(String str, short s, short s2, CertificateItem certificateItem) {
        this.subAltEmail = null;
        this.subAltIP = null;
        this.subAltDNS = null;
        this.subAltNamesParsed = false;
        this.itemType = 1;
        this.keyLabel = str;
        this.uniqueId = s;
        this.keySize = s2;
        this.epkiItem = null;
        addCertificate(certificateItem);
        this.udfBER = null;
        this.isTrustedRoot = false;
        this.isDefault = false;
        this.isUserDefinedFieldPresent = false;
        if (certificateItem != null) {
            this.hasCertificate = true;
        } else {
            this.hasCertificate = false;
        }
        this.isSiteCertificate = true;
        this.hasPrivateKey = false;
        this.certReq = null;
        this.desKey = null;
        this.hasCRL = false;
    }

    public KeyItem(String str, short s, short s2, EncryptedPrivateKeyInfoItem encryptedPrivateKeyInfoItem, CertificateRequestItem certificateRequestItem, BERObject bERObject) {
        this.subAltEmail = null;
        this.subAltIP = null;
        this.subAltDNS = null;
        this.subAltNamesParsed = false;
        this.itemType = 1;
        this.keyLabel = str;
        this.uniqueId = s;
        this.keySize = s2;
        this.epkiItem = encryptedPrivateKeyInfoItem;
        this.certificatesChain = null;
        this.udfBER = bERObject;
        this.isTrustedRoot = false;
        this.isDefault = false;
        if (bERObject != null) {
            this.isUserDefinedFieldPresent = true;
        } else {
            this.isUserDefinedFieldPresent = false;
        }
        this.hasCertificate = false;
        this.isSiteCertificate = false;
        if (encryptedPrivateKeyInfoItem != null) {
            this.hasPrivateKey = true;
        } else {
            this.hasPrivateKey = false;
        }
        this.certReq = certificateRequestItem;
        this.desKey = null;
        this.hasCRL = false;
    }

    public boolean isDefault() {
        return this.isDefault;
    }

    public boolean isTrusted() {
        return this.isTrustedRoot;
    }

    public boolean isSiteCertificate() {
        return this.isSiteCertificate;
    }

    public int getItemType() {
        return this.itemType;
    }

    public String getKeyLabel() {
        return this.keyLabel;
    }

    public short getKeySize() {
        return this.keySize;
    }

    public void setKeySize(short s) {
        this.keySize = s;
    }

    public Vector getCertificateChain() {
        return this.certificatesChain;
    }

    public void setCertificateChain(CertificateItem[] certificateItemArr) {
        if (this.certificatesChain == null) {
            this.certificatesChain = new Vector();
        } else {
            this.certificatesChain.removeAllElements();
        }
        if (certificateItemArr != null) {
            for (CertificateItem certificateItem : certificateItemArr) {
                this.certificatesChain.addElement(certificateItem);
                this.hasCertificate = true;
            }
        }
    }

    public void setCertificateChain(Vector vector) {
        if (this.certificatesChain == null) {
            this.certificatesChain = new Vector();
        } else {
            this.certificatesChain.removeAllElements();
        }
        if (vector != null) {
            for (int i = 0; i < vector.size(); i++) {
                this.certificatesChain.addElement((CertificateItem) vector.elementAt(i));
                this.hasCertificate = true;
            }
        }
    }

    public int addCertificate(CertificateItem certificateItem) {
        if (certificateItem == null) {
            return 0;
        }
        if (this.certificatesChain == null) {
            this.certificatesChain = new Vector();
        }
        this.certificatesChain.addElement(certificateItem);
        this.hasCertificate = true;
        return this.certificatesChain.size();
    }

    public boolean hasMultipleCertificateChain() {
        return this.hasCertificate && this.certificatesChain.size() > 1;
    }

    public KeyItem[] getKeyItemsForCertChain() {
        if (this.certificatesChain == null) {
            return new KeyItem[]{this};
        }
        int size = this.certificatesChain.size();
        KeyItem[] keyItemArr = new KeyItem[size];
        for (int i = 0; i < size; i++) {
            CertificateItem certificateItem = (CertificateItem) this.certificatesChain.elementAt(i);
            KeyItem keyItem = new KeyItem((String) null, (short) 0, (short) 0, (EncryptedPrivateKeyInfoItem) null, (Vector) null, new BERObject(certificateItem.getEncoded()), true, false);
            keyItem.addCertificate(certificateItem);
            keyItem.setKeySize(certificateItem.getKeySize());
            if (i == 0) {
                keyItem.setKeyLabel(this.keyLabel);
                keyItem.setEncryptedPrivateKeyInfoItem(this.epkiItem);
            }
            keyItemArr[i] = keyItem;
        }
        return keyItemArr;
    }

    public EncryptedPrivateKeyInfoItem getEncryptedPrivateKeyInfoItem() {
        return this.epkiItem;
    }

    public BERObject getUserDefinedFields() {
        return this.udfBER;
    }

    public CertificateRequestItem getCertificateRequestItem() {
        return this.certReq;
    }

    public String getDESKey() {
        return this.desKey;
    }

    public boolean hasPrivateKey() {
        return this.hasPrivateKey;
    }

    public void setHasPrivateKey(boolean z) {
        this.hasPrivateKey = z;
    }

    public boolean hasCertificate() {
        return this.hasCertificate;
    }

    public boolean containExpiredCertificate() {
        boolean z = false;
        if (this.certificatesChain != null) {
            int size = this.certificatesChain.size();
            int i = 0;
            while (true) {
                if (i >= size) {
                    break;
                }
                if (((CertificateItem) this.certificatesChain.elementAt(i)).isExpired()) {
                    z = true;
                    break;
                }
                i++;
            }
        }
        return z;
    }

    public boolean hasUserDefinedFields() {
        return this.isUserDefinedFieldPresent;
    }

    public String toString() {
        return paramString();
    }

    public String paramString() {
        return new StringBuffer().append(super.toString()).append(", type=").append(this.itemType).append(", keyLabel=").append(this.keyLabel).append(", isDefault=").append(this.isDefault).append(", isTrusted=").append(this.isTrustedRoot).append(", isPrivateKeyPresent=").append(this.hasPrivateKey).append(", keySize=").append((int) this.keySize).append(", certificate=").append(this.certificatesChain).append(", certificateRequest=").append(this.certReq).toString();
    }

    public void setEncryptedPrivateKeyInfoItem(EncryptedPrivateKeyInfoItem encryptedPrivateKeyInfoItem) {
        if (encryptedPrivateKeyInfoItem != null) {
            this.epkiItem = encryptedPrivateKeyInfoItem;
            this.hasPrivateKey = true;
        }
    }

    public void setKeyLabel(String str) {
        this.keyLabel = str;
    }

    public void setTrusted(boolean z) {
        this.isTrustedRoot = z;
    }

    public void setDefault(boolean z) {
        this.isDefault = z;
    }

    public boolean equalsCert(KeyItem keyItem) {
        return (this.hasCertificate && keyItem.hasCertificate()) ? ((CertificateItem) this.certificatesChain.elementAt(0)).getFingerPrint().equals(((CertificateItem) keyItem.getCertificateChain().elementAt(0)).getFingerPrint()) : (this.hasCertificate || keyItem.hasCertificate()) ? false : true;
    }

    public void setSiteCertificate(boolean z) {
        this.isSiteCertificate = z;
    }

    public String getSubAltEmail() {
        if (!this.subAltNamesParsed) {
            parseSubAltNames();
        }
        return this.subAltEmail;
    }

    public String getSubAltIP() {
        if (!this.subAltNamesParsed) {
            parseSubAltNames();
        }
        return this.subAltIP;
    }

    public String getSubAltDNS() {
        if (!this.subAltNamesParsed) {
            parseSubAltNames();
        }
        return this.subAltDNS;
    }

    public void setSubAltNames(String str, String str2, String str3) {
        if (str != null && str.length() > 0) {
            this.subAltEmail = new String(str);
        }
        if (str2 != null && str2.length() > 0) {
            this.subAltIP = new String(str2);
        }
        if (str3 == null || str3.length() <= 0) {
            return;
        }
        this.subAltDNS = new String(str3);
    }

    public void parseSubAltNames() {
        KMUtil.debugMsg("KeyItem::parseSubAltNames 0000");
        this.subAltNamesParsed = true;
        if (this.hasCertificate) {
            CertificateItem certificateItem = (CertificateItem) this.certificatesChain.elementAt(0);
            try {
                String str = null;
                String str2 = null;
                String str3 = null;
                KMUtil.debugMsg("KeyItem::parseSubAltNames 0100");
                X509CertImpl x509CertImpl = new X509CertImpl(certificateItem.getEncoded());
                KMUtil.debugMsg("KeyItem::parseSubAltNames 0110");
                X509CertInfo x509CertInfo = (X509CertInfo) x509CertImpl.get(X509CertInfo.IDENT);
                KMUtil.debugMsg("KeyItem::parseSubAltNames 0120");
                CertificateExtensions certificateExtensions = (CertificateExtensions) x509CertInfo.get("extensions");
                KMUtil.debugMsg("KeyItem::parseSubAltNames 0130");
                if (certificateExtensions != null) {
                    SubjectAlternativeNameExtension subjectAlternativeNameExtension = (SubjectAlternativeNameExtension) certificateExtensions.get(SubjectAlternativeNameExtension.NAME);
                    KMUtil.debugMsg("KeyItem::parseSubAltNames 0150");
                    GeneralNames generalNames = (GeneralNames) subjectAlternativeNameExtension.get(SubjectAlternativeNameExtension.SUBJECT_NAME);
                    if (generalNames != null) {
                        generalNames.size();
                        KMUtil.debugMsg("KeyItem::parseSubAltNames 0160");
                        GeneralName generalName = generalNames.getGeneralName(1);
                        if (generalName != null) {
                            str = generalName.toString().substring(12);
                        }
                        KMUtil.debugMsg("KeyItem::parseSubAltNames 0180");
                        GeneralName generalName2 = generalNames.getGeneralName(7);
                        if (generalName2 != null) {
                            str2 = ((IPAddressName) generalName2.getName()).getName();
                        }
                        KMUtil.debugMsg("KeyItem::parseSubAltNames 0200");
                        GeneralName generalName3 = generalNames.getGeneralName(2);
                        if (generalName3 != null) {
                            str3 = generalName3.toString().substring(9);
                        }
                    }
                }
                KMUtil.debugMsg("KeyItem::parseSubAltNames 0300");
                setSubAltNames(str, str2, str3);
            } catch (Exception e) {
                KMUtil.debugMsg(new StringBuffer().append("KeyItem::parseSubAltNames 8000, Exception=").append(e).toString());
            }
        }
        KMUtil.debugMsg("KeyItem::parseSubAltNames 9999");
    }
}
