package org.mozilla.jss.pkcs12;

import java.io.BufferedInputStream;
import java.io.CharConversionException;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.DigestException;
import org.mozilla.jss.CryptoManager;
import org.mozilla.jss.asn1.ANY;
import org.mozilla.jss.asn1.ASN1Template;
import org.mozilla.jss.asn1.ASN1Util;
import org.mozilla.jss.asn1.ASN1Value;
import org.mozilla.jss.asn1.BMPString;
import org.mozilla.jss.asn1.INTEGER;
import org.mozilla.jss.asn1.InvalidBERException;
import org.mozilla.jss.asn1.OCTET_STRING;
import org.mozilla.jss.asn1.SEQUENCE;
import org.mozilla.jss.asn1.SET;
import org.mozilla.jss.asn1.Tag;
import org.mozilla.jss.crypto.PBEAlgorithm;
import org.mozilla.jss.crypto.TokenException;
import org.mozilla.jss.pkcs7.ContentInfo;
import org.mozilla.jss.pkix.cert.Certificate;
import org.mozilla.jss.pkix.primitive.Attribute;
import org.mozilla.jss.pkix.primitive.EncryptedPrivateKeyInfo;
import org.mozilla.jss.pkix.primitive.PrivateKeyInfo;
import org.mozilla.jss.util.Password;

/* loaded from: input_file:org/mozilla/jss/pkcs12/PFX.class */
public class PFX implements ASN1Value {
    private INTEGER version;
    private AuthenticatedSafes authSafes;
    private MacData macData;
    private byte[] encodedAuthSafes;
    public static final int DEFAULT_ITERATIONS = 1;
    private static final INTEGER VERSION = new INTEGER(3);
    private static final Tag TAG = SEQUENCE.TAG;

    /* loaded from: input_file:org/mozilla/jss/pkcs12/PFX$Template.class */
    public static class Template implements ASN1Template {
        private SEQUENCE.Template seqt = SEQUENCE.getTemplate();

        public Template() {
            this.seqt.addElement(INTEGER.getTemplate());
            this.seqt.addElement(ContentInfo.getTemplate());
            this.seqt.addOptionalElement(MacData.getTemplate());
        }

        @Override // org.mozilla.jss.asn1.ASN1Template
        public ASN1Value decode(InputStream inputStream) throws InvalidBERException, IOException {
            return decode(PFX.TAG, inputStream);
        }

        @Override // org.mozilla.jss.asn1.ASN1Template
        public ASN1Value decode(Tag tag, InputStream inputStream) throws InvalidBERException, IOException {
            SEQUENCE sequence = (SEQUENCE) this.seqt.decode(tag, inputStream);
            ContentInfo contentInfo = (ContentInfo) sequence.elementAt(1);
            if (!contentInfo.getContentType().equals(ContentInfo.DATA)) {
                throw new InvalidBERException("ContentInfo containing AuthenticatedSafes does not have content-type DATA");
            }
            OCTET_STRING octet_string = (OCTET_STRING) contentInfo.getInterpretedContent();
            PFX pfx = new PFX((INTEGER) sequence.elementAt(0), (AuthenticatedSafes) ASN1Util.decode(AuthenticatedSafes.getTemplate(), octet_string.toByteArray()), (MacData) sequence.elementAt(2));
            pfx.setEncodedAuthSafes(octet_string.toByteArray());
            return pfx;
        }

        @Override // org.mozilla.jss.asn1.ASN1Template
        public boolean tagMatch(Tag tag) {
            return PFX.TAG.equals(tag);
        }
    }

    private PFX() {
    }

    public PFX(INTEGER integer, AuthenticatedSafes authenticatedSafes, MacData macData) {
        if (integer == null || authenticatedSafes == null) {
            throw new IllegalArgumentException("null parameter");
        }
        this.version = integer;
        this.authSafes = authenticatedSafes;
        this.macData = macData;
    }

    public PFX(AuthenticatedSafes authenticatedSafes) {
        this(VERSION, authenticatedSafes, null);
    }

    public PFX(AuthenticatedSafes authenticatedSafes, MacData macData) {
        this(VERSION, authenticatedSafes, macData);
    }

    public void computeMacData(Password password, byte[] bArr, int i) throws CryptoManager.NotInitializedException, DigestException, TokenException, CharConversionException {
        this.macData = new MacData(password, bArr, i, ASN1Util.encode(this.authSafes));
    }

    @Override // org.mozilla.jss.asn1.ASN1Value
    public void encode(OutputStream outputStream) throws IOException {
        encode(TAG, outputStream);
    }

    @Override // org.mozilla.jss.asn1.ASN1Value
    public void encode(Tag tag, OutputStream outputStream) throws IOException {
        SEQUENCE sequence = new SEQUENCE();
        sequence.addElement(this.version);
        sequence.addElement(new ContentInfo(ASN1Util.encode(this.authSafes)));
        if (this.macData != null) {
            sequence.addElement(this.macData);
        }
        sequence.encode(tag, outputStream);
    }

    public AuthenticatedSafes getAuthSafes() {
        return this.authSafes;
    }

    public MacData getMacData() {
        return this.macData;
    }

    @Override // org.mozilla.jss.asn1.ASN1Value
    public Tag getTag() {
        return TAG;
    }

    public INTEGER getVersion() {
        return this.version;
    }

    public static void main(String[] strArr) {
        try {
            if (strArr.length != 2) {
                System.out.println("Usage: PFX <dbdir> <infile>");
                System.exit(-1);
            }
            FileInputStream fileInputStream = new FileInputStream(strArr[1]);
            int i = 0;
            CryptoManager.initialize(strArr[0]);
            PFX pfx = (PFX) new Template().decode(new BufferedInputStream(fileInputStream, 2048));
            System.out.println("Decoded PFX");
            System.out.println(new StringBuffer("Version: ").append(pfx.getVersion()).toString());
            AuthenticatedSafes authSafes = pfx.getAuthSafes();
            SEQUENCE sequence = authSafes.getSequence();
            System.out.println(new StringBuffer("AuthSafes has ").append(sequence.size()).append(" SafeContents").toString());
            System.out.println("Enter password: ");
            Password readPasswordFromConsole = Password.readPasswordFromConsole();
            System.out.println("Enter new password:");
            Password readPasswordFromConsole2 = Password.readPasswordFromConsole();
            StringBuffer stringBuffer = new StringBuffer();
            if (pfx.verifyAuthSafes(readPasswordFromConsole, stringBuffer)) {
                System.out.println("AuthSafes verifies correctly");
            } else {
                System.out.println(new StringBuffer("AuthSafes failed to verify because: ").append((Object) stringBuffer).toString());
            }
            AuthenticatedSafes authenticatedSafes = new AuthenticatedSafes();
            for (int i2 = 0; i2 < sequence.size(); i2++) {
                SEQUENCE safeContentsAt = authSafes.getSafeContentsAt(readPasswordFromConsole, i2);
                System.out.println(new StringBuffer("\n\nSafeContents #").append(i2).append(" has ").append(safeContentsAt.size()).append(" bags").toString());
                for (int i3 = 0; i3 < safeContentsAt.size(); i3++) {
                    SafeBag safeBag = (SafeBag) safeContentsAt.elementAt(i3);
                    System.out.println(new StringBuffer("\nBag ").append(i3).append(" has type ").append(safeBag.getBagType()).toString());
                    SET bagAttributes = safeBag.getBagAttributes();
                    if (bagAttributes == null) {
                        System.out.println("Bag has no attributes");
                    } else {
                        for (int i4 = 0; i4 < bagAttributes.size(); i4++) {
                            Attribute attribute = (Attribute) bagAttributes.elementAt(i4);
                            if (attribute.getType().equals(SafeBag.FRIENDLY_NAME)) {
                                System.out.println(new StringBuffer("Friendly Name: ").append((BMPString) ((ANY) attribute.getValues().elementAt(0)).decodeWith(BMPString.getTemplate())).toString());
                            } else if (attribute.getType().equals(SafeBag.LOCAL_KEY_ID)) {
                                OCTET_STRING octet_string = (OCTET_STRING) ((ANY) attribute.getValues().elementAt(0)).decodeWith(OCTET_STRING.getTemplate());
                                System.out.println("LocalKeyID:");
                                AuthenticatedSafes.print_byte_array(octet_string.toByteArray());
                            } else {
                                System.out.println("Unknown attribute type");
                            }
                        }
                    }
                    ASN1Value interpretedBagContent = safeBag.getInterpretedBagContent();
                    if (interpretedBagContent instanceof PrivateKeyInfo) {
                        System.out.println("content is PrivateKeyInfo");
                    } else if (interpretedBagContent instanceof EncryptedPrivateKeyInfo) {
                        EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = (EncryptedPrivateKeyInfo) interpretedBagContent;
                        System.out.println(new StringBuffer("content is EncryptedPrivateKeyInfo, algoid:").append(encryptedPrivateKeyInfo.getEncryptionAlgorithm().getOID()).toString());
                        PrivateKeyInfo decrypt = encryptedPrivateKeyInfo.decrypt(readPasswordFromConsole, new PasswordConverter());
                        byte[] bArr = new byte[20];
                        CryptoManager.getInstance().getSecureRNG().nextBytes(bArr);
                        safeContentsAt.insertElementAt(new SafeBag(safeBag.getBagType(), EncryptedPrivateKeyInfo.createPBE(PBEAlgorithm.PBE_SHA1_DES3_CBC, readPasswordFromConsole2, bArr, 1, new PasswordConverter(), decrypt), safeBag.getBagAttributes()), i3);
                        safeContentsAt.removeElementAt(i3 + 1);
                    } else if (interpretedBagContent instanceof CertBag) {
                        System.out.println("   content is CertBag");
                        CertBag certBag = (CertBag) interpretedBagContent;
                        if (certBag.getCertType().equals(CertBag.X509_CERT_TYPE)) {
                            OCTET_STRING octet_string2 = (OCTET_STRING) certBag.getInterpretedCert();
                            int i5 = i;
                            i++;
                            FileOutputStream fileOutputStream = new FileOutputStream(new StringBuffer("cert").append(i5).append(".der").toString());
                            octet_string2.encode(fileOutputStream);
                            fileOutputStream.close();
                            ((Certificate) ASN1Util.decode(Certificate.getTemplate(), octet_string2.toByteArray())).getInfo().print(System.out);
                        } else {
                            System.out.println("Unrecognized cert type");
                        }
                    } else {
                        System.out.println("content is ANY");
                    }
                }
                if (authSafes.safeContentsIsEncrypted(i2)) {
                    authenticatedSafes.addEncryptedSafeContents(AuthenticatedSafes.DEFAULT_KEY_GEN_ALG, readPasswordFromConsole2, null, 1, safeContentsAt);
                } else {
                    authenticatedSafes.addSafeContents(safeContentsAt);
                }
            }
            PFX pfx2 = new PFX(authenticatedSafes);
            pfx2.computeMacData(readPasswordFromConsole2, null, 1);
            FileOutputStream fileOutputStream2 = new FileOutputStream("newjss.p12");
            pfx2.encode(fileOutputStream2);
            fileOutputStream2.close();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void setEncodedAuthSafes(byte[] bArr) {
        this.encodedAuthSafes = bArr;
    }

    public boolean verifyAuthSafes(Password password, StringBuffer stringBuffer) throws CryptoManager.NotInitializedException {
        if (stringBuffer == null) {
            try {
                stringBuffer = new StringBuffer();
            } catch (CharConversionException unused) {
                stringBuffer.append("An exception occurred converting the password from chars to bytes");
                return false;
            } catch (DigestException e) {
                e.printStackTrace();
                stringBuffer.append("A DigestException occurred");
                return false;
            } catch (TokenException unused2) {
                stringBuffer.append("A TokenException occurred");
                return false;
            }
        }
        if (this.macData == null) {
            stringBuffer.append("No MAC present in PFX");
            return false;
        }
        if (this.encodedAuthSafes == null) {
            this.encodedAuthSafes = ASN1Util.encode(this.authSafes);
        }
        if (new MacData(password, this.macData.getMacSalt().toByteArray(), this.macData.getMacIterationCount().intValue(), this.encodedAuthSafes).getMac().equals(this.macData.getMac())) {
            return true;
        }
        stringBuffer.append("Digests do not match");
        return false;
    }
}
