package com.ibm.security.tools;

import com.ibm.misc.HexDumpEncoder;
import com.ibm.security.pkcs12.PFX;
import com.ibm.security.pkcs5.PKCS5;
import com.ibm.security.pkcs8.EncryptedPrivateKeyInfo;
import com.ibm.security.pkcs8.PrivateKeyInfo;
import com.ibm.security.x509.X509CertImpl;
import java.io.FileInputStream;
import java.security.MessageDigest;

/* loaded from: input_file:ca142-20050929a-sdk.jar:sdk/jre/lib/ibmpkcs.jar:com/ibm/security/tools/genPFX.class */
public class genPFX {
    public static void main(String[] strArr) {
        String str = null;
        String str2 = null;
        String str3 = null;
        String str4 = null;
        String str5 = null;
        String str6 = null;
        char[] cArr = null;
        int i = 0;
        while (i < strArr.length) {
            try {
                String str7 = strArr[i];
                if (str7.equals("-c")) {
                    if (str != null) {
                        System.out.println("ERROR: Certificate has already been specified.");
                        usage();
                        System.exit(1);
                    }
                    i++;
                    str = strArr[i];
                } else if (str7.equals("-s")) {
                    if (str2 != null || str3 != null) {
                        System.out.println("ERROR: Key has already been specified.");
                        usage();
                        System.exit(1);
                    }
                    i++;
                    str3 = strArr[i];
                } else if (str7.equals("-k")) {
                    if (str2 != null || str3 != null) {
                        System.out.println("ERROR: Key has already been specified.");
                        usage();
                        System.exit(1);
                    }
                    i++;
                    str2 = strArr[i];
                } else if (str7.equals("-p")) {
                    if (str5 != null) {
                        System.out.println("ERROR: Algorithm has already been specified.");
                        usage();
                        System.exit(1);
                    }
                    i++;
                    str5 = strArr[i];
                } else if (str7.equals("-m")) {
                    if (cArr != null) {
                        System.out.println("ERROR: Password has already been specified.");
                        usage();
                        System.exit(1);
                    }
                    i++;
                    cArr = strArr[i].toCharArray();
                } else if (str7.equals("-f")) {
                    if (str6 != null) {
                        System.out.println("ERROR: Friendly name has already been specified.");
                        usage();
                        System.exit(1);
                    }
                    i++;
                    str6 = strArr[i];
                } else if (str7.equals("-o")) {
                    if (str4 != null) {
                        System.out.println("ERROR: Output file has already been specified.");
                        usage();
                        System.exit(1);
                    }
                    i++;
                    str4 = new StringBuffer().append(strArr[i]).append(".p12").toString();
                }
                i++;
            } catch (Exception e) {
                System.out.println(new StringBuffer().append("ERROR: ").append(e.toString()).toString());
                e.printStackTrace();
                return;
            }
        }
        if (cArr == null) {
            System.out.println("ERROR: Password must be specified.");
            usage();
            System.exit(1);
        }
        if (str == null) {
            System.out.println("ERROR: Certificate must be specified.");
            usage();
            System.exit(1);
        }
        if (str6 == null) {
            System.out.println("ERROR: Friendly name must be specified.");
            usage();
            System.exit(1);
        }
        if (str4 == null) {
            System.out.println("ERROR: Output file must be specified.");
            usage();
            System.exit(1);
        }
        if (str5 == null) {
            str5 = "40BitRC2";
        }
        System.out.println("Creating PFX from input files.");
        System.out.println(new StringBuffer().append("Using friendly name ").append(str6).toString());
        PFX pfx = new PFX();
        System.out.println(new StringBuffer().append("Processing certificate from ").append(str).toString());
        FileInputStream fileInputStream = new FileInputStream(str);
        X509CertImpl x509CertImpl = new X509CertImpl(fileInputStream);
        byte[] encoded = x509CertImpl.getPublicKey().getEncoded();
        fileInputStream.read(encoded);
        fileInputStream.close();
        MessageDigest messageDigest = MessageDigest.getInstance(PKCS5.MESSAGE_DIGEST_SHA1);
        messageDigest.update(encoded);
        byte[] digest = messageDigest.digest();
        pfx.addCertificate(x509CertImpl, str6, digest);
        HexDumpEncoder hexDumpEncoder = new HexDumpEncoder();
        System.out.println("key id:");
        System.out.println(hexDumpEncoder.encodeBuffer(digest));
        if (str2 != null) {
            System.out.println(new StringBuffer().append("Processing private key from ").append(str2).toString());
            FileInputStream fileInputStream2 = new FileInputStream(str2);
            byte[] bArr = new byte[fileInputStream2.available()];
            fileInputStream2.read(bArr);
            pfx.addPrivateKey(new PrivateKeyInfo(bArr), str6, digest);
            fileInputStream2.close();
        }
        if (str3 != null) {
            System.out.println(new StringBuffer().append("Processing shrouded key from ").append(str3).toString());
            FileInputStream fileInputStream3 = new FileInputStream(str3);
            byte[] bArr2 = new byte[fileInputStream3.available()];
            fileInputStream3.read(bArr2);
            pfx.addShroudedKey(new EncryptedPrivateKeyInfo(bArr2), str6, digest);
            fileInputStream3.close();
        }
        System.out.println(new StringBuffer().append("Protecting data with algorithm PBEWithSHAAnd").append(str5).toString());
        pfx.protect(str5, cArr);
        System.out.println(new StringBuffer().append("Writing PFX to file ").append(str4).toString());
        pfx.write(str4, false);
    }

    private static void usage() {
        System.out.println("Usage: genPFX -m mac_pwd -f friendly_name -c certfile");
        System.out.println("              [[-k keyfile] | [-s shrouded_keyfile]]");
        System.out.println("              [-p alg] -o outfile");
        System.out.println("       where mac_pwd is a password used for data integrity and privacy");
        System.out.println("             friendly_name is an alias attached to the personal data");
        System.out.println("             certfile contains an X.509 certificate");
        System.out.println("             keyfile or shrouded_keyfile contains a private key");
        System.out.println("                 - only one of them may be specified");
        System.out.println("             alg is the encryption algorithm for data protection");
        System.out.println("                 - the default is 40BitRC2");
        System.out.println("             outfile is the file the DER-encoded PFX will be written to");
        System.out.println("                 (with a .p12 extension)");
    }
}
