package com.fs.util;

import java.io.ByteArrayInputStream;
import org.bc.asn1.ASN1InputStream;
import org.bc.asn1.ASN1OctetString;
import org.bc.asn1.ASN1Sequence;
import org.bc.asn1.DERInteger;
import org.bc.asn1.DERObjectIdentifier;
import org.bc.asn1.DERTaggedObject;
import org.bc.asn1.pkcs.AuthenticatedSafe;
import org.bc.asn1.pkcs.ContentInfo;
import org.bc.asn1.pkcs.EncryptedData;
import org.bc.asn1.pkcs.EncryptedPrivateKeyInfo;
import org.bc.asn1.pkcs.MacData;
import org.bc.asn1.pkcs.PKCS12PBEParams;
import org.bc.asn1.pkcs.Pfx;
import org.bc.asn1.pkcs.PrivateKeyInfo;
import org.bc.asn1.pkcs.RSAPrivateKeyStructure;
import org.bc.asn1.pkcs.SafeBag;
import org.bc.asn1.x509.AlgorithmIdentifier;
import org.bc.asn1.x509.Time;
import org.bc.asn1.x509.X509Name;
import org.bc.crypto.CipherParameters;
import org.bc.crypto.engines.DESedeEngine;
import org.bc.crypto.engines.RC2Engine;
import org.bc.crypto.generators.PKCS12ParametersGenerator;
import org.bc.crypto.modes.CBCBlockCipher;
import org.bc.crypto.paddings.PaddedBufferedBlockCipher;
import org.bc.digests.SHA1Digest;
import org.spongycastle.crypto.tls.CipherSuite;

/* loaded from: classes.dex */
public class PKCS12Utils {
    public static final byte FLAG_PWD_CERT = 2;
    public static final byte FLAG_PWD_KEY_CERT = 3;
    public static final byte FLAG_PWD_RSAKEY = 1;
    public static final byte FLAG_VERIFYPWD = 0;
    private static final String bagtypes = "1.2.840.113549.1.12.10.1";
    private static final String pkcs_12 = "1.2.840.113549.1.12";
    private static final String pkcs_7 = "1.2.840.113549.1.7";
    private RSAPrivateKeyStructure rsaKey;
    private byte[] x509Usercert;
    private static final DERObjectIdentifier pkcs_7_data = new DERObjectIdentifier("1.2.840.113549.1.7.1");
    private static final DERObjectIdentifier pkcs_7_encryptedData = new DERObjectIdentifier("1.2.840.113549.1.7.6");
    private static final DERObjectIdentifier keyBag = new DERObjectIdentifier("1.2.840.113549.1.12.10.1.1");
    private static final DERObjectIdentifier pkcs8ShroudedKeyBag = new DERObjectIdentifier("1.2.840.113549.1.12.10.1.2");
    private static final DERObjectIdentifier certBag = new DERObjectIdentifier("1.2.840.113549.1.12.10.1.3");

    public PKCS12Utils(ByteArrayInputStream byteArrayInputStream, char[] cArr, byte b10) {
        RSAPrivateKeyStructure rSAPrivateKeyStructure;
        Pfx pfx = new Pfx((ASN1Sequence) new ASN1InputStream(byteArrayInputStream).readObject());
        ContentInfo authSafe = pfx.getAuthSafe();
        MacData macData = pfx.getMacData();
        if (pfx.getMacData() != null && checkP12MAC(macData, authSafe, cArr) != 0) {
            throw new IllegalArgumentException("unknown pkcs12 object!");
        }
        if (b10 != 0 && authSafe.getContentType().equals(pkcs_7_data)) {
            ContentInfo[] contentInfo = new AuthenticatedSafe((ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(((ASN1OctetString) authSafe.getContent()).getOctets())).readObject()).getContentInfo();
            for (int i10 = 0; i10 != contentInfo.length; i10++) {
                DERObjectIdentifier contentType = contentInfo[i10].getContentType();
                if (contentType.equals(pkcs_7_data)) {
                    ASN1Sequence aSN1Sequence = (ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(((ASN1OctetString) contentInfo[i10].getContent()).getOctets())).readObject();
                    int i11 = 0;
                    while (true) {
                        if (i11 != aSN1Sequence.size()) {
                            SafeBag safeBag = new SafeBag((ASN1Sequence) aSN1Sequence.getObjectAt(i11));
                            if (safeBag.getBagId().equals(pkcs8ShroudedKeyBag)) {
                                if ((b10 & 1) > 0) {
                                    EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo((ASN1Sequence) safeBag.getBagValue());
                                    try {
                                        if (this.rsaKey == null) {
                                            this.rsaKey = unwrapKey(encryptedPrivateKeyInfo.getEncryptionAlgorithm(), encryptedPrivateKeyInfo.getEncryptedData(), cArr);
                                            break;
                                        }
                                    } catch (Exception e10) {
                                        e10.printStackTrace();
                                        this.rsaKey = null;
                                    }
                                } else {
                                    continue;
                                }
                            } else if (safeBag.getBagId().equals(certBag)) {
                                ASN1Sequence aSN1Sequence2 = (ASN1Sequence) safeBag.getBagValue();
                                if (this.x509Usercert == null) {
                                    this.x509Usercert = ((ASN1OctetString) ((DERTaggedObject) aSN1Sequence2.getObjectAt(1)).getObject()).getOctets();
                                }
                            } else {
                                System.out.println("extra in data " + safeBag.getBagId());
                            }
                            i11++;
                        }
                    }
                } else if (contentType.equals(pkcs_7_encryptedData) && (b10 & 2) > 0) {
                    EncryptedData encryptedData = new EncryptedData((ASN1Sequence) contentInfo[i10].getContent());
                    try {
                        ASN1Sequence decryptData = decryptData(encryptedData.getEncryptionAlgorithm(), encryptedData.getContent().getOctets(), cArr);
                        for (int i12 = 0; i12 != decryptData.size(); i12++) {
                            SafeBag safeBag2 = new SafeBag((ASN1Sequence) decryptData.getObjectAt(i12));
                            if (safeBag2.getBagId().equals(certBag)) {
                                ASN1Sequence aSN1Sequence3 = (ASN1Sequence) safeBag2.getBagValue();
                                if (this.x509Usercert == null) {
                                    this.x509Usercert = ((ASN1OctetString) ((DERTaggedObject) aSN1Sequence3.getObjectAt(1)).getObject()).getOctets();
                                }
                            } else if (safeBag2.getBagId().equals(pkcs8ShroudedKeyBag)) {
                                EncryptedPrivateKeyInfo encryptedPrivateKeyInfo2 = new EncryptedPrivateKeyInfo((ASN1Sequence) safeBag2.getBagValue());
                                if (this.rsaKey == null) {
                                    rSAPrivateKeyStructure = unwrapKey(encryptedPrivateKeyInfo2.getEncryptionAlgorithm(), encryptedPrivateKeyInfo2.getEncryptedData(), cArr);
                                    this.rsaKey = rSAPrivateKeyStructure;
                                }
                            } else if (safeBag2.getBagId().equals(keyBag)) {
                                PrivateKeyInfo privateKeyInfo = new PrivateKeyInfo((ASN1Sequence) safeBag2.getBagValue());
                                if (this.rsaKey == null) {
                                    rSAPrivateKeyStructure = new RSAPrivateKeyStructure((ASN1Sequence) privateKeyInfo.getPrivateKey());
                                    this.rsaKey = rSAPrivateKeyStructure;
                                }
                            } else {
                                System.out.println("extra in encryptedData " + safeBag2.getBagId());
                            }
                        }
                    } catch (Exception e11) {
                        e11.printStackTrace();
                        throw new IllegalArgumentException("PKCS12 get " + pkcs_7_encryptedData + " fail!");
                    }
                }
            }
        }
    }

    private int checkP12MAC(MacData macData, ContentInfo contentInfo, char[] cArr) {
        PKCS12ParametersGenerator pKCS12ParametersGenerator = new PKCS12ParametersGenerator(new SHA1Digest());
        pKCS12ParametersGenerator.init(PKCS12ParametersGenerator.PKCS12PasswordToBytes(cArr), macData.getSalt(), macData.getIterationCount().intValue());
        CipherParameters generateDerivedMacParameters = pKCS12ParametersGenerator.generateDerivedMacParameters(CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256);
        byte[] octets = ((ASN1OctetString) contentInfo.getContent()).getOctets();
        HMac hMac = new HMac(new SHA1Digest());
        hMac.init(generateDerivedMacParameters);
        hMac.update(octets, 0, octets.length);
        byte[] bArr = new byte[20];
        hMac.doFinal(bArr, 0);
        byte[] digest = macData.getMac().getDigest();
        if (20 != digest.length) {
            return -1;
        }
        for (int i10 = 0; i10 != 20; i10++) {
            if (bArr[i10] != digest[i10]) {
                return -1;
            }
        }
        return 0;
    }

    private static ASN1Sequence decryptData(AlgorithmIdentifier algorithmIdentifier, byte[] bArr, char[] cArr) {
        PKCS12PBEParams pKCS12PBEParams = new PKCS12PBEParams((ASN1Sequence) algorithmIdentifier.getParameters());
        PaddedBufferedBlockCipher paddedBufferedBlockCipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new RC2Engine()));
        PKCS12ParametersGenerator pKCS12ParametersGenerator = new PKCS12ParametersGenerator(new SHA1Digest());
        pKCS12ParametersGenerator.init(PKCS12ParametersGenerator.PKCS12PasswordToBytes(cArr), pKCS12PBEParams.getIV(), pKCS12PBEParams.getIterations().intValue());
        paddedBufferedBlockCipher.init(false, pKCS12ParametersGenerator.generateDerivedParameters(40, 64));
        int outputSize = paddedBufferedBlockCipher.getOutputSize(bArr.length);
        byte[] bArr2 = new byte[outputSize];
        paddedBufferedBlockCipher.processBytes(bArr, 0, bArr.length, bArr2, 0);
        paddedBufferedBlockCipher.doFinal(bArr2, outputSize);
        return (ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(bArr2)).readObject();
    }

    public static byte[] getX509Cert_CertHash(byte[] bArr) {
        SHA1Digest sHA1Digest = new SHA1Digest();
        sHA1Digest.update(bArr, 0, bArr.length);
        byte[] bArr2 = new byte[20];
        sHA1Digest.doFinal(bArr2, 0);
        return bArr2;
    }

    public static X509Name getX509Cert_IssuerX509Name(byte[] bArr) {
        ASN1Sequence aSN1Sequence = (ASN1Sequence) new ASN1InputStream(bArr).readObject();
        if (aSN1Sequence.size() != 3) {
            throw new IllegalArgumentException("sequence wrong size for a certificate");
        }
        ASN1Sequence aSN1Sequence2 = (ASN1Sequence) aSN1Sequence.getObjectAt(0);
        return X509Name.getInstance(aSN1Sequence2.getObjectAt((aSN1Sequence2.getObjectAt(0) instanceof DERTaggedObject ? 0 : -1) + 3));
    }

    public static String getX509Cert_NotAfter(byte[] bArr) {
        ASN1Sequence aSN1Sequence = (ASN1Sequence) new ASN1InputStream(bArr).readObject();
        if (aSN1Sequence.size() != 3) {
            throw new IllegalArgumentException("sequence wrong size for a certificate");
        }
        ASN1Sequence aSN1Sequence2 = (ASN1Sequence) aSN1Sequence.getObjectAt(0);
        return Time.getInstance(((ASN1Sequence) aSN1Sequence2.getObjectAt((aSN1Sequence2.getObjectAt(0) instanceof DERTaggedObject ? 0 : -1) + 4)).getObjectAt(1)).getTime();
    }

    public static String getX509Cert_NotBefore(byte[] bArr) {
        ASN1Sequence aSN1Sequence = (ASN1Sequence) new ASN1InputStream(bArr).readObject();
        if (aSN1Sequence.size() != 3) {
            throw new IllegalArgumentException("sequence wrong size for a certificate");
        }
        ASN1Sequence aSN1Sequence2 = (ASN1Sequence) aSN1Sequence.getObjectAt(0);
        return Time.getInstance(((ASN1Sequence) aSN1Sequence2.getObjectAt((aSN1Sequence2.getObjectAt(0) instanceof DERTaggedObject ? 0 : -1) + 4)).getObjectAt(0)).getTime();
    }

    public static byte[] getX509Cert_Serial(byte[] bArr) {
        return getX509Cert_SerialDER(bArr).getBigIntegerBytes();
    }

    public static DERInteger getX509Cert_SerialDER(byte[] bArr) {
        ASN1Sequence aSN1Sequence = (ASN1Sequence) new ASN1InputStream(bArr).readObject();
        if (aSN1Sequence.size() != 3) {
            throw new IllegalArgumentException("sequence wrong size for a certificate");
        }
        ASN1Sequence aSN1Sequence2 = (ASN1Sequence) aSN1Sequence.getObjectAt(0);
        return DERInteger.getInstance(aSN1Sequence2.getObjectAt((aSN1Sequence2.getObjectAt(0) instanceof DERTaggedObject ? 0 : -1) + 1));
    }

    public static String getX509Cert_Subject(byte[] bArr) {
        ASN1Sequence aSN1Sequence = (ASN1Sequence) new ASN1InputStream(bArr).readObject();
        if (aSN1Sequence.size() != 3) {
            throw new IllegalArgumentException("sequence wrong size for a certificate");
        }
        ASN1Sequence aSN1Sequence2 = (ASN1Sequence) aSN1Sequence.getObjectAt(0);
        return X509Name.getInstance(aSN1Sequence2.getObjectAt((aSN1Sequence2.getObjectAt(0) instanceof DERTaggedObject ? 0 : -1) + 5)).toString();
    }

    private static RSAPrivateKeyStructure unwrapKey(AlgorithmIdentifier algorithmIdentifier, byte[] bArr, char[] cArr) {
        PKCS12PBEParams pKCS12PBEParams = new PKCS12PBEParams((ASN1Sequence) algorithmIdentifier.getParameters());
        PKCS12ParametersGenerator pKCS12ParametersGenerator = new PKCS12ParametersGenerator(new SHA1Digest());
        pKCS12ParametersGenerator.init(PKCS12ParametersGenerator.PKCS12PasswordToBytes(cArr), pKCS12PBEParams.getIV(), pKCS12PBEParams.getIterations().intValue());
        CipherParameters generateDerivedParameters = pKCS12ParametersGenerator.generateDerivedParameters(192, 64);
        PaddedBufferedBlockCipher paddedBufferedBlockCipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new DESedeEngine()));
        paddedBufferedBlockCipher.init(false, generateDerivedParameters);
        byte[] bArr2 = new byte[paddedBufferedBlockCipher.getOutputSize(bArr.length)];
        int processBytes = paddedBufferedBlockCipher.processBytes(bArr, 0, bArr.length, bArr2, 0);
        int doFinal = processBytes + paddedBufferedBlockCipher.doFinal(bArr2, processBytes);
        byte[] bArr3 = new byte[doFinal];
        System.arraycopy(bArr2, 0, bArr3, 0, doFinal);
        return new RSAPrivateKeyStructure((ASN1Sequence) new PrivateKeyInfo((ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(bArr3)).readObject()).getPrivateKey());
    }

    public byte[] getCertificate() {
        return this.x509Usercert;
    }

    public RSAPrivateKeyStructure getPrivateKey() {
        return this.rsaKey;
    }
}
