package com.ibm.security.tools;

import com.ibm.misc.HexDumpEncoder;
import com.ibm.security.pkcs7.ContentInfo;
import com.ibm.security.pkcs7.Data;
import com.ibm.security.pkcs7.EnvelopedData;
import com.ibm.security.pkcs7.SignedData;
import com.ibm.security.pkcs7.SignerInfo;
import com.ibm.security.pkcs8.EncryptedPrivateKeyInfo;
import com.ibm.security.pkcsutil.PKCSException;
import com.ibm.security.smime.SMIMEMessage;
import com.ibm.security.x509.X509CertImpl;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;

/* loaded from: input_file:efixes/JDKiFix_express_solaris/components/prereq.jdk/update.jar:/java/jre/lib/endorsed/ibmpkcs.jar:com/ibm/security/tools/parsePKCS7.class */
public class parsePKCS7 {
    public static void main(String[] strArr) {
        X509CertImpl x509CertImpl;
        String str = null;
        String str2 = null;
        boolean z = false;
        String str3 = null;
        String str4 = null;
        String str5 = null;
        char[] cArr = null;
        String str6 = null;
        boolean z2 = false;
        try {
            if (strArr.length < 1) {
                System.out.println("Usage: parsePKCS7 -file=PKCS7FileName [-msg=OriginalMessageFile] [-base64] [-bsmime]\r\n\t[-cert=certificateFile] [-recipientcert=recipientCertFilename]\r\n\t[-privatekey=privatekeyfile] [-password=privatekeyPassword]");
                System.exit(1);
            }
            for (int i = 0; i < strArr.length; i++) {
                String lowerCase = strArr[i].toLowerCase();
                boolean z3 = false;
                if (lowerCase.startsWith("-file=")) {
                    str = strArr[i].substring(6);
                    z3 = true;
                }
                if (lowerCase.startsWith("-msg=")) {
                    str2 = strArr[i].substring(5);
                    z3 = true;
                }
                if (lowerCase.startsWith("-base64")) {
                    z = true;
                    z3 = true;
                }
                if (lowerCase.startsWith("-bsmime")) {
                    z2 = true;
                    z3 = true;
                }
                if (lowerCase.startsWith("-recipientcert=")) {
                    str6 = strArr[i].substring(15);
                    z3 = true;
                }
                if (lowerCase.startsWith("-cert=")) {
                    str3 = strArr[i].substring(6);
                    z3 = true;
                }
                if (lowerCase.startsWith("-privatekey=")) {
                    str4 = strArr[i].substring(12);
                    z3 = true;
                }
                if (lowerCase.startsWith("-password=")) {
                    str5 = strArr[i].substring(10);
                    cArr = str5.toCharArray();
                    z3 = true;
                }
                if (!z3) {
                    System.out.println(new StringBuffer().append("ERROR:  Unknown parameter ").append(strArr[i]).append(".").toString());
                    System.exit(1);
                }
            }
            if (str == null) {
                System.out.println("ERROR:  input file must be specified.");
                System.exit(1);
            }
            System.out.println("parsePKCS7 invoked with:");
            System.out.println(new StringBuffer().append("\tInput file = ").append(str).toString());
            System.out.println(new StringBuffer().append("\tInput file in Base64 format = ").append(z).toString());
            System.out.println("\tSignedData parameters:");
            System.out.println(new StringBuffer().append("\t\tOriginal message file = ").append(str2).toString());
            System.out.println("\tEnvelopedData parameters:");
            System.out.println(new StringBuffer().append("\t\tCertificate file = ").append(str3).toString());
            System.out.println(new StringBuffer().append("\t\tPrivate key file = ").append(str4).toString());
            System.out.println(new StringBuffer().append("\t\tPrivate key password = ").append(str5).toString());
            System.out.println(new StringBuffer().append("\t\tRecipient Certificate file = ").append(str6).toString());
            System.out.println(new StringBuffer().append("\t\tParse contained S/MIME message = ").append(z2).toString());
            ContentInfo contentInfo = new ContentInfo(str, z);
            System.out.println("PKCS#7 object:");
            System.out.println(contentInfo);
            byte[] bArr = null;
            if (str2 != null) {
                FileInputStream fileInputStream = new FileInputStream(str2);
                bArr = new byte[fileInputStream.available()];
                fileInputStream.read(bArr);
                fileInputStream.close();
                System.out.println(new StringBuffer().append("\r\n**** Begin Message from file ").append(str2).append(" ****").toString());
                try {
                    System.out.println(new String(bArr, "8859_1"));
                } catch (UnsupportedEncodingException e) {
                    System.out.println(new String(bArr));
                }
                System.out.println(new StringBuffer().append("**** End Message from file ").append(str2).append(" ****\r\n").toString());
            }
            X509CertImpl x509CertImpl2 = null;
            if (str3 != null) {
                FileInputStream fileInputStream2 = new FileInputStream(str3);
                byte[] bArr2 = new byte[fileInputStream2.available()];
                fileInputStream2.read(bArr2);
                fileInputStream2.close();
                x509CertImpl2 = new X509CertImpl(bArr2);
            }
            PrivateKey privateKey = null;
            if (str4 != null) {
                if (str5 == null) {
                    System.out.println(new StringBuffer().append("Reading in the private key from ").append(str4).toString());
                    FileInputStream fileInputStream3 = new FileInputStream(str4);
                    byte[] bArr3 = new byte[fileInputStream3.available()];
                    fileInputStream3.read(bArr3);
                    fileInputStream3.close();
                    privateKey = convertPrivateKey(bArr3);
                } else {
                    System.out.println(new StringBuffer().append("Reading in the encrypted private key from ").append(str4).toString());
                    FileInputStream fileInputStream4 = new FileInputStream(str4);
                    byte[] bArr4 = new byte[fileInputStream4.available()];
                    fileInputStream4.read(bArr4);
                    fileInputStream4.close();
                    System.out.println("Decrypting the private key.");
                    privateKey = convertPrivateKey(new EncryptedPrivateKeyInfo(bArr4).decrypt(cArr));
                }
            }
            if (str6 == null) {
                x509CertImpl = x509CertImpl2;
            } else {
                System.out.println(new StringBuffer().append("Reading in the recipient certificate from ").append(str6).toString());
                FileInputStream fileInputStream5 = new FileInputStream(str6);
                byte[] bArr5 = new byte[fileInputStream5.available()];
                fileInputStream5.read(bArr5);
                fileInputStream5.close();
                x509CertImpl = new X509CertImpl(bArr5);
            }
            System.out.println(new StringBuffer().append("Input object is of type: ").append(contentInfo.getContentTypeString()).toString());
            if (contentInfo.isSignedData()) {
                verifySignedData(contentInfo, bArr);
            } else if (!contentInfo.isEnvelopedData()) {
                System.out.println("No special processing for this content type.");
            } else if (privateKey != null) {
                System.out.println(new StringBuffer().append("Decrypting EnvelopedData ContentInfo with key of type ").append(privateKey.getClass().getName()).append(".").toString());
                ContentInfo decryptEnvelopedData = decryptEnvelopedData(contentInfo, privateKey, x509CertImpl);
                if (decryptEnvelopedData == null) {
                    System.out.println("Decrypted ContentInfo is null");
                } else if (decryptEnvelopedData.isData()) {
                    Data data = (Data) decryptEnvelopedData.getContent();
                    try {
                        System.out.println(new StringBuffer().append("Decrypted Content:\r\n").append(new String(data.getData(), "8859_1")).toString());
                    } catch (UnsupportedEncodingException e2) {
                        System.out.println(new StringBuffer().append("Decrypted Content:\r\n").append(new String(data.getData())).toString());
                    }
                    if (z2) {
                        SMIMEMessage sMIMEMessage = new SMIMEMessage(data.getData());
                        System.out.println(new StringBuffer().append("*** Contained SMIMEMessage:\r\n").append(sMIMEMessage).toString());
                        ContentInfo contentInfo2 = sMIMEMessage.getContentInfo();
                        if (contentInfo2 != null && !contentInfo2.isSignedData()) {
                            System.out.println(new StringBuffer().append("*** Contained ContentInfo is of type ").append(contentInfo2.getContentTypeString()).toString());
                        } else if (contentInfo2 != null) {
                            SignedData signedData = (SignedData) contentInfo2.getContent();
                            byte[] message = sMIMEMessage.getMessage();
                            System.out.println(new StringBuffer().append("*** Contained SignedData: ").append(signedData).toString());
                            if (message != null) {
                                try {
                                    System.out.println(new StringBuffer().append("*** Verifying contained message:\r\n").append(new String(message, "8859_1")).toString());
                                } catch (UnsupportedEncodingException e3) {
                                    System.out.println(new StringBuffer().append("*** Verifying contained message:\r\n").append(new String(message)).toString());
                                }
                            } else {
                                System.out.println("*** Verifying contained message: null");
                            }
                            verifySignedData(contentInfo2, message);
                        }
                    }
                } else {
                    System.out.println(new StringBuffer().append("Decrypted ContentInfo is of type ").append(decryptEnvelopedData.getContentTypeString()).toString());
                }
            } else {
                System.out.println("ERROR:  Private key must be specified to decrypt EnvelopedData ContentInfo.");
            }
        } catch (PKCSException e4) {
            System.out.println(new StringBuffer().append("\r\nERROR:  PKCSException: ").append(e4).toString());
            e4.printStackTrace();
            Exception relatedException = e4.getRelatedException();
            if (relatedException != null) {
                System.out.println("\r\nOriginal PKCSException stack:");
                relatedException.printStackTrace();
            } else {
                System.out.println("\r\nNo Original PKCSException stack available");
            }
        } catch (Exception e5) {
            System.out.println("\r\nERROR:  Exception");
            e5.printStackTrace();
        }
        System.out.println(new StringBuffer().append("EXIT:  parsePKCS7 input file = ").append(str).toString());
    }

    static ContentInfo decryptEnvelopedData(ContentInfo contentInfo, PrivateKey privateKey, Certificate certificate) throws IOException, PKCSException {
        if (privateKey == null) {
            System.out.println("Cannot decrypt contents.  Private key not specified.");
            return null;
        }
        if (certificate == null) {
            System.out.println("Cannot decrypt contents.  Certificate not specified.");
            return null;
        }
        System.out.println(new StringBuffer().append("Certificate:\r\n").append(certificate).toString());
        System.out.println(new StringBuffer().append("Private key:\r\n").append(privateKey).toString());
        ContentInfo decrypt = ((EnvelopedData) contentInfo.getContent()).decrypt(privateKey, certificate);
        System.out.println(new StringBuffer().append("Decrypted ContentInfo:\r\n").append(decrypt).toString());
        return decrypt;
    }

    static void verifySignedData(ContentInfo contentInfo, byte[] bArr) throws IOException {
        System.out.println("SignedData .... verifying ...");
        SignedData signedData = (SignedData) contentInfo.getContent();
        byte[] content = signedData.getEncapsulatedContentInfo().getContent();
        System.out.println("**** BEGIN CONTENT ****");
        if (content != null) {
            try {
                System.out.println(new String(content, "8859_1"));
            } catch (UnsupportedEncodingException e) {
                System.out.println(new String(content));
            }
        } else {
            System.out.println("N/A");
        }
        System.out.println("**** END CONTENT ****");
        Certificate[] certificates = signedData.getCertificates();
        int length = certificates != null ? certificates.length : 0;
        if (length == 0) {
            System.out.println("No certificates to verify.");
            return;
        }
        SignerInfo[] signerInfos = signedData.getSignerInfos();
        if (signerInfos == null || signerInfos.length == 0) {
            System.out.println("SignedData contains certificates only.  No verification will occur.");
            return;
        }
        if (content == null && bArr == null) {
            System.out.println("No content stored with the SignedData or passed in message to verify against.");
            return;
        }
        for (int i = 0; i < length; i++) {
            Certificate certificate = certificates[i];
            System.out.println(new StringBuffer().append("Checking certificate[").append(i).append("].").toString());
            try {
            } catch (PKCSException e2) {
                System.out.println(new StringBuffer().append("\r\nERROR:  PKCSException: ").append(e2).toString());
                e2.printStackTrace();
                Exception relatedException = e2.getRelatedException();
                if (relatedException != null) {
                    System.out.println("\r\nOriginal PKCSException stack:");
                    relatedException.printStackTrace();
                } else {
                    System.out.println("\r\nNo Original PKCSException stack available");
                }
            } catch (Exception e3) {
                e3.printStackTrace();
                System.out.println(new StringBuffer().append("ERROR: ").append(e3).toString());
                examineError(signedData, certificate, bArr);
            }
            if (signedData.verify(certificate, bArr)) {
                System.out.println("SUCCESS:  Verified okay.");
                return;
            } else {
                System.out.println(new StringBuffer().append("Verification failed for certificate[").append(i).append("].").toString());
                examineError(signedData, certificate, bArr);
            }
        }
        System.out.println("ERROR:  All verification failed.");
    }

    static void examineError(SignedData signedData, Certificate certificate, byte[] bArr) throws IOException {
        System.out.println("ERROR CONDITIONAL:");
        SignerInfo signerInfo = signedData.getSignerInfo(certificate);
        byte[] content = signedData.getEncapsulatedContentInfo().getContent();
        if (signerInfo == null) {
            System.out.println("\tCould not find a SignerInfo to match the certificate.");
            return;
        }
        byte[] bArr2 = bArr;
        if (bArr2 == null) {
            bArr2 = content;
        }
        if (bArr2 == null) {
            System.out.println("\tNo content stored with the SignedData or passed in message to verify against.");
            return;
        }
        byte[] messageDigest = signerInfo.getMessageDigest();
        byte[] calculateMessageDigest = calculateMessageDigest(signerInfo, bArr2);
        if (messageDigest == null || messageDigest.length == 0) {
            System.out.println("\tCannot retrieve the message digest bytes from the SignerInfo.");
            if (signerInfo.hasSignedAttributes()) {
                System.out.println("\t\tThere are signed attributes, but they do not include the message digest.");
                return;
            } else {
                System.out.println("\t\tThere are no signed attributes.");
                System.out.println("\t\tThe computed message digest as the bytes to be verified could\r\n\t\thave been rejected by the signature verification method.");
                return;
            }
        }
        if (calculateMessageDigest == null || calculateMessageDigest.length == 0) {
            System.out.println("\tCannot calculate the message digest bytes from the message.");
            return;
        }
        if (messageDigest.length != calculateMessageDigest.length) {
            System.out.println("\tDigest lengths are not the same.");
            System.out.println(new StringBuffer().append("\t\tStored digest length = ").append(messageDigest.length).toString());
            System.out.println(new StringBuffer().append("\t\tCalculated digest length = ").append(calculateMessageDigest.length).toString());
            return;
        }
        for (int i = 0; i < messageDigest.length; i++) {
            if (messageDigest[i] != calculateMessageDigest[i]) {
                System.out.println("\tStored and calculated values are not the same.");
                HexDumpEncoder hexDumpEncoder = new HexDumpEncoder();
                System.out.println(new StringBuffer().append("\tStored digest:\r\n").append(hexDumpEncoder.encodeBuffer(messageDigest)).toString());
                System.out.println(new StringBuffer().append("\tCalculated digest:\r\n").append(hexDumpEncoder.encodeBuffer(calculateMessageDigest)).toString());
                return;
            }
        }
        System.out.println("\tStored and calculated digest values are the same.");
        System.out.println("\tThe problem might lie with the signature verification.");
    }

    static byte[] calculateMessageDigest(SignerInfo signerInfo, byte[] bArr) throws IOException {
        try {
            return MessageDigest.getInstance(signerInfo.getDigestAlgorithm().getName()).digest(bArr);
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            System.out.println(new StringBuffer().append("ERROR: ").append(e).toString());
            return null;
        }
    }

    private static PrivateKey convertPrivateKey(byte[] bArr) throws NoSuchAlgorithmException, InvalidKeySpecException {
        return KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(bArr));
    }
}
