package macromedia.sqlserverutil;

import com.ibm.security.util.DerInputStream;
import com.ibm.security.util.DerValue;
import com.ibm.security.util.ObjectIdentifier;
import com.ibm.security.x509.AlgorithmId;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.AlgorithmParameters;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.Set;
import javax.crypto.Cipher;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import javax.security.auth.x500.X500Principal;
import sun.security.pkcs.ContentInfo;

/* loaded from: input_file:macromedia/sqlserverutil/DDPKCS12KeyStoreProviderIBM.class */
public class DDPKCS12KeyStoreProviderIBM extends KeyStoreSpi {
    public static final int VERSION_3 = 3;
    public static ObjectIdentifier PKCS7_OID;
    public static ObjectIdentifier DATA_OID;
    public static ObjectIdentifier SIGNED_DATA_OID;
    public static ObjectIdentifier ENVELOPED_DATA_OID;
    public static ObjectIdentifier SIGNED_AND_ENVELOPED_DATA_OID;
    public static ObjectIdentifier DIGESTED_DATA_OID;
    public static ObjectIdentifier ENCRYPTED_DATA_OID;
    public static ObjectIdentifier NETSCAPE_CERT_SEQUENCE_OID;
    public static ObjectIdentifier TIMESTAMP_TOKEN_INFO_OID;
    private static ObjectIdentifier PKCS8ShroudedKeyBag_OID;
    private static ObjectIdentifier CertBag_OID;
    private static ObjectIdentifier KeyBag_OID;
    private static ObjectIdentifier PKCS9FriendlyName_OID;
    private static ObjectIdentifier PKCS9LocalKeyId_OID;
    private static ObjectIdentifier PKCS9CertType_OID;
    private static ObjectIdentifier pbeWithSHAAnd40BitRC2CBC_OID;
    private static ObjectIdentifier pbeWithSHAAnd3KeyTripleDESCBC_OID;
    private static final int[] keyBag = {1, 2, 840, 113549, 1, 12, 10, 1, 2};
    private static final int[] certBag = {1, 2, 840, 113549, 1, 12, 10, 1, 3};
    private static final int[] unshroudedKeyBag = {1, 2, 840, 113549, 1, 12, 10, 1, 1};
    private static final int[] pkcs9Name = {1, 2, 840, 113549, 1, 9, 20};
    private static final int[] pkcs9KeyId = {1, 2, 840, 113549, 1, 9, 21};
    private static final int[] pkcs9certType = {1, 2, 840, 113549, 1, 9, 22, 1};
    private static final int[] pbeWithSHAAnd40BitRC2CBC = {1, 2, 840, 113549, 1, 12, 1, 6};
    private static final int[] pbeWithSHAAnd3KeyTripleDESCBC = {1, 2, 840, 113549, 1, 12, 1, 3};
    private static int[] pkcs7 = {1, 2, 840, 113549, 1, 7};
    private static int[] data = {1, 2, 840, 113549, 1, 7, 1};
    private static int[] sdata = {1, 2, 840, 113549, 1, 7, 2};
    private static int[] edata = {1, 2, 840, 113549, 1, 7, 3};
    private static int[] sedata = {1, 2, 840, 113549, 1, 7, 4};
    private static int[] ddata = {1, 2, 840, 113549, 1, 7, 5};
    private static int[] crdata = {1, 2, 840, 113549, 1, 7, 6};
    private static int[] nsdata = {2, 16, 840, 1, 113730, 2, 5};
    private static int[] tstInfo = {1, 2, 840, 113549, 1, 9, 16, 1, 4};
    private static final int[] OLD_SDATA = {1, 2, 840, 1113549, 1, 7, 2};
    private static final int[] OLD_DATA = {1, 2, 840, 1113549, 1, 7, 1};
    public static ObjectIdentifier OLD_SIGNED_DATA_OID = ObjectIdentifier.newInternal(OLD_SDATA);
    public static ObjectIdentifier OLD_DATA_OID = ObjectIdentifier.newInternal(OLD_DATA);
    private static volatile int counter = 0;
    private static int privateKeyCount = 0;
    private static Hashtable entries = new Hashtable();
    private static ArrayList keyList = new ArrayList();
    private static LinkedHashMap certs = new LinkedHashMap();
    private static Hashtable keyAliasMap = new Hashtable();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:macromedia/sqlserverutil/DDPKCS12KeyStoreProviderIBM$a.class */
    public static class a {
        Date a;
        byte[] b;
        boolean c;
        Certificate[] d;
        byte[] e;
        String f;

        private a() {
            this.c = true;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:macromedia/sqlserverutil/DDPKCS12KeyStoreProviderIBM$b.class */
    public static class b {
        byte[] a;

        public int hashCode() {
            int i = 0;
            for (int i2 = 0; i2 < this.a.length; i2++) {
                i += this.a[i2];
            }
            return i;
        }

        public boolean equals(Object obj) {
            if (obj instanceof b) {
                return Arrays.equals(this.a, ((b) obj).a);
            }
            return false;
        }

        b(byte[] bArr) {
            this.a = bArr;
        }
    }

    public DDPKCS12KeyStoreProviderIBM() {
        privateKeyCount = 0;
        entries = new Hashtable();
        keyList = new ArrayList();
        certs = new LinkedHashMap();
    }

    @Override // java.security.KeyStoreSpi
    public synchronized void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        byte[] doFinal;
        if (inputStream == null) {
            return;
        }
        try {
            DerInputStream derInputStream = new DerValue(inputStream).toDerInputStream();
            if (derInputStream.getInteger().intValue() != 3) {
                throw new IOException("PKCS12 keystore not in version 3 format");
            }
            entries.clear();
            ContentInfo contentInfo = new ContentInfo(derInputStream);
            if (!contentInfo.getContentType().equals(ContentInfo.DATA_OID)) {
                throw new IOException("public key protected PKCS12 not supported");
            }
            byte[] data2 = contentInfo.getData();
            DerValue[] sequence = new DerInputStream(data2).getSequence(2);
            privateKeyCount = 0;
            for (DerValue derValue : sequence) {
                ContentInfo contentInfo2 = new ContentInfo(new DerInputStream(derValue.toByteArray()));
                ObjectIdentifier contentType = contentInfo2.getContentType();
                if (contentType.equals(ContentInfo.DATA_OID)) {
                    doFinal = contentInfo2.getData();
                } else {
                    if (!contentType.equals(ContentInfo.ENCRYPTED_DATA_OID)) {
                        throw new IOException("public key protected PKCS12 not supported");
                    }
                    if (cArr != null) {
                        DerInputStream derInputStream2 = contentInfo2.getContent().toDerInputStream();
                        derInputStream2.getInteger();
                        DerValue[] sequence2 = derInputStream2.getSequence(2);
                        if (!sequence2[2].isContextSpecific((byte) 0)) {
                            throw new IOException("encrypted content not present!");
                        }
                        sequence2[2].resetTag(sequence2[2].isConstructed() ? (byte) (4 | 32) : (byte) 4);
                        byte[] octetString = sequence2[2].getOctetString();
                        DerInputStream derInputStream3 = sequence2[1].toDerInputStream();
                        ObjectIdentifier oid = derInputStream3.getOID();
                        AlgorithmParameters a2 = a(derInputStream3, new AlgorithmId(oid).getName());
                        try {
                            SecretKey a3 = a(cArr);
                            Cipher cipher = Cipher.getInstance(oid.toString());
                            cipher.init(2, a3, a2);
                            doFinal = cipher.doFinal(octetString);
                        } catch (Exception e) {
                            IOException iOException = new IOException("failed to decrypt safe contents entry: " + e);
                            iOException.initCause(e);
                            throw iOException;
                        }
                    }
                }
                a(new DerInputStream(doFinal), cArr);
            }
            if (cArr != null && derInputStream.available() > 0) {
                dh dhVar = new dh(derInputStream);
                try {
                    String upperCase = dhVar.a().toUpperCase();
                    if (upperCase.equals(bf.hr) || upperCase.equals("SHA1") || upperCase.equals("SHA-1")) {
                        upperCase = "SHA1";
                    }
                    Mac mac = Mac.getInstance("HmacPBE" + upperCase);
                    mac.init(a(cArr), new PBEParameterSpec(dhVar.b(), dhVar.c()));
                    mac.update(data2);
                    if (!Arrays.equals(dhVar.d(), mac.doFinal())) {
                        throw new SecurityException("Failed PKCS12 integrity checking");
                    }
                } catch (Exception e2) {
                    IOException iOException2 = new IOException("Integrity check failed: " + e2);
                    iOException2.initCause(e2);
                    throw iOException2;
                }
            }
            for (Object obj : keyList.toArray()) {
                a aVar = (a) obj;
                if (aVar.e != null) {
                    ArrayList arrayList = new ArrayList();
                    b bVar = new b(aVar.e);
                    X509Certificate x509Certificate = (X509Certificate) certs.get(bVar);
                    certs.remove(bVar);
                    if (x509Certificate != null) {
                        certs.remove(x509Certificate.getSubjectX500Principal());
                    }
                    certs.remove(keyAliasMap.get(bVar));
                    while (x509Certificate != null) {
                        arrayList.add(x509Certificate);
                        X500Principal issuerX500Principal = x509Certificate.getIssuerX500Principal();
                        x509Certificate.getSubjectX500Principal();
                        if (issuerX500Principal.equals(x509Certificate.getSubjectX500Principal())) {
                            break;
                        } else {
                            x509Certificate = (X509Certificate) certs.get(issuerX500Principal);
                        }
                    }
                    if (arrayList.size() > 0) {
                        aVar.d = (Certificate[]) arrayList.toArray(new Certificate[arrayList.size()]);
                    }
                }
            }
            Set<Map.Entry> entrySet = certs.entrySet();
            HashSet hashSet = new HashSet();
            for (Map.Entry entry : entrySet) {
                Object value = entry.getValue();
                if (!hashSet.contains(value)) {
                    hashSet.add(value);
                    entries.put(entry.getKey() instanceof String ? (String) entry.getKey() : a(), value);
                }
            }
            certs.clear();
            keyList.clear();
        } catch (IOException e3) {
            throw e3;
        } catch (NoSuchAlgorithmException e4) {
            throw e4;
        } catch (CertificateException e5) {
            throw e5;
        } catch (Exception e6) {
            throw new IOException("Internal Error Parsing PKCS12 file.File is Bad or File is tampered or password is wrong");
        }
    }

    /* JADX WARN: Can't wrap try/catch for region: R(9:6|(1:8)(2:92|(2:94|(3:97|98|99)(1:96))(2:100|(1:102)(2:103|43)))|9|10|11|(3:13|(7:16|17|18|19|(2:21|22)(2:24|(2:26|27)(1:28))|23|14)|34)|35|(10:37|(2:39|(1:42)(1:41))|44|(2:54|55)|46|(1:48)|49|(1:51)|52|53)(2:59|(1:88)(8:61|(1:67)|68|(2:70|(1:72))|73|(2:77|(1:79))|80|(2:84|85)))|43) */
    /* JADX WARN: Code restructure failed: missing block: B:91:0x0149, code lost:
    
        r16 = null;
     */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v47, types: [java.security.cert.X509Certificate] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void a(com.ibm.security.util.DerInputStream r7, char[] r8) throws java.io.IOException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateException {
        /*
            Method dump skipped, instructions count: 842
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: macromedia.sqlserverutil.DDPKCS12KeyStoreProviderIBM.a(com.ibm.security.util.DerInputStream, char[]):void");
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
        byte[] doFinal;
        Object obj = entries.get(str.toLowerCase());
        if (obj == null || !(obj instanceof a)) {
            return null;
        }
        byte[] bArr = ((a) obj).b;
        if (((a) obj).c) {
            try {
                EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(bArr);
                byte[] encryptedData = encryptedPrivateKeyInfo.getEncryptedData();
                ObjectIdentifier oid = new DerValue(AlgorithmId.get(encryptedPrivateKeyInfo.getAlgName()).encode()).toDerInputStream().getOID();
                AlgorithmParameters algParameters = encryptedPrivateKeyInfo.getAlgParameters();
                SecretKey a2 = a(cArr);
                Cipher cipher = Cipher.getInstance(oid.toString());
                cipher.init(2, a2, algParameters);
                doFinal = cipher.doFinal(encryptedData);
            } catch (IOException e) {
                UnrecoverableKeyException unrecoverableKeyException = new UnrecoverableKeyException("Private key not stored as PKCS#8 EncryptedPrivateKeyInfo: " + e);
                unrecoverableKeyException.initCause(e);
                throw unrecoverableKeyException;
            } catch (Exception e2) {
                UnrecoverableKeyException unrecoverableKeyException2 = new UnrecoverableKeyException("Get Key failed: " + e2.getMessage());
                unrecoverableKeyException2.initCause(e2);
                throw unrecoverableKeyException2;
            }
        } else {
            doFinal = bArr;
        }
        try {
            PKCS8EncodedKeySpec pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(doFinal);
            DerInputStream derInputStream = new DerValue(doFinal).toDerInputStream();
            derInputStream.getInteger();
            return KeyFactory.getInstance(new AlgorithmId(derInputStream.getSequence(2)[0].getOID()).getName()).generatePrivate(pKCS8EncodedKeySpec);
        } catch (Exception e3) {
            UnrecoverableKeyException unrecoverableKeyException3 = new UnrecoverableKeyException("Get Key failed: " + e3.getMessage());
            unrecoverableKeyException3.initCause(e3);
            throw unrecoverableKeyException3;
        }
    }

    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        Object obj = entries.get(str.toLowerCase());
        if (obj == null || !(obj instanceof a) || ((a) obj).d == null) {
            return null;
        }
        return (Certificate[]) ((a) obj).d.clone();
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        Object obj = entries.get(str.toLowerCase());
        if (obj != null && (obj instanceof a)) {
            if (((a) obj).d == null) {
                return null;
            }
            return ((a) obj).d[0];
        }
        if (obj == null || !(obj instanceof X509Certificate)) {
            return null;
        }
        return (X509Certificate) obj;
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        Object obj = entries.get(str.toLowerCase());
        if (obj == null || !(obj instanceof a)) {
            return null;
        }
        return new Date(((a) obj).a.getTime());
    }

    @Override // java.security.KeyStoreSpi
    public synchronized void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
        throw new KeyStoreException("Method is not supported");
    }

    private AlgorithmParameters a(DerInputStream derInputStream, String str) throws IOException {
        DerValue derValue;
        AlgorithmParameters algorithmParameters = null;
        try {
            if (derInputStream.available() == 0) {
                derValue = null;
            } else {
                derValue = derInputStream.getDerValue();
                if (derValue.getTag() == 5) {
                    derValue = null;
                }
            }
            if (derValue != null) {
                algorithmParameters = AlgorithmParameters.getInstance(str);
                algorithmParameters.init(derValue.toByteArray());
            }
            return algorithmParameters;
        } catch (Exception e) {
            IOException iOException = new IOException("parseAlgParameters failed: " + e.getMessage());
            iOException.initCause(e);
            throw iOException;
        }
    }

    private SecretKey a(char[] cArr) throws IOException {
        try {
            return SecretKeyFactory.getInstance("PBEWithMD5AndDES").generateSecret(new PBEKeySpec(cArr));
        } catch (Exception e) {
            IOException iOException = new IOException("getSecretKey failed: " + e.getMessage());
            iOException.initCause(e);
            throw iOException;
        }
    }

    @Override // java.security.KeyStoreSpi
    public synchronized void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
        throw new KeyStoreException("Method is not supported");
    }

    @Override // java.security.KeyStoreSpi
    public synchronized void engineDeleteEntry(String str) throws KeyStoreException {
        entries.remove(str.toLowerCase());
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration engineAliases() {
        return entries.keys();
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        return entries.containsKey(str.toLowerCase());
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        return entries.size();
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        Object obj = entries.get(str.toLowerCase());
        return obj != null && (obj instanceof a);
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        Object obj = entries.get(str.toLowerCase());
        return obj != null && (obj instanceof X509Certificate);
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        Certificate certificate2 = null;
        Enumeration keys = entries.keys();
        while (keys.hasMoreElements()) {
            String str = (String) keys.nextElement();
            Object obj = entries.get(str);
            if (obj instanceof a) {
                if (((a) obj).d != null) {
                    certificate2 = ((a) obj).d[0];
                }
                if (certificate2.equals(certificate)) {
                    return str;
                }
            }
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public synchronized void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
    }

    private String a() {
        counter++;
        return String.valueOf(counter);
    }

    @Override // java.security.KeyStoreSpi
    public synchronized void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
        throw new KeyStoreException("Method is not supported");
    }

    static {
        try {
            PKCS8ShroudedKeyBag_OID = new ObjectIdentifier(keyBag);
            CertBag_OID = new ObjectIdentifier(certBag);
            KeyBag_OID = new ObjectIdentifier(unshroudedKeyBag);
            PKCS9FriendlyName_OID = new ObjectIdentifier(pkcs9Name);
            PKCS9LocalKeyId_OID = new ObjectIdentifier(pkcs9KeyId);
            PKCS9CertType_OID = new ObjectIdentifier(pkcs9certType);
            pbeWithSHAAnd40BitRC2CBC_OID = new ObjectIdentifier(pbeWithSHAAnd40BitRC2CBC);
            pbeWithSHAAnd3KeyTripleDESCBC_OID = new ObjectIdentifier(pbeWithSHAAnd3KeyTripleDESCBC);
            PKCS7_OID = ObjectIdentifier.newInternal(pkcs7);
            DATA_OID = ObjectIdentifier.newInternal(data);
            SIGNED_DATA_OID = ObjectIdentifier.newInternal(sdata);
            ENVELOPED_DATA_OID = ObjectIdentifier.newInternal(edata);
            SIGNED_AND_ENVELOPED_DATA_OID = ObjectIdentifier.newInternal(sedata);
            DIGESTED_DATA_OID = ObjectIdentifier.newInternal(ddata);
            ENCRYPTED_DATA_OID = ObjectIdentifier.newInternal(crdata);
            NETSCAPE_CERT_SEQUENCE_OID = ObjectIdentifier.newInternal(nsdata);
            TIMESTAMP_TOKEN_INFO_OID = ObjectIdentifier.newInternal(tstInfo);
        } catch (IOException e) {
        }
    }
}
