package com.tivoli.core.ns;

import com.ibm.distman.voyagerx.security.ssl.sslite.PKI;
import com.ibm.distman.voyagerx.security.ssl.sslite.SMIME;
import com.ibm.distman.voyagerx.security.ssl.sslite.SSLCert;
import java.io.File;
import java.io.IOException;

/* JADX WARN: Classes with same name are omitted:
  input_file:DMSDependencies/mm_orb.jar:com/tivoli/core/ns/LocalOrbVault.class
 */
/* loaded from: input_file:com.tivoli.eDMS_1.8.0.20050921D.jar:DMSDependencies/mm_orb.jar:com/tivoli/core/ns/LocalOrbVault.class */
public class LocalOrbVault extends Vault implements CoreNSConstants {
    private static final String COPYRIGHT = "\nLicensed Materials - Property of IBM\n\n5698-TKS\n\nCopyright IBM Corp. 1999, 2000 All Rights Reserved\n\nUS Government Users Restricted Rights - Use, duplication or disclosure\nrestricted by GSA ADP Schedule Contract with IBM Corp.\n";
    private static final String sClassRevision = "$Revision: @(#)74 1.9 orb/src/com/tivoli/core/ns/LocalOrbVault.java, mm_orb, mm_orb_dev 00/11/01 10:05:40 $";
    SSLCert aPrivateSystemCertificate;
    SSLCert aPublicSystemCertificate;
    String anOrbID;

    public LocalOrbVault() {
        this.aPrivateSystemCertificate = null;
        this.aPublicSystemCertificate = null;
        this.anOrbID = null;
    }

    public LocalOrbVault(String str, String str2) {
        super(str, str2);
        this.aPrivateSystemCertificate = null;
        this.aPublicSystemCertificate = null;
        this.anOrbID = null;
    }

    public static LocalOrbVault createLocalOrbVault(String str, String str2) throws IOException {
        File file = new File(str);
        if (file.exists()) {
            file.delete();
        }
        File file2 = new File(str2);
        if (file2.exists()) {
            file2.delete();
        }
        return new LocalOrbVault(str, str2);
    }

    public byte[] generateCertificateRequest() {
        this.aPrivateSystemCertificate = generateKeyPair("SSLCert.RSA".equals("SSLCert.RSA") ? 1 : 0, 512, (byte[]) null, (String) null);
        return PKI.pkcs10(this.aPrivateSystemCertificate, PKI.x500Name("serial=System Certificate"), (byte[]) null);
    }

    public byte[] generateCertificateRequest(String str) {
        this.aPrivateSystemCertificate = generateKeyPair("SSLCert.RSA".equals("SSLCert.RSA") ? 1 : 0, 512, (byte[]) null, (String) null);
        return PKI.pkcs10(this.aPrivateSystemCertificate, PKI.x500Name(new StringBuffer("serial=").append(str).append(",").append(CoreNSConstants.CERT_TYPE_COMPONENT_STRING).append("=").append(CoreNSConstants.SYSTEM_CERTIFICATE_IDENTIFIER).toString()), (byte[]) null);
    }

    public byte[] generateSignature(byte[] bArr) {
        getSystemCertificate();
        return this.aPrivateSystemCertificate.generateSignature(bArr, 0, bArr.length, 4);
    }

    public String getOrbID() {
        if (this.anOrbID == null) {
            getSystemCertificate();
            if (this.aPublicSystemCertificate != null) {
                this.anOrbID = this.aPublicSystemCertificate.subjectName().getComponent(CoreNSConstants.ORB_ID_CERT_COMPONENT, 0);
            }
        }
        return this.anOrbID;
    }

    public SSLCert getSignerCertificate() {
        getSystemCertificate();
        return this.aPrivateSystemCertificate.signerCertificate();
    }

    public SSLCert getSystemCertificate() {
        SSLCert sSLCert = null;
        SSLCert[] keyRing = getKeyRing(4);
        this.aPublicSystemCertificate = null;
        for (int i = 0; i < keyRing.length; i++) {
            if (keyRing[i].subjectName().getComponent(CoreNSConstants.CERT_TYPE_COMPONENT, 0).equals(CoreNSConstants.SYSTEM_CERTIFICATE_IDENTIFIER)) {
                if (sSLCert == null) {
                    sSLCert = keyRing[i];
                } else {
                    if (keyRing[i].validity()[1].after(sSLCert.validity()[1])) {
                        sSLCert = keyRing[i];
                    }
                }
            }
        }
        this.aPrivateSystemCertificate = sSLCert;
        if (this.aPrivateSystemCertificate != null) {
            this.aPublicSystemCertificate = new SSLCert(this.aPrivateSystemCertificate.encode(), (String) null);
        }
        return this.aPublicSystemCertificate;
    }

    public byte[] signData(byte[] bArr) {
        return SMIME.encodeSignedData(bArr, new SSLCert[]{this.aPrivateSystemCertificate}, new SSLCert[]{this.aPublicSystemCertificate}, true, true);
    }
}
