package com.wizvera.provider.jce;

import com.wizvera.provider.asn1.ASN1InputStream;
import com.wizvera.provider.asn1.ASN1ObjectIdentifier;
import com.wizvera.provider.asn1.ASN1OctetString;
import com.wizvera.provider.asn1.DERNull;
import com.wizvera.provider.asn1.DEROctetString;
import com.wizvera.provider.asn1.DEROutputStream;
import com.wizvera.provider.asn1.pkcs.ContentInfo;
import com.wizvera.provider.asn1.pkcs.MacData;
import com.wizvera.provider.asn1.pkcs.Pfx;
import com.wizvera.provider.asn1.x509.AlgorithmIdentifier;
import com.wizvera.provider.asn1.x509.DigestInfo;
import com.wizvera.provider.crypto.NPKIKeyPair;
import com.wizvera.provider.crypto.NPKIPrivateKeyInfo;
import com.wizvera.provider.jce.provider.JDKPKCS12KeyStore;
import com.wizvera.provider.util.encoders.Hex;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;

/* loaded from: classes4.dex */
public class PKCS12Util {
    private static byte[] calculatePbeMac(ASN1ObjectIdentifier aSN1ObjectIdentifier, byte[] bArr, int i, char[] cArr, byte[] bArr2, String str) throws Exception {
        SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(aSN1ObjectIdentifier.getId(), str);
        PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(bArr, i);
        SecretKey generateSecret = secretKeyFactory.generateSecret(new PBEKeySpec(cArr));
        Mac mac = Mac.getInstance(aSN1ObjectIdentifier.getId(), str);
        mac.init(generateSecret, pBEParameterSpec);
        mac.update(bArr2);
        return mac.doFinal();
    }

    public static byte[] convertToDefiniteLength(byte[] bArr) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        DEROutputStream dEROutputStream = new DEROutputStream(byteArrayOutputStream);
        Pfx pfx = Pfx.getInstance(bArr);
        byteArrayOutputStream.reset();
        dEROutputStream.writeObject(pfx);
        return byteArrayOutputStream.toByteArray();
    }

    public static byte[] convertToDefiniteLength(byte[] bArr, char[] cArr, String str) throws IOException {
        Pfx pfx = Pfx.getInstance(bArr);
        ContentInfo authSafe = pfx.getAuthSafe();
        ASN1OctetString aSN1OctetString = ASN1OctetString.getInstance(authSafe.getContent());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        DEROutputStream dEROutputStream = new DEROutputStream(byteArrayOutputStream);
        ASN1InputStream aSN1InputStream = new ASN1InputStream(aSN1OctetString.getOctets());
        dEROutputStream.writeObject(aSN1InputStream.readObject());
        ContentInfo contentInfo = new ContentInfo(authSafe.getContentType(), new DEROctetString(byteArrayOutputStream.toByteArray()));
        MacData macData = pfx.getMacData();
        try {
            try {
                int intValue = macData.getIterationCount().intValue();
                MacData macData2 = new MacData(new DigestInfo(new AlgorithmIdentifier(macData.getMac().getAlgorithmId().getAlgorithm(), DERNull.INSTANCE), calculatePbeMac(macData.getMac().getAlgorithmId().getAlgorithm(), macData.getSalt(), intValue, cArr, ASN1OctetString.getInstance(contentInfo.getContent()).getOctets(), str)), macData.getSalt(), intValue);
                aSN1InputStream.close();
                Pfx pfx2 = new Pfx(contentInfo, macData2);
                byteArrayOutputStream.reset();
                dEROutputStream.writeObject(pfx2);
                return byteArrayOutputStream.toByteArray();
            } catch (Exception e) {
                throw new IOException("error constructing MAC: " + e.toString());
            }
        } catch (Throwable th) {
            aSN1InputStream.close();
            throw th;
        }
    }

    private static String getFingerPrint(X509Certificate x509Certificate) throws NoSuchAlgorithmException, CertificateEncodingException {
        MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
        messageDigest.update(x509Certificate.getEncoded());
        return Hex.toHexString(messageDigest.digest()).toUpperCase();
    }

    public static final List<NPKIKeyPair> load(InputStream inputStream, String str) throws Exception {
        JDKPKCS12KeyStore.BCPKCS12KeyStore3DES bCPKCS12KeyStore3DES = new JDKPKCS12KeyStore.BCPKCS12KeyStore3DES();
        bCPKCS12KeyStore3DES.engineLoad(inputStream, str.toCharArray());
        Enumeration engineAliases = bCPKCS12KeyStore3DES.engineAliases();
        ArrayList arrayList = new ArrayList();
        while (engineAliases.hasMoreElements()) {
            String str2 = (String) engineAliases.nextElement();
            arrayList.add(new NPKIKeyPair((X509Certificate) bCPKCS12KeyStore3DES.engineGetCertificate(str2), new NPKIPrivateKeyInfo(bCPKCS12KeyStore3DES.getPrivateKeyInfo(str2))));
        }
        return arrayList;
    }

    public static final void store(String str, byte[] bArr, X509Certificate x509Certificate, String str2, OutputStream outputStream, boolean z) throws KeyStoreException, IOException {
        JDKPKCS12KeyStore.BCPKCS12KeyStore3DES bCPKCS12KeyStore3DES = new JDKPKCS12KeyStore.BCPKCS12KeyStore3DES();
        bCPKCS12KeyStore3DES.engineSetKeyEntry(str, bArr, new Certificate[]{x509Certificate});
        bCPKCS12KeyStore3DES.engineStore(outputStream, str2.toCharArray(), z);
    }

    public static final void store(byte[] bArr, X509Certificate x509Certificate, String str, OutputStream outputStream, boolean z) throws KeyStoreException, IOException, CertificateEncodingException, NoSuchAlgorithmException {
        JDKPKCS12KeyStore.BCPKCS12KeyStore3DES bCPKCS12KeyStore3DES = new JDKPKCS12KeyStore.BCPKCS12KeyStore3DES();
        bCPKCS12KeyStore3DES.engineSetKeyEntry(getFingerPrint(x509Certificate), bArr, new Certificate[]{x509Certificate});
        bCPKCS12KeyStore3DES.engineStore(outputStream, str.toCharArray(), z);
    }

    public static final void store(byte[] bArr, X509Certificate x509Certificate, byte[] bArr2, X509Certificate x509Certificate2, String str, OutputStream outputStream, boolean z) throws KeyStoreException, IOException, CertificateEncodingException, NoSuchAlgorithmException {
        JDKPKCS12KeyStore.BCPKCS12KeyStore3DES bCPKCS12KeyStore3DES = new JDKPKCS12KeyStore.BCPKCS12KeyStore3DES();
        if (bArr != null && x509Certificate != null) {
            bCPKCS12KeyStore3DES.engineSetKeyEntry(getFingerPrint(x509Certificate), bArr, new Certificate[]{x509Certificate});
        }
        if (bArr2 != null && x509Certificate2 != null) {
            bCPKCS12KeyStore3DES.engineSetKeyEntry(getFingerPrint(x509Certificate2), bArr2, new Certificate[]{x509Certificate2});
        }
        bCPKCS12KeyStore3DES.engineStore(outputStream, str.toCharArray(), z);
    }

    public static final void storeWithPriKeyInfo(byte[] bArr, X509Certificate x509Certificate, byte[] bArr2, X509Certificate x509Certificate2, String str, OutputStream outputStream, boolean z) throws KeyStoreException, IOException, CertificateEncodingException, NoSuchAlgorithmException {
        JDKPKCS12KeyStore.BCPKCS12KeyStore3DES bCPKCS12KeyStore3DES = new JDKPKCS12KeyStore.BCPKCS12KeyStore3DES();
        if (bArr == null) {
            throw new IOException("private key for signing is null.");
        }
        if (x509Certificate == null) {
            throw new IOException("cert for signing is null.");
        }
        if (str == null) {
            throw new IOException("password is null.");
        }
        if (bArr != null && x509Certificate != null) {
            bCPKCS12KeyStore3DES.engineSetKeyEntryForPrivateKeyInfo(getFingerPrint(x509Certificate), bArr, new Certificate[]{x509Certificate});
        }
        if (bArr2 != null && x509Certificate2 != null) {
            bCPKCS12KeyStore3DES.engineSetKeyEntryForPrivateKeyInfo(getFingerPrint(x509Certificate2), bArr2, new Certificate[]{x509Certificate2});
        }
        bCPKCS12KeyStore3DES.engineStoreWithPrivateKeyInfo(outputStream, str.toCharArray(), z);
    }
}
