package com.rsa.jsafe;

import com.documentum.fc.client.security.internal.CreateIdentityCredential;
import java.io.IOException;
import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.util.Enumeration;
import java.util.Vector;
import java.util.jar.JarEntry;
import java.util.jar.JarFile;
import java.util.jar.Manifest;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:WEB-INF/lib/jsafeFIPS.jar:com/rsa/jsafe/d.class */
public class d {
    private URL a;
    private JarFile b = null;
    private String c = null;
    private static final byte[] d = {101, 32, 67, 111, 110, 115, 117, 108, 116, 105, 110, 103, 32, 40, 80, 116, 121, 41, 32, 76, 116, 100, 46, 49, 31, 48, 29, 6, 3, 85};

    /* JADX INFO: Access modifiers changed from: package-private */
    public d(URL url) {
        this.a = null;
        this.a = url;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized String a(Vector vector) throws IOException, JSAFE_InvalidUseException {
        int mode = CryptoJ.getMode();
        try {
            try {
                if (this.b == null) {
                    this.b = a(this.a);
                }
                CryptoJ.setMode(1);
                JSAFE_MAC jsafe_mac = JSAFE_MAC.getInstance("HMAC/SHA1", CreateIdentityCredential.JAVA_DEVICE);
                JSAFE_SecretKey blankKey = jsafe_mac.getBlankKey();
                blankKey.setSecretKeyData(d, 0, d.length);
                jsafe_mac.macInit(blankKey, null);
                CryptoJ.setMode(mode);
                Manifest manifest = this.b.getManifest();
                if (manifest == null) {
                    throw new SecurityException("The provider is not signed");
                }
                this.c = manifest.getMainAttributes().getValue("Jar-Digest");
                Enumeration<JarEntry> entries = this.b.entries();
                while (entries.hasMoreElements()) {
                    JarEntry nextElement = entries.nextElement();
                    if (!nextElement.isDirectory()) {
                        vector.addElement(nextElement);
                        InputStream inputStream = this.b.getInputStream(nextElement);
                        byte[] bArr = new byte[8192];
                        while (true) {
                            int read = inputStream.read(bArr, 0, bArr.length);
                            if (read == -1) {
                                break;
                            }
                            if (nextElement.getName().startsWith("com/rsa")) {
                                jsafe_mac.macUpdate(bArr, 0, read);
                            }
                        }
                        inputStream.close();
                    }
                }
                return Utils.byteArrayToHexString(jsafe_mac.macFinal());
            } catch (Exception e) {
                throw new SecurityException(e.getMessage());
            }
        } catch (Throwable th) {
            CryptoJ.setMode(mode);
            throw th;
        }
    }

    private JarFile a(URL url) throws PrivilegedActionException, MalformedURLException {
        this.a = url.getProtocol().equalsIgnoreCase("jar") ? url : new URL(new StringBuffer().append("jar:").append(url.toString()).append("!/").toString());
        return (JarFile) AccessController.doPrivileged(new e(this));
    }

    public void a() throws IOException {
        try {
            String a = a(new Vector());
            if (!CryptoJ.isFIPS140Compliant() || a.equals(this.c)) {
            } else {
                throw new SecurityException("The provider self-integrity check failed.");
            }
        } catch (JSAFE_InvalidUseException e) {
            throw new SecurityException("The provider compute Jar digest failed.");
        }
    }

    protected void finalize() throws Throwable {
        if (this.b != null) {
            this.b.close();
            this.a = null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static URL a(d dVar) {
        return dVar.a;
    }
}
