package com.mindbright.security.keystore;

import com.mindbright.asn1.ASN1Integer;
import com.mindbright.asn1.ASN1OctetString;
import com.mindbright.asn1.i;
import com.mindbright.asn1.k;
import com.mindbright.asn1.p;
import com.mindbright.jca.security.InvalidKeyException;
import com.mindbright.jca.security.Key;
import com.mindbright.jca.security.KeyFactory;
import com.mindbright.jca.security.KeyStoreException;
import com.mindbright.jca.security.KeyStoreSpi;
import com.mindbright.jca.security.MessageDigest;
import com.mindbright.jca.security.NoSuchAlgorithmException;
import com.mindbright.jca.security.PrivateKey;
import com.mindbright.jca.security.UnrecoverableKeyException;
import com.mindbright.jca.security.cert.Certificate;
import com.mindbright.jca.security.cert.CertificateException;
import com.mindbright.jca.security.spec.DSAPrivateKeySpec;
import com.mindbright.jca.security.spec.RSAPrivateCrtKeySpec;
import com.mindbright.jce.crypto.Cipher;
import com.mindbright.jce.crypto.Mac;
import com.mindbright.jce.crypto.spec.IvParameterSpec;
import com.mindbright.jce.crypto.spec.SecretKeySpec;
import com.mindbright.security.pkcs1.DSAParams;
import com.mindbright.security.pkcs1.RSAPrivateKey;
import com.mindbright.security.pkcs12.AuthenticatedSafe;
import com.mindbright.security.pkcs12.CertBag;
import com.mindbright.security.pkcs12.PFX;
import com.mindbright.security.pkcs12.PKCS12PbeParams;
import com.mindbright.security.pkcs12.SafeBag;
import com.mindbright.security.pkcs12.SafeContents;
import com.mindbright.security.pkcs7.ContentInfo;
import com.mindbright.security.pkcs7.EncryptedData;
import com.mindbright.security.pkcs8.EncryptedPrivateKeyInfo;
import com.mindbright.security.pkcs8.PrivateKeyInfo;
import com.mindbright.security.x509.Attribute;
import com.mindbright.security.x509.X509Certificate;
import com.mindbright.util.e;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;

/* loaded from: input_file:com/mindbright/security/keystore/PKCS12KeyStore.class */
public class PKCS12KeyStore extends KeyStoreSpi {
    private Hashtable b;
    private Hashtable c;
    private Hashtable a;

    /* renamed from: a, reason: collision with other field name */
    private Vector f212a;

    public PKCS12KeyStore() {
        k.m42a("com.mindbright.security.pkcs12");
        k.b("1.3.6.1.4.1.311.17.1", "ASN1BMPString");
        this.b = new Hashtable();
        this.c = new Hashtable();
        this.f212a = new Vector();
        this.a = new Hashtable();
    }

    @Override // com.mindbright.jca.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
        String str2 = (String) this.a.get(str);
        if (str2 == null) {
            return null;
        }
        return a((EncryptedPrivateKeyInfo) this.b.get(str2), cArr);
    }

    @Override // com.mindbright.jca.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        return null;
    }

    @Override // com.mindbright.jca.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        X509Certificate x509Certificate = null;
        String str2 = (String) this.a.get(str);
        if (str2 == null) {
            str2 = str;
        }
        byte[] bArr = (byte[]) this.c.get(str2);
        if (bArr != null) {
            x509Certificate = new X509Certificate(bArr);
        }
        return x509Certificate;
    }

    @Override // com.mindbright.jca.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        return null;
    }

    @Override // com.mindbright.jca.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
    }

    @Override // com.mindbright.jca.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
    }

    @Override // com.mindbright.jca.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
    }

    @Override // com.mindbright.jca.security.KeyStoreSpi
    public void engineDeleteEntry(String str) throws KeyStoreException {
    }

    @Override // com.mindbright.jca.security.KeyStoreSpi
    public Enumeration engineAliases() {
        return this.f212a.elements();
    }

    @Override // com.mindbright.jca.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        return this.f212a.contains(str);
    }

    @Override // com.mindbright.jca.security.KeyStoreSpi
    public int engineSize() {
        return this.f212a.size();
    }

    @Override // com.mindbright.jca.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        return this.a.get(str) != null;
    }

    @Override // com.mindbright.jca.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        return (engineIsKeyEntry(str) || this.c.get(str) == null) ? false : true;
    }

    @Override // com.mindbright.jca.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        return null;
    }

    @Override // com.mindbright.jca.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
    }

    @Override // com.mindbright.jca.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        i iVar = new i();
        PFX pfx = new PFX();
        iVar.a(inputStream, (p) pfx);
        a(pfx, cArr);
        AuthenticatedSafe authenticatedSafe = new AuthenticatedSafe();
        iVar.a((InputStream) new ByteArrayInputStream(pfx.getDataContent().a()), (p) authenticatedSafe);
        for (int i = 0; i < authenticatedSafe.mo43a(); i++) {
            ContentInfo contentInfo = authenticatedSafe.getContentInfo(i);
            String string = contentInfo.contentType.getString();
            if (string.equals("1.2.840.113549.1.7.1")) {
                a(((ASN1OctetString) contentInfo.content.a()).a());
            } else {
                if (!string.equals("1.2.840.113549.1.7.6")) {
                    throw new IOException(new StringBuffer().append("ContentInfo type not supported: ").append(string).toString());
                }
                EncryptedData encryptedData = (EncryptedData) contentInfo.content.a();
                PKCS12PbeParams pKCS12PbeParams = (PKCS12PbeParams) encryptedData.encryptedContentInfo.contentEncryptionAlgorithm.parameters.a();
                byte[] a = encryptedData.encryptedContentInfo.encryptedContent.a();
                byte[] a2 = pKCS12PbeParams.salt.a();
                int intValue = pKCS12PbeParams.iterations.getValue().intValue();
                byte[] bArr = new byte[a.length];
                a(1, cArr, a, a.length, bArr, a2, intValue, "RC2/CBC/PKCS5Padding");
                a(bArr);
            }
        }
    }

    private void a(PFX pfx, char[] cArr) throws CertificateException {
        if (pfx.macData.mo40a()) {
            try {
                String string = pfx.macData.mac.digestAlgorithm.algorithm.getString();
                Mac mac = Mac.getInstance(string);
                byte[] a = pfx.getDataContent().a();
                byte[] a2 = pfx.macData.mac.digest.a();
                mac.init(new SecretKeySpec(deriveKey(cArr, 20, pfx.macData.macSalt.a(), pfx.macData.getIterations(), 3, string), mac.getAlgorithm()));
                mac.update(a);
                byte[] doFinal = mac.doFinal();
                for (int i = 0; i < a2.length; i++) {
                    if (doFinal[i] != a2[i]) {
                        throw new CertificateException("MAC check failed");
                    }
                }
            } catch (Exception e) {
                throw new CertificateException(new StringBuffer().append("Error when verifying MAC: ").append(e.getMessage()).toString());
            }
        }
    }

    private void a(byte[] bArr) throws IOException, NoSuchAlgorithmException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        SafeContents safeContents = new SafeContents();
        new i().a((InputStream) byteArrayInputStream, (p) safeContents);
        for (int i = 0; i < safeContents.mo43a(); i++) {
            SafeBag safeBag = safeContents.getSafeBag(i);
            String a = a(safeBag, "1.2.840.113549.1.9.20");
            String a2 = a(safeBag, "1.2.840.113549.1.9.21");
            if (a != null) {
                if (a2 != null) {
                    this.a.put(a, a2);
                }
                if (!this.f212a.contains(a)) {
                    this.f212a.addElement(a);
                }
            } else if (a2 != null) {
                this.a.put(a2, a2);
                if (!this.f212a.contains(a2)) {
                    this.f212a.addElement(a2);
                }
            }
            switch (safeBag.getBagType()) {
                case 2:
                    this.b.put(a2, (EncryptedPrivateKeyInfo) safeBag.bagValue.a());
                    break;
                case 3:
                    byte[] a3 = ((ASN1OctetString) ((CertBag) safeBag.bagValue.a()).certValue.a()).a();
                    if (a2 == null) {
                        a2 = a;
                    }
                    this.c.put(a2, a3);
                    break;
                default:
                    throw new IOException(new StringBuffer().append("SafeBag type not supported: ").append(safeBag.bagId.getString()).toString());
            }
        }
    }

    private static PrivateKey a(EncryptedPrivateKeyInfo encryptedPrivateKeyInfo, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
        PKCS12PbeParams pKCS12PbeParams = (PKCS12PbeParams) encryptedPrivateKeyInfo.encryptionAlgorithm.parameters.a();
        byte[] a = encryptedPrivateKeyInfo.encryptedData.a();
        byte[] a2 = pKCS12PbeParams.salt.a();
        int intValue = pKCS12PbeParams.iterations.getValue().intValue();
        byte[] bArr = new byte[a.length];
        a(1, cArr, a, a.length, bArr, a2, intValue, "3DES/CBC/PKCS5Padding");
        return extractPrivateKey(bArr);
    }

    public static PrivateKey extractPrivateKey(byte[] bArr) throws UnrecoverableKeyException {
        i iVar = new i();
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        PrivateKeyInfo privateKeyInfo = new PrivateKeyInfo();
        try {
            iVar.a((InputStream) byteArrayInputStream, (p) privateKeyInfo);
            boolean z = true;
            try {
                if (privateKeyInfo.privateKeyAlgorithm.algorithmName().toLowerCase().indexOf("dsa") >= 0) {
                    z = false;
                }
            } catch (Throwable th) {
            }
            ByteArrayInputStream byteArrayInputStream2 = new ByteArrayInputStream(privateKeyInfo.privateKey.a());
            if (z) {
                RSAPrivateKey rSAPrivateKey = new RSAPrivateKey();
                iVar.a((InputStream) byteArrayInputStream2, (p) rSAPrivateKey);
                return KeyFactory.getInstance("RSA").generatePrivate(new RSAPrivateCrtKeySpec(rSAPrivateKey.modulus.getValue(), rSAPrivateKey.publicExponent.getValue(), rSAPrivateKey.privateExponent.getValue(), rSAPrivateKey.prime1.getValue(), rSAPrivateKey.prime2.getValue(), rSAPrivateKey.exponent1.getValue(), rSAPrivateKey.exponent2.getValue(), rSAPrivateKey.coefficient.getValue()));
            }
            BigInteger bigInteger = null;
            try {
                ASN1Integer aSN1Integer = new ASN1Integer();
                iVar.a(byteArrayInputStream2, aSN1Integer);
                bigInteger = aSN1Integer.getValue();
            } catch (Throwable th2) {
            }
            if (bigInteger == null) {
                d dVar = new d();
                iVar.a((InputStream) new ByteArrayInputStream(privateKeyInfo.privateKey.a()), (p) dVar);
                bigInteger = dVar.b.getValue();
            }
            DSAParams dSAParams = (DSAParams) privateKeyInfo.privateKeyAlgorithm.parameters.a();
            return KeyFactory.getInstance("DSA").generatePrivate(new DSAPrivateKeySpec(bigInteger, dSAParams.p.getValue(), dSAParams.q.getValue(), dSAParams.g.getValue()));
        } catch (Exception e) {
            throw new UnrecoverableKeyException(e.getMessage());
        }
    }

    private String a(SafeBag safeBag, String str) {
        int mo43a = safeBag.bagAttributes.mo43a();
        String str2 = null;
        for (int i = 0; i < mo43a; i++) {
            Attribute attribute = (Attribute) safeBag.bagAttributes.b(i);
            if (str.equals(attribute.type.getString())) {
                p b = attribute.values.b(0);
                str2 = b instanceof com.mindbright.asn1.a ? ((com.mindbright.asn1.a) b).getValue() : b instanceof ASN1OctetString ? e.a(((ASN1OctetString) b).a()) : b.toString();
            }
        }
        return str2;
    }

    public static byte[] deriveKey(char[] cArr, int i, byte[] bArr, int i2, int i3, String str) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(str);
            int digestLength = messageDigest.getDigestLength();
            byte[] bArr2 = new byte[digestLength];
            byte[] bArr3 = new byte[i];
            byte[] bArr4 = new byte[(cArr.length * 2) + 2];
            int length = (((bArr.length + 64) - 1) / 64) * 64;
            int length2 = (((bArr4.length + 64) - 1) / 64) * 64;
            byte[] bArr5 = new byte[64];
            byte[] bArr6 = new byte[length + length2];
            byte[] bArr7 = new byte[64];
            for (int i4 = 0; i4 < cArr.length; i4++) {
                bArr4[i4 * 2] = (byte) (cArr[i4] >>> '\b');
                bArr4[(i4 * 2) + 1] = (byte) (cArr[i4] & 255);
            }
            for (int i5 = 0; i5 < 64; i5++) {
                bArr5[i5] = (byte) i3;
            }
            for (int i6 = 0; i6 < length; i6++) {
                bArr6[i6] = bArr[i6 % bArr.length];
            }
            for (int i7 = 0; i7 < length2; i7++) {
                bArr6[length + i7] = bArr4[i7 % bArr4.length];
            }
            int i8 = 0;
            BigInteger valueOf = BigInteger.valueOf(1L);
            byte[] bArr8 = new byte[64];
            while (true) {
                messageDigest.update(bArr5);
                messageDigest.update(bArr6);
                messageDigest.digest(bArr2, 0, digestLength);
                for (int i9 = 1; i9 < i2; i9++) {
                    messageDigest.update(bArr2);
                    messageDigest.digest(bArr2, 0, digestLength);
                }
                int i10 = digestLength > i - i8 ? i - i8 : digestLength;
                System.arraycopy(bArr2, 0, bArr3, i8, i10);
                i8 += i10;
                if (i8 >= i) {
                    return bArr3;
                }
                for (int i11 = 0; i11 < 64; i11++) {
                    bArr7[i11] = bArr2[i11 % digestLength];
                }
                BigInteger add = new BigInteger(1, bArr7).add(valueOf);
                for (int i12 = 0; i12 < bArr6.length; i12 += 64) {
                    System.arraycopy(bArr6, i12, bArr8, 0, 64);
                    bArr8 = a(new BigInteger(1, bArr8).add(add), 64);
                    System.arraycopy(bArr8, 0, bArr6, i12, 64);
                }
            }
        } catch (Exception e) {
            throw new Error(new StringBuffer().append("Error in PKCS12.deriveKey: ").append(e).toString());
        }
    }

    private static byte[] a(BigInteger bigInteger, int i) {
        byte[] bArr;
        byte[] byteArray = bigInteger.toByteArray();
        if (byteArray.length > i) {
            bArr = new byte[i];
            System.arraycopy(byteArray, byteArray.length - i, bArr, 0, i);
        } else if (byteArray.length < i) {
            bArr = new byte[i];
            System.arraycopy(byteArray, 0, bArr, i - byteArray.length, byteArray.length);
        } else {
            bArr = byteArray;
        }
        return bArr;
    }

    private static void a(int i, char[] cArr, byte[] bArr, int i2, byte[] bArr2, byte[] bArr3, int i3, String str) throws NoSuchAlgorithmException {
        try {
            Cipher cipher = Cipher.getInstance(str);
            cipher.init(i, new SecretKeySpec(deriveKey(cArr, str.startsWith("3DES") ? 24 : 5, bArr3, i3, 1, "SHA"), cipher.getAlgorithm()), new IvParameterSpec(deriveKey(cArr, 8, bArr3, i3, 2, "SHA")));
            cipher.doFinal(bArr, 0, i2, bArr2, 0);
        } catch (InvalidKeyException e) {
            throw new Error(new StringBuffer().append("Invalid key derived in PKCS12KeyStore.doCipher: ").append(e).toString());
        }
    }
}
