package oracle.security.crypto.cert;

import java.io.Externalizable;
import java.io.IOException;
import java.io.InputStream;
import java.io.ObjectInput;
import java.io.ObjectOutput;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Enumeration;
import java.util.Vector;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import oracle.security.crypto.asn1.ASN1ConstructedInputStream;
import oracle.security.crypto.asn1.ASN1FormatException;
import oracle.security.crypto.asn1.ASN1GenericConstructed;
import oracle.security.crypto.asn1.ASN1Integer;
import oracle.security.crypto.asn1.ASN1Object;
import oracle.security.crypto.asn1.ASN1ObjectID;
import oracle.security.crypto.asn1.ASN1OctetString;
import oracle.security.crypto.asn1.ASN1Sequence;
import oracle.security.crypto.asn1.ASN1SequenceInputStream;
import oracle.security.crypto.asn1.ASN1Utils;
import oracle.security.crypto.core.AlgID;
import oracle.security.crypto.core.AlgorithmIdentifier;
import oracle.security.crypto.core.AuthenticationException;
import oracle.security.crypto.core.CipherException;
import oracle.security.crypto.core.DigestInfo;
import oracle.security.crypto.core.PKCS12PBE;
import oracle.security.crypto.util.InvalidInputException;
import oracle.security.crypto.util.StreamableOutputException;
import oracle.security.crypto.util.UnsyncByteArrayInputStream;
import oracle.security.crypto.util.Utils;

/* loaded from: input_file:oracle/security/crypto/cert/PKCS12.class */
public class PKCS12 implements ASN1Object, Externalizable {
    private Vector authSafes;
    private String passwd;
    private byte[] toBeMacedData;
    private AlgorithmIdentifier macAlg;
    private byte[] macBytes;
    private byte[] macSalt;
    private BigInteger iterations;
    private ASN1Sequence contents;

    public PKCS12() {
        this.authSafes = new Vector();
    }

    public PKCS12(InputStream inputStream) throws IOException {
        this();
        input(inputStream);
    }

    public PKCS12(String str, InputStream inputStream) throws IOException {
        this();
        setPassword(str);
        input(inputStream);
    }

    public PKCS12(String str, ASN1Sequence aSN1Sequence) throws IOException {
        this();
        setPassword(str);
        input(aSN1Sequence);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void reset() {
        this.contents = null;
        this.macBytes = null;
        this.toBeMacedData = null;
    }

    public void input(InputStream inputStream) throws IOException {
        reset();
        ASN1SequenceInputStream aSN1SequenceInputStream = new ASN1SequenceInputStream(inputStream);
        int intValue = ASN1Integer.inputValue(aSN1SequenceInputStream).intValue();
        if (intValue != 3) {
            throw new ASN1FormatException(new StringBuffer().append("Expecting version 3, got version ").append(intValue).toString());
        }
        ASN1SequenceInputStream aSN1SequenceInputStream2 = new ASN1SequenceInputStream(aSN1SequenceInputStream);
        ASN1ObjectID aSN1ObjectID = new ASN1ObjectID(aSN1SequenceInputStream2);
        if (!aSN1ObjectID.equals(ASN1Utils.pkcsID, 7, 1)) {
            if (!aSN1ObjectID.equals(ASN1Utils.pkcsID, 7, 2)) {
                throw new ASN1FormatException(new StringBuffer().append("Invalid integrity mode OID ").append(aSN1ObjectID.toStringCompact()).toString());
            }
            throw new ASN1FormatException("Public-key integrity mode not supported");
        }
        if (aSN1SequenceInputStream2.hasMoreData()) {
            ASN1ConstructedInputStream aSN1ConstructedInputStream = new ASN1ConstructedInputStream(aSN1SequenceInputStream2, 0);
            byte[] inputValue = ASN1OctetString.inputValue(aSN1ConstructedInputStream);
            aSN1ConstructedInputStream.terminate();
            ASN1SequenceInputStream aSN1SequenceInputStream3 = new ASN1SequenceInputStream(new UnsyncByteArrayInputStream(inputValue));
            while (aSN1SequenceInputStream3.hasMoreData()) {
                addAuthSafe(new PKCS12Safe(this, new ASN1Sequence(aSN1SequenceInputStream3)));
            }
            this.toBeMacedData = inputValue;
            aSN1SequenceInputStream3.terminate();
        }
        aSN1SequenceInputStream2.terminate();
        if (aSN1SequenceInputStream.hasMoreData()) {
            ASN1SequenceInputStream aSN1SequenceInputStream4 = new ASN1SequenceInputStream(aSN1SequenceInputStream);
            DigestInfo digestInfo = new DigestInfo(aSN1SequenceInputStream4);
            this.macAlg = digestInfo.getDigestAlgID();
            this.macBytes = digestInfo.getDigest();
            this.macSalt = ASN1OctetString.inputValue(aSN1SequenceInputStream4);
            if (aSN1SequenceInputStream4.hasMoreData()) {
                this.iterations = ASN1Integer.inputValue(aSN1SequenceInputStream4);
            } else {
                this.iterations = BigInteger.valueOf(1L);
            }
            aSN1SequenceInputStream4.terminate();
        } else {
            this.macAlg = null;
            this.macBytes = null;
            this.macSalt = null;
            this.iterations = null;
        }
        aSN1SequenceInputStream.terminate();
    }

    public void input(ASN1Sequence aSN1Sequence) throws IOException {
        input(Utils.toStream(aSN1Sequence));
    }

    public void output(OutputStream outputStream) throws IOException {
        toASN1().output(outputStream);
    }

    private ASN1Sequence toASN1() {
        if (this.contents != null) {
            return this.contents;
        }
        ASN1Sequence aSN1Sequence = new ASN1Sequence();
        aSN1Sequence.addElement(new ASN1Integer(3L));
        ASN1Sequence aSN1Sequence2 = new ASN1Sequence();
        aSN1Sequence2.addElement(new ASN1ObjectID(ASN1Utils.pkcsID, 7, 1));
        aSN1Sequence2.addElement(new ASN1GenericConstructed(new ASN1OctetString(Utils.toBytes(new ASN1Sequence(this.authSafes))), 0));
        aSN1Sequence.addElement(aSN1Sequence2);
        ASN1Sequence aSN1Sequence3 = new ASN1Sequence();
        if (this.macBytes == null) {
            try {
                computeMAC();
            } catch (NoSuchAlgorithmException e) {
                StreamableOutputException streamableOutputException = new StreamableOutputException(e.toString());
                streamableOutputException.initCause(e);
                throw streamableOutputException;
            } catch (CipherException e2) {
                StreamableOutputException streamableOutputException2 = new StreamableOutputException(e2.toString());
                streamableOutputException2.initCause(e2);
                throw streamableOutputException2;
            } catch (InvalidKeyException e3) {
                StreamableOutputException streamableOutputException3 = new StreamableOutputException(e3.toString());
                streamableOutputException3.initCause(e3);
                throw streamableOutputException3;
            }
        }
        aSN1Sequence3.addElement(new DigestInfo(this.macAlg, this.macBytes));
        aSN1Sequence3.addElement(new ASN1OctetString(this.macSalt));
        if (this.iterations.intValue() != 1) {
            aSN1Sequence3.addElement(new ASN1Integer(this.iterations));
        }
        aSN1Sequence.addElement(aSN1Sequence3);
        this.contents = aSN1Sequence;
        return aSN1Sequence;
    }

    private String getHmacAlg() {
        return this.macAlg.equals(AlgID.sha1) ? "HmacSHA1" : this.macAlg.equals(AlgID.md5) ? "HmacMD5" : this.macAlg.equals(AlgID.sha_256) ? "HmacSHA256" : this.macAlg.equals(AlgID.sha_384) ? "HmacSHA384" : this.macAlg.equals(AlgID.sha_512) ? "HmacSHA512" : "HmacSHA1";
    }

    private void computeMAC() throws NoSuchAlgorithmException, InvalidKeyException, CipherException {
        if (this.macAlg == null) {
            this.macAlg = AlgID.sha_1;
        }
        if (this.macSalt == null) {
            SecureRandom secureRandom = new SecureRandom();
            this.macSalt = new byte[8];
            secureRandom.nextBytes(this.macSalt);
        }
        String hmacAlg = getHmacAlg();
        Mac mac = Mac.getInstance(hmacAlg);
        if (this.iterations == null) {
            this.iterations = BigInteger.valueOf(1024L);
        }
        mac.init(new SecretKeySpec(PKCS12PBE.createPKCS12MacKey(this.macAlg, this.passwd, this.macSalt, this.iterations.intValue(), mac.getMacLength()), hmacAlg));
        this.toBeMacedData = Utils.toBytes(new ASN1Sequence(this.authSafes));
        this.macBytes = mac.doFinal(this.toBeMacedData);
    }

    public int length() {
        return toASN1().length();
    }

    public String getPassword() {
        return this.passwd;
    }

    public void setPassword(String str) {
        if (this.passwd != null && !this.passwd.equals(str)) {
            reset();
        }
        this.passwd = str;
    }

    public Vector getAuthSafes() {
        return this.authSafes;
    }

    public void setAuthSafes(Vector vector) {
        this.authSafes = vector;
        reset();
    }

    public void addAuthSafe(PKCS12Safe pKCS12Safe) {
        this.authSafes.addElement(pKCS12Safe);
        reset();
    }

    public boolean verify() throws AuthenticationException {
        try {
            if (this.macBytes == null) {
                computeMAC();
                return true;
            }
            String hmacAlg = getHmacAlg();
            Mac mac = Mac.getInstance(hmacAlg);
            if (this.iterations == null) {
                this.iterations = BigInteger.valueOf(1024L);
            }
            mac.init(new SecretKeySpec(PKCS12PBE.createPKCS12MacKey(this.macAlg, this.passwd, this.macSalt, this.iterations.intValue(), mac.getMacLength()), hmacAlg));
            return Utils.areEqual(this.macBytes, mac.doFinal(this.toBeMacedData));
        } catch (InvalidKeyException e) {
            AuthenticationException authenticationException = new AuthenticationException(e.toString());
            authenticationException.initCause(e);
            throw authenticationException;
        } catch (NoSuchAlgorithmException e2) {
            AuthenticationException authenticationException2 = new AuthenticationException(e2.toString());
            authenticationException2.initCause(e2);
            throw authenticationException2;
        } catch (CipherException e3) {
            AuthenticationException authenticationException3 = new AuthenticationException(e3.toString());
            authenticationException3.initCause(e3);
            throw authenticationException3;
        }
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append('{');
        boolean z = false;
        Enumeration elements = this.authSafes.elements();
        while (elements.hasMoreElements()) {
            if (z) {
                stringBuffer.append(", ");
            }
            stringBuffer.append('[');
            stringBuffer.append(elements.nextElement().toString());
            stringBuffer.append(']');
            z = true;
        }
        stringBuffer.append('}');
        return stringBuffer.toString();
    }

    @Override // java.io.Externalizable
    public void writeExternal(ObjectOutput objectOutput) throws IOException {
        objectOutput.writeObject(Utils.toBytes(this));
    }

    @Override // java.io.Externalizable
    public void readExternal(ObjectInput objectInput) throws IOException, ClassNotFoundException {
        try {
            input((InputStream) new UnsyncByteArrayInputStream((byte[]) objectInput.readObject()));
        } catch (ClassCastException e) {
            throw new InvalidInputException(e);
        }
    }
}
