package oracle.security.crypto.cert;

import java.io.Externalizable;
import java.io.IOException;
import java.io.InputStream;
import java.io.ObjectInput;
import java.io.ObjectOutput;
import java.io.OutputStream;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;
import oracle.security.crypto.asn1.ASN1FormatException;
import oracle.security.crypto.asn1.ASN1GenericConstructed;
import oracle.security.crypto.asn1.ASN1GenericPrimitive;
import oracle.security.crypto.asn1.ASN1Integer;
import oracle.security.crypto.asn1.ASN1Object;
import oracle.security.crypto.asn1.ASN1ObjectID;
import oracle.security.crypto.asn1.ASN1OctetString;
import oracle.security.crypto.asn1.ASN1Sequence;
import oracle.security.crypto.asn1.ASN1SequenceInputStream;
import oracle.security.crypto.asn1.ASN1Utils;
import oracle.security.crypto.core.AlgID;
import oracle.security.crypto.core.AlgorithmIdentifier;
import oracle.security.crypto.core.AlgorithmIdentifierException;
import oracle.security.crypto.core.CBCAlgorithmIdentifier;
import oracle.security.crypto.core.CipherException;
import oracle.security.crypto.core.PBE;
import oracle.security.crypto.core.PBEAlgorithmIdentifier;
import oracle.security.crypto.core.RandomBitsSource;
import oracle.security.crypto.provider.JCEUtil;
import oracle.security.crypto.provider.TransitionMode;
import oracle.security.crypto.util.InvalidInputException;
import oracle.security.crypto.util.StreamableOutputException;
import oracle.security.crypto.util.UnsyncByteArrayInputStream;
import oracle.security.crypto.util.Utils;
import oracle.security.crypto.util.VectorOverArrayList;

/* loaded from: input_file:oracle/security/crypto/cert/PKCS12Safe.class */
public class PKCS12Safe implements ASN1Object, Externalizable {
    private PKCS12 parent;
    private ASN1ObjectID pbeOID;
    private AlgorithmIdentifier prfAlgID;
    private AlgorithmIdentifier cipherAlgID;
    private ArrayList<PKCS12Bag> bags;
    private char[] passwd;
    private ASN1Sequence contents;

    public PKCS12Safe() {
    }

    public PKCS12Safe(PKCS12 pkcs12) {
        this.parent = pkcs12;
        this.bags = new ArrayList<>();
    }

    public PKCS12Safe(PKCS12 pkcs12, int i) {
        this(pkcs12);
        setMode(i);
    }

    public PKCS12Safe(PKCS12 pkcs12, ASN1ObjectID aSN1ObjectID) {
        this(pkcs12);
        setPBEOID(aSN1ObjectID);
    }

    public PKCS12Safe(PKCS12 pkcs12, InputStream inputStream) throws IOException {
        this(pkcs12);
        input(inputStream);
    }

    public PKCS12Safe(PKCS12 pkcs12, ASN1Sequence aSN1Sequence) throws IOException {
        this(pkcs12);
        input(aSN1Sequence);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void reset() {
        this.contents = null;
        if (this.parent != null) {
            this.parent.reset();
        }
    }

    @Override // oracle.security.crypto.util.Streamable
    public void input(InputStream inputStream) throws IOException {
        input(new ASN1Sequence(inputStream));
    }

    public void input(ASN1Sequence aSN1Sequence) throws IOException {
        byte[] bArr;
        byte[] decrypt;
        reset();
        try {
            ASN1ObjectID aSN1ObjectID = (ASN1ObjectID) aSN1Sequence.elementAt(0);
            ASN1GenericConstructed aSN1GenericConstructed = (ASN1GenericConstructed) aSN1Sequence.elementAt(1);
            if (aSN1ObjectID.equals(ASN1Utils.pkcsID, 7, 1)) {
                this.pbeOID = null;
                decrypt = ((ASN1OctetString) aSN1GenericConstructed.elementAt(0)).getValue();
            } else {
                if (!aSN1ObjectID.equals(ASN1Utils.pkcsID, 7, 6)) {
                    throw new IOException("Unrecognized ContentType " + aSN1ObjectID);
                }
                ASN1Sequence aSN1Sequence2 = (ASN1Sequence) ((ASN1Sequence) aSN1GenericConstructed.elementAt(0)).elementAt(1);
                PBEAlgorithmIdentifier pBEAlgorithmIdentifier = new PBEAlgorithmIdentifier(Utils.toStream((ASN1Sequence) aSN1Sequence2.elementAt(1)));
                this.pbeOID = pBEAlgorithmIdentifier.getOID();
                this.cipherAlgID = pBEAlgorithmIdentifier.getEncryptionScheme();
                this.prfAlgID = pBEAlgorithmIdentifier.getPseudorandomFunc();
                ASN1Object elementAt = aSN1Sequence2.elementAt(2);
                if (elementAt instanceof ASN1GenericPrimitive) {
                    bArr = ((ASN1OctetString) ((ASN1GenericPrimitive) elementAt).withTag(4)).getValue();
                } else {
                    if (!(elementAt instanceof ASN1GenericConstructed)) {
                        throw new InvalidInputException("Cound not read encrypted content.");
                    }
                    ArrayList<ASN1Object> elementsAsList = ((ASN1GenericConstructed) elementAt).elementsAsList();
                    byte[][] bArr2 = new byte[elementsAsList.size()][0];
                    int i = 0;
                    int length = bArr2.length;
                    for (int i2 = 0; i2 < length; i2++) {
                        bArr2[i2] = ((ASN1OctetString) elementsAsList.get(i2)).getValue();
                        i += bArr2[i2].length;
                    }
                    bArr = new byte[i];
                    int i3 = 0;
                    int length2 = bArr2.length;
                    for (int i4 = 0; i4 < length2; i4++) {
                        System.arraycopy(bArr2[i4], 0, bArr, i3, bArr2[i4].length);
                        i3 += bArr2[i4].length;
                    }
                }
                decrypt = PBE.getInstance(pBEAlgorithmIdentifier).decrypt(getPassword(), bArr);
            }
            ASN1SequenceInputStream aSN1SequenceInputStream = new ASN1SequenceInputStream(new UnsyncByteArrayInputStream(decrypt));
            while (aSN1SequenceInputStream.hasMoreData()) {
                addBag(PKCS12Bag.inputBag(this, new ASN1Sequence(aSN1SequenceInputStream)));
            }
            aSN1SequenceInputStream.terminate();
            this.contents = aSN1Sequence;
        } catch (ClassCastException e) {
            throw new ASN1FormatException(e.toString());
        } catch (IndexOutOfBoundsException e2) {
            throw new ASN1FormatException(e2.toString());
        } catch (AlgorithmIdentifierException e3) {
            throw new ASN1FormatException(e3.toString());
        } catch (CipherException e4) {
            throw new ASN1FormatException(e4.toString());
        }
    }

    private static byte[] makeSalt() {
        return randomBytes(8);
    }

    private static byte[] makeAES_CBC_IV() {
        return randomBytes(16);
    }

    private static byte[] randomBytes(int i) {
        byte[] randomBytes;
        if (TransitionMode.isJCEUseEnabled()) {
            randomBytes = new byte[i];
            JCEUtil.getSecureRandom().nextBytes(randomBytes);
        } else {
            randomBytes = RandomBitsSource.getDefault().randomBytes(new byte[i]);
        }
        return randomBytes;
    }

    @Override // oracle.security.crypto.util.Streamable
    public void output(OutputStream outputStream) throws IOException {
        outputASN1().output(outputStream);
    }

    private ASN1Sequence outputASN1() {
        PBEAlgorithmIdentifier pBEAlgorithmIdentifier;
        if (this.contents != null) {
            return this.contents;
        }
        ASN1Sequence aSN1Sequence = new ASN1Sequence();
        byte[] bytes = Utils.toBytes(new ASN1Sequence((List<? extends ASN1Object>) this.bags));
        if (this.pbeOID == null) {
            aSN1Sequence.addElement(new ASN1ObjectID(ASN1Utils.pkcsID, 7, 1));
            aSN1Sequence.addElement(new ASN1GenericConstructed(new ASN1OctetString(bytes), 0));
        } else {
            try {
                byte[] makeSalt = makeSalt();
                if (this.pbeOID.equals(PBEAlgorithmIdentifier.id_PBES2)) {
                    int i = 0;
                    if (this.cipherAlgID.getOID().equals(AlgID.aes128_CBC.getOID())) {
                        i = 16;
                    } else if (this.cipherAlgID.getOID().equals(AlgID.aes192_CBC.getOID())) {
                        i = 24;
                    } else if (this.cipherAlgID.getOID().equals(AlgID.aes256_CBC.getOID())) {
                        i = 32;
                    }
                    pBEAlgorithmIdentifier = new PBEAlgorithmIdentifier(makeSalt, 10000, i, this.prfAlgID, new CBCAlgorithmIdentifier(this.cipherAlgID.getOID(), makeAES_CBC_IV()));
                } else {
                    pBEAlgorithmIdentifier = new PBEAlgorithmIdentifier(this.pbeOID, makeSalt, 10000);
                }
                byte[] encrypt = PBE.getInstance(pBEAlgorithmIdentifier).encrypt(getPassword(), bytes);
                aSN1Sequence.addElement(new ASN1ObjectID(ASN1Utils.pkcsID, 7, 6));
                ASN1Sequence aSN1Sequence2 = new ASN1Sequence();
                aSN1Sequence2.addElement(new ASN1Integer(0L));
                ASN1Sequence aSN1Sequence3 = new ASN1Sequence();
                aSN1Sequence3.addElement(new ASN1ObjectID(ASN1Utils.pkcsID, 7, 1));
                aSN1Sequence3.addElement(pBEAlgorithmIdentifier);
                aSN1Sequence3.addElement(new ASN1GenericPrimitive(new ASN1OctetString(encrypt), 0));
                aSN1Sequence2.addElement(aSN1Sequence3);
                aSN1Sequence.addElement(new ASN1GenericConstructed(aSN1Sequence2, 0));
            } catch (AlgorithmIdentifierException e) {
                throw new StreamableOutputException(e.toString());
            } catch (CipherException e2) {
                throw new StreamableOutputException(e2.toString());
            }
        }
        this.contents = aSN1Sequence;
        return aSN1Sequence;
    }

    @Override // oracle.security.crypto.util.Streamable
    public int length() {
        return outputASN1().length();
    }

    public void setPassword(String str) {
        this.passwd = str == null ? null : str.toCharArray();
        reset();
    }

    public void setPasswd(char[] cArr) {
        this.passwd = cArr;
        reset();
    }

    public String getPassword() {
        return this.passwd != null ? new String(this.passwd) : this.parent.getPassword();
    }

    public char[] getPasswd() {
        return this.passwd != null ? this.passwd : this.parent.getPasswd();
    }

    public Vector<PKCS12Bag> getBags() {
        if (this.bags == null) {
            return null;
        }
        return new VectorOverArrayList(this.bags);
    }

    public ArrayList<PKCS12Bag> getBagsAsList() {
        return this.bags;
    }

    public void setBags(Vector<PKCS12Bag> vector) {
        setBags((List<PKCS12Bag>) vector);
    }

    public void setBags(List<PKCS12Bag> list) {
        this.bags = list == null ? null : list instanceof ArrayList ? (ArrayList) list : new ArrayList<>(list);
        reset();
    }

    public void addBag(PKCS12Bag pKCS12Bag) {
        this.bags.add(pKCS12Bag);
        reset();
    }

    public int getMode() {
        if (this.pbeOID == null) {
            return 0;
        }
        if (this.pbeOID.equals(PBEAlgorithmIdentifier.pbeWithMD2AndDES_CBC)) {
            return -2;
        }
        if (this.pbeOID.equals(PBEAlgorithmIdentifier.pbeWithMD5AndDES_CBC)) {
            return -1;
        }
        return this.pbeOID.getValue()[this.pbeOID.getValue().length - 1];
    }

    public void setMode(int i) {
        reset();
        if (i == -2) {
            setPBEOID(PBEAlgorithmIdentifier.pbeWithMD2AndDES_CBC);
            return;
        }
        if (i == -1) {
            setPBEOID(PBEAlgorithmIdentifier.pbeWithMD5AndDES_CBC);
        } else if (i == 0) {
            setPBEOID(null);
        } else {
            setPBEOID(new ASN1ObjectID(PBEAlgorithmIdentifier.pkcs12PBEids, i));
        }
    }

    public void setPBEOID(ASN1ObjectID aSN1ObjectID) {
        this.pbeOID = aSN1ObjectID;
        reset();
    }

    public void setPBES2Parameters(ASN1ObjectID aSN1ObjectID, AlgorithmIdentifier algorithmIdentifier, AlgorithmIdentifier algorithmIdentifier2) {
        this.pbeOID = aSN1ObjectID;
        this.prfAlgID = algorithmIdentifier;
        this.cipherAlgID = algorithmIdentifier2;
        reset();
    }

    public ASN1ObjectID getPBEOID() {
        return this.pbeOID;
    }

    public String toString() {
        String str = "pbeOID = {" + this.pbeOID + "}";
        Iterator<PKCS12Bag> it = this.bags.iterator();
        while (it.hasNext()) {
            str = str + ", {" + it.next() + "}";
        }
        return str;
    }

    @Override // java.io.Externalizable
    public void writeExternal(ObjectOutput objectOutput) throws IOException {
        objectOutput.writeObject(Utils.toBytes(this));
    }

    @Override // java.io.Externalizable
    public void readExternal(ObjectInput objectInput) throws IOException, ClassNotFoundException {
        try {
            input(new UnsyncByteArrayInputStream((byte[]) objectInput.readObject()));
        } catch (ClassCastException e) {
            throw new InvalidInputException((Exception) e);
        }
    }
}
