package com.ibm.security.pkcs12;

import com.ibm.misc.Debug;
import com.ibm.misc.HexDumpEncoder;
import com.ibm.security.pkcs5.PKCS5;
import com.ibm.security.pkcs7.ContentInfo;
import com.ibm.security.pkcs7.Data;
import com.ibm.security.pkcs7.DigestInfo;
import com.ibm.security.pkcs7.EncryptedContentInfo;
import com.ibm.security.pkcs7.EncryptedData;
import com.ibm.security.pkcs7.EnvelopedData;
import com.ibm.security.pkcs7.SignedData;
import com.ibm.security.pkcs8.EncryptedPrivateKeyInfo;
import com.ibm.security.pkcs8.PrivateKeyInfo;
import com.ibm.security.pkcsutil.PKCSAttribute;
import com.ibm.security.pkcsutil.PKCSAttributes;
import com.ibm.security.pkcsutil.PKCSDerObject;
import com.ibm.security.pkcsutil.PKCSException;
import com.ibm.security.pkcsutil.PKCSOID;
import com.ibm.security.util.DerOutputStream;
import com.ibm.security.util.DerValue;
import com.ibm.security.util.ObjectIdentifier;
import com.ibm.security.x509.AlgorithmId;
import java.io.IOException;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.CRL;
import java.security.cert.Certificate;
import java.util.Vector;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.xml.serialize.LineSeparator;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:efixes/JDKiFix_express_linux_i386/components/prereq.jdk/update.jar:/java/jre/lib/ibmpkcs.jar:com/ibm/security/pkcs12/BasicPFX.class */
public abstract class BasicPFX extends PKCSDerObject {
    private BigInteger version;
    ContentInfo authSafe;
    MacData macData;
    AuthenticatedSafe authSafeContents;
    AuthenticatedSafe verifiedContents;
    private static Debug debug = Debug.getInstance("ibmpkcs");
    private static String className = "com.ibm.security.pkcs12.BasicPFX";

    /* JADX INFO: Access modifiers changed from: package-private */
    public BasicPFX() {
        this.version = BigInteger.valueOf(3L);
        if (debug != null) {
            debug.entry(16384L, className, "BasicPFX");
            debug.exit(16384L, className, "BasicPFX");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public BasicPFX(String str) {
        super(str);
        this.version = BigInteger.valueOf(3L);
        if (debug != null) {
            debug.entry(16384L, className, "BasicPFX", str);
            debug.exit(16384L, className, "BasicPFX");
        }
    }

    BasicPFX(byte[] bArr) throws IOException {
        this.version = BigInteger.valueOf(3L);
        if (debug != null) {
            debug.entry(16384L, className, "BasicPFX", bArr);
        }
        decode(bArr);
        if (debug != null) {
            debug.exit(16384L, className, "BasicPFX");
        }
    }

    BasicPFX(byte[] bArr, String str) throws IOException {
        super(str);
        this.version = BigInteger.valueOf(3L);
        if (debug != null) {
            debug.entry(16384L, className, "BasicPFX", bArr, str);
        }
        decode(bArr);
        if (debug != null) {
            debug.exit(16384L, className, "BasicPFX");
        }
    }

    BasicPFX(ContentInfo contentInfo, MacData macData, String str) {
        super(str);
        this.version = BigInteger.valueOf(3L);
        if (debug != null) {
            debug.entry(16384L, (Object) className, "BasicPFX", new Object[]{contentInfo, macData, str});
        }
        ObjectIdentifier contentType = contentInfo.getContentType();
        if (!contentType.equals(PKCSOID.SIGNED_DATA_OID) && !contentType.equals(PKCSOID.DATA_OID)) {
            if (debug != null) {
                debug.text(16384L, className, "BasicPFX", "Content type must be Data or SignedData.");
            }
            throw new IllegalArgumentException("Content type must be Data or SignedData.");
        }
        if (contentType.equals(PKCSOID.DATA_OID) && macData == null) {
            if (debug != null) {
                debug.text(16384L, className, "BasicPFX", "MacData value must be specified for password-integrity mode (content type Data).");
            }
            throw new IllegalArgumentException("MacData value must be specified for password-integrity mode (content type Data).");
        }
        this.authSafe = contentInfo;
        this.macData = macData;
        if (debug != null) {
            debug.exit(16384L, className, "BasicPFX");
        }
    }

    BasicPFX(ContentInfo contentInfo, MacData macData) {
        this(contentInfo, macData, (String) null);
        if (debug != null) {
            debug.entry(16384L, className, "BasicPFX", contentInfo, macData);
            debug.exit(16384L, className, "BasicPFX");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public BasicPFX(String str, boolean z) throws IOException {
        super(str, z);
        this.version = BigInteger.valueOf(3L);
        if (debug != null) {
            debug.entry(16384L, (Object) className, "BasicPFX", new Object[]{str, new Boolean(z)});
            debug.exit(16384L, className, "BasicPFX");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public BasicPFX(String str, boolean z, String str2) throws IOException {
        super(str, z, str2);
        this.version = BigInteger.valueOf(3L);
        if (debug != null) {
            debug.entry(16384L, (Object) className, "BasicPFX", new Object[]{str, new Boolean(z), str2});
            debug.exit(16384L, className, "BasicPFX");
        }
    }

    @Override // com.ibm.security.pkcsutil.PKCSDerObject
    public void encode(OutputStream outputStream) throws IOException {
        if (debug != null) {
            debug.entry(16384L, className, "encode", outputStream);
        }
        if (this.authSafe == null) {
            if (debug != null) {
                debug.text(16384L, className, "encode", "No data to encode.");
            }
            throw new IOException("No data to encode.");
        }
        if (this.authSafe.getContentType().equals(PKCSOID.DATA_OID) && this.macData == null) {
            if (debug != null) {
                debug.text(16384L, className, "encode", "Integrity protection must be applied before encoding.");
            }
            throw new IOException("Integrity protection must be applied before encoding.");
        }
        DerOutputStream derOutputStream = new DerOutputStream();
        DerOutputStream derOutputStream2 = new DerOutputStream();
        derOutputStream.putInteger(this.version);
        this.authSafe.encode(derOutputStream);
        if (this.macData != null) {
            this.macData.encode(derOutputStream);
        }
        derOutputStream2.write((byte) 48, derOutputStream);
        outputStream.write(derOutputStream2.toByteArray());
        if (debug != null) {
            debug.exit(16384L, className, "encode");
        }
    }

    @Override // com.ibm.security.pkcsutil.PKCSDerObject
    public boolean equals(Object obj) {
        if (debug != null) {
            debug.entry(16384L, className, "equals", obj);
        }
        if (obj instanceof BasicPFX) {
            if (debug != null) {
                debug.exit(16384L, className, "equals_1", equals((BasicPFX) obj));
            }
            return equals((BasicPFX) obj);
        }
        if (debug == null) {
            return false;
        }
        debug.exit(16384L, (Object) className, "equals_2", false);
        return false;
    }

    boolean equals(BasicPFX basicPFX) {
        if (debug != null) {
            debug.entry(16384L, className, "equals", basicPFX);
        }
        if (basicPFX == this) {
            if (debug == null) {
                return true;
            }
            debug.exit(16384L, (Object) className, "equals_1", true);
            return true;
        }
        try {
            DerOutputStream derOutputStream = new DerOutputStream();
            DerOutputStream derOutputStream2 = new DerOutputStream();
            encode(derOutputStream);
            DerValue derValue = new DerValue(derOutputStream.toByteArray());
            basicPFX.encode(derOutputStream2);
            if (derValue.equals(new DerValue(derOutputStream2.toByteArray()))) {
                if (debug == null) {
                    return true;
                }
                debug.exit(16384L, (Object) className, "equals_4", true);
                return true;
            }
            if (debug == null) {
                return false;
            }
            debug.exit(16384L, (Object) className, "equals_3", false);
            return false;
        } catch (Exception e) {
            if (debug == null) {
                return false;
            }
            debug.exception(16384L, className, "equals", e);
            debug.exit(16384L, (Object) className, "equals_2", false);
            return false;
        }
    }

    @Override // com.ibm.security.pkcsutil.PKCSDerObject
    public String toString() {
        if (debug != null) {
            debug.entry(16384L, className, "toString");
        }
        String stringBuffer = new StringBuffer().append(new StringBuffer().append(new StringBuffer().append("").append("PFX:").toString()).append("\r\n\tversion: ").append(this.version).toString()).append("\r\n\tauthsafe: ").toString();
        String stringBuffer2 = new StringBuffer().append(this.authSafe == null ? new StringBuffer().append(stringBuffer).append("null").toString() : new StringBuffer().append(stringBuffer).append(LineSeparator.Windows).append(this.authSafe.toString()).toString()).append("\r\n\tmacdata: ").toString();
        String stringBuffer3 = this.macData == null ? new StringBuffer().append(stringBuffer2).append("null").toString() : new StringBuffer().append(stringBuffer2).append(LineSeparator.Windows).append(this.macData.toString()).toString();
        if (debug != null) {
            debug.exit(16384L, className, "toString", stringBuffer3);
        }
        return stringBuffer3;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.security.pkcsutil.PKCSDerObject
    public void decode(DerValue derValue) throws IOException {
        if (debug != null) {
            debug.entry(16384L, className, "decode", derValue);
        }
        if (derValue.getTag() != 48) {
            if (debug != null) {
                debug.text(16384L, className, "decode", "PFX parsing error, not a SEQUENCE.");
            }
            throw new IOException("PFX parsing error, not a SEQUENCE.");
        }
        if (this.version == null) {
            this.version = BigInteger.valueOf(3L);
        }
        BigInteger integer = derValue.getData().getInteger();
        if (!this.version.equals(integer)) {
            if (debug != null) {
                debug.text(16384L, className, "decode", new StringBuffer().append("Invalid version: ").append(integer).append(". Must be 3.").toString());
            }
            throw new IOException(new StringBuffer().append("Invalid version: ").append(integer).append(". Must be 3.").toString());
        }
        this.authSafe = new ContentInfo(derValue.getData().getDerValue().toByteArray(), this.provider);
        ObjectIdentifier contentType = this.authSafe.getContentType();
        if (!contentType.equals(PKCSOID.SIGNED_DATA_OID) && !contentType.equals(PKCSOID.DATA_OID)) {
            if (debug != null) {
                debug.text(16384L, className, "decode", "Content type must be Data or SignedData");
            }
            throw new IOException("Content type must be Data or SignedData");
        }
        if (!contentType.equals(PKCSOID.SIGNED_DATA_OID)) {
            this.macData = new MacData(derValue.getData().getDerValue().toByteArray(), this.provider);
            if (derValue.getData().available() != 0) {
                if (debug != null) {
                    debug.text(16384L, className, "decode", new StringBuffer().append("PFX parsing error - data overrun, bytes = ").append(derValue.getData().available()).toString());
                }
                throw new IOException(new StringBuffer().append("PFX parsing error - data overrun, bytes = ").append(derValue.getData().available()).toString());
            }
        } else if (derValue.getData().available() != 0) {
            if (debug != null) {
                debug.text(16384L, className, "decode", new StringBuffer().append("PFX parsing error - data overrun, bytes = ").append(derValue.getData().available()).toString());
            }
            throw new IOException(new StringBuffer().append("PFX parsing error - data overrun, bytes = ").append(derValue.getData().available()).toString());
        }
        if (debug != null) {
            debug.exit(16384L, className, "decode");
        }
    }

    int getVersion() {
        if (debug != null) {
            debug.entry(16384L, className, "getVersion");
            debug.exit(16384L, (Object) className, "getVersion", this.version.intValue());
        }
        return this.version.intValue();
    }

    ContentInfo getAuthenticatedSafe() {
        if (debug != null) {
            debug.entry(16384L, className, "getAuthenticatedSafe");
            debug.exit(16384L, className, "getAuthenticatedSafe", this.authSafe);
        }
        return this.authSafe;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public MacData getMacData() {
        if (debug != null) {
            debug.entry(16384L, className, "getMacData");
            debug.exit(16384L, className, "getMacData", (MacData) this.macData.clone());
        }
        return (MacData) this.macData.clone();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String[] getFriendlyNames(char[] cArr) throws PKCSException {
        PKCSAttribute pKCSAttribute;
        Vector vector = new Vector();
        String[] strArr = null;
        if (debug != null) {
            debug.entry(16384L, className, "getFriendlyNames", cArr);
        }
        try {
            for (SafeBag safeBag : getSafeBags(cArr, null, null, false)) {
                PKCSAttributes attributes = safeBag.getAttributes();
                if (attributes != null && (pKCSAttribute = (PKCSAttribute) attributes.getAttribute(PKCSOID.FRIENDLY_NAME_OID)) != null) {
                    try {
                        Object attributeValue = pKCSAttribute.getAttributeValue();
                        if (!vector.contains(attributeValue)) {
                            vector.add(attributeValue);
                        }
                    } catch (IOException e) {
                        if (debug != null) {
                            debug.exception(16384L, className, "getFriendlyNames", e);
                        }
                    }
                }
            }
            if (vector.size() > 0) {
                strArr = new String[vector.size()];
                for (int i = 0; i < vector.size(); i++) {
                    strArr[i] = (String) vector.elementAt(i);
                }
            }
            if (debug != null) {
                debug.exit(16384L, className, "getFriendlyNames", strArr);
            }
            return strArr;
        } catch (IOException e2) {
            if (debug != null) {
                debug.exception(16384L, className, "getFriendlyNames", e2);
            }
            throw new PKCSException(e2, new StringBuffer().append("Error extracting SafeBags from PFX (").append(e2.toString()).append(")").toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Certificate[] getCertificatesByFriendlyName(char[] cArr, String str) throws PKCSException {
        if (debug != null) {
            debug.entry(16384L, className, "getCertificatesByFriendlyName", cArr, str);
        }
        Vector safeBagsByFriendlyName = getSafeBagsByFriendlyName(cArr, str);
        if (safeBagsByFriendlyName.size() == 0) {
            if (debug == null) {
                return null;
            }
            debug.exit(16384L, className, "getCertificatesByFriendlyName_1", (Object) null);
            return null;
        }
        Vector vector = new Vector();
        for (int i = 0; i < safeBagsByFriendlyName.size(); i++) {
            ObjectIdentifier objectIdentifier = ((SafeBag) safeBagsByFriendlyName.elementAt(i)).getObjectIdentifier();
            if (objectIdentifier.equals(PKCSOID.CERTBAG_OID) || objectIdentifier.equals(PKCSOID.CERT_TYPES_OID)) {
                vector.add(safeBagsByFriendlyName.elementAt(i));
            }
        }
        if (vector.size() == 0) {
            if (debug == null) {
                return null;
            }
            debug.exit(16384L, className, "getCertificatesByFriendlyName_2", (Object) null);
            return null;
        }
        Certificate[] certificateArr = new Certificate[vector.size()];
        for (int i2 = 0; i2 < vector.size(); i2++) {
            try {
                certificateArr[i2] = (Certificate) new CertBag(((SafeBag) vector.elementAt(i2)).getValue(), this.provider).getValue();
            } catch (IOException e) {
                if (debug != null) {
                    debug.exception(16384L, className, "getCertificatesByFriendlyName", e);
                }
                throw new PKCSException(e, new StringBuffer().append("Error extracting CertBags from PFX (").append(e.toString()).append(")").toString());
            }
        }
        if (debug != null) {
            debug.exit(16384L, className, "getCertificatesByFriendlyName_3", certificateArr);
        }
        return certificateArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PrivateKeyInfo[] getPrivateKeysByFriendlyName(char[] cArr, String str) throws PKCSException {
        if (debug != null) {
            debug.entry(16384L, className, "getPrivateKeysByFriendlyName", cArr, str);
        }
        Vector safeBagsByFriendlyName = getSafeBagsByFriendlyName(cArr, str);
        if (safeBagsByFriendlyName.size() == 0) {
            if (debug == null) {
                return null;
            }
            debug.exit(16384L, className, "getPrivateKeysByFriendlyName_1", (Object) null);
            return null;
        }
        Vector vector = new Vector();
        for (int i = 0; i < safeBagsByFriendlyName.size(); i++) {
            if (((SafeBag) safeBagsByFriendlyName.elementAt(i)).getObjectIdentifier().equals(PKCSOID.KEYBAG_OID)) {
                vector.add(safeBagsByFriendlyName.elementAt(i));
            }
        }
        if (vector.size() == 0) {
            if (debug == null) {
                return null;
            }
            debug.exit(16384L, className, "getPrivateKeysByFriendlyName_2", (Object) null);
            return null;
        }
        PrivateKeyInfo[] privateKeyInfoArr = new PrivateKeyInfo[vector.size()];
        for (int i2 = 0; i2 < vector.size(); i2++) {
            try {
                privateKeyInfoArr[i2] = (PrivateKeyInfo) new KeyBag(((SafeBag) vector.elementAt(i2)).getValue(), this.provider).getValue();
            } catch (IOException e) {
                if (debug != null) {
                    debug.exception(16384L, className, "getPrivateKeysByFriendlyName", e);
                }
                throw new PKCSException(e, new StringBuffer().append("Error extracting KeyBags from PFX (").append(e.toString()).append(")").toString());
            }
        }
        if (debug != null) {
            debug.exit(16384L, className, "getPrivateKeysByFriendlyName_3", privateKeyInfoArr);
        }
        return privateKeyInfoArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public EncryptedPrivateKeyInfo[] getShroudedKeysByFriendlyName(char[] cArr, String str) throws PKCSException {
        if (debug != null) {
            debug.entry(16384L, className, "getShroudedKeysByFriendlyName", cArr, str);
        }
        Vector safeBagsByFriendlyName = getSafeBagsByFriendlyName(cArr, str);
        if (safeBagsByFriendlyName.size() == 0) {
            if (debug == null) {
                return null;
            }
            debug.exit(16384L, className, "getShroudedKeysByFriendlyName_1", (Object) null);
            return null;
        }
        Vector vector = new Vector();
        for (int i = 0; i < safeBagsByFriendlyName.size(); i++) {
            if (((SafeBag) safeBagsByFriendlyName.elementAt(i)).getObjectIdentifier().equals(PKCSOID.SHROUDEDKEYBAG_OID)) {
                vector.add(safeBagsByFriendlyName.elementAt(i));
            }
        }
        if (vector.size() == 0) {
            if (debug == null) {
                return null;
            }
            debug.exit(16384L, className, "getShroudedKeysByFriendlyName_2", (Object) null);
            return null;
        }
        EncryptedPrivateKeyInfo[] encryptedPrivateKeyInfoArr = new EncryptedPrivateKeyInfo[vector.size()];
        for (int i2 = 0; i2 < vector.size(); i2++) {
            try {
                encryptedPrivateKeyInfoArr[i2] = (EncryptedPrivateKeyInfo) new ShroudedKeyBag(((SafeBag) vector.elementAt(i2)).getValue(), this.provider).getValue();
            } catch (IOException e) {
                if (debug != null) {
                    debug.exception(16384L, className, "getShroudedKeysByFriendlyName", e);
                }
                throw new PKCSException(e, new StringBuffer().append("Error extracting ShroudedKeyBags from PFX (").append(e.toString()).append(")").toString());
            }
        }
        if (debug != null) {
            debug.exit(16384L, className, "getShroudedKeysByFriendlyName_3", encryptedPrivateKeyInfoArr);
        }
        return encryptedPrivateKeyInfoArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean verifyMac(char[] cArr) throws IOException {
        if (debug != null) {
            debug.entry(16384L, className, "verifyMac", cArr);
        }
        if (this.macData == null) {
            if (debug == null) {
                return false;
            }
            debug.exit(16384L, (Object) className, "verifyMac_1", false);
            return false;
        }
        DigestInfo mac = this.macData.getMac();
        byte[] digest = mac.getDigest();
        AlgorithmId digestAlgorithm = mac.getDigestAlgorithm();
        byte[] salt = this.macData.getSalt();
        int iterations = this.macData.getIterations();
        try {
            byte[] data = ((Data) this.authSafe.getContent()).getData();
            byte[] calculateMac = calculateMac(data, digestAlgorithm.getName(), cArr, salt, iterations);
            if (digest.length != calculateMac.length) {
                if (debug == null) {
                    return false;
                }
                debug.exit(16384L, (Object) className, "verifyMac_3", false);
                return false;
            }
            for (int i = 0; i < digest.length; i++) {
                if (digest[i] != calculateMac[i]) {
                    if (debug == null) {
                        return false;
                    }
                    debug.exit(16384L, (Object) className, "verifyMac_3", false);
                    return false;
                }
            }
            this.verifiedContents = new AuthenticatedSafe(data, this.provider);
            if (debug == null) {
                return true;
            }
            debug.exit(16384L, (Object) className, "verifyMac_4", true);
            return true;
        } catch (Exception e) {
            if (debug == null) {
                return false;
            }
            debug.exception(16384L, className, "verifyMac", e);
            debug.exit(16384L, (Object) className, "verifyMac_2", false);
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public PrivateKeyInfo[] getPrivateKeys(char[] cArr, PrivateKey privateKey, Certificate certificate, boolean z) throws IOException, PKCSException {
        if (debug != null) {
            debug.entry(16384L, (Object) className, "getPrivateKeys", new Object[]{cArr, privateKey, certificate, new Boolean(z)});
        }
        SafeBag[] typedBags = getTypedBags(PKCSOID.KEYBAG_OID, cArr, privateKey, certificate, z);
        if (typedBags == null) {
            if (debug == null) {
                return null;
            }
            debug.exit(16384L, className, "getPrivateKeys_1", (Object) null);
            return null;
        }
        PrivateKeyInfo[] privateKeyInfoArr = new PrivateKeyInfo[typedBags.length];
        for (int i = 0; i < typedBags.length; i++) {
            try {
                privateKeyInfoArr[i] = new PrivateKeyInfo(typedBags[i].getValue(), this.provider);
            } catch (IOException e) {
                if (debug != null) {
                    debug.exception(16384L, className, "getPrivateKeys", e);
                }
            }
        }
        if (debug != null) {
            debug.exit(16384L, className, "getPrivateKeys_2", privateKeyInfoArr);
        }
        return privateKeyInfoArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public EncryptedPrivateKeyInfo[] getShroudedKeys(char[] cArr, PrivateKey privateKey, Certificate certificate, boolean z) throws IOException, PKCSException {
        if (debug != null) {
            debug.entry(16384L, (Object) className, "getShroudedKeys", new Object[]{cArr, privateKey, certificate, new Boolean(z)});
        }
        SafeBag[] typedBags = getTypedBags(PKCSOID.SHROUDEDKEYBAG_OID, cArr, privateKey, certificate, z);
        if (typedBags == null) {
            if (debug == null) {
                return null;
            }
            debug.exit(16384L, className, "getShroudedKeys_1", (Object) null);
            return null;
        }
        EncryptedPrivateKeyInfo[] encryptedPrivateKeyInfoArr = new EncryptedPrivateKeyInfo[typedBags.length];
        for (int i = 0; i < typedBags.length; i++) {
            try {
                encryptedPrivateKeyInfoArr[i] = new EncryptedPrivateKeyInfo(typedBags[i].getValue(), this.provider);
            } catch (IOException e) {
                if (debug != null) {
                    debug.exception(16384L, className, "getShroudedKeys", e);
                }
            }
        }
        if (debug != null) {
            debug.exit(16384L, className, "getShroudedKeys_2", encryptedPrivateKeyInfoArr);
        }
        return encryptedPrivateKeyInfoArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Certificate[] getCertificates(char[] cArr, PrivateKey privateKey, Certificate certificate, boolean z) throws IOException, PKCSException {
        new HexDumpEncoder();
        if (debug != null) {
            debug.entry(16384L, (Object) className, "getCertificates", new Object[]{cArr, privateKey, certificate, new Boolean(z)});
        }
        SafeBag[] typedBags = getTypedBags(PKCSOID.X509CERTBAG_OID, cArr, privateKey, certificate, z);
        SafeBag[] typedBags2 = getTypedBags(PKCSOID.SDSICERTBAG_OID, cArr, privateKey, certificate, z);
        SafeBag[] typedBags3 = getTypedBags(PKCSOID.CERTBAG_OID, cArr, privateKey, certificate, z);
        if (typedBags == null && typedBags2 == null && typedBags3 == null) {
            if (debug == null) {
                return null;
            }
            debug.exit(16384L, className, "getCertificates_1", (Object) null);
            return null;
        }
        int length = typedBags != null ? typedBags.length : 0;
        int length2 = typedBags2 != null ? typedBags2.length : 0;
        SafeBag[] safeBagArr = new SafeBag[length + length2 + (typedBags3 != null ? typedBags3.length : 0)];
        int i = 0;
        if (typedBags != null) {
            System.arraycopy(typedBags, 0, safeBagArr, 0, typedBags.length);
            i = typedBags.length;
        }
        if (typedBags2 != null) {
            System.arraycopy(typedBags2, 0, safeBagArr, i, typedBags2.length);
            i += typedBags2.length;
        }
        if (typedBags3 != null) {
            System.arraycopy(typedBags3, 0, safeBagArr, i, typedBags3.length);
        }
        Certificate[] certificateArr = new Certificate[safeBagArr.length];
        for (int i2 = 0; i2 < safeBagArr.length; i2++) {
            certificateArr[i2] = (Certificate) new CertBag(safeBagArr[i2].getValue(), this.provider).getValue();
        }
        if (debug != null) {
            debug.exit(16384L, className, "getCertificates_2", certificateArr);
        }
        return certificateArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public CRL[] getCRLs(char[] cArr, PrivateKey privateKey, Certificate certificate, boolean z) throws IOException, PKCSException {
        if (debug != null) {
            debug.entry(16384L, (Object) className, "getCRLs", new Object[]{cArr, privateKey, certificate, new Boolean(z)});
        }
        SafeBag[] typedBags = getTypedBags(PKCSOID.X509CRLBAG_OID, cArr, privateKey, certificate, z);
        SafeBag[] typedBags2 = getTypedBags(PKCSOID.CRLBAG_OID, cArr, privateKey, certificate, z);
        if (typedBags == null && typedBags2 == null) {
            if (debug == null) {
                return null;
            }
            debug.exit(16384L, className, "getCRLs_1", (Object) null);
            return null;
        }
        SafeBag[] safeBagArr = new SafeBag[(typedBags != null ? typedBags.length : 0) + (typedBags2 != null ? typedBags2.length : 0)];
        int i = 0;
        if (typedBags != null) {
            System.arraycopy(typedBags, 0, safeBagArr, 0, typedBags.length);
            i = typedBags.length;
        }
        if (typedBags2 != null) {
            System.arraycopy(typedBags2, 0, safeBagArr, i, typedBags2.length);
            int length = i + typedBags2.length;
        }
        CRL[] crlArr = new CRL[safeBagArr.length];
        for (int i2 = 0; i2 < safeBagArr.length; i2++) {
            crlArr[i2] = (CRL) new CrlBag(safeBagArr[i2].getObjectIdentifier(), safeBagArr[i2].getValue(), this.provider).getValue();
        }
        if (debug != null) {
            debug.exit(16384L, className, "getCRLs_2", crlArr);
        }
        return crlArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SafeContents[] getSafeContents(char[] cArr, PrivateKey privateKey, Certificate certificate, boolean z) throws IOException, PKCSException {
        if (debug != null) {
            debug.entry(16384L, (Object) className, "getSafeContents", new Object[]{cArr, privateKey, certificate, new Boolean(z)});
        }
        SafeBag[] typedBags = getTypedBags(PKCSOID.SAFECONTENTSBAG_OID, cArr, privateKey, certificate, z);
        if (typedBags == null) {
            if (debug == null) {
                return null;
            }
            debug.exit(16384L, className, "getSafeContents_1", (Object) null);
            return null;
        }
        SafeContents[] safeContentsArr = new SafeContents[typedBags.length];
        for (int i = 0; i < typedBags.length; i++) {
            try {
                safeContentsArr[i] = new SafeContents(typedBags[i].getValue(), this.provider);
            } catch (IOException e) {
                if (debug != null) {
                    debug.exception(16384L, className, "getSafeContents", e);
                }
            }
        }
        if (debug != null) {
            debug.exit(16384L, className, "getSafeContents_2", safeContentsArr);
        }
        return safeContentsArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SafeBag[] getSafeBags(char[] cArr, PrivateKey privateKey, Certificate certificate, boolean z) throws IOException, PKCSException {
        if (debug != null) {
            debug.entry(16384L, (Object) className, "getSafeBags", new Object[]{cArr, privateKey, certificate, new Boolean(z)});
            debug.exit(16384L, className, "getSafeBags", getBags(cArr, privateKey, certificate, z));
        }
        return getBags(cArr, privateKey, certificate, z);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized void applyMac(char[] cArr, int i) throws PKCSException, NoSuchAlgorithmException, IOException {
        SecureRandom secureRandom;
        int i2 = 1;
        if (debug != null) {
            debug.entry(16384L, className, "applyMac", cArr, new Integer(i));
        }
        if (i > 0) {
            i2 = i;
        }
        this.authSafe = this.authSafeContents.toContentInfo();
        byte[] data = ((Data) this.authSafe.getContent()).getData();
        byte[] bArr = new byte[20];
        try {
            secureRandom = this.provider != null ? SecureRandom.getInstance("IBMSecureRandom", this.provider) : SecureRandom.getInstance("IBMSecureRandom");
        } catch (NoSuchAlgorithmException e) {
            if (debug != null) {
                debug.exception(16384L, className, "applyMac", e);
            }
            secureRandom = new SecureRandom();
        } catch (NoSuchProviderException e2) {
            if (debug != null) {
                debug.exception(16384L, className, "applyMac", e2);
            }
            throw new PKCSException(new StringBuffer().append("provider ").append(this.provider).append(" not found: ").append(e2).toString());
        }
        secureRandom.nextBytes(bArr);
        this.macData = new MacData(new DigestInfo(PKCS5.MESSAGE_DIGEST_SHA1, null, calculateMac(data, PKCS5.MESSAGE_DIGEST_SHA1, cArr, bArr, i2), this.provider), bArr, i2, this.provider);
        if (debug != null) {
            debug.exit(16384L, className, "applyMac");
        }
    }

    Vector getSafeBagsByFriendlyName(char[] cArr, String str) throws PKCSException {
        PKCSAttribute pKCSAttribute;
        if (debug != null) {
            debug.entry(16384L, className, "getSafeBagsByFriendlyName", cArr, str);
        }
        try {
            SafeBag[] safeBags = getSafeBags(cArr, null, null, false);
            Vector vector = new Vector();
            for (int i = 0; i < safeBags.length; i++) {
                PKCSAttributes attributes = safeBags[i].getAttributes();
                if (attributes != null && (pKCSAttribute = (PKCSAttribute) attributes.getAttribute(PKCSOID.FRIENDLY_NAME_OID)) != null) {
                    try {
                        if (((String) pKCSAttribute.getAttributeValue()).equals(str)) {
                            vector.add(safeBags[i]);
                        }
                    } catch (Exception e) {
                        if (debug != null) {
                            debug.exception(16384L, className, "getSafeBagsByFriendlyName", e);
                        }
                    }
                }
            }
            if (debug != null) {
                debug.exit(16384L, className, "getSafeBagsByFriendlyName", vector);
            }
            return vector;
        } catch (IOException e2) {
            if (debug != null) {
                debug.exception(16384L, className, "getSafeBagsByFriendlyName", e2);
            }
            throw new PKCSException(e2, new StringBuffer().append("Error extracting SafeBags from PFX (").append(e2.toString()).append(")").toString());
        }
    }

    private SafeBag[] getTypedBags(ObjectIdentifier objectIdentifier, char[] cArr, PrivateKey privateKey, Certificate certificate, boolean z) throws IOException {
        Vector vector = new Vector();
        if (debug != null) {
            debug.entry(8192L, (Object) className, "getTypedBags", new Object[]{objectIdentifier, cArr, privateKey, certificate, new Boolean(z)});
        }
        SafeBag[] bags = getBags(cArr, privateKey, certificate, z);
        if (bags == null) {
            bags = new SafeBag[0];
        }
        for (int i = 0; i < bags.length; i++) {
            if (bags[i].getObjectIdentifier().equals(objectIdentifier)) {
                vector.add(bags[i]);
            }
        }
        if (vector.size() == 0) {
            if (debug == null) {
                return null;
            }
            debug.exit(8192L, className, "getTypedBags_1", (Object) null);
            return null;
        }
        SafeBag[] safeBagArr = new SafeBag[vector.size()];
        for (int i2 = 0; i2 < vector.size(); i2++) {
            safeBagArr[i2] = (SafeBag) vector.elementAt(i2);
        }
        if (debug != null) {
            debug.exit(8192L, className, "getTypedBags_2", safeBagArr);
        }
        return safeBagArr;
    }

    private byte[] calculateMac(byte[] bArr, String str, char[] cArr, byte[] bArr2, int i) throws PKCSException, NoSuchAlgorithmException {
        if (debug != null) {
            debug.entry(16384L, (Object) className, "calculateMac", new Object[]{bArr, str, cArr, bArr2, new Integer(i)});
        }
        String str2 = PKCS5.MESSAGE_DIGEST_SHA;
        int i2 = 20;
        String upperCase = str.toUpperCase();
        if (upperCase.indexOf(PKCS5.MESSAGE_DIGEST_MD2) != -1) {
            str2 = PKCS5.MESSAGE_DIGEST_MD2;
            i2 = 16;
        } else if (upperCase.indexOf(PKCS5.MESSAGE_DIGEST_MD5) != -1) {
            str2 = PKCS5.MESSAGE_DIGEST_MD5;
            i2 = 16;
        } else if (upperCase.indexOf(PKCS5.MESSAGE_DIGEST_SHA) == -1) {
            if (debug != null) {
                debug.text(16384L, className, "calculateMac", new StringBuffer().append("Unsupported MAC algorithm: ").append(str).append(".  Digest algorithm must be one of SHA, MD2 or MD5.").toString());
            }
            throw new IllegalArgumentException(new StringBuffer().append("Unsupported MAC algorithm: ").append(str).append(".  Digest algorithm must be one of SHA, MD2 or MD5.").toString());
        }
        SecretKeySpec secretKeySpec = new SecretKeySpec(PKCS12.genKey((byte) 3, str2, cArr, bArr2, i, i2), str);
        String stringBuffer = str2.toUpperCase().indexOf(PKCS5.MESSAGE_DIGEST_SHA) != -1 ? "HmacSHA1" : new StringBuffer().append("Hmac").append(str2).toString();
        try {
            Mac mac = this.provider != null ? Mac.getInstance(stringBuffer, this.provider) : Mac.getInstance(stringBuffer);
            try {
                mac.init(secretKeySpec, null);
                mac.update(bArr, 0, bArr.length);
                byte[] doFinal = mac.doFinal();
                if (debug != null) {
                    debug.exit(16384L, className, "calculateMac", doFinal);
                }
                return doFinal;
            } catch (Exception e) {
                if (debug != null) {
                    debug.exception(16384L, className, "calculateMac", e);
                }
                throw new PKCSException(e, new StringBuffer().append("Unable to initialize HMAC (").append(e.toString()).append(")").toString());
            }
        } catch (Exception e2) {
            if (debug != null) {
                debug.text(16384L, className, "calculateMac", new StringBuffer().append("Unable to instantiate HMAC (").append(e2.toString()).append(")").toString());
            }
            throw new PKCSException(e2, new StringBuffer().append("Unable to instantiate HMAC (").append(e2.toString()).append(")").toString());
        }
    }

    private SafeBag[] getBags(char[] cArr, PrivateKey privateKey, Certificate certificate, boolean z) throws IOException {
        if (debug != null) {
            debug.entry(8192L, (Object) className, "getBags", new Object[]{cArr, privateKey, certificate, new Boolean(z)});
        }
        new HexDumpEncoder();
        Vector vector = new Vector();
        ContentInfo[] pFXContents = getPFXContents();
        for (int i = 0; i < pFXContents.length; i++) {
            if (pFXContents[i].getContentType().equals(PKCSOID.DATA_OID)) {
                if (!z) {
                    for (SafeBag safeBag : new SafeContents(((Data) pFXContents[i].getContent()).getData(), this.provider).getSafeBags()) {
                        vector.add(safeBag);
                    }
                }
            } else if (pFXContents[i].getContentType().equals(PKCSOID.ENCRYPTED_DATA_OID)) {
                try {
                    EncryptedContentInfo encryptedContent = ((EncryptedData) pFXContents[i].getContent()).getEncryptedContent();
                    AlgorithmId contentEncryptionAlgorithm = encryptedContent.getContentEncryptionAlgorithm();
                    byte[] encryptedContent2 = encryptedContent.getEncryptedContent();
                    String name = contentEncryptionAlgorithm.getName();
                    DerValue derValue = new DerValue(contentEncryptionAlgorithm.getParameters());
                    DerValue[] derValueArr = {derValue.getData().getDerValue(), derValue.getData().getDerValue()};
                    PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(derValueArr[0].getOctetString(), derValueArr[1].getInteger().intValue());
                    AlgorithmParameters algorithmParameters = this.provider != null ? AlgorithmParameters.getInstance("PBE", this.provider) : AlgorithmParameters.getInstance("PBE");
                    algorithmParameters.init(pBEParameterSpec);
                    SecretKey generateSecret = (this.provider != null ? SecretKeyFactory.getInstance(name, this.provider) : SecretKeyFactory.getInstance(name)).generateSecret(new PBEKeySpec(cArr));
                    Cipher cipher = this.provider != null ? Cipher.getInstance(name, this.provider) : Cipher.getInstance(name);
                    cipher.init(2, generateSecret, algorithmParameters);
                    for (SafeBag safeBag2 : new SafeContents(cipher.doFinal(encryptedContent2), this.provider).getSafeBags()) {
                        vector.add(safeBag2);
                    }
                } catch (Exception e) {
                    if (debug != null) {
                        debug.exception(8192L, className, "getBags", e);
                    }
                }
            } else if (pFXContents[i].getContentType().equals(PKCSOID.ENVELOPED_DATA_OID) && privateKey != null && certificate != null) {
                try {
                    for (SafeBag safeBag3 : new SafeContents(((Data) ((EnvelopedData) pFXContents[i].getContent()).decrypt(privateKey, certificate).getContent()).getData(), this.provider).getSafeBags()) {
                        vector.add(safeBag3);
                    }
                } catch (Exception e2) {
                    if (debug != null) {
                        debug.exception(8192L, className, "getBags", e2);
                    }
                }
            }
        }
        if (vector.size() == 0) {
            if (debug == null) {
                return null;
            }
            debug.exit(8192L, className, "getBags_1", (Object) null);
            return null;
        }
        SafeBag[] safeBagArr = new SafeBag[vector.size()];
        for (int i2 = 0; i2 < vector.size(); i2++) {
            safeBagArr[i2] = (SafeBag) vector.elementAt(i2);
        }
        if (debug != null) {
            debug.exit(8192L, className, "getBags_2", safeBagArr);
        }
        return safeBagArr;
    }

    private ContentInfo[] getPFXContents() throws IOException {
        if (debug != null) {
            debug.entry(8192L, className, "getPFXContents");
        }
        if (this.verifiedContents != null) {
            if (debug != null) {
                debug.exit(8192L, className, "getPFXContents_1", this.verifiedContents.getContentInfos());
            }
            return this.verifiedContents.getContentInfos();
        }
        if (this.authSafe != null) {
            AuthenticatedSafe authenticatedSafe = new AuthenticatedSafe((this.authSafe.getContentType().equals(PKCSOID.DATA_OID) ? (Data) this.authSafe.getContent() : (Data) ((SignedData) this.authSafe.getContent()).getEncapsulatedContentInfo().getContentInfo().getContent()).getData(), this.provider);
            if (debug != null) {
                debug.exit(8192L, className, "getPFXContents_2", authenticatedSafe.getContentInfos());
            }
            return authenticatedSafe.getContentInfos();
        }
        if (this.authSafeContents != null) {
            if (debug != null) {
                debug.exit(8192L, className, "getPFXContents_3", this.authSafeContents.getContentInfos());
            }
            return this.authSafeContents.getContentInfos();
        }
        if (debug != null) {
            debug.exit(8192L, className, "getPFXContents_4", new ContentInfo[0]);
        }
        return new ContentInfo[0];
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized void addSafeBagsWithPasswordPrivacy(SafeBag[] safeBagArr, String str, char[] cArr) throws NoSuchAlgorithmException, IOException, PKCSException {
        if (debug != null) {
            debug.entry(16384L, (Object) className, "addSafeBagsWithPasswordPrivacy", new Object[]{safeBagArr, str, cArr});
        }
        addContentToAuthSafe(protectWithPasswordPrivacy(new SafeContents(safeBagArr, this.provider).encode(), PKCS5.MESSAGE_DIGEST_SHA, str, cArr));
        if (debug != null) {
            debug.exit(16384L, className, "addSafeBagsWithPasswordPrivacy");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized void addContentToAuthSafe(ContentInfo contentInfo) throws IOException {
        if (debug != null) {
            debug.entry(16384L, className, "addContentToAuthSafe", contentInfo);
        }
        ContentInfo[] contentInfoArr = {contentInfo};
        if (this.authSafeContents == null) {
            this.authSafeContents = new AuthenticatedSafe(contentInfoArr, this.provider);
        } else {
            this.authSafeContents = this.authSafeContents.addContentInfo(contentInfoArr);
        }
        if (debug != null) {
            debug.exit(16384L, className, "addContentToAuthSafe");
        }
    }

    abstract ContentInfo protectWithPasswordPrivacy(byte[] bArr, String str, String str2, char[] cArr) throws IOException, PKCSException, NoSuchAlgorithmException;
}
