package com.ibm.cfwk.pkcs;

import com.ibm.asn1.ASN1OID;
import com.ibm.asn1.BERAny;
import com.ibm.asn1.BEREncoder;
import com.ibm.cfwk.API;
import com.ibm.cfwk.BadParameterException;
import com.ibm.cfwk.FailedException;
import com.ibm.cfwk.Key;
import com.ibm.cfwk.RandomEngine;
import com.ibm.cfwk.Vault;
import com.ibm.cfwk.key.RSAKey;
import com.ibm.cfwk.pki.AlgId;
import com.ibm.cfwk.pki.AssortedIDs;
import com.ibm.cfwk.pki.PBEAlgId;
import com.ibm.cfwk.pki.X509Chain;

/* loaded from: input_file:lib/swimport.zip:com/ibm/cfwk/pkcs/PKCS12Util.class */
public class PKCS12Util {
    public static byte[] makePKCS12PDU(RSAKey rSAKey, X509Chain x509Chain, byte[] bArr, ASN1OID asn1oid, RandomEngine randomEngine, API api) {
        if (!rSAKey.keyType.equals(Key.RSA_CRT)) {
            throw new BadParameterException(new StringBuffer("Cannot handle keys of type: ").append(rSAKey.keyType).toString());
        }
        Attribute[] attributeArr = {new Attribute(), new Attribute()};
        attributeArr[0].type = PKCS9.LOCAL_KEY_ID;
        attributeArr[1].type = PKCS9.FRIENDLY_NAME;
        try {
            BEREncoder bEREncoder = new BEREncoder();
            bEREncoder.encodeOctetString(randomEngine.extractRandomBytes(4));
            attributeArr[0].values = new Object[]{new BERAny(bEREncoder.toByteArray())};
            BEREncoder bEREncoder2 = new BEREncoder();
            bEREncoder2.encodeBMPString("Some name");
            attributeArr[1].values = new Object[]{new BERAny(bEREncoder2.toByteArray())};
            PKCS12SafeBag[] pKCS12SafeBagArr = new PKCS12SafeBag[x509Chain.length() + 1];
            PKCS12SafeBag pKCS12SafeBag = new PKCS12SafeBag();
            pKCS12SafeBag.type = PKCS12SafeBag.KEY_BAG;
            pKCS12SafeBag.contentType = null;
            pKCS12SafeBag.content = new PKCS8(rSAKey);
            pKCS12SafeBagArr[0] = pKCS12SafeBag;
            pKCS12SafeBagArr[0].attributes = attributeArr;
            for (int length = pKCS12SafeBagArr.length - 1; length >= 1; length--) {
                PKCS12SafeBag pKCS12SafeBag2 = new PKCS12SafeBag();
                pKCS12SafeBagArr[length] = pKCS12SafeBag2;
                pKCS12SafeBag2.type = PKCS12SafeBag.CERT_BAG;
                pKCS12SafeBag2.contentType = PKCS9.X509_CERT;
                pKCS12SafeBag2.content = x509Chain.cert(length - 1);
                if (length == 1) {
                    pKCS12SafeBag2.attributes = attributeArr;
                }
            }
            PKCS7Encrypted pKCS7Encrypted = new PKCS7Encrypted();
            pKCS7Encrypted.encContentType = PKCS7.DATA;
            pKCS7Encrypted.encAlgId = new PBEAlgId(asn1oid, randomEngine.extractRandomBytes(8), 1);
            pKCS7Encrypted.content = pKCS12SafeBagArr;
            PKCS12 pkcs12 = new PKCS12();
            pkcs12.version = 3;
            pkcs12.bagContentTypes = new ASN1OID[]{PKCS7.ENCRYPTED};
            pkcs12.bags = new Object[]{pKCS7Encrypted};
            pkcs12.digestAlg = new AlgId().init(AssortedIDs.oiw_sha1, AlgId.NULL);
            pkcs12.macSalt = randomEngine.extractRandomBytes(20);
            pkcs12.macIterationCount = 1;
            try {
                BEREncoder bEREncoder3 = new BEREncoder();
                pkcs12.encode(bEREncoder3, bArr, api);
                return bEREncoder3.toByteArray();
            } catch (Exception e) {
                throw new FailedException("ASN.1 encoding failed", e);
            }
        } catch (Exception e2) {
            throw new FailedException("ASN.1 encoding failed", e2);
        }
    }

    public static Vault readPKCS12PDU(byte[] bArr, byte[] bArr2, API api) {
        return null;
    }
}
