package oracle.security.pki;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.InvocationTargetException;
import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Security;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Base64;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Locale;
import java.util.Map;
import java.util.ResourceBundle;
import java.util.Vector;
import javax.crypto.Cipher;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.security.auth.DestroyFailedException;
import javax.security.auth.x500.X500Principal;
import oracle.security.pki.exception.AuthException;
import oracle.security.pki.internal.OraclePKIRSAKeyHelper;
import oracle.security.pki.internal.PBEEncPKCS8;
import oracle.security.pki.internal.cert.CRL;
import oracle.security.pki.internal.cert.CertificateRequest;
import oracle.security.pki.internal.cert.GeneralName;
import oracle.security.pki.internal.cert.PKCS7;
import oracle.security.pki.internal.cert.PKIX;
import oracle.security.pki.internal.cert.RevokedCertificate;
import oracle.security.pki.internal.cert.X500Name;
import oracle.security.pki.internal.cert.X509;
import oracle.security.pki.internal.cert.X509Extension;
import oracle.security.pki.internal.cert.X509ExtensionSet;
import oracle.security.pki.internal.cert.ext.AuthorityKeyIDExtension;
import oracle.security.pki.internal.cert.ext.BasicConstraintsExtension;
import oracle.security.pki.internal.cert.ext.KeyUsageExtension;
import oracle.security.pki.internal.cert.ext.SubjectAltNameExtension;
import oracle.security.pki.internal.cert.ext.SubjectKeyIDExtension;
import oracle.security.pki.internal.core.AlgorithmIdentifier;
import oracle.security.pki.internal.pkcs12.PKCS12;
import oracle.security.pki.internal.pkcs12.PKCS12Safe;
import oracle.security.pki.ldap.LdapSSLSocketFactory;
import oracle.security.pki.resources.OraclePKIMsgID;
import oracle.security.pki.textui.OraclePKIGenFunc;
import oracle.security.pki.util.CryptoUtils;
import oracle.security.pki.util.EccCurveParameters;
import oracle.security.pki.util.SignatureAlgorithms;
import oracle.security.pki.util.Utils;

/* loaded from: input_file:oracle/security/pki/OracleWallet.class */
public class OracleWallet {
    private static final String v = "file:";
    private static final String w = "reg:";
    private static final char x = ':';
    protected static final String b = "-----BEGIN NEW CERTIFICATE REQUEST-----";
    protected static final String c = "-----END NEW CERTIFICATE REQUEST-----";
    protected static final String d = "-----BEGIN CERTIFICATE-----";
    protected static final String e = "-----END CERTIFICATE-----";
    protected static final String f = "-----BEGIN ENCRYPTED PRIVATE KEY-----";
    protected static final String g = "-----END ENCRYPTED PRIVATE KEY-----";
    protected static final String h = "-----BEGIN PRIVATE KEY-----";
    protected static final String i = "-----END PRIVATE KEY-----";
    private HashMap D;
    public static final byte WLTCONF_NONE = 0;
    public static final byte WLTCONF_V12Compat = 1;
    public static final byte WLTCONF_TFCompat = 2;
    public static final int MIGRATE_ALL = 0;
    public static final int MIGRATE_KEY_ENTIRES_ONLY = 1;
    public static final int MIGRATE_TRUSTED_ENTRIES_ONLY = 2;
    public static final boolean SUPPORTS_MULTIPLE_CERTS_FOR_A_PRIVATE_KEY = false;
    public static final String DEFAULT_SSVS = "SSV_ENV_HOSTNAME,SSV_ENV_USERNAME,SSV_MACHINE_ID";
    protected static final String j = "SSV_ENV_HOSTNAME";
    protected static final String k = "SSV_ENV_USERNAME";
    protected static final String l = "SSV_BIOS_SERIAL_NUMBER";
    protected static final String m = "SSV_BIOS_UUID";
    protected static final String n = "SSV_MACHINE_ID";
    protected static final String o = "SSV_GENERIC_0";
    protected static final String p = "SSV_GENERIC_1";
    protected static final String q = "SSV_MACNAME_0";
    protected static final String r = "SSV_MACNAME_1";
    public static final String ENTRUST_PREMIUM_CERT = "MIIEXDCCA0SgAwIBAgIEOGO5ZjANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChMLRW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBpbmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw05OTEyMjQxNzUwNTFaFw0xOTEyMjQxODIwNTFaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3d3d3LmVudHJ1c3QubmV0L0NQU18yMDQ4IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50cnVzdC5uZXQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArU1LqRKGsuqjIAcVFmQqK0vRvwtKTY7tgHalZ7d4QMBzQshowNtTK91euHaYNZOLGp18EzoOH1u3Hs/lJBQesYGpjX24zGtLA/ECDNyrpUAkAH90lKGdCCmziAv1h3edVc3kw37XamSrhRSGlVuXMlBvPci6Zgzj/L24ScF2iUkZ/cCovYmjZy/Gn7xxGWC4LeksyZB2ZnuU4q941mVTXTzWnLLPKQP5L6RQstRIzgUyVYr9smRMDuSYB3Xbf9+5CFVghTAp+XtIpGmG4zU/HoZdenoVve8AjhUiVBcAkCaTvA5JaJG/+EfTnZVCwQ5N328mz8MYIWJmQ3DW1cAH4QIDAQABo3QwcjARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUVeSB0RGAvtiJuQijMfmhJAkWuXAwHQYDVR0OBBYEFFXkgdERgL7YibkIozH5oSQJFrlwMB0GCSqGSIb2fQdBAAQQMA4bCFY1LjA6NC4wAwIEkDANBgkqhkiG9w0BAQUFAAOCAQEAWUesIYSKF8mciVMeuoCFGsY8Tj6xnLZ8xpJdGGQC49MGCBFhfGPjK50xA3B20qMooPS7mmNz7W3lKtvtFKkrxjYR0CvrB4ul2p5cGZ1WEvVUKcgF7bISKo30Axv/55IQh7A6tcOdBTcSo8f0FbnVpDkWm1M6I5HxqIKiaohowXkCIryqptau37AUX7iH0N18f3v/rxzP5tsHrV7bhZ3QKw0z2wTR5klAEyt2+z7pnIkPFc4YsIV4IU9rTw76NmfNB/L/CNDi3tm/Kq+4h4YhPATKt5Rof8886ZjXOP/swNlQ8C5LWK5Gb9Auw2DaclVyvUxFnmG6v4SBkgPR0ml8xQ==";
    public static final String ENTRUST_GLOBAL_CERT = "MIIElTCCA/6gAwIBAgIEOJsRPDANBgkqhkiG9w0BAQQFADCBujEUMBIGA1UEChMLRW50cnVzdC5uZXQxPzA9BgNVBAsUNnd3dy5lbnRydXN0Lm5ldC9TU0xfQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMcKGMpIDIwMDAgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5uZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMDAyMDQxNzIwMDBaFw0yMDAyMDQxNzUwMDBaMIG6MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDE/MD0GA1UECxQ2d3d3LmVudHJ1c3QubmV0L1NTTF9DUFMgaW5jb3JwLiBieSByZWYuIChsaW1pdHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMjAwMCBFbnRydXN0Lm5ldCBMaW1pdGVkMTowOAYDVQQDEzFFbnRydXN0Lm5ldCBTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHwV9OcfHO8GCGD9JYf9Mzly0XonUwtZZkJi9ow0SrqHXmAGc0V55lxyKbc+bT3QgON1WqJUaBbL3+qPZ1V1eMkGxKwz6LS0MKyRFWmponIpnPVZ5h2QLifLZ8OAfc439PmrkDQYC2dWcTC5/oVzbIXQA23mYU2m52H083jIITiQIDAQABo4IBpDCCAaAwEQYJYIZIAYb4QgEBBAQDAgAHMIHjBgNVHR8EgdswgdgwgdWggdKggc+kgcwwgckxFDASBgNVBAoTC0VudHJ1c3QubmV0MT8wPQYDVQQLFDZ3d3cuZW50cnVzdC5uZXQvU1NMX0NQUyBpbmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAyMDAwIEVudHJ1c3QubmV0IExpbWl0ZWQxOjA4BgNVBAMTMUVudHJ1c3QubmV0IFNlY3VyZSBTZXJ2ZXIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxDTALBgNVBAMTBENSTDEwKwYDVR0QBCQwIoAPMjAwMDAyMDQxNzIwMDBagQ8yMDIwMDIwNDE3NTAwMFowCwYDVR0PBAQDAgEGMB8GA1UdIwQYMBaAFMtswGvjuz7L/CKc/vuLkpyw8m4iMB0GA1UdDgQWBBTLbMBr47s+y/winP77i5KcsPJuIjAMBgNVHRMEBTADAQH/MB0GCSqGSIb2fQdBAAQQMA4bCFY1LjA6NC4wAwIEkDANBgkqhkiG9w0BAQQFAAOBgQBi24GRzsiad0Iv7L0no1MPUBvqTpLwqa+poLpIYcvvyQbvH9X07t9WLebKahlzqlO+krNQAraFJnJj2HVQYnUUt7NQGj/KEQALhUVpbbalrlHhStyCP2yMNLJ3a9kC9n8O6mUE8c1UyrrJzOCE98g+EZfTYAkYvAX/bIkz8OwVDw==";
    public static final String ENTRUST_MAIN_CERT = "MIIE2DCCBEGgAwIBAgIEN0rSQzANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5uZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5uZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05OTA1MjUxNjA5NDBaFw0xOTA1MjUxNjM5NDBaMIHDMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50cnVzdC5uZXQxOzA5BgNVBAsTMnd3dy5lbnRydXN0Lm5ldC9DUFMgaW5jb3JwLiBieSByZWYuIChsaW1pdHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMTk5OSBFbnRydXN0Lm5ldCBMaW1pdGVkMTowOAYDVQQDEzFFbnRydXN0Lm5ldCBTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQDNKIM0VBuJ8w+vN5Ex/68xYMmo6LIQaO2f55M28Qpku0f1BBc/I0dNxScZgSYMVHINiC3ZH5oSn7yzcdOAGT9HZnuMNSjSuQrfJNqc1lB5gXpa0zf3wkrYKZImZNHkmGw6AIr1NJtl+O3jEP/9uElY3KDegjlrgbEWGWG5VLbmQwIBA6OCAdcwggHTMBEGCWCGSAGG+EIBAQQEAwIABzCCARkGA1UdHwSCARAwggEMMIHeoIHboIHYpIHVMIHSMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50cnVzdC5uZXQxOzA5BgNVBAsTMnd3dy5lbnRydXN0Lm5ldC9DUFMgaW5jb3JwLiBieSByZWYuIChsaW1pdHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMTk5OSBFbnRydXN0Lm5ldCBMaW1pdGVkMTowOAYDVQQDEzFFbnRydXN0Lm5ldCBTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMCmgJ6AlhiNodHRwOi8vd3d3LmVudHJ1c3QubmV0L0NSTC9uZXQxLmNybDArBgNVHRAEJDAigA8xOTk5MDUyNTE2MDk0MFqBDzIwMTkwNTI1MTYwOTQwWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAU8BdiE1U9s/8KAGv7UISX8+1i0BowHQYDVR0OBBYEFPAXYhNVPbP/CgBr+1CEl/PtYtAaMAwGA1UdEwQFMAMBAf8wGQYJKoZIhvZ9B0EABAwwChsEVjQuMAMCBJAwDQYJKoZIhvcNAQEFBQADgYEAkNwwAvpkdMKnCqV8IY00F6j7Rw7/JXyNEwr75Ji174z4xRAN95K+8cPV1ZVqBLssziY2ZcgxxufuP+NXdYR6Ee9GTxj005i7qIcyunL2POI9n9cd2cNgQ4xYDiKWL2KjLB+6rQXvqzJ4h6BUcxm1XAX5Uj5tLUUL9wqT6u0G+bI=";
    static ResourceBundle a = ResourceBundle.getBundle(OraclePKIMsgID.a);
    private static String J = "MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphIuR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZIhvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA==";
    private String y = null;
    private byte[] z = null;
    private char[] A = null;
    private char[] B = null;
    private boolean C = false;
    private OracleWalletImpl E = null;
    private int F = 0;
    private OracleSecretStore G = null;
    private AlgorithmIdentifier H = null;
    private AlgorithmIdentifier I = null;
    int s = 0;
    String t = null;
    String u = null;

    /* loaded from: input_file:oracle/security/pki/OracleWallet$DEF_TF_ADD.class */
    public enum DEF_TF_ADD {
        SERVER_CLIENT_AUTH,
        TRUSTED,
        USER,
        NULL
    }

    public OracleWallet() {
        c();
    }

    public static OracleWallet getInstance(String str) {
        return (str == null || !str.equals(PKIConstants.JKS_WALLET_TYPE)) ? new OracleWallet() : new OracleWalletJks();
    }

    public String getLocation() {
        return this.y;
    }

    public HashMap getMapTrustFlagsValue() {
        if (!this.C || this.D == null || this.D.size() <= 0) {
            return null;
        }
        return new HashMap(this.D);
    }

    public void setLocation(String str) {
        this.y = str;
    }

    public void setWalletRioType(int i2) {
        this.F = i2;
    }

    public void setCertSignAlgorithm(String str) {
        if (str == null) {
            return;
        }
        try {
            this.H = new AlgorithmIdentifier(Utils.toStream(SignatureAlgorithms.getSignatureAlgorithm(str)));
        } catch (IOException e2) {
            this.H = null;
        }
        if (this.H == null) {
            System.out.println(a.getString(OraclePKIMsgID.bR) + str);
        }
    }

    public String getCertSignAlgorithm() {
        return this.H != null ? this.H.toString() : "(default)";
    }

    public AlgorithmIdentifier getCertSignAlgorithmId() {
        if (this.H != null) {
            return this.H;
        }
        return null;
    }

    public void setCRLSignAlgorithm(String str) {
        if (str == null) {
            return;
        }
        this.I = SignatureAlgorithms.getSignatureAlgorithm(str);
        if (this.I == null) {
            System.out.println(a.getString(OraclePKIMsgID.bR) + str);
        }
    }

    public String getCRLSignAlgorithm() {
        return this.I != null ? this.I.toString() : "(default)";
    }

    public static String getDefaultLocation() {
        return null;
    }

    public static boolean isValidPassword(char[] cArr) {
        boolean z = false;
        boolean z2 = false;
        if (cArr == null || cArr.length < 8) {
            return false;
        }
        for (char c2 : cArr) {
            if (Character.isLetter(c2)) {
                z = true;
            } else {
                z2 = true;
            }
            if (z && z2) {
                return true;
            }
        }
        return z && z2;
    }

    public static int[] getKeysizes() {
        int[] iArr = new int[OraclePKIRSAKeyHelper.getKeySizes().size()];
        int i2 = 0;
        Iterator<Integer> it = OraclePKIRSAKeyHelper.getKeySizes().iterator();
        while (it.hasNext()) {
            int i3 = i2;
            i2++;
            iArr[i3] = it.next().intValue();
        }
        Arrays.sort(iArr);
        return iArr;
    }

    public void createSelfSigned(X500Principal x500Principal, int i2, int i3) throws IOException {
        a(x500Principal, i2, i3, (Date) null, (Date) null, new BigInteger(128, JCEUtil.getSecureRandom()), (OracleCertExtension) null, (String) null);
    }

    public void createSelfSigned(X500Principal x500Principal, String str, int i2) throws IOException {
        a(x500Principal, str, i2, (Date) null, (Date) null, new BigInteger(128, JCEUtil.getSecureRandom()), (OracleCertExtension) null, (String) null);
    }

    public void createSelfSigned(X500Principal x500Principal, int i2, int i3, BigInteger bigInteger) throws IOException {
        a(x500Principal, i2, i3, (Date) null, (Date) null, bigInteger, (OracleCertExtension) null, (String) null);
    }

    public void createSelfSigned(X500Principal x500Principal, String str, int i2, BigInteger bigInteger) throws IOException {
        a(x500Principal, str, i2, (Date) null, (Date) null, bigInteger, (OracleCertExtension) null, (String) null);
    }

    public void createSelfSigned(X500Principal x500Principal, int i2, int i3, BigInteger bigInteger, OracleCertExtension oracleCertExtension) throws IOException {
        a(x500Principal, i2, i3, (Date) null, (Date) null, bigInteger, oracleCertExtension, (String) null);
    }

    public void createSelfSigned(X500Principal x500Principal, String str, int i2, BigInteger bigInteger, OracleCertExtension oracleCertExtension) throws IOException {
        a(x500Principal, str, i2, (Date) null, (Date) null, bigInteger, oracleCertExtension, (String) null);
    }

    public void createSelfSigned(X500Principal x500Principal, int i2, int i3, BigInteger bigInteger, String str) throws IOException {
        a(x500Principal, i2, i3, (Date) null, (Date) null, bigInteger, (OracleCertExtension) null, str);
    }

    public void createSelfSigned(X500Principal x500Principal, String str, int i2, BigInteger bigInteger, String str2) throws IOException {
        a(x500Principal, str, i2, (Date) null, (Date) null, bigInteger, (OracleCertExtension) null, str2);
    }

    public void createSelfSigned(X500Principal x500Principal, int i2, int i3, BigInteger bigInteger, OracleCertExtension oracleCertExtension, String str) throws IOException {
        a(x500Principal, i2, i3, (Date) null, (Date) null, bigInteger, oracleCertExtension, str);
    }

    public void createSelfSigned(X500Principal x500Principal, String str, int i2, BigInteger bigInteger, OracleCertExtension oracleCertExtension, String str2) throws IOException {
        a(x500Principal, str, i2, (Date) null, (Date) null, bigInteger, oracleCertExtension, str2);
    }

    public void createSelfSigned(X500Principal x500Principal, int i2, Date date, Date date2) throws IOException {
        a(x500Principal, i2, 0, date, date2, BigInteger.ZERO, (OracleCertExtension) null, (String) null);
    }

    public void createSelfSigned(X500Principal x500Principal, String str, Date date, Date date2) throws IOException {
        a(x500Principal, str, 0, date, date2, BigInteger.ZERO, (OracleCertExtension) null, (String) null);
    }

    public void createSelfSigned(X500Principal x500Principal, int i2, Date date, Date date2, BigInteger bigInteger) throws IOException {
        a(x500Principal, i2, 0, date, date2, bigInteger, (OracleCertExtension) null, (String) null);
    }

    public void createSelfSigned(X500Principal x500Principal, String str, Date date, Date date2, BigInteger bigInteger) throws IOException {
        a(x500Principal, str, 0, date, date2, bigInteger, (OracleCertExtension) null, (String) null);
    }

    public void createSelfSigned(X500Principal x500Principal, int i2, Date date, Date date2, BigInteger bigInteger, OracleCertExtension oracleCertExtension) throws IOException {
        a(x500Principal, i2, 0, date, date2, bigInteger, oracleCertExtension, (String) null);
    }

    public void createSelfSigned(X500Principal x500Principal, String str, Date date, Date date2, BigInteger bigInteger, OracleCertExtension oracleCertExtension) throws IOException {
        a(x500Principal, str, 0, date, date2, bigInteger, oracleCertExtension, (String) null);
    }

    public void createSelfSigned(X500Principal x500Principal, int i2, Date date, Date date2, BigInteger bigInteger, String str) throws IOException {
        a(x500Principal, i2, 0, date, date2, bigInteger, (OracleCertExtension) null, str);
    }

    public void createSelfSigned(X500Principal x500Principal, String str, Date date, Date date2, BigInteger bigInteger, String str2) throws IOException {
        a(x500Principal, str, 0, date, date2, bigInteger, (OracleCertExtension) null, str2);
    }

    public void createSelfSigned(X500Principal x500Principal, int i2, Date date, Date date2, BigInteger bigInteger, OracleCertExtension oracleCertExtension, String str) throws IOException {
        a(x500Principal, i2, 0, date, date2, bigInteger, oracleCertExtension, str);
    }

    public void createSelfSigned(X500Principal x500Principal, String str, Date date, Date date2, BigInteger bigInteger, OracleCertExtension oracleCertExtension, String str2) throws IOException {
        a(x500Principal, str, 0, date, date2, bigInteger, oracleCertExtension, str2);
    }

    private void a(X500Principal x500Principal, int i2, int i3, Date date, Date date2, BigInteger bigInteger, OracleCertExtension oracleCertExtension, String str) throws IOException {
        OraclePKIRSAKeyHelper.validateKeysize(i2);
        try {
            KeyPairGenerator keyPairGeneratorInstance = JCEUtil.getKeyPairGeneratorInstance(PKIConstants.RSA);
            keyPairGeneratorInstance.initialize(i2);
            KeyPair generateKeyPair = keyPairGeneratorInstance.generateKeyPair();
            a(x500Principal, generateKeyPair.getPrivate(), generateKeyPair.getPublic(), i3, date, date2, bigInteger, oracleCertExtension, str);
        } catch (NoSuchAlgorithmException e2) {
            throw ((IOException) new IOException(a.getString(OraclePKIMsgID.D)).initCause(e2));
        }
    }

    private void a(X500Principal x500Principal, String str, int i2, Date date, Date date2, BigInteger bigInteger, OracleCertExtension oracleCertExtension, String str2) throws IOException {
        if (str == null) {
            throw new IOException(a.getString(OraclePKIMsgID.aP));
        }
        try {
            KeyPairGenerator keyPairGeneratorInstance = JCEUtil.getKeyPairGeneratorInstance(PKIConstants.EC);
            EccCurveParameters eccCurveParameters = EccCurveParameters.get(str);
            if (eccCurveParameters == null) {
                throw new IOException(a.getString(OraclePKIMsgID.E));
            }
            try {
                keyPairGeneratorInstance.initialize(new ECGenParameterSpec(eccCurveParameters.getNickName()));
                KeyPair genKeyPair = keyPairGeneratorInstance.genKeyPair();
                a(x500Principal, genKeyPair.getPrivate(), genKeyPair.getPublic(), i2, date, date2, bigInteger, oracleCertExtension, str2);
            } catch (InvalidAlgorithmParameterException e2) {
                throw new IOException(a.getString(OraclePKIMsgID.aN));
            }
        } catch (NoSuchAlgorithmException e3) {
            throw ((IOException) new IOException(a.getString(OraclePKIMsgID.E)).initCause(e3));
        }
    }

    private void a(X500Principal x500Principal, PrivateKey privateKey, PublicKey publicKey, int i2, Date date, Date date2, BigInteger bigInteger, OracleCertExtension oracleCertExtension, String str) throws IOException {
        if (!canModify()) {
            throw new IOException("Cannot modify AL wallet.");
        }
        X500Name x500Name = new X500Name(x500Principal.toString());
        CertificateRequest certificateRequest = new CertificateRequest(x500Name, publicKey, privateKey);
        try {
            AlgorithmIdentifier algorithmIdentifier = null;
            if (this.H != null) {
                algorithmIdentifier = new AlgorithmIdentifier(Utils.toStream(this.H));
            }
            X509 x509 = i2 == 0 ? new X509(x500Name, publicKey, x500Name, privateKey, bigInteger, date, date2, algorithmIdentifier) : new X509(x500Name, publicKey, x500Name, privateKey, bigInteger, i2, algorithmIdentifier);
            if (oracleCertExtension != null) {
                if (oracleCertExtension.getSubjectKeyId()) {
                    SubjectKeyIDExtension subjectKeyIDExtension = new SubjectKeyIDExtension(CryptoUtils.generateKeyID(publicKey), false);
                    x509.a(subjectKeyIDExtension);
                    certificateRequest.a(subjectKeyIDExtension);
                    x509.a(new AuthorityKeyIDExtension(subjectKeyIDExtension.e(), false));
                }
                if (oracleCertExtension.getKeyUsage() != null) {
                    X509Extension keyUsageExtension = new KeyUsageExtension(oracleCertExtension.getKeyUsage(), true);
                    certificateRequest.a(keyUsageExtension);
                    x509.a(keyUsageExtension);
                }
                if (oracleCertExtension.getBasicConstraints() != null) {
                    X509Extension basicConstraints = oracleCertExtension.getBasicConstraints();
                    x509.a(basicConstraints);
                    certificateRequest.a(basicConstraints);
                }
                ArrayList<GeneralName> subjectAlternativeNamesList = oracleCertExtension.getSubjectAlternativeNamesList();
                if (subjectAlternativeNamesList != null) {
                    X509Extension subjectAltNameExtension = new SubjectAltNameExtension(subjectAlternativeNamesList);
                    certificateRequest.a(subjectAltNameExtension);
                    x509.a(subjectAltNameExtension);
                }
            }
            OraclePKIX509CertImpl oraclePKIX509CertImpl = new OraclePKIX509CertImpl(x509);
            AlgorithmIdentifier certSignAlgorithmId = getCertSignAlgorithmId();
            if (null != certSignAlgorithmId) {
                certificateRequest.a(certSignAlgorithmId);
            }
            if (oraclePKIX509CertImpl != null) {
                try {
                    if (this.A == null) {
                        this.B = d();
                    }
                    internalAddCertReq(certificateRequest, privateKey, str);
                    if (this.A == null) {
                        this.B = b(this.B);
                    }
                    String str2 = null;
                    if (str != null) {
                        str2 = str + ' ' + Integer.toString(1);
                    }
                    internalAddTrustedCert(oraclePKIX509CertImpl, str2, null);
                    if (this.A == null) {
                        this.B = b(this.B);
                    }
                    internalAddUserCert(oraclePKIX509CertImpl, str);
                    if (this.A == null) {
                        this.B = b(this.B);
                    }
                } catch (Exception e2) {
                    throw ((IOException) new IOException(e2.getLocalizedMessage()).initCause(e2));
                }
            }
        } catch (Exception e3) {
            throw ((IOException) new IOException(e3.getLocalizedMessage()).initCause(e3));
        }
    }

    public void create(char[] cArr) throws IOException {
        create(cArr, (byte) 0);
    }

    public void create(char[] cArr, byte b2) throws IOException {
        c();
        if (!isValidPassword(cArr)) {
            throw new IOException(a.getString(OraclePKIMsgID.l));
        }
        if (cArr != null) {
            this.A = new char[cArr.length];
            System.arraycopy(cArr, 0, this.A, 0, cArr.length);
        }
        this.z = null;
        this.E = new OracleNewWalletImpl();
        try {
            KeyStore keyStore = getKeyStore();
            a(keyStore);
            setKeyStore(keyStore, b2);
        } catch (Exception e2) {
            throw ((IOException) new IOException().initCause(e2));
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void a(KeyStore keyStore) {
    }

    public InputStream getWalletArray(boolean z) throws IOException {
        ByteArrayInputStream byteArrayInputStream;
        if (this.A != null && !z) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        } else if (this.A != null && z && this.s == 0) {
            byteArrayInputStream = new C041().c(new ByteArrayInputStream(this.z)) == 0 ? (ByteArrayInputStream) a(1) : new ByteArrayInputStream(this.z);
        } else if (this.A != null && z && this.s != 0) {
            byteArrayInputStream = new C041().c(new ByteArrayInputStream(this.z)) == 0 ? (ByteArrayInputStream) a(3) : new ByteArrayInputStream(this.z);
        } else {
            if (this.A != null || !z) {
                throw new IOException("Cannot create p12 without password.");
            }
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        return byteArrayInputStream;
    }

    public byte[] getWalletArrayB(boolean z) throws IOException {
        ByteArrayInputStream byteArrayInputStream = (ByteArrayInputStream) getWalletArray(z);
        int available = byteArrayInputStream.available();
        byte[] bArr = new byte[available];
        byteArrayInputStream.read(bArr, 0, available);
        return bArr;
    }

    public void setWalletArray(InputStream inputStream, char[] cArr) throws IOException {
        c();
        if (cArr != null) {
            this.A = new char[cArr.length];
            System.arraycopy(cArr, 0, this.A, 0, cArr.length);
        }
        try {
            int available = inputStream.available();
            this.E = a(cArr);
            this.z = new byte[available];
            inputStream.read(this.z);
            OraclePKIDebug.a("Oracle Wallet: wallet size " + this.z.length);
            if (this.A == null) {
                C041 c041 = new C041();
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(this.z);
                int c2 = c041.c(byteArrayInputStream);
                int e2 = c041.e(byteArrayInputStream);
                if (c2 == 3 && e2 == 7) {
                    this.s = c041.c(this.z);
                    this.t = c041.d(this.z);
                    this.u = c041.e(this.z);
                }
            }
            getSecretStore();
        } catch (Throwable th) {
            OraclePKIDebug.a("OracleWallet.setWalletArray: " + th.toString());
            c();
            IOException iOException = new IOException(th.getLocalizedMessage());
            iOException.initCause(th);
            throw iOException;
        }
    }

    public void setWalletArray(byte[] bArr, char[] cArr) throws IOException {
        setWalletArray(new ByteArrayInputStream(bArr), cArr);
    }

    public synchronized void open(String str, char[] cArr) throws IOException {
        OraclePKIDebug.a("OracleWallet:open(), enter...");
        OraclePKIDebug.a("OracleWallet:open(), Wallet path: " + str);
        c();
        if (cArr != null) {
            this.A = new char[cArr.length];
            System.arraycopy(cArr, 0, this.A, 0, cArr.length);
        }
        try {
            this.E = a(str, cArr);
            OraclePKIDebug.a("OracleWallet:open(), getting wallet data from wallet path: " + str);
            this.z = this.E.a();
            OraclePKIDebug.a("OracleWallet:open(), wallet size = " + this.z.length);
            if (this.A == null) {
                C041 c041 = new C041();
                try {
                    ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(this.z);
                    int c2 = c041.c(byteArrayInputStream);
                    int e2 = c041.e(byteArrayInputStream);
                    if (c2 == 3 && e2 == 7) {
                        this.s = c041.c(this.z);
                        this.t = c041.d(this.z);
                        this.u = c041.e(this.z);
                    } else {
                        this.B = c041.b(byteArrayInputStream);
                    }
                } catch (IOException e3) {
                    c();
                    throw new IOException(e3.getMessage());
                }
            }
            OraclePKIDebug.a("OracleWallet:open(), create and load the secret store in wallet");
            getSecretStore();
            if (checkTrustFlagsEnabled()) {
                this.C = true;
                OraclePKIDebug.a("OracleWallet:open() Trust Flags are enabled, loading info");
                this.D = new HashMap();
                getTrustFlagsValue(this.D);
                if (this.D.size() == 0) {
                    this.D = null;
                }
            }
            OraclePKIDebug.a("OracleWallet:open() Trust Flags Enabled :" + this.C);
            OraclePKIDebug.a("OracleWallet:open(), exit...");
        } catch (FileNotFoundException e4) {
            c();
            IOException iOException = new IOException(e4.getLocalizedMessage());
            iOException.initCause(e4);
            throw iOException;
        } catch (Throwable th) {
            OraclePKIDebug.a("OracleWallet:open() " + th.toString());
            c();
            IOException iOException2 = new IOException(th.getLocalizedMessage());
            iOException2.initCause(th);
            throw iOException2;
        }
    }

    public void openDefault(char[] cArr) throws IOException {
        open("", cArr);
        throw new IOException("not implemented");
    }

    public void createSSO() throws IOException {
        if (this.A == null && this.E == null) {
            this.A = new char[]{'t', 'e', 's', 't'};
            KeyStore keyStore = getKeyStore();
            a(keyStore);
            try {
                setKeyStore(keyStore);
                ByteArrayInputStream byteArrayInputStream = (ByteArrayInputStream) a(2);
                c();
                this.z = new byte[byteArrayInputStream.available()];
                byteArrayInputStream.read(this.z);
                OraclePKIDebug.a("OracleWallet: created ALO " + this.z.length + " bytes.");
            } catch (Exception e2) {
                throw ((IOException) new IOException().initCause(e2));
            }
        }
    }

    public void createSSO_OLD() throws IOException {
        if (this.A != null || this.E != null) {
            OraclePKIDebug.a("OracleWallet: saving sso (AL) " + this.z.length + " bytes.");
            this.E.b(this.z, this.A, 1);
            return;
        }
        this.A = new char[]{'t', 'e', 's', 't'};
        KeyStore keyStore = getKeyStore();
        a(keyStore);
        try {
            setKeyStore(keyStore);
            this.E = a(this.y, this.A);
            OraclePKIDebug.a("OracleWallet: saving sso (ALO) " + this.z.length + " bytes.");
            this.E.b(this.z, this.A, 2);
        } catch (Exception e2) {
            throw ((IOException) new IOException().initCause(e2));
        }
    }

    public void deleteSSOWallet() throws IOException {
        this.E.d();
    }

    public void deleteWallet() throws IOException {
        this.E.c();
    }

    public void save() throws IOException {
        OraclePKIDebug.a("OracleWallet: saving " + this.z.length + " bytes.");
        String str = this.y;
        if (str == null) {
            str = this.E.e();
        }
        saveAs(str);
    }

    public synchronized void saveAs(String str) throws IOException {
        saveAs(str, (byte) 0);
    }

    public synchronized void saveAs(String str, byte b2) throws IOException {
        if (str == null) {
            throw new IOException("wrl not specified.");
        }
        C041 c041 = new C041();
        OracleWalletImpl a2 = a(str, new char[16]);
        if (this.A == null) {
            OraclePKIDebug.a("OracleWallet: saving sso (ALO) " + this.z.length + " bytes.");
            try {
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(this.z);
                if (c041.c(byteArrayInputStream) == 2) {
                    c041.e(byteArrayInputStream);
                    char[] b3 = c041.b(byteArrayInputStream);
                    if (this.B == null) {
                        this.B = b3;
                    }
                    PKCS12 pkcs12 = new PKCS12(new String(b3), byteArrayInputStream);
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(pkcs12.length());
                    pkcs12.output(byteArrayOutputStream);
                    this.z = byteArrayOutputStream.toByteArray();
                }
                a2.b(this.z, this.B, 2, b2);
                this.A = null;
                try {
                    byte[] a3 = c041.a(this.B, 2);
                    ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream(a3.length + this.z.length);
                    byteArrayOutputStream2.write(a3);
                    byteArrayOutputStream2.write(this.z);
                    this.z = byteArrayOutputStream2.toByteArray();
                } catch (IOException e2) {
                    throw new IOException(e2.getMessage());
                }
            } catch (IOException e3) {
                throw new IOException(e3.getMessage());
            }
        } else {
            OracleWalletImpl a4 = a(str.endsWith("ewallet.p12") ? str.replaceAll("ewallet.p12", "cwallet.sso") : str.concat("/cwallet.sso"), (char[]) null);
            if (a4.b()) {
                OraclePKIDebug.a("OracleWallet: saving p12 " + this.z.length + " bytes.");
                a2.a(this.z, this.A, b2);
                OraclePKIDebug.a("OracleWallet: saving p12 (& sso or lsso) " + this.z.length + " bytes.");
                byte[] a5 = a4.a();
                ByteArrayInputStream byteArrayInputStream2 = new ByteArrayInputStream(a5);
                int c2 = c041.c(byteArrayInputStream2);
                int e4 = c041.e(byteArrayInputStream2);
                if (c2 == 1) {
                    a2.a(this.z, this.A, c2, b2);
                } else if (c2 == 3 && e4 == 7) {
                    if (this.s == 0) {
                        this.s = c041.c(a5);
                        this.t = c041.d(a5);
                        this.u = c041.e(a5);
                    }
                    a2.a(this.z, this.A, c2, b2, this.s, this.t, this.u);
                } else if (c2 == 3) {
                    if (this.s == 0) {
                        saveSSVs(DEFAULT_SSVS);
                    }
                    a2.a(this.z, this.A, c2, b2, this.s, this.t, this.u);
                }
            } else {
                OraclePKIDebug.a("OracleWallet: saving p12 " + this.z.length + " bytes.");
                a2.a(this.z, this.A, b2);
            }
        }
        this.E = a2;
    }

    public synchronized void saveSSO() throws IOException {
        OraclePKIDebug.a("OracleWallet: saving sso " + this.z.length + " bytes.");
        this.E.b(this.z, this.A, 1);
    }

    private void b() throws IOException {
        if (this.s == 0) {
            return;
        }
        System.out.println("Wallet is v7 LSSO wallet. SSVs used are -");
        if ((this.s & 1) == 1) {
            System.out.println("    Hostname");
        }
        if ((this.s & 2) == 2) {
            System.out.println("    Username");
        }
        if ((this.s & 16) == 16) {
            System.out.println("    Machine ID");
        }
        if ((this.s & 128) == 128) {
            System.out.println("    MAC name0=" + this.t);
        }
        if ((this.s & PKIConstants.AES256_KEY_LENGTH) == 256) {
            System.out.println("    MAC name1=" + this.u);
        }
    }

    public void saveSSVs(String str) throws IOException {
        OraclePKIDebug.a("OracleWallet.saveSSVs(): enter...");
        String[] split = str.split(",", -1);
        for (int i2 = 0; i2 < split.length; i2++) {
            if (split[i2].equals(j)) {
                this.s |= 1;
                OraclePKIDebug.a("  use SSV_HOSTNAME");
            } else if (split[i2].equals(k)) {
                this.s |= 2;
                OraclePKIDebug.a("  use SSV_USERNAME");
            } else if (split[i2].equals(n)) {
                this.s |= 16;
                OraclePKIDebug.a("  use SSV_MACHINEID");
            } else if (split[i2].startsWith(q)) {
                String[] split2 = split[i2].split(":", -1);
                if (split2.length != 2) {
                    throw new IOException("SSV MACNAME0 format should be: SSV_MACNAME_0:<name>. Input=" + split[i2]);
                }
                this.t = split2[1];
                this.s |= 128;
                OraclePKIDebug.a("  use SSV_MACNAME0:" + this.t);
            } else {
                if (!split[i2].startsWith(r)) {
                    OraclePKIDebug.a("Unsupported SSV: " + split[i2]);
                    throw new IOException("Unsupported SSV: " + split[i2]);
                }
                String[] split3 = split[i2].split(":", -1);
                if (split3.length != 2) {
                    throw new IOException("SSV MACNAME1 format should be: SSV_MACNAME_1:<name>. Input=" + split[i2]);
                }
                this.u = split3[1];
                this.s |= PKIConstants.AES256_KEY_LENGTH;
                OraclePKIDebug.a("  use SSV_MACNAME1:" + this.u);
            }
        }
        OraclePKIDebug.a("OracleWallet.saveSSVs() exit");
    }

    public void saveLSSO(String str) throws IOException {
        OraclePKIDebug.a("OracleWallet: saving lsso " + this.z.length + " bytes.");
        saveSSVs(str);
        this.E.b(this.z, this.A, 3, (byte) 0, this.s, this.t, this.u);
    }

    public void saveLSSO() throws IOException {
        OraclePKIDebug.a("OracleWallet: saving lsso " + this.z.length + " bytes.");
        if (this.s == 0) {
            saveSSVs(DEFAULT_SSVS);
        }
        this.E.b(this.z, this.A, 3, (byte) 0, this.s, this.t, this.u);
    }

    public boolean exists(String str) throws IOException {
        return a(str, this.A).b();
    }

    public boolean exists(String str, boolean z) throws IOException {
        OracleWalletImpl a2;
        if (z) {
            a2 = a(str, this.A);
        } else {
            a2 = a(str, this.A == null ? "".toCharArray() : this.A);
        }
        return a2.b();
    }

    public synchronized OracleSecretStore getSecretStore() throws IOException, OracleSecretStoreException {
        ByteArrayInputStream byteArrayInputStream = null;
        OraclePKIDebug.a("OracleWallet: getSecretStore: enter...");
        if (this.G == null) {
            this.G = new OracleSecretStore();
            if (this.z != null) {
                byteArrayInputStream = new ByteArrayInputStream(this.z);
            }
            this.G.load(byteArrayInputStream, this.A);
            OraclePKIDebug.a("OracleWallet: getSecretStore: created and loaded the secret store in wallet");
        }
        OraclePKIDebug.a("OracleWallet: getSecretStore: exit...");
        return this.G;
    }

    public KeyStore getKeyStore() throws IOException {
        try {
            if (null == Security.getProvider("OraclePKI")) {
                Security.insertProviderAt(new OraclePKIProvider(), 1);
            }
            KeyStore keyStore = this.A != null ? KeyStore.getInstance("PKCS12", "OraclePKI") : KeyStore.getInstance("SSO", "OraclePKI");
            ByteArrayInputStream byteArrayInputStream = null;
            if (this.z != null) {
                byteArrayInputStream = new ByteArrayInputStream(this.z);
            }
            keyStore.load(byteArrayInputStream, this.A);
            return keyStore;
        } catch (GeneralSecurityException e2) {
            return null;
        }
    }

    public synchronized void setSecretStore(OracleSecretStore oracleSecretStore) throws IOException, OracleSecretStoreException {
        OraclePKIDebug.a("OracleWallet: setSecretStore");
        ByteArrayInputStream byteArrayInputStream = null;
        if (oracleSecretStore != this.G) {
            throw new OracleSecretStoreException("Secretstore mismatch.");
        }
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        this.z = oracleSecretStore.setStoreInWallet(byteArrayInputStream, this.A);
    }

    public void setKeyStore(KeyStore keyStore) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        setKeyStore(keyStore, (byte) 0);
    }

    public void setKeyStore(KeyStore keyStore, byte b2) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        OraclePKIDebug.a("OracleWallet: setKeyStore");
        OracleKeyStoreSpi oracleKeyStoreSpi = new OracleKeyStoreSpi();
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        this.z = oracleKeyStoreSpi.a(byteArrayInputStream, keyStore, this.A, b2);
    }

    public KeyStore createPKCS11KeyStore(String str, String str2, String str3) throws ClassNotFoundException, InstantiationException, IllegalAccessException, IOException, InvocationTargetException, NoSuchMethodException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        KeyStore keyStore = null;
        if (str3 == null) {
            Security.addProvider((Provider) Class.forName("sun.security.pkcs11.SunPKCS11").getConstructor(String.class).newInstance(str == null ? "/opt/bar/cfg/pkcs11.cfg" : str));
            keyStore = KeyStore.getInstance("PKCS11");
            keyStore.load(null, str2.toCharArray());
        } else if (str3.contains("Luna")) {
            Provider provider = (Provider) Class.forName("com.chrysalisits.crypto.LunaJCAProvider").newInstance();
            Security.removeProvider(provider.getName());
            Security.insertProviderAt(provider, 1);
            keyStore = KeyStore.getInstance("Luna");
            keyStore.load(null, null);
        }
        return keyStore;
    }

    public OracleWallet migratePKCS12toJKS(char[] cArr, int i2) throws IOException {
        CertificateRequest certificateRequest;
        PrivateKey privateKey;
        if (!isValidPassword(cArr)) {
            throw new IOException(a.getString(OraclePKIMsgID.l));
        }
        OracleWallet oracleWallet = getInstance(PKIConstants.JKS_WALLET_TYPE);
        oracleWallet.create(cArr);
        KeyStore keyStore = oracleWallet.getKeyStore();
        KeyStore keyStore2 = getKeyStore();
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                keyStore.deleteEntry(aliases.nextElement());
            }
            try {
                Enumeration<String> aliases2 = keyStore2.aliases();
                while (aliases2.hasMoreElements()) {
                    String nextElement = aliases2.nextElement();
                    if ((i2 == 0 || i2 == 2) && keyStore2.isCertificateEntry(nextElement)) {
                        keyStore.setCertificateEntry(nextElement, (X509Certificate) keyStore2.getCertificate(nextElement));
                    } else if ((i2 == 0 || i2 == 1) && keyStore2.isKeyEntry(nextElement)) {
                        Certificate[] certificateChain = keyStore2.getCertificateChain(nextElement);
                        Key key = keyStore2.getKey(nextElement, this.A);
                        if (certificateChain == null) {
                            BigInteger bigInteger = new BigInteger("7");
                            if (key.getAlgorithm().equals(PKIConstants.RSA)) {
                                certificateRequest = ((OraclePKIRSAPrivateKey) key).getCertificateRequest();
                                privateKey = (PrivateKey) key;
                            } else if (key.getAlgorithm().equals(PKIConstants.EC)) {
                                certificateRequest = ((OraclePKIECPrivateKey) key).getCertificateRequest();
                                privateKey = CryptoUtils.generateECPrivateKeyFromBytes(key.getEncoded());
                            }
                            keyStore.setKeyEntry(nextElement, key, cArr, new Certificate[]{(X509Certificate) JCEUtil.getCertificateFactoryInstance("X.509").generateCertificate(new ByteArrayInputStream(new X509(certificateRequest.e(), certificateRequest.f(), certificateRequest.e(), privateKey, bigInteger, 3650, null).g()))});
                        } else {
                            keyStore.setKeyEntry(nextElement, key, cArr, certificateChain);
                        }
                    }
                }
                oracleWallet.setKeyStore(keyStore);
                return oracleWallet;
            } catch (Exception e2) {
                IOException iOException = new IOException();
                iOException.initCause(e2);
                throw iOException;
            }
        } catch (Exception e3) {
            IOException iOException2 = new IOException();
            iOException2.initCause(e3);
            throw iOException2;
        }
    }

    public void migrateJKStoPKCS12(KeyStore keyStore, char[] cArr, String[] strArr) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateEncodingException, CertificateException, UnrecoverableEntryException {
        OraclePKIDebug.a("OracleWallet: migrateJKStoPKCS12");
        if (cArr == null) {
            throw new IOException("keystore password cannot be null");
        }
        try {
            if (strArr != null) {
                for (String str : strArr) {
                    if (keyStore.entryInstanceOf(str, KeyStore.PrivateKeyEntry.class)) {
                        a(keyStore, cArr, str);
                    } else if (keyStore.entryInstanceOf(str, KeyStore.TrustedCertificateEntry.class)) {
                        a(keyStore, str);
                    } else if (!keyStore.containsAlias(str)) {
                        throw new IOException("Invalid alias : " + str);
                    }
                }
            } else {
                Enumeration<String> aliases = keyStore.aliases();
                while (aliases.hasMoreElements()) {
                    String nextElement = aliases.nextElement();
                    if (keyStore.entryInstanceOf(nextElement, KeyStore.PrivateKeyEntry.class)) {
                        a(keyStore, cArr, nextElement);
                    } else if (keyStore.entryInstanceOf(nextElement, KeyStore.TrustedCertificateEntry.class)) {
                        a(keyStore, nextElement);
                    } else if (!keyStore.containsAlias(nextElement)) {
                        throw new IOException("Invalid alias : " + nextElement);
                    }
                }
            }
        } catch (UnrecoverableEntryException e2) {
            throw new UnrecoverableEntryException("passwords of the keystore and key entries should be the same");
        }
    }

    void a(KeyStore keyStore, char[] cArr, String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateEncodingException, CertificateException, UnrecoverableEntryException {
        if (!canModify()) {
            throw new IOException("Cannot modify AL wallet.");
        }
        if (this.A == null) {
            this.B = d();
        }
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(str, new KeyStore.PasswordProtection(cArr));
        PrivateKey privateKey = privateKeyEntry.getPrivateKey();
        X509Certificate x509Certificate = (X509Certificate) privateKeyEntry.getCertificate();
        X509Certificate[] x509CertificateArr = (X509Certificate[]) privateKeyEntry.getCertificateChain();
        KeyPair keyPair = new KeyPair(x509Certificate.getPublicKey(), privateKey);
        OraclePKIX509CertImpl[] oraclePKIX509CertImplArr = new OraclePKIX509CertImpl[x509CertificateArr.length];
        for (int i2 = 0; i2 < x509CertificateArr.length; i2++) {
            oraclePKIX509CertImplArr[i2] = new OraclePKIX509CertImpl(new X509(x509CertificateArr[i2].getEncoded()));
        }
        if (oraclePKIX509CertImplArr.length <= 1) {
            try {
                if (((OraclePKIPrincipalImpl) oraclePKIX509CertImplArr[0].getIssuerDN()).equals((OraclePKIPrincipalImpl) oraclePKIX509CertImplArr[0].getSubjectDN())) {
                    internalAddTrustedCert(oraclePKIX509CertImplArr[0], str, null);
                    if (this.A == null) {
                        this.B = b(this.B);
                    }
                }
            } catch (Exception e2) {
            }
            X500Principal subjectX500Principal = x509Certificate.getSubjectX500Principal();
            String str2 = str + ' ' + Integer.toString(1);
            a(subjectX500Principal, keyPair, privateKey, str2);
            internalAddUserCert(oraclePKIX509CertImplArr[0], str2);
            if (this.A == null) {
                this.B = b(this.B);
                return;
            }
            return;
        }
        OraclePKIX509CertImpl[] a2 = a(oraclePKIX509CertImplArr);
        if (a2.length > 1) {
            for (int i3 = 0; i3 < a2.length - 1; i3++) {
                try {
                    internalAddTrustedCert(a2[i3], keyStore.getCertificateAlias(a2[i3]), null);
                    if (this.A == null) {
                        this.B = b(this.B);
                    }
                } catch (Exception e3) {
                }
            }
            a(x509Certificate.getSubjectX500Principal(), keyPair, privateKey, str);
            internalAddUserCert(a2[a2.length - 1], str);
            if (this.A == null) {
                this.B = b(this.B);
            }
        }
    }

    void a(KeyStore keyStore, String str) throws IOException, KeyStoreException, CertificateEncodingException {
        if (!canModify()) {
            throw new IOException("Cannot modify AL wallet.");
        }
        if (this.A == null) {
            this.B = d();
        }
        try {
            internalAddTrustedCert(new OraclePKIX509CertImpl(new X509(((X509Certificate) keyStore.getCertificate(str)).getEncoded())), str, null);
            if (this.A == null) {
                this.B = b(this.B);
            }
        } catch (Exception e2) {
        }
    }

    void a(X500Principal x500Principal, KeyPair keyPair, PrivateKey privateKey, String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        if (!canModify()) {
            throw new IOException("Cannot modify AL wallet.");
        }
        CertificateRequest certificateRequest = new CertificateRequest(new X500Name(x500Principal.getName()), keyPair.getPublic(), keyPair.getPrivate());
        if (this.A == null) {
            this.B = d();
        }
        internalAddCertReq(certificateRequest, privateKey, str);
        if (this.A == null) {
            this.B = b(this.B);
        }
    }

    public Enumeration listAliases() throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        OraclePKIDebug.a("OracleWallet: listAliases");
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        KeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        return oracleKeyStoreSpi.engineAliases();
    }

    public CRL createCRL(int i2) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        return createCRL(null, null, null, i2);
    }

    public CRL createCRL(String str, int i2) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        return createCRL(str, null, null, i2);
    }

    public CRL createCRL(String str, String str2, String str3, int i2) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        KeyStore keyStore = getKeyStore();
        PrivateKey privateKey = null;
        X509 x509 = null;
        boolean z = false;
        Enumeration<String> aliases = keyStore.aliases();
        BigInteger calculateSerialNumber = OraclePKIGenFunc.calculateSerialNumber(str3);
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement)) {
                X509 x5092 = ((OraclePKIX509CertImpl) keyStore.getCertificate(nextElement)).getX509();
                X500Name m2 = x5092.m();
                boolean z2 = false;
                if (str == null || (str != null && m2.equals(new X500Name(str)))) {
                    X500Name n2 = x5092.n();
                    if (str2 == null || (str2 != null && n2.equals(new X500Name(str2)))) {
                        BigInteger o2 = x5092.o();
                        if (calculateSerialNumber == null || (calculateSerialNumber != null && calculateSerialNumber.equals(o2))) {
                            z2 = true;
                        }
                        if (1 != 0 && 1 != 0 && z2) {
                            if (z) {
                                OraclePKIDebug.a("Multiple certs with matching params exist.");
                                throw new IOException(a.getString(OraclePKIMsgID.au));
                            }
                            z = true;
                            x509 = x5092;
                            Key key = keyStore.getKey(nextElement, null);
                            if (key.getAlgorithm().equals(PKIConstants.RSA)) {
                                privateKey = CryptoUtils.generateRSAPrivateKeyFromBytes(key.getEncoded());
                            } else if (key.getAlgorithm().equals(PKIConstants.EC)) {
                                privateKey = CryptoUtils.generateECPrivateKeyFromBytes(key.getEncoded());
                            }
                        }
                    }
                }
            }
        }
        if (privateKey == null || x509 == null) {
            throw new IOException(a.getString(OraclePKIMsgID.X));
        }
        try {
            new OraclePKIX509CertImpl(x509).checkValidity();
            try {
                CRL crl = new CRL();
                crl.a(x509.m());
                crl.a(i2);
                AlgorithmIdentifier algorithmIdentifier = null;
                if (this.I != null) {
                    algorithmIdentifier = new AlgorithmIdentifier(Utils.toStream(this.I));
                }
                crl.a(privateKey, algorithmIdentifier);
                SubjectKeyIDExtension subjectKeyIDExtension = (SubjectKeyIDExtension) x509.a(PKIX.D);
                if (subjectKeyIDExtension != null) {
                    crl.a(new AuthorityKeyIDExtension(subjectKeyIDExtension.e()));
                } else {
                    OraclePKIDebug.a("Issuer's cert does not have Subject Key Identifier set,so can not set Authority Key Identifier in CRL generated.");
                }
                return crl;
            } catch (Exception e2) {
                return null;
            }
        } catch (Exception e3) {
            throw new IOException(a.getString(OraclePKIMsgID.av));
        }
    }

    public CRL revokeCertificate(InputStream inputStream, CRL crl) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        OraclePKIX509CertImpl oraclePKIX509CertImpl = null;
        boolean z = false;
        RevokedCertificate revokedCertificate = new RevokedCertificate(OraclePKIGenFunc.readCertsAt(inputStream)[0].getSerialNumber(), new Date());
        KeyStore keyStore = getKeyStore();
        PrivateKey privateKey = null;
        Enumeration<String> aliases = keyStore.aliases();
        OraclePKIPrincipalImpl oraclePKIPrincipalImpl = new OraclePKIPrincipalImpl(crl.a());
        while (true) {
            if (!aliases.hasMoreElements()) {
                break;
            }
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement)) {
                oraclePKIX509CertImpl = (OraclePKIX509CertImpl) keyStore.getCertificate(nextElement);
                if (oraclePKIPrincipalImpl != null && oraclePKIPrincipalImpl.equals(oraclePKIX509CertImpl.getSubjectDN())) {
                    try {
                        z = verifyCRLSignature(oraclePKIX509CertImpl, crl);
                    } catch (Exception e2) {
                        System.out.println("Could not verify CRL signature : " + e2.getLocalizedMessage());
                    }
                    if (z) {
                        Key key = keyStore.getKey(nextElement, null);
                        if (key.getAlgorithm().equals(PKIConstants.RSA)) {
                            privateKey = (PrivateKey) key;
                        } else if (key.getAlgorithm().equals(PKIConstants.EC)) {
                            privateKey = CryptoUtils.generateECPrivateKeyFromBytes(key.getEncoded());
                        }
                    }
                }
            }
        }
        if (privateKey == null || oraclePKIX509CertImpl == null) {
            throw new IOException(a.getString(OraclePKIMsgID.X));
        }
        try {
            oraclePKIX509CertImpl.checkValidity();
            crl.a(revokedCertificate);
            if (this.I == null) {
                crl.a(privateKey, (AlgorithmIdentifier) null);
            } else {
                try {
                    crl.a(privateKey, new AlgorithmIdentifier(Utils.toStream(this.I)));
                } catch (IOException e3) {
                    System.out.println("Could not set signing key: " + e3.getLocalizedMessage());
                    crl = null;
                }
            }
            return crl;
        } catch (Exception e4) {
            throw new IOException(a.getString(OraclePKIMsgID.av));
        }
    }

    public static boolean getRevocationStatus(InputStream inputStream, CRL crl) throws IOException {
        return crl.d(OraclePKIGenFunc.readCertsAt(inputStream)[0].getSerialNumber());
    }

    public static boolean verifyCRLSignature(InputStream inputStream, CRL crl) throws IOException, AuthException {
        return verifyCRLSignature(OraclePKIGenFunc.readCertsAt(inputStream)[0], crl);
    }

    public static boolean verifyCRLSignature(OraclePKIX509CertImpl oraclePKIX509CertImpl, CRL crl) throws IOException, AuthException {
        PublicKey publicKey = null;
        PublicKey publicKey2 = oraclePKIX509CertImpl.getPublicKey();
        if (publicKey2.getAlgorithm().equals(PKIConstants.RSA)) {
            publicKey = CryptoUtils.generateRSAPublicKeyFromBytes(publicKey2.getEncoded());
        } else if (publicKey2.getAlgorithm().equals(PKIConstants.EC)) {
            publicKey = CryptoUtils.generateECPublicKeyFromBytes(publicKey2.getEncoded());
        }
        crl.a(publicKey);
        return crl.i();
    }

    public void addCertRequest(X500Principal x500Principal, int i2) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        addCertRequest(x500Principal, i2, (OracleCertExtension) null, (String) null);
    }

    public void addCertRequest(X500Principal x500Principal, int i2, String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        addCertRequest(x500Principal, i2, (OracleCertExtension) null, str);
    }

    public void addCertRequest(X500Principal x500Principal, int i2, OracleCertExtension oracleCertExtension) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        addCertRequest(x500Principal, i2, oracleCertExtension, (String) null);
    }

    public void addCertRequest(X500Principal x500Principal, int i2, OracleCertExtension oracleCertExtension, String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        OraclePKIRSAKeyHelper.validateKeysize(i2);
        try {
            KeyPairGenerator keyPairGeneratorInstance = JCEUtil.getKeyPairGeneratorInstance(PKIConstants.RSA);
            keyPairGeneratorInstance.initialize(i2);
            KeyPair generateKeyPair = keyPairGeneratorInstance.generateKeyPair();
            a(x500Principal, generateKeyPair.getPrivate(), generateKeyPair.getPublic(), oracleCertExtension, str);
        } catch (NoSuchAlgorithmException e2) {
            throw ((IOException) new IOException(a.getString(OraclePKIMsgID.D)).initCause(e2));
        }
    }

    public void addCertRequest(X500Principal x500Principal, String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        addCertRequest(x500Principal, str, (OracleCertExtension) null, (String) null);
    }

    public void addCertRequest(X500Principal x500Principal, String str, String str2) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        addCertRequest(x500Principal, str, (OracleCertExtension) null, str2);
    }

    public void addCertRequest(X500Principal x500Principal, String str, OracleCertExtension oracleCertExtension) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        addCertRequest(x500Principal, str, oracleCertExtension, (String) null);
    }

    public void addCertRequest(X500Principal x500Principal, String str, OracleCertExtension oracleCertExtension, String str2) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        ECGenParameterSpec eCGenParameterSpec;
        if (str == null) {
            throw new IOException(a.getString(OraclePKIMsgID.aP));
        }
        try {
            KeyPairGenerator keyPairGeneratorInstance = JCEUtil.getKeyPairGeneratorInstance(PKIConstants.EC);
            if (EccCurveParameters.get(str) != null) {
                eCGenParameterSpec = new ECGenParameterSpec(EccCurveParameters.get(str).getNickName());
            } else {
                if (EccCurveParameters.getByNickName(str) == null) {
                    throw new IOException(a.getString(OraclePKIMsgID.E));
                }
                eCGenParameterSpec = new ECGenParameterSpec(str);
            }
            try {
                keyPairGeneratorInstance.initialize(eCGenParameterSpec);
                KeyPair genKeyPair = keyPairGeneratorInstance.genKeyPair();
                a(x500Principal, genKeyPair.getPrivate(), genKeyPair.getPublic(), oracleCertExtension, str2);
            } catch (InvalidAlgorithmParameterException e2) {
                throw new IOException(a.getString(OraclePKIMsgID.aN));
            }
        } catch (NoSuchAlgorithmException e3) {
            throw new IOException(a.getString(OraclePKIMsgID.E));
        }
    }

    private void a(X500Principal x500Principal, PrivateKey privateKey, PublicKey publicKey, OracleCertExtension oracleCertExtension, String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        if (!canModify()) {
            throw new IOException("Cannot modify AL wallet.");
        }
        CertificateRequest certificateRequest = new CertificateRequest(new X500Name(x500Principal.toString()), publicKey, privateKey);
        if (oracleCertExtension != null) {
            if (oracleCertExtension.getSubjectKeyId()) {
                certificateRequest.a(new SubjectKeyIDExtension(CryptoUtils.generateKeyID(publicKey), false));
            }
            if (oracleCertExtension.getKeyUsage() != null) {
                certificateRequest.a(new KeyUsageExtension(oracleCertExtension.getKeyUsage(), true));
            }
            if (oracleCertExtension.getBasicConstraints() != null) {
                certificateRequest.a(oracleCertExtension.getBasicConstraints());
            }
            ArrayList<GeneralName> subjectAlternativeNamesList = oracleCertExtension.getSubjectAlternativeNamesList();
            if (subjectAlternativeNamesList != null) {
                certificateRequest.a(new SubjectAltNameExtension(subjectAlternativeNamesList));
            }
        }
        AlgorithmIdentifier certSignAlgorithmId = getCertSignAlgorithmId();
        if (null != certSignAlgorithmId) {
            certificateRequest.a(new AlgorithmIdentifier(Utils.toStream(certSignAlgorithmId)));
        }
        if (this.A == null) {
            this.B = d();
        }
        internalAddCertReq(certificateRequest, privateKey, str);
        if (this.A == null) {
            this.B = b(this.B);
        }
    }

    public void addCertRequest(CertificateRequest certificateRequest) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        if (!canModify()) {
            throw new IOException("Cannot modify AL wallet.");
        }
        if (this.A == null) {
            this.B = d();
        }
        internalAddCertReq(certificateRequest, null, null);
        if (this.A == null) {
            this.B = b(this.B);
        }
    }

    public String exportCertReqB64(X500Principal x500Principal) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        String str = null;
        KeyStore keyStore = getKeyStore();
        X500Name x500Name = new X500Name(x500Principal.toString());
        Enumeration<String> aliases = keyStore.aliases();
        while (true) {
            if (!aliases.hasMoreElements()) {
                break;
            }
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement)) {
                CertificateRequest certificateRequest = null;
                Key key = keyStore.getKey(nextElement, null);
                if (key.getAlgorithm().equals(PKIConstants.RSA)) {
                    certificateRequest = ((OraclePKIRSAPrivateKey) key).getCertificateRequest();
                } else if (key.getAlgorithm().equals(PKIConstants.EC)) {
                    certificateRequest = ((OraclePKIECPrivateKey) key).getCertificateRequest();
                }
                String str2 = null;
                if (certificateRequest != null && certificateRequest.e() != null) {
                    str2 = certificateRequest.e().toString();
                }
                if (str2 != null && x500Name.equals(new X500Name(str2))) {
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    certificateRequest.output(byteArrayOutputStream);
                    str = Utils.getBase64EncodedCert(byteArrayOutputStream.toByteArray(), b, c);
                    break;
                }
            }
        }
        return str;
    }

    public InputStream exportCertReq(String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        String exportCertReqB64 = exportCertReqB64(str);
        if (exportCertReqB64 != null) {
            return new ByteArrayInputStream(exportCertReqB64.getBytes());
        }
        return null;
    }

    public String exportCertReqB64(String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        String str2 = null;
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        while (true) {
            if (!aliases.hasMoreElements()) {
                break;
            }
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement)) {
                CertificateRequest certificateRequest = null;
                Key key = keyStore.getKey(nextElement, null);
                if (key.getAlgorithm().equals(PKIConstants.RSA)) {
                    certificateRequest = ((OraclePKIRSAPrivateKey) key).getCertificateRequest();
                } else if (key.getAlgorithm().equals(PKIConstants.EC)) {
                    certificateRequest = ((OraclePKIECPrivateKey) key).getCertificateRequest();
                }
                if (certificateRequest != null && str.equals(nextElement)) {
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    certificateRequest.output(byteArrayOutputStream);
                    str2 = Utils.getBase64EncodedCert(byteArrayOutputStream.toByteArray(), b, c);
                    break;
                }
            }
        }
        return str2;
    }

    public InputStream exportCertReq(X500Principal x500Principal) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        return new ByteArrayInputStream(exportCertReqB64(x500Principal).getBytes());
    }

    public InputStream createCert(InputStream inputStream, int i2) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        return a(inputStream, i2, (Date) null, (Date) null, BigInteger.ZERO);
    }

    public InputStream createCert(InputStream inputStream, int i2, String str, String str2, BigInteger bigInteger) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        return a(inputStream, i2, (Date) null, (Date) null, BigInteger.ZERO, str, str2, bigInteger);
    }

    public InputStream createCert(InputStream inputStream, int i2, BigInteger bigInteger) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        return a(inputStream, i2, (Date) null, (Date) null, bigInteger);
    }

    public InputStream createCert(InputStream inputStream, int i2, BigInteger bigInteger, String str, String str2, BigInteger bigInteger2) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        return a(inputStream, i2, (Date) null, (Date) null, bigInteger, str, str2, bigInteger2);
    }

    public InputStream createCert(InputStream inputStream, Date date, Date date2, String str, String str2, BigInteger bigInteger) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        return a(inputStream, 0, date, date2, BigInteger.ZERO, str, str2, bigInteger);
    }

    public InputStream createCert(InputStream inputStream, Date date, Date date2, BigInteger bigInteger, String str, String str2, BigInteger bigInteger2) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        return a(inputStream, 0, date, date2, bigInteger, str, str2, bigInteger2);
    }

    private InputStream a(InputStream inputStream, int i2, Date date, Date date2, BigInteger bigInteger) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        return a(inputStream, i2, date, date2, bigInteger, (String) null, (String) null, (BigInteger) null);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v87, types: [java.security.PrivateKey] */
    private InputStream a(InputStream inputStream, int i2, Date date, Date date2, BigInteger bigInteger, String str, String str2, BigInteger bigInteger2) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        BigInteger f2;
        try {
            CertificateRequest certificateRequest = new CertificateRequest(inputStream);
            KeyStore keyStore = getKeyStore();
            String a2 = a(str, str2, bigInteger2);
            Key key = keyStore.getKey(a2, null);
            ECPrivateKey eCPrivateKey = null;
            if (key.getAlgorithm().equals(PKIConstants.RSA)) {
                eCPrivateKey = (PrivateKey) key;
            } else if (key.getAlgorithm().equals(PKIConstants.EC)) {
                eCPrivateKey = CryptoUtils.generateECPrivateKeyFromBytes(key.getEncoded());
            }
            X509 x509 = ((OraclePKIX509CertImpl) keyStore.getCertificate(a2)).getX509();
            if (eCPrivateKey == null || x509 == null) {
                OraclePKIDebug.a("OracleWallet.createCert: " + a.getString(OraclePKIMsgID.X));
                throw new IOException(a.getString(OraclePKIMsgID.X));
            }
            AlgorithmIdentifier algorithmIdentifier = this.H != null ? new AlgorithmIdentifier(Utils.toStream(this.H)) : null;
            X509 x5092 = i2 == 0 ? new X509(certificateRequest.e(), certificateRequest.f(), x509.m(), eCPrivateKey, bigInteger, date, date2, algorithmIdentifier) : new X509(certificateRequest.e(), certificateRequest.f(), x509.m(), eCPrivateKey, bigInteger, i2, algorithmIdentifier);
            X509ExtensionSet i3 = certificateRequest.i();
            if (i3 != null) {
                ArrayList<X509Extension> b2 = i3.b();
                for (int i4 = 0; i4 < b2.size(); i4++) {
                    x5092.a(b2.get(i4));
                }
            }
            BasicConstraintsExtension basicConstraintsExtension = (BasicConstraintsExtension) x509.a(PKIX.H);
            if (basicConstraintsExtension != null && basicConstraintsExtension.e() && (f2 = basicConstraintsExtension.f()) != null) {
                if (f2.signum() <= 0) {
                    throw new IOException(a.getString(OraclePKIMsgID.ax));
                }
                BasicConstraintsExtension basicConstraintsExtension2 = (BasicConstraintsExtension) x5092.a(PKIX.H);
                if (basicConstraintsExtension2 != null && basicConstraintsExtension2.e()) {
                    x5092.a(new BasicConstraintsExtension(f2.subtract(BigInteger.ONE)));
                }
            }
            SubjectKeyIDExtension subjectKeyIDExtension = (SubjectKeyIDExtension) x509.a(PKIX.D);
            if (subjectKeyIDExtension != null) {
                x5092.a(new AuthorityKeyIDExtension(subjectKeyIDExtension.e(), false));
            } else {
                OraclePKIDebug.a("Issuer's cert does not have Subject Key Identifier set,so can not set Authority Key Identifier in certificate generated.");
            }
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            x5092.output(byteArrayOutputStream);
            return new ByteArrayInputStream(Utils.getBase64EncodedCert(byteArrayOutputStream.toByteArray(), d, e).getBytes());
        } catch (Exception e2) {
            if (OraclePKIDebug.getDebugFlag()) {
                e2.printStackTrace();
            }
            throw new IOException(e2.getLocalizedMessage());
        }
    }

    private String a(String str, String str2, BigInteger bigInteger) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        Certificate certificate;
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        if (str == null && str2 == null && bigInteger == null) {
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (keyStore.isKeyEntry(nextElement) && keyStore.getCertificate(nextElement) != null) {
                    return nextElement;
                }
            }
        } else {
            while (aliases.hasMoreElements()) {
                String nextElement2 = aliases.nextElement();
                if (keyStore.isKeyEntry(nextElement2) && (certificate = keyStore.getCertificate(nextElement2)) != null) {
                    X509 x509 = ((OraclePKIX509CertImpl) certificate).getX509();
                    if (str == null || x509.m().toString().equals(str)) {
                        if (str2 == null || x509.n().toString().equals(str2)) {
                            if (bigInteger == null || x509.o().equals(bigInteger)) {
                                return nextElement2;
                            }
                        }
                    }
                }
            }
        }
        OraclePKIDebug.a("OracleWallet.internalGetSignerAlias: " + a.getString(OraclePKIMsgID.ac));
        throw new IOException(a.getString(OraclePKIMsgID.ac));
    }

    public String exportCertB64(X500Principal x500Principal) throws IOException, KeyStoreException, CertificateEncodingException {
        return exportCertB64(x500Principal, null, null);
    }

    public String exportCertB64(X500Principal x500Principal, String str, String str2) throws IOException, KeyStoreException, CertificateEncodingException {
        String str3 = null;
        KeyStore keyStore = getKeyStore();
        X500Name x500Name = new X500Name(x500Principal.toString());
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            OraclePKIX509CertImpl oraclePKIX509CertImpl = (OraclePKIX509CertImpl) keyStore.getCertificate(aliases.nextElement());
            if (oraclePKIX509CertImpl != null && x500Name.equals(new X500Name(oraclePKIX509CertImpl.getSubjectDN().toString())) && (str == null || oraclePKIX509CertImpl.getIssuerDN().toString().equals(str))) {
                if (str2 != null) {
                    BigInteger serialNumber = oraclePKIX509CertImpl.getSerialNumber();
                    if (serialNumber != null) {
                        String bigInteger = serialNumber.toString();
                        String bigInteger2 = serialNumber.toString(16);
                        String str4 = "0x" + serialNumber.toString(16);
                        if (!bigInteger.equals(str2) && !bigInteger2.equalsIgnoreCase(str2) && !str4.equalsIgnoreCase(str2)) {
                        }
                    } else {
                        continue;
                    }
                }
                str3 = Utils.getBase64EncodedCert(oraclePKIX509CertImpl.getEncoded(), d, e);
                break;
            }
        }
        return str3;
    }

    public InputStream exportCert(String str) throws IOException, KeyStoreException, CertificateEncodingException {
        String exportCertB64 = exportCertB64(str);
        if (exportCertB64 != null) {
            return new ByteArrayInputStream(exportCertB64.getBytes());
        }
        return null;
    }

    public String exportCertB64(String str) throws IOException, KeyStoreException, CertificateEncodingException {
        String str2 = null;
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        while (true) {
            if (!aliases.hasMoreElements()) {
                break;
            }
            String nextElement = aliases.nextElement();
            OraclePKIX509CertImpl oraclePKIX509CertImpl = (OraclePKIX509CertImpl) keyStore.getCertificate(nextElement);
            if (oraclePKIX509CertImpl != null && str.equals(nextElement)) {
                str2 = Utils.getBase64EncodedCert(oraclePKIX509CertImpl.getEncoded(), d, e);
                break;
            }
        }
        return str2;
    }

    public InputStream exportCert(X500Principal x500Principal) throws IOException, KeyStoreException, CertificateEncodingException {
        return exportCert(x500Principal, null, null);
    }

    public InputStream exportCert(X500Principal x500Principal, String str, String str2) throws IOException, KeyStoreException, CertificateEncodingException {
        return new ByteArrayInputStream(exportCertB64(x500Principal, str, str2).getBytes());
    }

    public String exportPrivateKeyB64(String str, char[] cArr, byte[] bArr) throws IOException {
        return exportPrivateKeyB64(str, cArr, bArr, PKIConstants.PBE_ITER_COUNT);
    }

    public String exportPrivateKeyB64(String str, char[] cArr, byte[] bArr, int i2) throws IOException {
        String str2 = null;
        byte[] bArr2 = new byte[16];
        if (!canModify()) {
            throw new IOException("Cannot export private key from SSO wallet.");
        }
        try {
            Key key = getKeyStore().getKey(str, this.A);
            if (key instanceof PrivateKey) {
                PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(bArr, i2, new IvParameterSpec(bArr2));
                SecretKey generateSecret = SecretKeyFactory.getInstance(PKIConstants.PBE_WITH_SHA256_AND_AES256).generateSecret(new PBEKeySpec(cArr, bArr, i2, PKIConstants.AES256_KEY_LENGTH));
                Cipher cipherInstance = JCEUtil.getCipherInstance(PKIConstants.PBE_WITH_SHA256_AND_AES256);
                cipherInstance.init(1, generateSecret, pBEParameterSpec);
                str2 = Utils.getBase64EncodedCert(cipherInstance.doFinal(key.getEncoded()), h, i);
            }
            return str2;
        } catch (InvalidAlgorithmParameterException e2) {
            throw new IOException(a.getString(OraclePKIMsgID.J));
        } catch (Exception e3) {
            IOException iOException = new IOException();
            iOException.initCause(e3);
            throw iOException;
        }
    }

    public String exportPrivateKeyB64(String str, char[] cArr) throws IOException {
        String str2 = null;
        PBEKeySpec pBEKeySpec = null;
        SecretKey secretKey = null;
        byte[] bArr = new byte[8];
        byte[] bArr2 = new byte[16];
        try {
            if (!canModify()) {
                throw new IOException("Cannot export private key from SSO wallet.");
            }
            try {
                PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(bArr, PKIConstants.PBE_ITER_COUNT, new IvParameterSpec(bArr2));
                pBEKeySpec = new PBEKeySpec(cArr, bArr, PKIConstants.PBE_ITER_COUNT, PKIConstants.AES256_KEY_LENGTH);
                secretKey = SecretKeyFactory.getInstance(PKIConstants.PBE_WITH_SHA256_AND_AES256).generateSecret(pBEKeySpec);
                Key key = getKeyStore().getKey(str, this.A);
                if (key instanceof PrivateKey) {
                    Cipher cipher = Cipher.getInstance(PKIConstants.PBE_WITH_SHA256_AND_AES256);
                    cipher.init(1, secretKey, pBEParameterSpec);
                    byte[] doFinal = cipher.doFinal(key.getEncoded());
                    AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance(PKIConstants.PBE_WITH_SHA256_AND_AES256);
                    algorithmParameters.init(pBEParameterSpec);
                    str2 = Utils.getBase64EncodedCert(PBEEncPKCS8.encodeEncPkcs8(algorithmParameters, doFinal), f, g);
                }
                if (pBEKeySpec != null) {
                    pBEKeySpec.clearPassword();
                }
                if (secretKey != null) {
                    try {
                        secretKey.destroy();
                    } catch (DestroyFailedException e2) {
                    }
                }
                return str2;
            } catch (Exception e3) {
                IOException iOException = new IOException();
                iOException.initCause(e3);
                throw iOException;
            }
        } catch (Throwable th) {
            if (pBEKeySpec != null) {
                pBEKeySpec.clearPassword();
            }
            if (secretKey != null) {
                try {
                    secretKey.destroy();
                } catch (DestroyFailedException e4) {
                    throw th;
                }
            }
            throw th;
        }
    }

    public void importPrivateKeyB64(String str, String str2, char[] cArr, byte[] bArr, String str3, String str4) throws IOException {
        importPrivateKeyB64(str, str2, cArr, bArr, PKIConstants.PBE_ITER_COUNT, str3, str4);
    }

    public void importPrivateKeyB64(String str, String str2, char[] cArr, byte[] bArr, int i2, String str3, String str4) throws IOException {
        ECPrivateKey eCPrivateKey = null;
        KeyPair keyPair = null;
        PrivateKey privateKey = null;
        byte[] bArr2 = new byte[16];
        if (!canModify()) {
            throw new IOException("Cannot import private key to SSO wallet.");
        }
        if (null != str3) {
            try {
                OraclePKIX509CertImpl[] readCertsAt = OraclePKIGenFunc.readCertsAt(new ByteArrayInputStream(str3.getBytes()));
                PublicKey publicKey = readCertsAt[0].getPublicKey();
                String publicKeyType = readCertsAt[0].getPublicKeyType();
                IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr2);
                PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(bArr, i2, ivParameterSpec);
                SecretKey generateSecret = SecretKeyFactory.getInstance(PKIConstants.PBE_WITH_SHA256_AND_AES256).generateSecret(new PBEKeySpec(cArr, bArr, i2, PKIConstants.AES256_KEY_LENGTH));
                Cipher cipherInstance = JCEUtil.getCipherInstance(PKIConstants.PBE_WITH_SHA256_AND_AES256);
                try {
                    cipherInstance.init(2, generateSecret, pBEParameterSpec);
                } catch (InvalidAlgorithmParameterException e2) {
                    cipherInstance.init(2, generateSecret, ivParameterSpec);
                }
                if (str2.indexOf(h) == -1) {
                    throw new IOException("Header not present in private key");
                }
                if (str2.indexOf(i) == -1) {
                    throw new IOException("Footer not present in private key");
                }
                byte[] doFinal = cipherInstance.doFinal(Base64.getMimeDecoder().decode(str2.substring(h.length(), str2.indexOf(i) - 1)));
                if (null != publicKeyType && (publicKeyType.equalsIgnoreCase("") || publicKeyType.equalsIgnoreCase(PKIConstants.RSA))) {
                    privateKey = KeyFactory.getInstance(PKIConstants.RSA).generatePrivate(new PKCS8EncodedKeySpec(doFinal));
                    keyPair = new KeyPair(publicKey, privateKey);
                } else if (null != publicKeyType && publicKeyType.equalsIgnoreCase(PKIConstants.EC)) {
                    eCPrivateKey = CryptoUtils.generateECPrivateKeyFromBytes(doFinal);
                    keyPair = new KeyPair(CryptoUtils.generateECPublicKeyFromBytes(publicKey.getEncoded()), eCPrivateKey);
                }
                CertificateRequest certificateRequest = new CertificateRequest(new X500Name(readCertsAt[0].getSubjectDN().toString()), keyPair != null ? keyPair.getPublic() : null, keyPair != null ? keyPair.getPrivate() : null);
                if (null != publicKeyType && (publicKeyType.equalsIgnoreCase("") || publicKeyType.equalsIgnoreCase(PKIConstants.RSA))) {
                    internalAddCertReq(certificateRequest, privateKey, str);
                } else if (null != publicKeyType && publicKeyType.equalsIgnoreCase(PKIConstants.EC)) {
                    internalAddCertReq(certificateRequest, eCPrivateKey, str);
                }
                if (this.A == null) {
                    this.B = d();
                }
                if (this.A == null) {
                    this.B = b(this.B);
                }
                if (str4 != null) {
                    for (OraclePKIX509CertImpl oraclePKIX509CertImpl : OraclePKIGenFunc.readCertsAt(new ByteArrayInputStream(str4.getBytes()))) {
                        internalAddTrustedCert(oraclePKIX509CertImpl, null, null);
                        if (this.A == null) {
                            this.B = b(this.B);
                        }
                    }
                }
                internalAddUserCert(readCertsAt[0], str);
                if (this.A == null) {
                    this.B = b(this.B);
                }
            } catch (Exception e3) {
                throw ((IOException) new IOException().initCause(e3));
            }
        }
    }

    public void importPrivateKeyB64(String str, String str2, char[] cArr, String str3, String str4) throws IOException {
        PrivateKey privateKey = null;
        ECPrivateKey eCPrivateKey = null;
        KeyPair keyPair = null;
        PBEKeySpec pBEKeySpec = null;
        SecretKey secretKey = null;
        byte[] bArr = new byte[8];
        try {
            if (!canModify()) {
                throw new IOException("Cannot import private key to SSO wallet.");
            }
            if (null != str3) {
                try {
                    OraclePKIX509CertImpl[] readCertsAt = OraclePKIGenFunc.readCertsAt(new ByteArrayInputStream(str3.getBytes()));
                    PublicKey publicKey = readCertsAt[0].getPublicKey();
                    String publicKeyType = readCertsAt[0].getPublicKeyType();
                    if (str2.indexOf(new String(f)) == -1) {
                        throw new IOException("Header not present in private key");
                    }
                    if (str2.indexOf(new String(g)) == -1) {
                        throw new IOException("Footer not present in private key");
                    }
                    EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(Base64.getMimeDecoder().decode(str2.substring(new String(f).length(), str2.indexOf(new String(g)) - 1)));
                    Cipher cipher = Cipher.getInstance(PKIConstants.PBE_WITH_SHA256_AND_AES256);
                    pBEKeySpec = new PBEKeySpec(cArr, bArr, PKIConstants.PBE_ITER_COUNT, PKIConstants.AES256_KEY_LENGTH);
                    secretKey = SecretKeyFactory.getInstance(PKIConstants.PBE_WITH_SHA256_AND_AES256).generateSecret(pBEKeySpec);
                    cipher.init(2, secretKey, encryptedPrivateKeyInfo.getAlgParameters());
                    PKCS8EncodedKeySpec keySpec = encryptedPrivateKeyInfo.getKeySpec(cipher);
                    if (null != publicKeyType && (publicKeyType.equalsIgnoreCase("") || publicKeyType.equalsIgnoreCase(PKIConstants.RSA))) {
                        privateKey = KeyFactory.getInstance(PKIConstants.RSA).generatePrivate(keySpec);
                        keyPair = new KeyPair(publicKey, privateKey);
                    } else if (null != publicKeyType && publicKeyType.equalsIgnoreCase(PKIConstants.EC)) {
                        privateKey = KeyFactory.getInstance(PKIConstants.EC).generatePrivate(keySpec);
                        eCPrivateKey = CryptoUtils.generateECPrivateKeyFromBytes(privateKey.getEncoded());
                        keyPair = new KeyPair(CryptoUtils.generateECPublicKeyFromBytes(publicKey.getEncoded()), eCPrivateKey);
                    }
                    KeyStore keyStore = getKeyStore();
                    Enumeration<String> aliases = keyStore.aliases();
                    while (aliases.hasMoreElements()) {
                        String nextElement = aliases.nextElement();
                        if (keyStore.isKeyEntry(nextElement)) {
                            Key key = keyStore.getKey(nextElement, this.A);
                            if (key instanceof PrivateKey) {
                                byte[] encoded = key.getEncoded();
                                if (null == publicKeyType || !(publicKeyType.equalsIgnoreCase("") || publicKeyType.equalsIgnoreCase(PKIConstants.RSA))) {
                                    if (null != publicKeyType && publicKeyType.equalsIgnoreCase(PKIConstants.EC) && eCPrivateKey != null && Arrays.equals(encoded, eCPrivateKey.getEncoded())) {
                                        throw new IOException("Private key already present in wallet.");
                                    }
                                } else if (privateKey != null && Arrays.equals(encoded, privateKey.getEncoded())) {
                                    throw new IOException("Private key already present in wallet.");
                                }
                            } else {
                                continue;
                            }
                        }
                    }
                    CertificateRequest certificateRequest = new CertificateRequest(new X500Name(readCertsAt[0].getSubjectDN().toString()), keyPair != null ? keyPair.getPublic() : null, keyPair != null ? keyPair.getPrivate() : null);
                    if (null != publicKeyType && (publicKeyType.equalsIgnoreCase("") || publicKeyType.equalsIgnoreCase(PKIConstants.RSA))) {
                        internalAddCertReq(certificateRequest, privateKey, str);
                    } else if (null != publicKeyType && publicKeyType.equalsIgnoreCase(PKIConstants.EC)) {
                        internalAddCertReq(certificateRequest, eCPrivateKey, str);
                    }
                    if (this.A == null) {
                        this.B = d();
                    }
                    if (this.A == null) {
                        this.B = b(this.B);
                    }
                    if (str4 != null) {
                        for (OraclePKIX509CertImpl oraclePKIX509CertImpl : OraclePKIGenFunc.readCertsAt(new ByteArrayInputStream(str4.getBytes()))) {
                            internalAddTrustedCert(oraclePKIX509CertImpl, null, null);
                            if (this.A == null) {
                                this.B = b(this.B);
                            }
                        }
                    }
                    internalAddUserCert(readCertsAt[0], str);
                    if (this.A == null) {
                        this.B = b(this.B);
                    }
                } catch (Exception e2) {
                    throw ((IOException) new IOException().initCause(e2));
                }
            }
            if (pBEKeySpec != null) {
                pBEKeySpec.clearPassword();
            }
            if (secretKey != null) {
                try {
                    secretKey.destroy();
                } catch (DestroyFailedException e3) {
                }
            }
        } catch (Throwable th) {
            if (0 != 0) {
                pBEKeySpec.clearPassword();
            }
            if (0 != 0) {
                try {
                    secretKey.destroy();
                } catch (DestroyFailedException e4) {
                    throw th;
                }
            }
            throw th;
        }
    }

    public void importCertB64(String str, boolean z) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        importCert(new ByteArrayInputStream(str.getBytes()), z, null, null);
    }

    public void importCertB64(String str, boolean z, String str2) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        importCert(new ByteArrayInputStream(str.getBytes()), z, str2, null);
    }

    public boolean canModify() throws IOException {
        int c2;
        boolean z = true;
        if (this.A == null && ((c2 = new C041().c(new ByteArrayInputStream(this.z))) == 1 || c2 == 3)) {
            z = false;
        }
        return z;
    }

    public void importCert(InputStream inputStream, boolean z) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        importCert(inputStream, z, null, null);
    }

    public void importCert(InputStream inputStream, boolean z, String str, String str2) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        if (!canModify()) {
            throw new IOException(a.getString(OraclePKIMsgID.y));
        }
        if (this.A == null) {
            this.B = d();
        }
        OraclePKIX509CertImpl[] readCertsAt = OraclePKIGenFunc.readCertsAt(inputStream);
        if (readCertsAt.length > 1 && str2 != null) {
            throw new IOException(a.getString(OraclePKIMsgID.at));
        }
        if (z) {
            for (int i2 = 0; i2 < readCertsAt.length; i2++) {
                if (i2 == 0) {
                    internalAddTrustedCert(readCertsAt[i2], str, str2);
                } else {
                    internalAddTrustedCert(readCertsAt[i2], null, str2);
                }
            }
        } else if (readCertsAt.length > 1) {
            OraclePKIX509CertImpl[] a2 = a(readCertsAt);
            for (int i3 = 0; i3 < a2.length - 1; i3++) {
                internalAddTrustedCert(a2[i3], null, str2);
            }
            internalAddUserCert(a2[a2.length - 1], str);
        } else {
            internalAddUserCert(readCertsAt[0], str);
        }
        if (this.A == null) {
            this.B = b(this.B);
        }
    }

    public void deleteCertReq(X500Principal x500Principal) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
        if (!canModify()) {
            throw new IOException("Cannot modify AL wallet.");
        }
        if (this.A == null) {
            this.B = d();
        }
        internalRemoveCertReq(x500Principal);
        if (this.A == null) {
            this.B = b(this.B);
        }
    }

    public void deleteCertReq(String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
        if (!canModify()) {
            throw new IOException("Cannot modify AL wallet.");
        }
        if (this.A == null) {
            this.B = d();
        }
        internalRemoveCertReq(str);
        if (this.A == null) {
            this.B = b(this.B);
        }
    }

    public void removePrivateKey(String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
        if (!canModify()) {
            throw new IOException("Cannot modify AL wallet.");
        }
        if (this.A == null) {
            this.B = d();
        }
        internalRemovePrivateKey(str);
        if (this.A == null) {
            this.B = b(this.B);
        }
    }

    public void deleteCert(X500Principal x500Principal) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        deleteCert(x500Principal, null, null);
    }

    public void deleteCert(X500Principal x500Principal, String str, String str2) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        if (!canModify()) {
            throw new IOException("Cannot modify AL wallet.");
        }
        if (this.A == null) {
            this.B = d();
        }
        internalRemoveUserCert(x500Principal, str, str2);
        if (this.A == null) {
            this.B = b(this.B);
        }
    }

    public void deleteCert(String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        if (!canModify()) {
            throw new IOException("Cannot modify AL wallet.");
        }
        if (this.A == null) {
            this.B = d();
        }
        internalRemoveUserCert(str);
        if (this.A == null) {
            this.B = b(this.B);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v13, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public boolean isTrustedCertUsedInChain(X500Principal x500Principal) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        OraclePKIDebug.a("OracleWallet: isTrustedCertUsedInChain");
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        return oracleKeyStoreSpi.a(x500Principal, this.D);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v13, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public boolean isTrustedCertUsedInChain(String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        OraclePKIDebug.a("OracleWallet: isTrustedCertUsedInChain");
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        return oracleKeyStoreSpi.a(str, this.D);
    }

    public void replaceTrustpoint(InputStream inputStream, String str, String str2) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        if (!canModify()) {
            throw new IOException("Cannot modify AL wallet.");
        }
        if (this.A == null) {
            this.B = d();
        }
        internalReplaceTrustedCert(OraclePKIGenFunc.readCertsAt(inputStream)[0], str, str2);
        if (this.A == null) {
            this.B = b(this.B);
        }
    }

    public void replaceTrustpoint(InputStream inputStream, String str, String str2, String str3) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        if (!canModify()) {
            throw new IOException("Cannot modify AL wallet.");
        }
        if (this.A == null) {
            this.B = d();
        }
        internalReplaceTrustedCert(OraclePKIGenFunc.readCertsAt(inputStream)[0], str, str2, str3);
        if (this.A == null) {
            this.B = b(this.B);
        }
    }

    public void replaceUserCert(InputStream inputStream, String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        if (!canModify()) {
            throw new IOException("Cannot modify AL wallet.");
        }
        if (this.A == null) {
            this.B = d();
        }
        OraclePKIX509CertImpl[] readCertsAt = OraclePKIGenFunc.readCertsAt(inputStream);
        internalRemoveUserCert(str);
        if (this.A == null) {
            this.B = b(this.B);
        }
        internalAddUserCert(readCertsAt[0], str);
        if (this.A == null) {
            this.B = b(this.B);
        }
    }

    public void replaceUserCert(InputStream inputStream, String str, String str2) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        if (!canModify()) {
            throw new IOException("Cannot modify AL wallet.");
        }
        if (this.A == null) {
            this.B = d();
        }
        OraclePKIX509CertImpl[] readCertsAt = OraclePKIGenFunc.readCertsAt(inputStream);
        internalRemoveMatchingUserCert(readCertsAt[0], str, str2);
        if (this.A == null) {
            this.B = b(this.B);
        }
        internalAddUserCert(readCertsAt[0], null);
        if (this.A == null) {
            this.B = b(this.B);
        }
    }

    public void removeTrustpoint(X500Principal x500Principal) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        removeTrustpoint(x500Principal, null, null);
    }

    public void removeTrustpoint(X500Principal x500Principal, String str, String str2) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        if (!canModify()) {
            throw new IOException("Cannot modify AL wallet.");
        }
        if (this.A == null) {
            this.B = d();
        }
        internalRemoveTrustedCert(x500Principal, str, str2);
        if (this.A == null) {
            this.B = b(this.B);
        }
    }

    public void removeTrustpoint(String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        if (!canModify()) {
            throw new IOException("Cannot modify AL wallet.");
        }
        if (this.A == null) {
            this.B = d();
        }
        internalRemoveTrustedCert(str);
        if (this.A == null) {
            this.B = b(this.B);
        }
    }

    public void removeTrustpoints() throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        if (!canModify()) {
            throw new IOException("Cannot modify AL wallet.");
        }
        if (this.A == null) {
            this.B = d();
        }
        internalRemoveAllTrusted();
        if (this.A == null) {
            this.B = b(this.B);
        }
    }

    public boolean areTrustFlagsEnabled() {
        return this.C;
    }

    public boolean checkTrustFlagsEnabled() throws IOException, NoSuchAlgorithmException, CertificateException {
        if (this.A == null) {
            this.B = d();
        }
        return a();
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v13, types: [oracle.security.pki.OracleKeyStoreSpi] */
    protected boolean a() throws IOException, NoSuchAlgorithmException, CertificateException {
        OraclePKIDebug.a("OracleWallet: internalCheckTrustFlagsEnabled");
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        return oracleKeyStoreSpi.b(byteArrayInputStream, this.A);
    }

    public void getTrustFlagsValue(HashMap hashMap) throws IOException, NoSuchAlgorithmException, CertificateException {
        if (this.A == null) {
            this.B = d();
        }
        internalGetTrustFlagsValue(hashMap);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v13, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public void internalGetTrustFlagsValue(HashMap hashMap) throws IOException, NoSuchAlgorithmException, CertificateException {
        OraclePKIDebug.a("OracleWallet: internalGetTrustFlagsValue");
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        oracleKeyStoreSpi.a(byteArrayInputStream, this.A, hashMap);
    }

    public void assignTrustFlagstoCertificate(String str, String str2, String str3, String str4) throws Exception {
        if (!canModify()) {
            throw new IOException("Cannot modify AL wallet.");
        }
        if (this.A == null) {
            this.B = d();
        }
        internalAssignTrustFlagstoCertificate(str, str2, str3, str4);
        if (this.A == null) {
            this.B = b(this.B);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v12, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public void internalAssignTrustFlagstoCertificate(String str, String str2, String str3, String str4) throws IOException, NoSuchAlgorithmException, CertificateException {
        OraclePKIDebug.a("OracleWallet: internalAssignTrustFlagstoCertificate");
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        this.z = oracleKeyStoreSpi.a(byteArrayInputStream, this.A, str, str2, str3, str4, this.D);
    }

    public int getPersonaCount() {
        return 1;
    }

    public X500Principal[] getCertReqDNs(int i2) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        CertificateRequest certificateRequest;
        Vector vector = new Vector();
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement) && (certificateRequest = ((OraclePKIRSAPrivateKey) keyStore.getKey(nextElement, null)).getCertificateRequest()) != null) {
                vector.add(new X500Principal(certificateRequest.e().toString()));
            }
        }
        X500Principal[] x500PrincipalArr = new X500Principal[vector.size()];
        int i3 = 0;
        Enumeration elements = vector.elements();
        while (elements.hasMoreElements()) {
            x500PrincipalArr[i3] = (X500Principal) elements.nextElement();
            i3++;
        }
        return x500PrincipalArr;
    }

    public ArrayList getCertReqDNalias(int i2) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        ArrayList arrayList = new ArrayList();
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement)) {
                ArrayList arrayList2 = new ArrayList();
                CertificateRequest certificateRequest = ((OraclePKIRSAPrivateKey) keyStore.getKey(nextElement, null)).getCertificateRequest();
                if (certificateRequest != null) {
                    arrayList2.add(certificateRequest.e().toString());
                    arrayList2.add(nextElement);
                    arrayList.add(arrayList2);
                }
            }
        }
        return arrayList;
    }

    public String[] getCertReqAliases(int i2) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        Vector vector = new Vector();
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement)) {
                CertificateRequest certificateRequest = null;
                Key key = keyStore.getKey(nextElement, null);
                if (key.getAlgorithm().equals(PKIConstants.RSA)) {
                    certificateRequest = ((OraclePKIRSAPrivateKey) key).getCertificateRequest();
                } else if (key.getAlgorithm().equals(PKIConstants.EC)) {
                    certificateRequest = ((OraclePKIECPrivateKey) key).getCertificateRequest();
                }
                if (certificateRequest != null) {
                    vector.add(nextElement);
                }
            }
        }
        String[] strArr = new String[vector.size()];
        int i3 = 0;
        Enumeration elements = vector.elements();
        while (elements.hasMoreElements()) {
            strArr[i3] = (String) elements.nextElement();
            i3++;
        }
        return strArr;
    }

    public String[] getPPvtAliases(int i2) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        Vector vector = new Vector();
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement)) {
                boolean z = false;
                Key key = keyStore.getKey(nextElement, null);
                if (key.getAlgorithm().equals(PKIConstants.RSA)) {
                    z = ((OraclePKIRSAPrivateKey) key).isPvtKeyPresent();
                } else if (key.getAlgorithm().equals(PKIConstants.EC)) {
                    z = ((OraclePKIECPrivateKey) key).isPvtKeyPresent();
                }
                if (z) {
                    vector.add(nextElement);
                }
            }
        }
        String[] strArr = new String[vector.size()];
        int i3 = 0;
        Enumeration elements = vector.elements();
        while (elements.hasMoreElements()) {
            strArr[i3] = (String) elements.nextElement();
            i3++;
        }
        return strArr;
    }

    public String[] getPPvtInfo(int i2, String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, CertificateException {
        String[] strArr = new String[2];
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        strArr[0] = Integer.toString(internalGetCRCompNum(str));
        strArr[1] = Integer.toString(-1);
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        while (true) {
            if (!aliases.hasMoreElements()) {
                break;
            }
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement)) {
                CertificateRequest certificateRequest = null;
                Key key = keyStore.getKey(nextElement, null);
                if (key.getAlgorithm().equals(PKIConstants.RSA)) {
                    certificateRequest = ((OraclePKIRSAPrivateKey) key).getCertificateRequest();
                } else if (key.getAlgorithm().equals(PKIConstants.EC)) {
                    certificateRequest = ((OraclePKIECPrivateKey) key).getCertificateRequest();
                }
                if (certificateRequest != null && str.equals(nextElement)) {
                    if (((OraclePKIX509CertImpl) keyStore.getCertificate(nextElement)) != null) {
                        strArr[1] = Integer.toString(2);
                    } else {
                        strArr[1] = Integer.toString(1);
                    }
                }
            }
        }
        return strArr;
    }

    public byte[] getPPvtBytes(int i2, String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, CertificateException {
        OraclePKIRSAPrivateKey oraclePKIRSAPrivateKey;
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        while (true) {
            if (!aliases.hasMoreElements()) {
                break;
            }
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement) && (oraclePKIRSAPrivateKey = (OraclePKIRSAPrivateKey) keyStore.getKey(nextElement, null)) != null && str.equals(nextElement)) {
                oraclePKIRSAPrivateKey.getEncoded();
                break;
            }
        }
        return new String("").getBytes();
    }

    public byte[] getPPvtBytesUnEnc(int i2, String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, CertificateException {
        OraclePKIRSAPrivateKey oraclePKIRSAPrivateKey;
        byte[] bArr = null;
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        while (true) {
            if (!aliases.hasMoreElements()) {
                break;
            }
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement) && (oraclePKIRSAPrivateKey = (OraclePKIRSAPrivateKey) keyStore.getKey(nextElement, null)) != null && str.equals(nextElement)) {
                bArr = oraclePKIRSAPrivateKey.getEncoded();
                break;
            }
        }
        return bArr;
    }

    public int getCertReqCount(int i2) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        int i3 = 0;
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement) && ((OraclePKIRSAPrivateKey) keyStore.getKey(nextElement, null)).getCertificateRequest() != null) {
                i3++;
            }
        }
        return i3;
    }

    public X500Principal[] getCertReqDNs(int i2, boolean z) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        CertificateRequest certificateRequest;
        CertificateRequest certificateRequest2;
        Vector vector = new Vector();
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (z) {
                if (keyStore.isKeyEntry(nextElement) && keyStore.getCertificate(nextElement) == null && (certificateRequest = ((OraclePKIRSAPrivateKey) keyStore.getKey(nextElement, null)).getCertificateRequest()) != null) {
                    vector.add(new X500Principal(certificateRequest.e().toString()));
                }
            } else if (keyStore.isKeyEntry(nextElement) && (certificateRequest2 = ((OraclePKIRSAPrivateKey) keyStore.getKey(nextElement, null)).getCertificateRequest()) != null) {
                vector.add(new X500Principal(certificateRequest2.e().toString()));
            }
        }
        X500Principal[] x500PrincipalArr = new X500Principal[vector.size()];
        int i3 = 0;
        Enumeration elements = vector.elements();
        while (elements.hasMoreElements()) {
            x500PrincipalArr[i3] = (X500Principal) elements.nextElement();
            i3++;
        }
        return x500PrincipalArr;
    }

    public ArrayList getCertReqDNalias(int i2, boolean z) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        CertificateRequest certificateRequest;
        CertificateRequest certificateRequest2;
        ArrayList arrayList = new ArrayList();
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            ArrayList arrayList2 = new ArrayList();
            if (z) {
                if (keyStore.isKeyEntry(nextElement) && keyStore.getCertificate(nextElement) == null && (certificateRequest = ((OraclePKIRSAPrivateKey) keyStore.getKey(nextElement, null)).getCertificateRequest()) != null) {
                    arrayList2.add(certificateRequest.e().toString());
                    arrayList2.add(nextElement);
                    arrayList.add(arrayList2);
                }
            } else if (keyStore.isKeyEntry(nextElement) && (certificateRequest2 = ((OraclePKIRSAPrivateKey) keyStore.getKey(nextElement, null)).getCertificateRequest()) != null) {
                arrayList2.add(certificateRequest2.e().toString());
                arrayList2.add(nextElement);
                arrayList.add(arrayList2);
            }
        }
        return arrayList;
    }

    public int getCertReqCount(int i2, boolean z) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        int i3 = 0;
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (z) {
                if (keyStore.isKeyEntry(nextElement) && keyStore.getCertificate(nextElement) == null && ((OraclePKIRSAPrivateKey) keyStore.getKey(nextElement, null)).getCertificateRequest() != null) {
                    i3++;
                }
            } else if (keyStore.isKeyEntry(nextElement) && ((OraclePKIRSAPrivateKey) keyStore.getKey(nextElement, null)).getCertificateRequest() != null) {
                i3++;
            }
        }
        return i3;
    }

    public String[] getCertReqInfo(int i2, int i3) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        String[] strArr = new String[4];
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        int i4 = 0;
        while (true) {
            if (!aliases.hasMoreElements()) {
                break;
            }
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement)) {
                CertificateRequest certificateRequest = null;
                Key key = keyStore.getKey(nextElement, null);
                if (key.getAlgorithm().equals(PKIConstants.RSA)) {
                    certificateRequest = ((OraclePKIRSAPrivateKey) key).getCertificateRequest();
                    strArr[1] = new Integer(((RSAPublicKey) certificateRequest.f()).getModulus().bitLength()).toString();
                } else if (key.getAlgorithm().equals(PKIConstants.EC)) {
                    certificateRequest = ((OraclePKIECPrivateKey) key).getCertificateRequest();
                    strArr[1] = new Integer(((ECPublicKey) certificateRequest.f()).getParams().getCurve().getField().getFieldSize()).toString();
                }
                if (certificateRequest != null && i3 == i4) {
                    strArr[0] = certificateRequest.e().toString();
                    strArr[2] = new String(certificateRequest.f().getAlgorithm());
                    strArr[3] = new String(nextElement);
                    break;
                }
                i4++;
            }
        }
        return strArr;
    }

    public String[] getCertReqInfo(int i2, String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        String[] strArr = new String[4];
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        while (true) {
            if (!aliases.hasMoreElements()) {
                break;
            }
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement)) {
                CertificateRequest certificateRequest = null;
                Key key = keyStore.getKey(nextElement, null);
                strArr[3] = key.getAlgorithm();
                if (strArr[3].equals(PKIConstants.RSA)) {
                    certificateRequest = ((OraclePKIRSAPrivateKey) key).getCertificateRequest();
                    strArr[1] = new Integer(((RSAPublicKey) certificateRequest.f()).getModulus().bitLength()).toString();
                } else if (strArr[3].equals(PKIConstants.EC)) {
                    certificateRequest = ((OraclePKIECPrivateKey) key).getCertificateRequest();
                    strArr[1] = new Integer(((ECPublicKey) certificateRequest.f()).getParams().getCurve().getField().getFieldSize()).toString();
                }
                if (certificateRequest != null && str.equals(nextElement)) {
                    strArr[0] = certificateRequest.e().toString();
                    strArr[2] = new String(certificateRequest.f().getAlgorithm());
                    break;
                }
            }
        }
        return strArr;
    }

    public X500Principal[] getCertDNs(int i2) throws IOException, KeyStoreException {
        X509Certificate x509Certificate;
        Vector vector = new Vector();
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement) && (x509Certificate = (X509Certificate) keyStore.getCertificate(nextElement)) != null) {
                vector.add(new X500Principal(x509Certificate.getSubjectDN().toString()));
            }
        }
        X500Principal[] x500PrincipalArr = new X500Principal[vector.size()];
        int i3 = 0;
        Enumeration elements = vector.elements();
        while (elements.hasMoreElements()) {
            x500PrincipalArr[i3] = (X500Principal) elements.nextElement();
            i3++;
        }
        return x500PrincipalArr;
    }

    public ArrayList getCertDNalias(int i2) throws IOException, KeyStoreException {
        ArrayList arrayList = new ArrayList();
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement)) {
                ArrayList arrayList2 = new ArrayList();
                X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(nextElement);
                if (x509Certificate != null) {
                    arrayList2.add(x509Certificate.getSubjectDN().toString());
                    arrayList2.add(nextElement);
                    arrayList.add(arrayList2);
                }
            }
        }
        return arrayList;
    }

    public String[] getCertAliases(int i2) throws IOException, KeyStoreException {
        Vector vector = new Vector();
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement) && ((X509Certificate) keyStore.getCertificate(nextElement)) != null) {
                vector.add(nextElement);
            }
        }
        String[] strArr = new String[vector.size()];
        int i3 = 0;
        Enumeration elements = vector.elements();
        while (elements.hasMoreElements()) {
            strArr[i3] = (String) elements.nextElement();
            i3++;
        }
        return strArr;
    }

    public String[] getCertInfo(int i2, String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        OraclePKIX509CertImpl oraclePKIX509CertImpl;
        String[] strArr = new String[13];
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        while (true) {
            if (!aliases.hasMoreElements()) {
                break;
            }
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement) && (oraclePKIX509CertImpl = (OraclePKIX509CertImpl) keyStore.getCertificate(nextElement)) != null && str.equals(nextElement)) {
                strArr[0] = oraclePKIX509CertImpl.getSubjectDN().toString();
                strArr[1] = oraclePKIX509CertImpl.getIssuerDN().toString();
                strArr[2] = Integer.toString(oraclePKIX509CertImpl.getVersion());
                strArr[3] = oraclePKIX509CertImpl.getSerialNumber().toString(16);
                strArr[4] = Integer.toString((int) (oraclePKIX509CertImpl.getNotBefore().getTime() / 1000));
                strArr[5] = Integer.toString((int) (oraclePKIX509CertImpl.getNotAfter().getTime() / 1000));
                strArr[7] = oraclePKIX509CertImpl.getPublicKey().getAlgorithm();
                if (strArr[7].equals(PKIConstants.RSA)) {
                    strArr[6] = new Integer(((RSAPublicKey) oraclePKIX509CertImpl.getPublicKey()).getModulus().bitLength()).toString();
                } else if (strArr[7].equals(PKIConstants.EC)) {
                    strArr[6] = new Integer(((ECPublicKey) oraclePKIX509CertImpl.getPublicKey()).getParams().getCurve().getField().getFieldSize()).toString();
                }
                strArr[8] = a(oraclePKIX509CertImpl.getKeyUsage());
                strArr[9] = oraclePKIX509CertImpl.getSigAlgName();
                if (TransitionMode.isFIPS140ModeEnabled()) {
                    strArr[10] = oraclePKIX509CertImpl.getSHA256Digest();
                } else {
                    strArr[10] = oraclePKIX509CertImpl.getMD5Digest();
                }
                strArr[11] = oraclePKIX509CertImpl.getSHADigest();
                strArr[12] = Integer.toString(internalGetCertCompNum(str));
            }
        }
        return strArr;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String a(boolean[] zArr) {
        return LdapSSLSocketFactory.CONTEXT_TYPE;
    }

    public int getCertCount(int i2) throws IOException, KeyStoreException, CertificateException {
        int i3 = 0;
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement) && ((X509Certificate) keyStore.getCertificate(nextElement)) != null) {
                i3++;
            }
        }
        return i3;
    }

    public X509Certificate getCert(int i2, int i3) throws IOException, KeyStoreException, CertificateException {
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        X509Certificate x509Certificate = null;
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        int i4 = 0;
        while (true) {
            if (!aliases.hasMoreElements()) {
                break;
            }
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement)) {
                X509Certificate x509Certificate2 = (X509Certificate) keyStore.getCertificate(nextElement);
                if (x509Certificate2 != null && i3 == i4) {
                    x509Certificate = (X509Certificate) JCEUtil.getCertificateFactoryInstance("X.509").generateCertificate(new ByteArrayInputStream(x509Certificate2.getEncoded()));
                    break;
                }
                if (x509Certificate2 != null) {
                    i4++;
                }
            }
        }
        return x509Certificate;
    }

    public X509Certificate getSSLCert(boolean z) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        KeyStore keyStore = getKeyStore();
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("OracleX509");
        keyManagerFactory.init(keyStore, this.A);
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        String[] strArr = {PKIConstants.RSA};
        X500Principal[] trustpointDNs = getTrustpointDNs(0);
        String chooseServerAlias = z ? ((X509KeyManager) keyManagers[0]).chooseServerAlias(strArr[0], trustpointDNs, null) : ((X509KeyManager) keyManagers[0]).chooseClientAlias(strArr, trustpointDNs, null);
        if (chooseServerAlias == null) {
            throw new IOException(a.getString(OraclePKIMsgID.al));
        }
        return (X509Certificate) keyStore.getCertificate(chooseServerAlias);
    }

    public String getSSLCertAlias(boolean z) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        KeyStore keyStore = getKeyStore();
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("OracleX509");
        keyManagerFactory.init(keyStore, this.A);
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        String[] strArr = {PKIConstants.RSA};
        X500Principal[] trustpointDNs = getTrustpointDNs(0);
        String chooseServerAlias = z ? ((X509KeyManager) keyManagers[0]).chooseServerAlias(strArr[0], trustpointDNs, null) : ((X509KeyManager) keyManagers[0]).chooseClientAlias(strArr, trustpointDNs, null);
        if (chooseServerAlias == null) {
            throw new IOException(a.getString(OraclePKIMsgID.al));
        }
        return chooseServerAlias;
    }

    public X500Principal[] getTrustpointDNs(int i2) throws IOException, KeyStoreException {
        X509Certificate x509Certificate;
        Vector vector = new Vector();
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isCertificateEntry(nextElement) && (x509Certificate = (X509Certificate) keyStore.getCertificate(nextElement)) != null) {
                vector.add(new X500Principal(x509Certificate.getSubjectDN().toString()));
            }
        }
        X500Principal[] x500PrincipalArr = new X500Principal[vector.size()];
        int i3 = 0;
        Enumeration elements = vector.elements();
        while (elements.hasMoreElements()) {
            x500PrincipalArr[i3] = (X500Principal) elements.nextElement();
            i3++;
        }
        return x500PrincipalArr;
    }

    public ArrayList getTrustpointDNalias(int i2) throws IOException, KeyStoreException {
        ArrayList arrayList = new ArrayList();
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isCertificateEntry(nextElement)) {
                ArrayList arrayList2 = new ArrayList();
                X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(nextElement);
                if (x509Certificate != null) {
                    arrayList2.add(x509Certificate.getSubjectDN().toString());
                    arrayList2.add(nextElement);
                    arrayList.add(arrayList2);
                }
            }
        }
        return arrayList;
    }

    public String[] getTrustpointAliases(int i2) throws IOException, KeyStoreException {
        Vector vector = new Vector();
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isCertificateEntry(nextElement) && ((X509Certificate) keyStore.getCertificate(nextElement)) != null) {
                vector.add(nextElement);
            }
        }
        String[] strArr = new String[vector.size()];
        int i3 = 0;
        Enumeration elements = vector.elements();
        while (elements.hasMoreElements()) {
            strArr[i3] = (String) elements.nextElement();
            i3++;
        }
        return strArr;
    }

    public String[] getTrustpointInfo(int i2, String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        OraclePKIX509CertImpl oraclePKIX509CertImpl;
        String[] strArr = new String[13];
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        while (true) {
            if (!aliases.hasMoreElements()) {
                break;
            }
            String nextElement = aliases.nextElement();
            if (keyStore.isCertificateEntry(nextElement) && (oraclePKIX509CertImpl = (OraclePKIX509CertImpl) keyStore.getCertificate(nextElement)) != null && str.equals(nextElement)) {
                strArr[0] = oraclePKIX509CertImpl.getSubjectDN().toString();
                strArr[1] = oraclePKIX509CertImpl.getIssuerDN().toString();
                strArr[2] = Integer.toString(oraclePKIX509CertImpl.getVersion());
                strArr[3] = oraclePKIX509CertImpl.getSerialNumber().toString(16);
                strArr[4] = Long.toString(oraclePKIX509CertImpl.getNotBefore().getTime() / 1000);
                strArr[5] = Long.toString(oraclePKIX509CertImpl.getNotAfter().getTime() / 1000);
                strArr[7] = oraclePKIX509CertImpl.getPublicKey().getAlgorithm();
                if (strArr[7].equals(PKIConstants.RSA)) {
                    strArr[6] = new Integer(((RSAPublicKey) oraclePKIX509CertImpl.getPublicKey()).getModulus().bitLength()).toString();
                } else if (strArr[7].equals(PKIConstants.EC)) {
                    strArr[6] = new Integer(((ECPublicKey) oraclePKIX509CertImpl.getPublicKey()).getParams().getCurve().getField().getFieldSize()).toString();
                }
                strArr[8] = a(oraclePKIX509CertImpl.getKeyUsage());
                strArr[9] = oraclePKIX509CertImpl.getSigAlgName();
                if (TransitionMode.isFIPS140ModeEnabled()) {
                    strArr[10] = oraclePKIX509CertImpl.getSHA256Digest();
                } else {
                    strArr[10] = oraclePKIX509CertImpl.getMD5Digest();
                }
                strArr[11] = oraclePKIX509CertImpl.getSHADigest();
                strArr[12] = Integer.toString(internalGetTCertCompNum(str));
            }
        }
        return strArr;
    }

    public int getTrustpointCount(int i2) throws IOException, KeyStoreException, CertificateException {
        int i3 = 0;
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isCertificateEntry(nextElement) && ((X509Certificate) keyStore.getCertificate(nextElement)) != null) {
                i3++;
            }
        }
        return i3;
    }

    public X509Certificate getTrustpoint(int i2, int i3) throws IOException, KeyStoreException, CertificateException {
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        X509Certificate x509Certificate = null;
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        int i4 = 0;
        while (true) {
            if (!aliases.hasMoreElements()) {
                break;
            }
            String nextElement = aliases.nextElement();
            if (keyStore.isCertificateEntry(nextElement)) {
                X509Certificate x509Certificate2 = (X509Certificate) keyStore.getCertificate(nextElement);
                if (x509Certificate2 != null && i3 == i4) {
                    x509Certificate = (X509Certificate) JCEUtil.getCertificateFactoryInstance("X.509").generateCertificate(new ByteArrayInputStream(x509Certificate2.getEncoded()));
                    break;
                }
                i4++;
            }
        }
        return x509Certificate;
    }

    public Map<String, Date> getCertsDNAndExpiry(int i2) throws IOException, KeyStoreException, CertificateException {
        X509Certificate x509Certificate;
        if (i2 != 0) {
            throw new IOException("No persona with index=" + i2 + " in wallet.");
        }
        HashMap hashMap = new HashMap();
        KeyStore keyStore = getKeyStore();
        if (keyStore == null) {
            return null;
        }
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement) && (x509Certificate = (X509Certificate) keyStore.getCertificate(nextElement)) != null) {
                hashMap.put(("DN: " + x509Certificate.getSubjectDN().toString() + ";") + "Serial No. " + x509Certificate.getSerialNumber(), x509Certificate.getNotAfter());
            }
        }
        return hashMap;
    }

    public void changePassword(char[] cArr) throws IOException {
        if (cArr == null) {
            throw new IOException("Password cannot be null string.");
        }
        if (!isValidPassword(cArr)) {
            throw new IOException(a.getString(OraclePKIMsgID.l));
        }
        if (this.A == null) {
            throw new IOException("Cannot modify SSO wallet password.");
        }
        PKCS12 pkcs12 = new PKCS12(new String(this.A), new ByteArrayInputStream(this.z));
        pkcs12.a(cArr);
        ArrayList<PKCS12Safe> d2 = pkcs12.d();
        for (int i2 = 0; i2 < d2.size(); i2++) {
            d2.get(i2).a(cArr);
        }
        try {
            OraclePKIDebug.a("Verifying wallet " + pkcs12.e());
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(pkcs12.length());
            pkcs12.output(byteArrayOutputStream);
            this.z = byteArrayOutputStream.toByteArray();
            this.A = cArr;
        } catch (AuthException e2) {
            OraclePKIDebug.a("Verifying wallet failed" + e2);
            throw new IOException(a.getString(OraclePKIMsgID.u));
        }
    }

    public InputStream exportCertChain(X500Principal x500Principal) throws IOException, KeyStoreException, CertificateException {
        return exportCertChain(x500Principal, null, null);
    }

    public InputStream exportCertChain(X500Principal x500Principal, String str, String str2) throws IOException, KeyStoreException, CertificateException {
        return new ByteArrayInputStream(exportCertChainB64(x500Principal, str, str2).getBytes());
    }

    public String exportCertChainB64(X500Principal x500Principal) throws IOException, KeyStoreException, CertificateException {
        return exportCertChainB64(x500Principal, null, null);
    }

    public String exportCertChainB64(X500Principal x500Principal, String str, String str2) throws IOException, KeyStoreException, CertificateException {
        String str3 = null;
        boolean z = false;
        KeyStore keyStore = getKeyStore();
        if (x500Principal != null) {
            X500Name x500Name = new X500Name(x500Principal.toString());
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                str3 = aliases.nextElement();
                OraclePKIX509CertImpl oraclePKIX509CertImpl = (OraclePKIX509CertImpl) keyStore.getCertificate(str3);
                if (oraclePKIX509CertImpl != null && keyStore.isKeyEntry(str3) && x500Name.equals(new X500Name(oraclePKIX509CertImpl.getSubjectDN().toString())) && (str == null || oraclePKIX509CertImpl.getIssuerDN().toString().equals(str))) {
                    if (str2 != null) {
                        BigInteger serialNumber = oraclePKIX509CertImpl.getSerialNumber();
                        if (serialNumber != null) {
                            String bigInteger = serialNumber.toString();
                            String bigInteger2 = serialNumber.toString(16);
                            String str4 = "0x" + serialNumber.toString(16);
                            if (!bigInteger.equals(str2) && !bigInteger2.equalsIgnoreCase(str2) && !str4.equalsIgnoreCase(str2)) {
                            }
                        } else {
                            continue;
                        }
                    }
                    z = true;
                    break;
                }
            }
            if (!z) {
                OraclePKIDebug.a("No certificate with matching DN found in wallet.");
                return null;
            }
        } else {
            Enumeration<String> aliases2 = keyStore.aliases();
            while (true) {
                if (!aliases2.hasMoreElements()) {
                    break;
                }
                str3 = aliases2.nextElement();
                if (keyStore.isKeyEntry(str3)) {
                    z = true;
                    break;
                }
            }
            if (!z) {
                OraclePKIDebug.a("No user certificate found in wallet.");
                return null;
            }
        }
        Certificate[] certificateChain = keyStore.getCertificateChain(str3);
        PKCS7 pkcs7 = new PKCS7();
        OraclePKIDebug.a("Found cert chain of length = " + certificateChain.length);
        if (certificateChain.length > 1) {
            for (int i2 = 1; i2 < certificateChain.length; i2++) {
                pkcs7.a(new X509(((OraclePKIX509CertImpl) certificateChain[i2]).getEncoded()));
            }
        } else {
            if (certificateChain.length != 1) {
                OraclePKIDebug.a("Certificate chain length is zero");
                return null;
            }
            pkcs7.a(new X509(((OraclePKIX509CertImpl) certificateChain[0]).getEncoded()));
        }
        return Utils.getBase64EncodedCert(pkcs7.f(), d, e);
    }

    public InputStream exportCertChain(String str) throws IOException, KeyStoreException, CertificateException {
        String exportCertChainB64 = exportCertChainB64(str);
        if (exportCertChainB64 != null) {
            return new ByteArrayInputStream(exportCertChainB64.getBytes());
        }
        return null;
    }

    public String exportCertChainB64(String str) throws IOException, KeyStoreException, CertificateException {
        boolean z = false;
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        String str2 = null;
        while (true) {
            if (!aliases.hasMoreElements()) {
                break;
            }
            str2 = aliases.nextElement();
            if (str.equals(str2) && keyStore.isKeyEntry(str2)) {
                z = true;
                break;
            }
        }
        if (!z) {
            OraclePKIDebug.a("No certificate with matching alias found in wallet.");
            return null;
        }
        Certificate[] certificateChain = keyStore.getCertificateChain(str2);
        PKCS7 pkcs7 = new PKCS7();
        OraclePKIDebug.a("Found cert chain of length = " + certificateChain.length);
        if (certificateChain.length > 1) {
            for (int i2 = 1; i2 < certificateChain.length; i2++) {
                pkcs7.a(new X509(certificateChain[i2].getEncoded()));
            }
        } else {
            if (certificateChain.length != 1) {
                OraclePKIDebug.a("Certificate chain length is zero");
                return null;
            }
            pkcs7.a(new X509(certificateChain[0].getEncoded()));
        }
        return Utils.getBase64EncodedCert(pkcs7.f(), d, e);
    }

    public String exportUserCertChainB64() throws IOException, KeyStoreException, CertificateException {
        try {
            return exportCertChainB64(new X500Principal(getSSLCert(true).getSubjectDN().toString()));
        } catch (Exception e2) {
            e2.printStackTrace();
            return null;
        }
    }

    public String trustpointNeededB64(String str, String str2, boolean z) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        OraclePKIX509CertImpl oraclePKIX509CertImpl = null;
        OraclePKIX509CertImpl[] readCertsAt = OraclePKIGenFunc.readCertsAt(new ByteArrayInputStream(str.getBytes()));
        for (int i2 = 0; i2 < readCertsAt.length; i2++) {
            String principal = readCertsAt[i2].getSubjectDN().toString();
            if (isTrustedCertUsedInChain(new X500Principal(principal))) {
                return null;
            }
            if (str2 != null && str2.equals(principal)) {
                oraclePKIX509CertImpl = readCertsAt[i2];
            }
        }
        if (str2 == null) {
            OraclePKIX509CertImpl[] a2 = a(readCertsAt);
            return Utils.getBase64EncodedCert((z ? a2[a2.length - 1] : a2[0]).getEncoded(), d, e);
        }
        if (oraclePKIX509CertImpl != null) {
            return Utils.getBase64EncodedCert(oraclePKIX509CertImpl.getEncoded(), d, e);
        }
        throw new IOException("No trustpoint with matching DN in chain");
    }

    public String exportTrustedB64(String str) throws IOException, KeyStoreException, CertificateEncodingException {
        X509Certificate x509Certificate;
        String str2 = null;
        KeyStore keyStore = getKeyStore();
        Enumeration<String> aliases = keyStore.aliases();
        while (true) {
            if (!aliases.hasMoreElements()) {
                break;
            }
            String nextElement = aliases.nextElement();
            if (keyStore.isCertificateEntry(nextElement) && (x509Certificate = (X509Certificate) keyStore.getCertificate(nextElement)) != null && str.equals(nextElement)) {
                str2 = Utils.getBase64EncodedCert(x509Certificate.getEncoded(), d, e);
                break;
            }
        }
        return str2;
    }

    public boolean isAutoLoginOnly() throws IOException {
        try {
            getSecretStore();
            if (this.z != null) {
                return this.A == null && new C041().c(new ByteArrayInputStream(this.z)) == 2;
            }
            throw new IOException("Wallet array is null.");
        } catch (Exception e2) {
            c();
            IOException iOException = new IOException(a.getString(OraclePKIMsgID.Q));
            iOException.initCause(e2);
            throw iOException;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v12, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public void internalAddCertReq(CertificateRequest certificateRequest, PrivateKey privateKey, String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        OraclePKIDebug.a("OracleWallet: internalAddCertReq");
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        this.z = oracleKeyStoreSpi.a(byteArrayInputStream, this.A, certificateRequest, privateKey, str);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v12, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public void internalRemoveCertReq(X500Principal x500Principal) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
        OraclePKIDebug.a("OracleWallet: internalRemoveUserCertReq");
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        this.z = oracleKeyStoreSpi.a(byteArrayInputStream, this.A, x500Principal);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v12, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public void internalRemoveCertReq(String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
        OraclePKIDebug.a("OracleWallet: internalRemoveUserCertReq");
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        this.z = oracleKeyStoreSpi.e(byteArrayInputStream, this.A, str);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v12, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public void internalRemovePrivateKey(String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
        OraclePKIDebug.a("OracleWallet: internalRemoveUserCertReq");
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        this.z = oracleKeyStoreSpi.f(byteArrayInputStream, this.A, str);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v13, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public int internalGetCRCompNum(String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
        OraclePKIDebug.a("OracleWallet: internalGetCRCompNum");
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        return oracleKeyStoreSpi.g(byteArrayInputStream, this.A, str);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v13, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public int internalGetTCertCompNum(String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        OraclePKIDebug.a("OracleWallet: internalGetTCertCompNum");
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        return oracleKeyStoreSpi.j(byteArrayInputStream, this.A, str);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v13, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public int internalGetCertCompNum(String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        OraclePKIDebug.a("OracleWallet: internalGetCertCompNum");
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        return oracleKeyStoreSpi.i(byteArrayInputStream, this.A, str);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v21, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public void internalAddTrustedCert(OraclePKIX509CertImpl oraclePKIX509CertImpl, String str, String str2) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        OraclePKIDebug.a("OracleWallet: internalAddTrustedCert");
        if (oraclePKIX509CertImpl.getX509().b() == null || !(oraclePKIX509CertImpl.getX509().b().getAlgorithm().equals(PKIConstants.RSA) || oraclePKIX509CertImpl.getX509().b().getAlgorithm().equals(PKIConstants.EC))) {
            throw new IOException(a.getString(OraclePKIMsgID.ao));
        }
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        this.z = oracleKeyStoreSpi.a(byteArrayInputStream, this.A, oraclePKIX509CertImpl, str, str2, areTrustFlagsEnabled());
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v17, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public void internalReplaceTrustedCert(OraclePKIX509CertImpl oraclePKIX509CertImpl, String str, String str2) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        OraclePKIDebug.a("OracleWallet: internalReplaceTrustedCert");
        if (!oraclePKIX509CertImpl.getX509().b().getAlgorithm().equals(PKIConstants.RSA) && !oraclePKIX509CertImpl.getX509().b().getAlgorithm().equals(PKIConstants.EC)) {
            throw new IOException(a.getString(OraclePKIMsgID.ao) + oraclePKIX509CertImpl.getX509().b().getAlgorithm());
        }
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        this.z = oracleKeyStoreSpi.a(byteArrayInputStream, this.A, oraclePKIX509CertImpl, str, str2, this.D);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v17, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public void internalReplaceTrustedCert(OraclePKIX509CertImpl oraclePKIX509CertImpl, String str, String str2, String str3) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        OraclePKIDebug.a("OracleWallet: internalReplaceTrustedCert");
        if (!oraclePKIX509CertImpl.getX509().b().getAlgorithm().equals(PKIConstants.RSA) && !oraclePKIX509CertImpl.getX509().b().getAlgorithm().equals(PKIConstants.EC)) {
            throw new IOException(a.getString(OraclePKIMsgID.ao) + oraclePKIX509CertImpl.getX509().b().getAlgorithm());
        }
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        this.z = oracleKeyStoreSpi.a(byteArrayInputStream, this.A, oraclePKIX509CertImpl, str, str2, str3, this.D);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v12, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public void internalRemoveTrustedCert(X500Principal x500Principal, String str, String str2) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        OraclePKIDebug.a("OracleWallet: internalRemoveTrustedCert");
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        this.z = oracleKeyStoreSpi.a(byteArrayInputStream, this.A, x500Principal, str, str2, this.D);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v12, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public void internalRemoveTrustedCert(String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        OraclePKIDebug.a("OracleWallet: internalRemoveTrustedCert");
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        this.z = oracleKeyStoreSpi.a(byteArrayInputStream, this.A, str, this.D);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v12, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public void internalRemoveAllTrusted() throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        OraclePKIDebug.a("OracleWallet: internalRemoveAllTrusted");
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        this.z = oracleKeyStoreSpi.b(byteArrayInputStream, this.A, this.D);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v12, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public void internalAddUserCert(OraclePKIX509CertImpl oraclePKIX509CertImpl, String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        OraclePKIDebug.a("OracleWallet: internalAddUserCert");
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        this.z = oracleKeyStoreSpi.a(byteArrayInputStream, this.A, oraclePKIX509CertImpl, str, this.D, areTrustFlagsEnabled());
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v12, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public void internalRemoveUserCert(X500Principal x500Principal, String str, String str2) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        OraclePKIDebug.a("OracleWallet: internalRemoveUserCert");
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        this.z = oracleKeyStoreSpi.a(byteArrayInputStream, this.A, x500Principal, str, str2);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v12, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public void internalRemoveUserCert(String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        OraclePKIDebug.a("OracleWallet: internalRemoveUserCert");
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        this.z = oracleKeyStoreSpi.h(byteArrayInputStream, this.A, str);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v12, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public void internalRemoveMatchingUserCert(OraclePKIX509CertImpl oraclePKIX509CertImpl, String str, String str2) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        OraclePKIDebug.a("OracleWallet: internalRemoveMatchingUserCert");
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        this.z = oracleKeyStoreSpi.a(byteArrayInputStream, this.A, oraclePKIX509CertImpl, str, str2);
    }

    public Enumeration getWalletPersonas() {
        Hashtable hashtable = new Hashtable();
        hashtable.put("one", new OracleWalletPersona(this));
        return hashtable.elements();
    }

    public void Pkcs11AddCertReq(String str, String str2, String str3, String str4, int i2, String str5) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException, Exception {
        byte[] Pkcs11AddCertReq = NZNative.Pkcs11AddCertReq(str, str2, str3, str4, i2, str5);
        if (Pkcs11AddCertReq == null) {
            throw new IOException("creq is null");
        }
        addCertRequest(new CertificateRequest(Pkcs11AddCertReq));
    }

    public boolean containsPkcs11Info() throws IOException, NoSuchAlgorithmException, CertificateException {
        return getPkcs11Info()[0] != null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v18, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public String[] getPkcs11Info() throws IOException, NoSuchAlgorithmException, CertificateException {
        OraclePKIDebug.a("OracleWallet:getP11Info ");
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        return new String[]{oracleKeyStoreSpi.getP11Lib(), oracleKeyStoreSpi.getP11TokenLabel(), oracleKeyStoreSpi.getP11TokenPassphrase(), oracleKeyStoreSpi.getP11CertLabel()};
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v12, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public void addP11Lib(String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        OraclePKIDebug.a("OracleWallet: addPkcs11Info");
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        this.z = oracleKeyStoreSpi.a(byteArrayInputStream, this.A, str);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v12, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public void addP11TokenLabel(String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        OraclePKIDebug.a("OracleWallet: addPkcs11Info");
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        this.z = oracleKeyStoreSpi.b(byteArrayInputStream, this.A, str);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v12, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public void addP11TokenPwd(String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        OraclePKIDebug.a("OracleWallet: addPkcs11Info");
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        this.z = oracleKeyStoreSpi.c(byteArrayInputStream, this.A, str);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v12, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public void addP11CertLbl(String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        OraclePKIDebug.a("OracleWallet: addPkcs11Info");
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        this.z = oracleKeyStoreSpi.d(byteArrayInputStream, this.A, str);
    }

    private void c() {
        this.A = null;
        this.y = null;
        this.z = null;
        this.E = null;
        this.G = null;
        this.C = false;
        this.D = null;
    }

    private OracleWalletImpl a(String str, char[] cArr) throws IOException {
        if (str.indexOf(x) < 2) {
            str = v + str;
        }
        if (str.toLowerCase(Locale.ENGLISH).startsWith(v)) {
            return cArr == null ? new OracleFileSSOWalletImpl(str.substring(v.length())) : new OracleFileWalletImpl(str.substring(v.length()));
        }
        throw new IOException("Unsupported WRL type" + str);
    }

    private OracleWalletImpl a(char[] cArr) throws IOException {
        return cArr == null ? new OracleFileSSOWalletImpl(null) : new OracleFileWalletImpl(null);
    }

    private InputStream a(int i2) throws IOException {
        char[] g2;
        byte[] a2;
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(this.z);
        byte[] bArr = new byte[1024];
        C041 c041 = new C041();
        try {
            if (i2 == 3) {
                a2 = c041.a(i2, this.s, this.t, this.u);
                g2 = c041.f(a2);
            } else {
                g2 = c041.g(bArr);
                a2 = c041.a(g2, i2);
            }
            byteArrayOutputStream.write(a2);
            PKCS12 pkcs12 = new PKCS12(this.A, byteArrayInputStream);
            pkcs12.a(g2);
            ArrayList<PKCS12Safe> d2 = pkcs12.d();
            for (int i3 = 0; i3 < d2.size(); i3++) {
                d2.get(i3).a(g2);
            }
            try {
                pkcs12.output(byteArrayOutputStream);
                OraclePKIDebug.a("Verifying wallet " + pkcs12.e());
                return new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
            } catch (AuthException e2) {
                OraclePKIDebug.a("Verifying wallet failed" + e2);
                throw new IOException("Could not create SSO wallet from p12" + e2);
            }
        } catch (IOException e3) {
            throw new IOException(e3.getMessage());
        }
    }

    private char[] d() throws IOException {
        char[] cArr = null;
        if (this.A == null) {
            C041 c041 = new C041();
            try {
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(this.z);
                c041.c(byteArrayInputStream);
                c041.e(byteArrayInputStream);
                cArr = c041.b(byteArrayInputStream);
            } catch (IOException e2) {
                c();
                throw new IOException(e2.getMessage());
            }
        }
        return cArr;
    }

    private char[] b(char[] cArr) throws IOException {
        if (this.A != null) {
            throw new IOException("");
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(this.z);
        byte[] bArr = new byte[1024];
        C041 c041 = new C041();
        try {
            char[] g2 = c041.g(bArr);
            byteArrayOutputStream.write(c041.a(g2, 2));
            PKCS12 pkcs12 = new PKCS12(new String(cArr), byteArrayInputStream);
            pkcs12.a(g2);
            ArrayList<PKCS12Safe> d2 = pkcs12.d();
            for (int i2 = 0; i2 < d2.size(); i2++) {
                d2.get(i2).a(g2);
            }
            try {
                pkcs12.output(byteArrayOutputStream);
                OraclePKIDebug.a("Verifying wallet " + pkcs12.e());
                this.z = byteArrayOutputStream.toByteArray();
                return g2;
            } catch (AuthException e2) {
                OraclePKIDebug.a("Verifying wallet failed" + e2);
                throw new IOException("Could not create SSO wallet from p12" + e2);
            }
        } catch (IOException e3) {
            throw new IOException(e3.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public OraclePKIX509CertImpl[] a(OraclePKIX509CertImpl[] oraclePKIX509CertImplArr) throws IOException {
        boolean z;
        OraclePKIX509CertImpl[] oraclePKIX509CertImplArr2 = new OraclePKIX509CertImpl[oraclePKIX509CertImplArr.length];
        Vector vector = new Vector(oraclePKIX509CertImplArr.length);
        Vector vector2 = new Vector(oraclePKIX509CertImplArr.length);
        for (OraclePKIX509CertImpl oraclePKIX509CertImpl : oraclePKIX509CertImplArr) {
            vector.addElement(oraclePKIX509CertImpl);
        }
        boolean z2 = false;
        int i2 = 0;
        while (true) {
            if (i2 >= oraclePKIX509CertImplArr.length) {
                break;
            }
            if (((OraclePKIPrincipalImpl) ((OraclePKIX509CertImpl) vector.get(i2)).getIssuerDN()).equals((OraclePKIPrincipalImpl) ((OraclePKIX509CertImpl) vector.get(i2)).getSubjectDN())) {
                z2 = true;
                vector2.addElement(vector.get(i2));
                vector.remove(i2);
                break;
            }
            i2++;
        }
        if (!z2) {
            throw new IOException("No self-signed cert in chain.");
        }
        do {
            z = false;
            int i3 = 0;
            while (true) {
                if (i3 >= vector.size()) {
                    break;
                }
                if (((OraclePKIX509CertImpl) vector.get(i3)).getIssuerDN().equals(((OraclePKIX509CertImpl) vector2.lastElement()).getSubjectDN())) {
                    z = true;
                    vector2.addElement(vector.get(i3));
                    vector.remove(i3);
                    break;
                }
                i3++;
            }
        } while (z);
        if (vector.size() != 0 || vector2.size() != oraclePKIX509CertImplArr.length) {
            throw new IOException("Could not form complete chain.");
        }
        for (int i4 = 0; i4 < oraclePKIX509CertImplArr.length; i4++) {
            oraclePKIX509CertImplArr2[i4] = (OraclePKIX509CertImpl) vector2.get(i4);
        }
        return oraclePKIX509CertImplArr2;
    }

    private void a(String str) throws IOException {
        if (str == null || str.length() == 0) {
            throw new IOException(a.getString(OraclePKIMsgID.I));
        }
        File file = new File(str);
        FileInputStream fileInputStream = new FileInputStream(str);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        int read = fileInputStream.read();
        while (true) {
            int i2 = read;
            if (i2 == -1) {
                break;
            }
            byteArrayOutputStream.write((byte) i2);
            read = fileInputStream.read();
        }
        String byteArrayOutputStream2 = byteArrayOutputStream.toString();
        fileInputStream.close();
        if (OraclePKIGenFunc.isNullOrEmpty(byteArrayOutputStream2)) {
            throw new IOException(a.getString(OraclePKIMsgID.L));
        }
        if (!file.exists()) {
            throw new IOException(a.getString(OraclePKIMsgID.I));
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v45, types: [oracle.security.pki.OracleKeyStoreSpi] */
    public int importPKCS12File(String str, char[] cArr) throws IOException, NoSuchAlgorithmException, UnrecoverableKeyException, CertificateException {
        if (!canModify()) {
            throw new IOException(a.getString(OraclePKIMsgID.y));
        }
        if (OraclePKIDebug.getDebugFlag()) {
            OraclePKIDebug.a("OracleWallet.importPKCS12File: parsing PKCS#12 file at location " + str);
        }
        a(str);
        FileInputStream fileInputStream = new FileInputStream(str);
        OracleKeyStoreSpi oracleKeyStoreSpi = new OracleKeyStoreSpi();
        oracleKeyStoreSpi.load(fileInputStream, cArr, true);
        fileInputStream.close();
        if (OraclePKIDebug.getDebugFlag()) {
            OraclePKIDebug.a("During the import of PKCS#12 file into Oracle Wallet only most recently issued and currently valid certificate (validity is ensured for entire certificate chain) for a unique private key inside PKCS#12 file will be imported. Moreover, if same private key is already present in wallet then import will skip that entire priavte key and certificate chain pair.");
        }
        int retainOnlyLatestAndValidCertificateForUniquePrivateKey = oracleKeyStoreSpi.retainOnlyLatestAndValidCertificateForUniquePrivateKey();
        Enumeration engineAliases = oracleKeyStoreSpi.engineAliases();
        if (this.A == null) {
            this.B = d();
        }
        if (OraclePKIDebug.getDebugFlag()) {
            OraclePKIDebug.a("OracleWallet.importPKCS12File: iterating through private key - certificate chain pairs inside PKCS#12 file and adding them into wallet one by one.");
        }
        while (engineAliases.hasMoreElements()) {
            String str2 = (String) engineAliases.nextElement();
            if (oracleKeyStoreSpi.engineIsKeyEntry(str2)) {
                ByteArrayInputStream byteArrayInputStream = null;
                if (this.z != null) {
                    byteArrayInputStream = new ByteArrayInputStream(this.z);
                }
                if (byteArrayInputStream != null) {
                    byteArrayInputStream.reset();
                }
                OracleSSOKeyStoreSpi oracleKeyStoreSpi2 = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
                if (OraclePKIDebug.getDebugFlag()) {
                    OraclePKIDebug.a("OracleWallet.importPKCS12File: parsing wallet.");
                }
                oracleKeyStoreSpi2.engineLoad(byteArrayInputStream, this.A);
                if (byteArrayInputStream != null) {
                    byteArrayInputStream.reset();
                }
                Certificate[] engineGetCertificateChain = oracleKeyStoreSpi.engineGetCertificateChain(str2);
                if (engineGetCertificateChain != null) {
                    this.z = oracleKeyStoreSpi2.internalAddPrivateKeyAndCertificateChain(byteArrayInputStream, this.A, str2, oracleKeyStoreSpi.engineGetKey(str2, cArr), engineGetCertificateChain);
                    if (this.A == null) {
                        this.B = b(this.B);
                    }
                }
            }
        }
        return retainOnlyLatestAndValidCertificateForUniquePrivateKey;
    }

    public void addTrustFlagsToCertificates(boolean z) throws Exception {
        if (!canModify()) {
            throw new IOException("Cannot modify AL wallet.");
        }
        if (this.A == null) {
            this.B = d();
        }
        a(z);
        if (this.A == null) {
            this.B = b(this.B);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v11, types: [oracle.security.pki.OracleKeyStoreSpi] */
    private void a(boolean z) throws Exception {
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.z != null) {
            byteArrayInputStream = new ByteArrayInputStream(this.z);
        }
        OracleSSOKeyStoreSpi oracleKeyStoreSpi = this.A != null ? new OracleKeyStoreSpi() : new OracleSSOKeyStoreSpi();
        oracleKeyStoreSpi.engineLoad(byteArrayInputStream, this.A);
        if (byteArrayInputStream != null) {
            byteArrayInputStream.reset();
        }
        this.z = oracleKeyStoreSpi.a(byteArrayInputStream, this.A, this.D, z);
    }
}
