package com.ibm.ws.security.common.util;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.icu.impl.CalendarAstronomer;
import com.ibm.websphere.management.metadata.ManagedObjectMetadataHelper;
import com.ibm.websphere.models.config.ipc.ssl.KeyFileFormatKind;
import com.ibm.websphere.models.config.ipc.ssl.KeyStore;
import com.ibm.websphere.models.config.ipc.ssl.ManagementScope;
import com.ibm.websphere.models.config.ipc.ssl.SecureSocketLayer;
import com.ibm.websphere.models.config.ipc.ssl.SslFactory;
import com.ibm.websphere.models.config.ipc.ssl.SslPackage;
import com.ibm.websphere.models.config.ipc.ssl.TrustManager;
import com.ibm.websphere.models.config.orb.securityprotocol.IIOPSecurityProtocol;
import com.ibm.websphere.models.config.orb.securityprotocol.TransportLayer;
import com.ibm.websphere.models.config.properties.PropertiesFactory;
import com.ibm.websphere.models.config.properties.PropertiesPackage;
import com.ibm.websphere.models.config.properties.Property;
import com.ibm.websphere.models.config.security.SSLConfig;
import com.ibm.websphere.models.config.security.SSLConfigGroup;
import com.ibm.websphere.models.config.security.SSLType;
import com.ibm.websphere.models.config.security.Security;
import com.ibm.websphere.models.config.security.SecurityFactory;
import com.ibm.websphere.models.config.security.SecurityPackage;
import com.ibm.websphere.ssl.SSLException;
import com.ibm.ws.ssl.config.CertificateManager;
import com.ibm.ws.ssl.config.KeyStoreManager;
import com.ibm.ws.ssl.config.ManagementScopeData;
import com.ibm.ws.ssl.config.ManagementScopeManager;
import com.ibm.ws.ssl.config.SSLConfigManager;
import com.ibm.ws.ssl.config.WSKeyStore;
import com.ibm.ws.ssl.core.Constants;
import com.ibm.ws.ssl.model.CertReqInfo;
import com.ibm.ws.ssl.model.KeyStoreInfo;
import java.io.File;
import java.io.FileOutputStream;
import java.security.Key;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Collection;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.StringTokenizer;
import org.eclipse.emf.common.util.EList;
import org.eclipse.emf.ecore.EObject;
import org.eclipse.emf.ecore.resource.Resource;
import org.eclipse.emf.ecore.xmi.XMIResource;

/* loaded from: input_file:lib/ecc_v2r3m0f010/com.ibm.ws.webservices.thinclient_8.5.0.jar:com/ibm/ws/security/common/util/MergeSecurityConfig.class */
public class MergeSecurityConfig {
    private static Object nodeHost;
    private static TraceComponent tc = Tr.register(MergeSecurityConfig.class, (String) null, "com.ibm.ejs.resources.security");
    private static ManagementScope cellScope = null;
    private static String DIST = ManagedObjectMetadataHelper.NODE_OS_WINDOWS;
    private static String ZOS1 = ManagedObjectMetadataHelper.NODE_OS_ZOS;
    private static String ZOS2 = ManagedObjectMetadataHelper.NODE_OS_AS400;
    private static String DefaultSSLSettings = "DefaultSSLSettings";
    private static String DefaultCellSSL = "CellDefaultSSLSettings";
    private static String DefaultNodeSSL = "NodeDefaultSSLSettings";
    private static String DefaultKeyStore = Constants.DEFAULT_KEY_STORE;
    private static String DefaultTrustStore = Constants.DEFAULT_TRUST_STORE;
    private static String DefaultRootStore = "DmgrDefaultRootStore";
    private static String DefaultNodeLTPA = "NodeLTPA";
    private static String DefaultCellScope = "cell";
    private static String DefaultNodeScope = "node";
    private static String DefaultConfigCellsPath = "/config/cells/";
    private static String DefaultCellsPath = "/cells/";
    private static String DefaultNodesPath = "/nodes/";
    private static String DefaultEtcPath = "/etc";
    private static String DefaultP12KeyStore = "key.p12";
    private static String DefaultP12TrustStore = "trust.p12";
    private static String DefaultHostnameVariable = "${hostname}";
    private static Object ws = null;
    private static boolean regenCertWithRoot = true;

    public static Security merge(String str, String str2, Security security, Security security2, String str3, String str4) throws Exception {
        return merge(str, str2, security, security2, str3, str4, DIST, DIST);
    }

    public static Security merge(String str, String str2, Security security, Security security2, String str3, String str4, String str5, String str6) throws Exception {
        return merge(str, str2, security, security2, str3, str4, DIST, DIST, false, null);
    }

    public static Security merge(String str, String str2, Security security, Security security2, String str3, String str4, String str5, String str6, boolean z, String str7) throws Exception {
        return merge(str, str2, security, security2, str3, str4, DIST, DIST, false, null, null);
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: CFG modification limit reached, blocks count: 1354
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:64)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    public static com.ibm.websphere.models.config.security.Security merge(java.lang.String r20, java.lang.String r21, com.ibm.websphere.models.config.security.Security r22, com.ibm.websphere.models.config.security.Security r23, java.lang.String r24, java.lang.String r25, java.lang.String r26, java.lang.String r27, boolean r28, java.lang.String r29, java.lang.String r30) throws java.lang.Exception {
        /*
            Method dump skipped, instructions count: 12059
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ws.security.common.util.MergeSecurityConfig.merge(java.lang.String, java.lang.String, com.ibm.websphere.models.config.security.Security, com.ibm.websphere.models.config.security.Security, java.lang.String, java.lang.String, java.lang.String, java.lang.String, boolean, java.lang.String, java.lang.String):com.ibm.websphere.models.config.security.Security");
    }

    static void gatherNodeRootCertificates(String str, HashMap<String, Map<X509Certificate, Key>> hashMap, KeyStore keyStore, KeyStoreManager keyStoreManager) throws Exception, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        if (!keyStore.getName().equals("NodeDefaultRootStore") || keyStore.getType().equals(Constants.KEYSTORE_TYPE_JCERACFKS) || keyStore.getType().equals(Constants.KEYSTORE_TYPE_JCECCARACFKS)) {
            return;
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Getting root certiricates from node.");
        }
        String name = keyStore.getName();
        String fixupLocationWithRepositoryRoot = fixupLocationWithRepositoryRoot(str, keyStore.getLocation());
        String password = keyStore.getPassword();
        java.security.KeyStore keyStore2 = keyStoreManager.getKeyStore(name, keyStore.getType(), keyStore.getProvider(), fixupLocationWithRepositoryRoot, password, keyStore.getManagementScope().getScopeName(), true, null);
        Enumeration<String> aliases = keyStore2.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore2.isKeyEntry(nextElement)) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Key alias: " + nextElement);
                }
                X509Certificate x509Certificate = (X509Certificate) keyStore2.getCertificate(nextElement);
                Key key = keyStore2.getKey(nextElement, password.toCharArray());
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Adding root certificate with alias " + nextElement + ".");
                }
                HashMap hashMap2 = new HashMap(1);
                hashMap2.put(x509Certificate, key);
                hashMap.put(nextElement, hashMap2);
            }
        }
    }

    private static void addServerTrustToTrustFile(String str, String str2, String str3, Security security, String str4, String str5) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "addServerTrustToTrustFile");
        }
        for (SSLConfig sSLConfig : security.getRepertoire()) {
            try {
                String alias = sSLConfig.getAlias();
                if (alias != null && alias.equals(DefaultNodeSSL)) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "NodeDefaultTrustStore found let get it's signers.");
                    }
                    KeyStore keyStore = sSLConfig.getSetting().getKeyStore();
                    if (keyStore != null) {
                        WSKeyStore keyStore2 = KeyStoreManager.getInstance().getKeyStore(str + "_trust");
                        java.security.KeyStore keyStore3 = keyStore2.getKeyStore(true, false);
                        KeyStoreManager.getInstance().getKeyStore(str + "_key");
                        java.security.KeyStore keyStore4 = keyStore2.getKeyStore(true, false);
                        String expand = str2.startsWith("${USER_INSTALL_ROOT}") ? KeyStoreManager.getInstance().expand(str2) : fixupLocationWithRepositoryRoot(str5, fixUpKeyStoreCell(str2));
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "cellTrustFile is " + expand);
                        }
                        String location = keyStore.getLocation();
                        java.security.KeyStore loadKeyStore = WSKeyStore.loadKeyStore(location.startsWith("${USER_INSTALL_ROOT}") ? KeyStoreManager.getInstance().expand(location) : fixupLocationWithRepositoryRoot(str5, fixUpKeyStoreCell(location)), keyStore.getType(), keyStore.getPassword());
                        if (keyStore3 != null && loadKeyStore != null) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "Cell ts and server ts found.");
                            }
                            Enumeration<String> aliases = loadKeyStore.aliases();
                            while (aliases.hasMoreElements()) {
                                String nextElement = aliases.nextElement();
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "alias name is " + nextElement);
                                }
                                Certificate certificate = loadKeyStore.getCertificate(nextElement);
                                if (certificate != null) {
                                    if (keyStore3.containsAlias(nextElement)) {
                                        String incrementAlias = CertificateManager.getInstance().incrementAlias(keyStore3, nextElement);
                                        if (tc.isDebugEnabled()) {
                                            Tr.debug(tc, "Setting new alias " + incrementAlias);
                                        }
                                        keyStore3.setCertificateEntry(incrementAlias, certificate);
                                    } else {
                                        if (tc.isDebugEnabled()) {
                                            Tr.debug(tc, "Setting alias " + nextElement);
                                        }
                                        keyStore3.setCertificateEntry(nextElement, certificate);
                                    }
                                }
                            }
                            Enumeration<String> aliases2 = keyStore4.aliases();
                            while (aliases2.hasMoreElements()) {
                                String nextElement2 = aliases2.nextElement();
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "cell cert alias name is " + nextElement2);
                                }
                                Certificate certificate2 = keyStore4.getCertificate(nextElement2);
                                if (certificate2 != null) {
                                    checkIfTrustStoreExistsAndCreateIfNot(sSLConfig.getSetting().getTrustStore(), str4, str5, certificate2);
                                }
                            }
                            FileOutputStream fileOutputStream = new FileOutputStream(expand);
                            keyStore3.store(fileOutputStream, str3.toCharArray());
                            if (fileOutputStream != null) {
                                fileOutputStream.close();
                            }
                        }
                    }
                }
            } catch (Exception e) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "EXCEPTION while loading signer in old style keystore: " + e.getMessage());
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "addServerTrustToTrustFile");
        }
    }

    private static void addTrustToCommonTrustStore(String str, List list, String str2, String str3) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "addTrustToCommonTrustStore");
        }
        Iterator it = list.iterator();
        while (it.hasNext()) {
            try {
                SSLConfig sSLConfig = (SSLConfig) it.next();
                String alias = sSLConfig.getAlias();
                if (alias != null && alias.equals(DefaultCellSSL)) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "Get the common trust store.");
                    }
                    KeyStore trustStore = sSLConfig.getSetting().getTrustStore();
                    if (trustStore != null) {
                        java.security.KeyStore keyStore = KeyStoreManager.getInstance().getKeyStore(str + "_trust").getKeyStore(true, false);
                        String expand = KeyStoreManager.getInstance().expand(trustStore.getLocation());
                        java.security.KeyStore loadKeyStore = WSKeyStore.loadKeyStore(expand, trustStore.getType(), trustStore.getPassword());
                        if (keyStore != null && loadKeyStore != null) {
                            Enumeration<String> aliases = keyStore.aliases();
                            while (aliases.hasMoreElements()) {
                                String nextElement = aliases.nextElement();
                                if (tc.isDebugEnabled()) {
                                    Tr.debug(tc, "Adding " + nextElement + " to " + trustStore.getName());
                                }
                                Certificate certificate = keyStore.getCertificate(nextElement);
                                if (certificate != null) {
                                    loadKeyStore.setCertificateEntry(nextElement, certificate);
                                }
                            }
                        }
                        FileOutputStream fileOutputStream = new FileOutputStream(expand);
                        loadKeyStore.store(fileOutputStream, trustStore.getPassword().toCharArray());
                        if (fileOutputStream != null) {
                            fileOutputStream.close();
                        }
                    }
                }
            } catch (Exception e) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "EXCEPTION while loading signer in old style keystore: " + e.getMessage());
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "addTrustToCommonTrustStore");
        }
    }

    private static boolean isJSSETypeFromCellRepertoire(Security security, String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isJSSETypeFromCellRepertoire");
        }
        EList<SSLConfig> repertoire = security.getRepertoire();
        if (repertoire != null && repertoire.size() > 0) {
            for (SSLConfig sSLConfig : repertoire) {
                if (sSLConfig.getAlias().equals(str)) {
                    if (sSLConfig.getType().getValue() == 0) {
                        if (!tc.isEntryEnabled()) {
                            return true;
                        }
                        Tr.exit(tc, "isJSSETypeFromCellRepertoire: true");
                        return true;
                    }
                    if (!tc.isEntryEnabled()) {
                        return false;
                    }
                    Tr.exit(tc, "isJSSETypeFromCellRepertoire: false (type is SSSL)");
                    return false;
                }
            }
        }
        if (!tc.isEntryEnabled()) {
            return false;
        }
        Tr.exit(tc, "isJSSETypeFromCellRepertoire: false (entry not found)");
        return false;
    }

    private static void mergeIBMProtocolToCell(Security security, Security security2) {
        mergeIBMProtocolToCell(security, security2, false);
    }

    private static void mergeIBMProtocolToCell(Security security, Security security2, boolean z) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "mergeIBMProtocolToCell");
        }
        if (security.getIBM() != null && !z) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "nothing to do, IBM protocol information already exists");
            }
        } else {
            IIOPSecurityProtocol ibm = security2.getIBM();
            if (ibm != null) {
                security.setIBM(ibm);
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "mergeIBMProtocolToCell");
            }
        }
    }

    private static void modifyProp(Property property, String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "modifyProp " + property + " " + str);
        }
        Resource eResource = property.eResource();
        String str2 = null;
        if (eResource instanceof XMIResource) {
            str2 = ((XMIResource) eResource).getID(property);
        }
        if (str2 != null) {
            StringBuffer stringBuffer = new StringBuffer(str2);
            int indexOf = str2.indexOf(95);
            if (indexOf != -1) {
                ((XMIResource) eResource).setID(property, stringBuffer.replace(indexOf, indexOf + 1, str).toString());
            } else {
                ((XMIResource) eResource).setID(property, stringBuffer.append(str).toString());
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "modifyProp " + property);
        }
    }

    private static void createZOSProperties(Security security, String str, String str2) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "createZOSProperties " + str + " " + str2);
        }
        PropertiesFactory propertiesFactory = PropertiesPackage.eINSTANCE.getPropertiesFactory();
        Property createProperty = propertiesFactory.createProperty();
        Property createProperty2 = propertiesFactory.createProperty();
        createProperty.setName("was.com.ibm.websphere.security.zos.csiv2.inbound.transport.sslconfig");
        createProperty2.setName("was.com.ibm.websphere.security.zos.csiv2.outbound.transport.sslconfig");
        createProperty.setValue(str);
        createProperty2.setValue(str2);
        EList properties = security.getProperties();
        properties.add(createProperty);
        properties.add(createProperty2);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "createZOSProperties");
        }
    }

    private static boolean iiopPropExists(Security security) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "iiopPropExists " + security);
        }
        boolean z = false;
        EList properties = security.getProperties();
        int i = 0;
        while (true) {
            if (i >= properties.size()) {
                break;
            }
            if (((Property) properties.get(i)).getName().equals("was.com.ibm.websphere.security.zos.csiv2.inbound.transport.sslconfig")) {
                z = true;
                break;
            }
            i++;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "iiopPropExists " + z);
        }
        return z;
    }

    private static String getIIOPClaimSSLAlias(Security security) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getIIOPClaimSSLAlias " + security);
        }
        Object obj = null;
        Iterator it = security.getCSI().getClaims().getLayers().iterator();
        while (it.hasNext()) {
            obj = it.next();
            if (obj instanceof TransportLayer) {
                break;
            }
        }
        String sslConfig = ((TransportLayer) obj).getServerAuthentication().getSslConfig();
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getIIOPClaimSSLAlias " + sslConfig);
        }
        return sslConfig;
    }

    private static void setIIOPClaimSSLAlias(Security security, String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setIIOPClaimSSLAlias with alias: " + str + ", into cell security.xml: " + security);
        }
        Object obj = null;
        Iterator it = security.getCSI().getClaims().getLayers().iterator();
        while (it.hasNext()) {
            obj = it.next();
            if (obj instanceof TransportLayer) {
                break;
            }
        }
        ((TransportLayer) obj).getServerAuthentication().setSslConfig(str);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setIIOPClaimSSLAlias");
        }
    }

    private static String getIIOPPerformSSLAlias(Security security) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getIIOPPerformSSLAlias " + security);
        }
        Object obj = null;
        Iterator it = security.getCSI().getPerforms().getLayers().iterator();
        while (it.hasNext()) {
            obj = it.next();
            if (obj instanceof TransportLayer) {
                break;
            }
        }
        String sslConfig = ((TransportLayer) obj).getServerAuthentication().getSslConfig();
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getIIOPPerformSSLAlias " + sslConfig);
        }
        return sslConfig;
    }

    private static ManagementScope fixUpCell(ManagementScope managementScope, ManagementScope managementScope2) {
        ManagementScopeData managementScopeData = new ManagementScopeData(managementScope.getScopeName());
        managementScopeData.setCellName(new ManagementScopeData(managementScope2.getScopeName()).getCellName());
        managementScope.setScopeName(managementScopeData.formFullScope());
        return managementScope;
    }

    private static String fixUpKeyStoreCell(String str) {
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Original keyStoreLocation: " + str);
        }
        String cellName = ManagementScopeManager.getInstance().getCellName();
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Cell name: " + cellName);
        }
        int indexOf = str.indexOf(DefaultConfigCellsPath);
        String str2 = str;
        String str3 = null;
        String str4 = null;
        String str5 = null;
        if (indexOf != -1) {
            str3 = str.substring(0, indexOf + DefaultConfigCellsPath.length());
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "First part: " + str3);
            }
            str4 = str.substring(indexOf + DefaultConfigCellsPath.length());
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "The rest: " + str4);
            }
        } else {
            int lastIndexOf = str.lastIndexOf(DefaultCellsPath);
            if (lastIndexOf != -1) {
                str3 = str.substring(0, lastIndexOf + DefaultCellsPath.length());
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "First part: " + str3);
                }
                str4 = str.substring(lastIndexOf + DefaultCellsPath.length());
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "The rest: " + str4);
                }
            }
        }
        if (str3 != null && str4 != null) {
            if (str4.indexOf(DefaultNodesPath) != -1) {
                str5 = str4.substring(str4.indexOf(DefaultNodesPath) + DefaultNodesPath.length());
                str2 = str3 + cellName + DefaultNodesPath + str5;
            } else {
                str5 = str4.substring(str4.indexOf("/") + "/".length());
                str2 = str3 + cellName + "/" + str5;
            }
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Last part: " + str5);
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Fixed up location: " + str2);
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "New keystore location: " + str2);
        }
        return str2;
    }

    private static void setIIOPPerformSSLAlias(Security security, String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setIIOPPerformSSLAlias with alias: " + str + ", into cell security.xml: " + security);
        }
        Object obj = null;
        Iterator it = security.getCSI().getPerforms().getLayers().iterator();
        while (it.hasNext()) {
            obj = it.next();
            if (obj instanceof TransportLayer) {
                break;
            }
        }
        ((TransportLayer) obj).getServerAuthentication().setSslConfig(str);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getIIOPPerformSSLAlias");
        }
    }

    private static SSLConfig replaceDefaultNodeTrustStoreWithCellTrustStore(SSLConfig sSLConfig, KeyStore keyStore) {
        KeyStore trustStore;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "replaceDefaultNodeTrustStoreWithCellTrustStore", new Object[]{sSLConfig.getAlias(), keyStore.getName()});
        }
        if (sSLConfig.getType() != null && sSLConfig.getType() == SSLType.SSSL_LITERAL) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "replaceDummyKeyStoreWithCellKeyStoreIfNecessary (type=SSSL)");
            }
            return sSLConfig;
        }
        SecureSocketLayer setting = sSLConfig.getSetting();
        if (setting != null && (trustStore = setting.getTrustStore()) != null && trustStore.getName().endsWith(DefaultTrustStore)) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Replacing Node TrustStore with Cell TrustStore.");
            }
            setting.setTrustStore(keyStore);
            sSLConfig.setSetting(setting);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "replaceDummyKeyStoreWithCellKeyStoreIfNecessary");
        }
        return sSLConfig;
    }

    private static SSLConfig replaceDummyKeyStoreWithCellKeyStoreIfNecessary(SSLConfig sSLConfig, List list) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "replaceDummyKeyStoreWithCellKeyStoreIfNecessary", new Object[]{sSLConfig.getAlias()});
        }
        if (sSLConfig.getType() != null && sSLConfig.getType() == SSLType.SSSL_LITERAL) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "replaceDummyKeyStoreWithCellKeyStoreIfNecessary (type=SSSL)");
            }
            return sSLConfig;
        }
        SecureSocketLayer setting = sSLConfig.getSetting();
        if (setting != null) {
            String keyFileName = setting.getKeyFileName();
            if (keyFileName == null || !keyFileName.endsWith("DummyServerKeyFile.jks")) {
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "replaceDummyKeyStoreWithCellKeyStoreIfNecessary (not a dummy keystore)");
                }
                return sSLConfig;
            }
            Iterator it = list.iterator();
            while (it.hasNext()) {
                KeyStore keyStore = (KeyStore) it.next();
                if (keyStore != null) {
                    String name = keyStore.getName();
                    String str = null;
                    if (keyStore.getManagementScope() != null) {
                        str = keyStore.getManagementScope().getScopeType();
                    }
                    if (str != null && str.equals(DefaultCellScope) && name != null && name.endsWith(DefaultKeyStore)) {
                        setting.setKeyFileName(fixupNodeConfigRoot(keyFileName, keyStore.getLocation()));
                        setting.setKeyFilePassword(keyStore.getPassword());
                        setting.setKeyFileFormat(KeyFileFormatKind.get(keyStore.getType()));
                    }
                    if (str != null && str.equals(DefaultCellScope) && name != null && name.endsWith(DefaultTrustStore)) {
                        setting.setTrustFileName(fixupNodeConfigRoot(keyFileName, keyStore.getLocation()));
                        setting.setTrustFilePassword(keyStore.getPassword());
                        setting.setTrustFileFormat(KeyFileFormatKind.get(keyStore.getType()));
                    }
                    sSLConfig.setSetting(setting);
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "replaceDummyKeyStoreWithCellKeyStoreIfNecessary");
        }
        return sSLConfig;
    }

    private static String fixupNodeConfigRoot(String str, String str2) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "fixupNodeConfigRoot", new Object[]{str, str2});
        }
        String str3 = str;
        int indexOf = str2.indexOf(DefaultConfigCellsPath);
        if (indexOf != -1) {
            String substring = str2.substring(indexOf);
            int indexOf2 = str.indexOf(DefaultEtcPath);
            if (indexOf2 != -1) {
                str3 = str.substring(0, indexOf2) + substring;
            }
        } else {
            int lastIndexOf = str2.lastIndexOf(DefaultCellsPath);
            if (lastIndexOf != -1) {
                String substring2 = str2.substring(lastIndexOf);
                int indexOf3 = str.indexOf(DefaultEtcPath);
                if (indexOf3 != -1) {
                    str3 = str.substring(0, indexOf3) + "/config" + substring2;
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "fixupNodeConfigRoot -> " + str3);
        }
        return str3;
    }

    public static Certificate checkIfKeyStoreExistsAndCreateIfNot(KeyStore keyStore, String str, String str2, String str3) throws SSLException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "checkIfKeyStoreExistsAndCreateIfNot");
        }
        boolean isFileBased = keyStore.isFileBased();
        String location = keyStore.getLocation();
        String name = keyStore.getName();
        String scopeType = keyStore.getManagementScope() != null ? keyStore.getManagementScope().getScopeType() : null;
        if (name == null || !name.endsWith(DefaultKeyStore) || scopeType == null || scopeType.equals(DefaultCellScope) || !isFileBased) {
            if (!tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "checkIfKeyStoreExistsAndCreateIfNot (not filebased or in config root)");
            return null;
        }
        if (new File(fixUpKeyStoreCell(fixupLocationWithRepositoryRoot(str2, location))).exists()) {
            if (!tc.isEntryEnabled()) {
                return null;
            }
            Tr.exit(tc, "checkIfKeyStoreExistsAndCreateIfNot -> (exists)");
            return null;
        }
        try {
            String checkForLocationInRepositoryRootMakeDirectoryIfNecessary = checkForLocationInRepositoryRootMakeDirectoryIfNecessary(str, keyStore.getLocation());
            String password = keyStore.getPassword();
            String type = keyStore.getType();
            String provider = keyStore.getProvider();
            KeyStoreInfo keyStoreInfo = new KeyStoreInfo(name, checkForLocationInRepositoryRootMakeDirectoryIfNecessary, password, provider, type, Boolean.TRUE, null, keyStore.getManagementScope() != null ? keyStore.getManagementScope().getScopeName() : null, null, Boolean.FALSE, Boolean.TRUE, Boolean.TRUE, null, new Integer(0), Boolean.FALSE, null, keyStore.getDescription());
            String globalProperty = SSLConfigManager.getInstance().getGlobalProperty(Constants.SSLPROP_DEFAULT_CERTREQ_ALIAS, "default");
            String str4 = globalProperty != null ? globalProperty : "default";
            String globalProperty2 = SSLConfigManager.getInstance().getGlobalProperty(Constants.SSLPROP_DEFAULT_CERTREQ_KEYSIZE, "1024");
            String globalProperty3 = SSLConfigManager.getInstance().getGlobalProperty(Constants.SSLPROP_DEFAULT_CERTREQ_SUBJECTDN, "cn=${hostname},o=IBM,c=US");
            Certificate chainedCertificateCreate = CertificateManager.getInstance().chainedCertificateCreate(new CertReqInfo(str4, new Integer(globalProperty2).intValue(), (globalProperty3.indexOf(DefaultHostnameVariable) == -1 || str3 == null) ? KeyStoreManager.getInstance().expand(globalProperty3) : expandHostNameVariable(globalProperty3, str3), new Integer(SSLConfigManager.getInstance().getGlobalProperty(Constants.SSLPROP_DEFAULT_CERTREQ_DAYS, "365")).intValue(), keyStoreInfo, null), "root", null);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "checkIfKeyStoreExistsAndCreateIfNot");
            }
            return chainedCertificateCreate;
        } catch (Exception e) {
            if (e instanceof SSLException) {
                throw ((SSLException) e);
            }
            throw new SSLException(e.getMessage(), e);
        }
    }

    private static String expandHostNameVariable(String str, String str2) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "expandHostNameVariable", new Object[]{str, str2});
        }
        String str3 = str;
        int indexOf = str.indexOf(DefaultHostnameVariable);
        if (indexOf != -1) {
            String substring = str.substring(0, indexOf);
            String substring2 = str.substring(indexOf + DefaultHostnameVariable.length());
            if (substring != null && !substring.equals("") && substring2 != null && !substring2.equals("")) {
                str3 = substring + str2 + substring2;
            } else if (substring != null && !substring.equals("")) {
                str3 = substring + str2;
            } else if (substring2 != null && !substring2.equals("")) {
                str3 = str2 + substring2;
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "expandHostNameVariable -> " + str3);
        }
        return str3;
    }

    public static void checkIfTrustStoreExistsAndCreateIfNot(KeyStore keyStore, String str, String str2, Certificate certificate) throws SSLException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "checkIfTrustStoreExistsAndCreateIfNot");
        }
        boolean isFileBased = keyStore.isFileBased();
        String location = keyStore.getLocation();
        String name = keyStore.getName();
        String scopeType = keyStore.getManagementScope() != null ? keyStore.getManagementScope().getScopeType() : null;
        if (name != null && name.endsWith(DefaultTrustStore) && scopeType != null && !scopeType.equals(DefaultCellScope) && isFileBased) {
            if (new File(fixUpKeyStoreCell(fixupLocationWithRepositoryRoot(str2, location))).exists()) {
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "checkIfTrustStoreExistsAndCreateIfNot -> (exists)");
                    return;
                }
                return;
            }
            try {
                String checkForLocationInRepositoryRootMakeDirectoryIfNecessary = checkForLocationInRepositoryRootMakeDirectoryIfNecessary(str, keyStore.getLocation());
                String password = keyStore.getPassword();
                java.security.KeyStore keyStore2 = KeyStoreManager.getInstance().getKeyStore(name, keyStore.getType(), keyStore.getProvider(), checkForLocationInRepositoryRootMakeDirectoryIfNecessary, password, keyStore.getManagementScope() != null ? keyStore.getManagementScope().getScopeName() : null, true, null);
                if (keyStore2 != null) {
                    keyStore2.setCertificateEntry("default_signer", certificate);
                    keyStore2.store(new FileOutputStream(checkForLocationInRepositoryRootMakeDirectoryIfNecessary), password.toCharArray());
                    if (tc.isEntryEnabled()) {
                        Tr.exit(tc, "checkIfTrustStoreExistsAndCreateIfNot (signer set)");
                        return;
                    }
                    return;
                }
            } catch (Exception e) {
                if (!(e instanceof SSLException)) {
                    throw new SSLException(e.getMessage(), e);
                }
                throw ((SSLException) e);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "checkIfTrustStoreExistsAndCreateIfNot (not filebased or in config root)");
        }
    }

    private static String checkForLocationInRepositoryRootMakeDirectoryIfNecessary(String str, String str2) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "checkForLocationInRepositoryRootMakeDirectoryIfNecessary", new Object[]{str, str2});
        }
        String fixUpKeyStoreCell = fixUpKeyStoreCell(fixupLocationWithRepositoryRoot(str, str2));
        File file = new File(stripFileFromPath(fixUpKeyStoreCell));
        boolean z = false;
        if (!file.exists()) {
            z = file.mkdirs();
        }
        if (!z && tc.isDebugEnabled()) {
            Tr.debug(tc, "Could not create the directory to add the keyfile.  AddNode is going to fail.");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "checkForLocationInRepositoryRootMakeDirectoryIfNecessary");
        }
        return fixUpKeyStoreCell;
    }

    private static String stripFileFromPath(String str) {
        int lastIndexOf = str.lastIndexOf("/");
        return lastIndexOf != -1 ? str.substring(0, lastIndexOf) : str;
    }

    private static String whichLocationKeyStoreExists(String str, String str2, String str3) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "whichLocationKeyStoreExists");
        }
        if (new File(fixUpKeyStoreCell(fixupLocationWithRepositoryRoot(str3, str))).exists()) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "whichLocationKeyStoreExists -> " + str3);
            }
            return str3;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "whichLocationKeyStoreExists -> " + str2);
        }
        return str2;
    }

    private static String fixupLocationWithRepositoryRoot(String str, String str2) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "fixupLocationWithRepositoryRoot", new Object[]{str, str2});
        }
        int lastIndexOf = str2.lastIndexOf(DefaultCellsPath);
        String str3 = str2;
        if (lastIndexOf != -1) {
            str3 = str + str2.substring(lastIndexOf);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "fixupLocationWithRepositoryRoot -> " + str3);
        }
        return str3;
    }

    private static String getCellAliasKey(String str, String str2) {
        StringBuffer stringBuffer = new StringBuffer(str);
        stringBuffer.append(":");
        stringBuffer.append(str2);
        String stringBuffer2 = stringBuffer.toString();
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "getCellAliasKey -> " + stringBuffer2);
        }
        return stringBuffer2;
    }

    private static void createDmgrDefaultSSLSettings(Security security, String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "createDmgrDefaultSSLSettings(" + str + ")");
        }
        EList<EObject> repertoire = security.getRepertoire();
        if (repertoire != null && repertoire.size() > 0) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "search" + str);
            }
            for (EObject eObject : repertoire) {
                Resource eResource = eObject.eResource();
                String id = eResource instanceof XMIResource ? ((XMIResource) eResource).getID(eObject) : null;
                if (id != null && str.equals(eObject.getAlias())) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "found: " + str + "  Cell refID: " + id);
                        return;
                    }
                    return;
                }
            }
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "search" + DefaultCellSSL);
        }
        EObject eObject2 = null;
        Iterator it = repertoire.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            EObject eObject3 = (SSLConfig) it.next();
            Resource eResource2 = eObject3.eResource();
            String id2 = eResource2 instanceof XMIResource ? ((XMIResource) eResource2).getID(eObject3) : null;
            if (id2 != null && DefaultCellSSL.equals(eObject3.getAlias())) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "found: " + DefaultCellSSL + "  Cell refID: " + id2);
                }
                eObject2 = eObject3;
            }
        }
        if (eObject2 != null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "add " + str);
            }
            SecurityFactory securityFactory = SecurityPackage.eINSTANCE.getSecurityFactory();
            SslFactory sslFactory = SslPackage.eINSTANCE.getSslFactory();
            SSLConfig createSSLConfig = securityFactory.createSSLConfig();
            SecureSocketLayer createSecureSocketLayer = sslFactory.createSecureSocketLayer();
            SecureSocketLayer setting = eObject2.getSetting();
            createSSLConfig.setAlias(str);
            createSSLConfig.setManagementScope(eObject2.getManagementScope());
            createSecureSocketLayer.setClientAuthentication(setting.isClientAuthentication());
            createSecureSocketLayer.setSecurityLevel(setting.getSecurityLevel());
            createSecureSocketLayer.setEnableCryptoHardwareSupport(setting.isEnableCryptoHardwareSupport());
            createSecureSocketLayer.setEnabledCiphers(setting.getEnabledCiphers());
            createSecureSocketLayer.setJsseProvider(setting.getJsseProvider());
            createSecureSocketLayer.setClientAuthenticationSupported(setting.isClientAuthenticationSupported());
            createSecureSocketLayer.setSslProtocol(setting.getSslProtocol());
            Iterator it2 = setting.getTrustManager().iterator();
            while (it2.hasNext()) {
                createSecureSocketLayer.getTrustManager().add((TrustManager) it2.next());
            }
            createSecureSocketLayer.setKeyManager(setting.getKeyManager());
            createSecureSocketLayer.setKeyStore(setting.getKeyStore());
            createSecureSocketLayer.setTrustStore(setting.getTrustStore());
            createSSLConfig.setSetting(createSecureSocketLayer);
            security.getRepertoire().add(createSSLConfig);
        }
    }

    public static Security updateCellNameAndNodeName(Security security, String str, String str2) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "updateCellNameAndNodeName");
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Cell name: " + str + "Node name: " + str2);
        }
        if (security.getKeyStores() != null && security.getKeyStores().size() > 0) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Setting new cell name & node name for KeyStore.");
            }
            EList<KeyStore> keyStores = security.getKeyStores();
            if (keyStores != null) {
                for (KeyStore keyStore : keyStores) {
                    if (keyStore.getLocation().indexOf(DefaultConfigCellsPath) != -1 || keyStore.getLocation().indexOf(DefaultCellsPath) != -1) {
                        keyStore.setLocation(fixUpKeyStore(keyStore.getLocation(), str, str2));
                    }
                }
            }
        }
        if (security.getManagementScopes() != null && security.getManagementScopes().size() > 0) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Setting new cell name & node name for ManagementScopes.");
            }
            EList<ManagementScope> managementScopes = security.getManagementScopes();
            if (managementScopes != null) {
                for (ManagementScope managementScope : managementScopes) {
                    if (managementScope.getScopeName().indexOf("(cell):") != -1) {
                        managementScope.setScopeName(fixUpManagementScope(managementScope.getScopeName(), str, str2));
                    }
                }
            }
        }
        fixUpSslConfigGroup(str, str2, security);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "updateCellNameAndNodeName");
        }
        return security;
    }

    private static String fixUpKeyStore(String str, String str2, String str3) {
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Original keyStoreLocation: " + str);
        }
        int indexOf = str.indexOf(DefaultConfigCellsPath);
        String str4 = str;
        String str5 = null;
        String str6 = null;
        String str7 = null;
        if (indexOf != -1) {
            str5 = str.substring(0, indexOf + DefaultConfigCellsPath.length());
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "First part: " + str5);
            }
            str6 = str.substring(indexOf + DefaultConfigCellsPath.length());
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "The rest: " + str6);
            }
        } else {
            int lastIndexOf = str.lastIndexOf(DefaultCellsPath);
            if (lastIndexOf != -1) {
                str5 = str.substring(0, lastIndexOf + DefaultCellsPath.length());
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "First part: " + str5);
                }
                str6 = str.substring(lastIndexOf + DefaultCellsPath.length());
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "The rest: " + str6);
                }
            }
        }
        if (str5 != null && str6 != null) {
            if (str6.indexOf(DefaultNodesPath) != -1) {
                str7 = str6.substring(str6.indexOf(DefaultNodesPath) + DefaultNodesPath.length());
                if (str7 != null && str7.indexOf("/") != -1) {
                    str7 = str7.substring(str7.indexOf("/") + "/".length());
                }
                str4 = str5 + str2 + DefaultNodesPath + str3 + "/" + str7;
            } else {
                str7 = str6.substring(str6.indexOf("/") + "/".length());
                str4 = str5 + str2 + "/" + str7;
            }
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Last part: " + str7);
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Fixed up location: " + str4);
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "New keystore location: " + str4);
        }
        return str4;
    }

    protected static String fixUpManagementScope(String str, String str2, String str3) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "scopeName: " + str + "Cell name: " + str2 + "Node name: " + str3);
        }
        String str4 = str;
        if (str != null && str.length() > 0) {
            StringBuffer stringBuffer = new StringBuffer();
            StringTokenizer stringTokenizer = new StringTokenizer(str, ":");
            boolean z = false;
            String str5 = null;
            while (stringTokenizer.hasMoreTokens()) {
                String nextToken = stringTokenizer.nextToken();
                if (z) {
                    nextToken = str5;
                    z = false;
                }
                if (stringBuffer.length() > 0) {
                    stringBuffer.append(":");
                }
                stringBuffer.append(nextToken);
                if ("(cell)".equalsIgnoreCase(nextToken) && str2 != null && str2.length() > 0) {
                    str5 = str2;
                    z = true;
                } else if ("(node)".equalsIgnoreCase(nextToken) && str3 != null && str3.length() > 0) {
                    str5 = str3;
                    z = true;
                }
            }
            str4 = stringBuffer.toString();
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "New ScopeName: " + str4);
        }
        return str4;
    }

    private static void fixUpSslConfigGroup(String str, String str2, Security security) {
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "enter fixUpSslConfigGroup");
        }
        if (security.getSslConfigGroups() != null && security.getSslConfigGroups().size() > 0) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Setting new cell name & node name for sslConfigGroup.");
            }
            EList<SSLConfigGroup> sslConfigGroups = security.getSslConfigGroups();
            if (sslConfigGroups != null) {
                for (SSLConfigGroup sSLConfigGroup : sslConfigGroups) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "scopeType: " + (sSLConfigGroup.getManagementScope() != null ? sSLConfigGroup.getManagementScope().getScopeType() : "no scope found"));
                    }
                    if (sSLConfigGroup.getManagementScope() != null) {
                        if (sSLConfigGroup.getManagementScope().getScopeType().equals(DefaultCellScope)) {
                            sSLConfigGroup.setName(str);
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "set cell Name: " + str);
                            }
                        } else {
                            sSLConfigGroup.setName(str2);
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "set node Name: " + str2);
                            }
                        }
                    }
                }
            }
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "exit fixUpSslConfigGroup");
        }
    }

    private static boolean checkIfInternalServerIdUsed(Security security) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "checkIfInternalServerIdUsed");
        }
        boolean isUseRegistryServerId = security.getActiveUserRegistry().isUseRegistryServerId();
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "checkIfInternalServerIdUsed", isUseRegistryServerId ? Boolean.FALSE : Boolean.TRUE);
        }
        return !isUseRegistryServerId;
    }

    private static boolean checkIfNullServerPasswordUsed(Security security) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "checkIfNullServerPasswordUsed");
        }
        String serverPassword = security.getActiveUserRegistry().getServerPassword();
        if (serverPassword == null || serverPassword.length() == 0) {
            if (!tc.isEntryEnabled()) {
                return true;
            }
            Tr.exit(tc, "checkIfNullServerPasswordUsed", " null server passwd. return true.");
            return true;
        }
        if (!tc.isEntryEnabled()) {
            return false;
        }
        Tr.exit(tc, "checkIfNullServerPasswordUsed", " return false.");
        return false;
    }

    private static CertReqInfo createCertInfoFromCert(String str, X509Certificate x509Certificate, KeyStoreInfo keyStoreInfo) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "createCertInfoFromCert");
        }
        PublicKey publicKey = x509Certificate.getPublicKey();
        int bitLength = publicKey instanceof RSAPublicKey ? ((RSAPublicKey) publicKey).getModulus().bitLength() : ((DSAPublicKey) publicKey).getParams().getP().bitLength();
        if (bitLength % 2 != 0) {
            bitLength++;
        }
        int intValue = new Long((x509Certificate.getNotAfter().getTime() - x509Certificate.getNotBefore().getTime()) / CalendarAstronomer.DAY_MS).intValue();
        String obj = x509Certificate.getSubjectDN().toString();
        String uUIDFromCert = getUUIDFromCert(x509Certificate);
        CertReqInfo certReqInfo = new CertReqInfo(str, bitLength, obj, intValue, keyStoreInfo, null);
        if (uUIDFromCert != null) {
            certReqInfo.setProfileUUID(uUIDFromCert);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "createCertInfoFromCert");
        }
        return certReqInfo;
    }

    private static String getUUIDFromCert(X509Certificate x509Certificate) throws Exception {
        try {
            Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
            if (subjectAlternativeNames != null && subjectAlternativeNames.size() > 0) {
                for (List<?> list : subjectAlternativeNames) {
                    if (list != null && list.size() > 0) {
                        for (int i = 0; i < list.size(); i++) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "Alt name value is: " + list.get(i));
                            }
                            String obj = list.get(i).toString();
                            if (obj.startsWith("ProfileUUID:")) {
                                return obj.substring("ProfileUUID:".length());
                            }
                        }
                    }
                }
            }
            return null;
        } catch (Exception e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception while checking AltSubjectNames.", new Object[]{e});
            }
            throw e;
        }
    }

    private static boolean isSelfSignedCert(X509Certificate x509Certificate) {
        boolean z = true;
        try {
            x509Certificate.verify(x509Certificate.getPublicKey());
        } catch (SignatureException e) {
            z = false;
        } catch (Exception e2) {
            z = false;
        }
        return z;
    }

    private static void markWorkspaceUpdated(String str, String str2, String str3) {
        try {
            if (str2.equals(str)) {
                if (ws != null) {
                    String expand = KeyStoreManager.getInstance().expand(str3);
                    int indexOf = expand.indexOf("cells/" + ManagementScopeManager.getInstance().getCellName());
                    if (indexOf != -1) {
                        String substring = expand.substring(indexOf);
                        int lastIndexOf = substring.lastIndexOf("/");
                        String substring2 = substring.substring(lastIndexOf + 1);
                        String substring3 = substring.substring(0, lastIndexOf);
                        Class<?> cls = Class.forName("com.ibm.ws.sm.workspace.WorkSpace");
                        if (cls != null) {
                            Class.forName("com.ibm.ws.sm.workspace.RepositoryContext").getMethod("notifyChanged", Integer.TYPE, String.class).invoke(cls.getMethod("findContext", String.class).invoke(ws, substring3), 1, substring2);
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, substring2 + " has been marked updated in workspace.");
                            }
                        }
                    }
                }
            } else if (tc.isDebugEnabled()) {
                Tr.debug(tc, str3 + " not in workspace.");
            }
        } catch (Exception e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception while marking the workspace updated " + e.getMessage());
            }
        }
    }

    private static Object getWorkSpace(String str) {
        Object obj = null;
        try {
            int indexOf = str.indexOf("wstemp");
            if (indexOf != -1) {
                String substring = str.substring(indexOf + "wstemp".length() + 1);
                String obj2 = Class.forName("com.ibm.websphere.management.Session").getConstructor(String.class, Boolean.TYPE).newInstance(substring.substring(0, substring.indexOf("workspace") - 1), Boolean.TRUE).toString();
                if (obj2 != null) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "sessionObj is " + obj2);
                    }
                    Class<?> cls = Class.forName("com.ibm.ws.sm.workspace.WorkSpaceManagerFactory");
                    if (cls != null) {
                        obj = Class.forName("com.ibm.ws.sm.workspace.WorkSpaceManager").getMethod("getWorkSpace", String.class).invoke(cls.getMethod("getManager", new Class[0]).invoke(null, new Object[0]), obj2);
                    }
                }
            }
        } catch (Exception e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception while getting the session through reflection " + e.getMessage());
            }
        }
        return obj;
    }

    public static boolean signedByNode(X509Certificate x509Certificate, Key key, HashMap<String, Map<X509Certificate, Key>> hashMap) throws Exception {
        return signedByNode(x509Certificate, key, hashMap, KeyStoreManager.getInstance());
    }

    public static boolean signedByNode(X509Certificate x509Certificate, Key key, HashMap<String, Map<X509Certificate, Key>> hashMap, KeyStoreManager keyStoreManager) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "signedByNode");
        }
        try {
            Iterator<Map.Entry<String, Map<X509Certificate, Key>>> it = hashMap.entrySet().iterator();
            while (it.hasNext()) {
                for (Map.Entry<X509Certificate, Key> entry : it.next().getValue().entrySet()) {
                    X509Certificate key2 = entry.getKey();
                    Key value = entry.getValue();
                    if (key2 != null && !key.equals(value) && keyStoreManager.generateDigest("SHA-1", key2).equals(keyStoreManager.generateDigest("SHA-1", x509Certificate))) {
                        if (!tc.isEntryEnabled()) {
                            return true;
                        }
                        Tr.exit(tc, "signedByNode", new Object[]{true});
                        return true;
                    }
                }
            }
            if (!tc.isEntryEnabled()) {
                return false;
            }
            Tr.exit(tc, "signedByNode", new Object[]{false});
            return false;
        } catch (Exception e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception occurred while reading the root key store.", new Object[]{e});
            }
            throw e;
        }
    }
}
