package com.ibm.gsk.ikeyman.basic;

import com.ibm.asn1.ASN1Exception;
import com.ibm.asn1.ASN1OID;
import com.ibm.asn1.BERDecoder;
import com.ibm.cfwk.pkcs.PKCS12PBE;
import com.ibm.cfwk.pkcs.PKCSException;
import com.ibm.cfwk.pki.X509Cert;
import com.ibm.cfwk.pki.X509Chain;
import com.ibm.cfwk.tools.PrivateKeyAndCertificateChain;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;

/* loaded from: input_file:efixes/PQ89734_linux_s390/components/prereq.jdk/update.jar:/java/jre/lib/ext/gskikm.jar:com/ibm/gsk/ikeyman/basic/KMpkcs12.class */
public class KMpkcs12 {
    private String filename;
    private String password;
    private boolean encoded;
    private boolean decoded;
    private int version;
    private int iterationCount;
    private ASN1OID encodingAlgorithm;
    private byte[] encodedPKCS12Data;
    private KeyItem[] keyItemChain;
    private int numItems;
    private PrivateKeyInfoItem unencPvtKey;

    public KMpkcs12(String str, String str2) throws IOException {
        this.filename = null;
        this.password = null;
        this.encoded = false;
        this.decoded = false;
        this.version = 0;
        this.iterationCount = 1;
        this.encodingAlgorithm = PKCS12PBE.SHA1_RC2_40;
        this.numItems = 0;
        FileInputStream fileInputStream = new FileInputStream(str);
        this.encodedPKCS12Data = new byte[fileInputStream.available()];
        fileInputStream.read(this.encodedPKCS12Data);
        fileInputStream.close();
        this.password = str2;
        this.encoded = true;
        this.decoded = false;
    }

    public KMpkcs12(String str, String str2, KeyItem[] keyItemArr, PrivateKeyInfoItem privateKeyInfoItem) {
        this.filename = null;
        this.password = null;
        this.encoded = false;
        this.decoded = false;
        this.version = 0;
        this.iterationCount = 1;
        this.encodingAlgorithm = PKCS12PBE.SHA1_RC2_40;
        this.numItems = 0;
        this.filename = str;
        this.password = str2;
        this.keyItemChain = keyItemArr;
        this.unencPvtKey = privateKeyInfoItem;
        this.encoded = false;
        this.encodedPKCS12Data = null;
        if (keyItemArr != null) {
            this.numItems = keyItemArr.length;
        }
        if (this.numItems > 0) {
            this.decoded = true;
        } else {
            this.decoded = false;
        }
    }

    public void writeFile() throws IOException {
        if (!this.encoded || this.encodedPKCS12Data == null || this.encodedPKCS12Data.length <= 0) {
            return;
        }
        FileOutputStream fileOutputStream = new FileOutputStream(this.filename);
        fileOutputStream.write(this.encodedPKCS12Data);
        fileOutputStream.close();
    }

    public void encode() throws Exception {
        if (!this.encoded && this.decoded && this.numItems > 0) {
            try {
                X509Cert[] x509CertArr = new X509Cert[this.numItems];
                String[] strArr = new String[this.numItems];
                for (int i = 0; i < this.numItems; i++) {
                    if (this.keyItemChain[i].hasCertificate()) {
                        x509CertArr[i] = new X509Cert(((CertificateItem) this.keyItemChain[i].getCertificateChain().elementAt(0)).getEncoded());
                    }
                    strArr[i] = this.keyItemChain[i].getKeyLabel();
                }
                this.encodedPKCS12Data = new PrivateKeyAndCertificateChain(this.unencPvtKey.getEncoded(), new X509Chain(x509CertArr), strArr, new byte[]{1, 2, 3}).makePKCS12PDU(this.password, this.encodingAlgorithm, (String) null, this.iterationCount);
                this.encoded = true;
            } catch (Exception e) {
                this.encoded = false;
                throw e;
            }
        }
    }

    public void decode() throws Exception {
        if (!this.decoded && this.encoded && this.encodedPKCS12Data != null && this.encodedPKCS12Data.length > 0) {
            try {
                PrivateKeyAndCertificateChain privateKeyAndCertificateChain = new PrivateKeyAndCertificateChain(this.encodedPKCS12Data, this.password);
                X509Chain certificateChain = privateKeyAndCertificateChain.getCertificateChain();
                String[] friendlyNames = privateKeyAndCertificateChain.getFriendlyNames();
                this.unencPvtKey = new PrivateKeyInfoItem(privateKeyAndCertificateChain.getPrivateKey());
                privateKeyAndCertificateChain.destroyPrivateKey();
                this.numItems = certificateChain.length();
                this.keyItemChain = new KeyItem[this.numItems];
                for (int i = 0; i < this.numItems; i++) {
                    CertificateItem certificateItem = new CertificateItem(certificateChain.cert(i).encode());
                    this.keyItemChain[i] = new KeyItem();
                    if (friendlyNames[i] != null) {
                        this.keyItemChain[i].setKeyLabel(friendlyNames[i]);
                    } else if (certificateChain.cert(i).subject().attribute("cn") != null) {
                        this.keyItemChain[i].setKeyLabel(certificateChain.cert(i).subject().attribute("cn").valueToString());
                    } else {
                        this.keyItemChain[i].setKeyLabel(null);
                    }
                    this.keyItemChain[i].addCertificate(certificateItem);
                }
                this.decoded = true;
            } catch (PKCSException e) {
                this.decoded = false;
                if (e.getErrorCode() != PKCSException.BAD_MAC) {
                    throw e;
                }
                throw new CMSKeyDatabaseException(0, KMSystem.getNLSErrString("GSKKM_ERR_PKCS12_PWD_CORRUPTION"));
            }
        }
    }

    public int version() {
        if (this.encoded && this.version == 0) {
            try {
                BERDecoder bERDecoder = new BERDecoder(this.encodedPKCS12Data);
                bERDecoder.decodeSequence();
                this.version = bERDecoder.decodeIntegerAsInt();
            } catch (ASN1Exception e) {
                this.version = 1;
            }
        }
        return this.version;
    }

    public KeyItem[] getKeyItemChain() {
        return this.keyItemChain;
    }

    public PrivateKeyInfoItem getPvtKey() {
        return this.unencPvtKey;
    }

    public void destroyPvtKey() {
        this.unencPvtKey.destroy();
        this.unencPvtKey = null;
    }

    public void setIteration(int i) {
        if (i > 0) {
            this.iterationCount = i;
        } else {
            this.iterationCount = 1;
        }
    }

    public void setEncAlg(String str) {
        if (str.equals("SHA1_RC2_40")) {
            this.encodingAlgorithm = PKCS12PBE.SHA1_RC2_40;
            return;
        }
        if (str.equals("SHA1_RC2_128")) {
            this.encodingAlgorithm = PKCS12PBE.SHA1_RC2_128;
            return;
        }
        if (str.equals("SHA1_2DES3")) {
            this.encodingAlgorithm = PKCS12PBE.SHA1_2DES3;
            return;
        }
        if (str.equals("SHA1_3DES3")) {
            this.encodingAlgorithm = PKCS12PBE.SHA1_3DES3;
            return;
        }
        if (str.equals("SHA1_RC4_40")) {
            this.encodingAlgorithm = PKCS12PBE.SHA1_RC4_40;
        } else if (str.equals("SHA1_RC4_128")) {
            this.encodingAlgorithm = PKCS12PBE.SHA1_RC4_128;
        } else {
            this.encodingAlgorithm = PKCS12PBE.SHA1_RC2_40;
        }
    }
}
