package cn.com.gfa.pki.pkcs;

import cn.com.gfa.pki.asn1.pkcs.SafeContents;
import cn.com.gfa.pki.crypto.BCSoftCryptoToken;
import cn.com.gfa.pki.crypto.CryptoToken;
import cn.com.gfa.pki.crypto.PKICryptoException;
import cn.com.gfa.pki.crypto.param.CBCParam;
import cn.com.gfa.pki.crypto.params.CipherParams;
import cn.com.gfa.pki.crypto.params.MACParams;
import cn.com.gfa.pki.crypto.params.PBEParam;
import cn.com.gfa.pki.crypto.params.SignParams;
import cn.com.gfa.pki.crypto.params.VerifySignParams;
import cn.com.gfa.pki.util.Base64;
import cn.com.gfa.pki.x509.cert.X509Cert;
import com.alibaba.fastjson.asm.Opcodes;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Vector;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DEREncodable;
import org.bouncycastle.asn1.DERInteger;
import org.bouncycastle.asn1.DERObject;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DEROutputStream;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.cms.EncryptedContentInfo;
import org.bouncycastle.asn1.cms.EncryptedData;
import org.bouncycastle.asn1.pkcs.AuthenticatedSafe;
import org.bouncycastle.asn1.pkcs.CertBag;
import org.bouncycastle.asn1.pkcs.ContentInfo;
import org.bouncycastle.asn1.pkcs.MacData;
import org.bouncycastle.asn1.pkcs.PKCS12PBEParams;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.Pfx;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.pkcs.SafeBag;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.Attribute;
import org.bouncycastle.asn1.x509.DigestInfo;
import org.bouncycastle.asn1.x509.X509CertificateStructure;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.digests.MD2Digest;
import org.bouncycastle.crypto.digests.MD5Digest;
import org.bouncycastle.crypto.digests.SHA1Digest;
import org.bouncycastle.crypto.engines.RC2Engine;
import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator;
import org.bouncycastle.crypto.macs.HMac;
import org.bouncycastle.crypto.modes.CBCBlockCipher;
import org.bouncycastle.crypto.modes.PaddedBlockCipher;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.ocsp.CertificateID;

/* loaded from: classes2.dex */
public class PKCS12 {

    /* renamed from: c, reason: collision with root package name */
    private static CryptoToken f109c;

    /* renamed from: a, reason: collision with other field name */
    private boolean f14a;

    /* renamed from: a, reason: collision with other field name */
    private Pfx f13a = null;

    /* renamed from: a, reason: collision with other field name */
    private CertBag[] f15a = null;
    private DEREncodable a = null;
    private ContentInfo b = null;

    /* renamed from: c, reason: collision with other field name */
    private ContentInfo f16c = null;
    private byte[] password = null;

    static {
        f109c = null;
        if (Security.getProvider(CryptoToken.SOFT_PROVDER) == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
        f109c = new BCSoftCryptoToken();
    }

    public PKCS12() {
        this.f14a = false;
        this.f14a = false;
    }

    private EncryptedPrivateKeyInfo a(PrivateKey privateKey) {
        byte[] encoded = privateKey.getEncoded();
        byte[] bArr = new byte[8];
        new SecureRandom().nextBytes(bArr);
        PKCS12ParametersGenerator pKCS12ParametersGenerator = new PKCS12ParametersGenerator(new SHA1Digest());
        pKCS12ParametersGenerator.init(this.password, bArr, 2000);
        ParametersWithIV parametersWithIV = (ParametersWithIV) pKCS12ParametersGenerator.generateDerivedParameters(192, 64);
        byte[] iv = parametersWithIV.getIV();
        CipherParams cipherParams = CipherParams.getInstance(CipherParams.CIPHER_DESEDE_CBC, SecretKeyFactory.getInstance("DESEDE").generateSecret(new SecretKeySpec(((KeyParameter) parametersWithIV.getParameters()).getKey(), "DESEDE")));
        CBCParam cBCParam = new CBCParam();
        cBCParam.setIv(iv);
        cipherParams.setParam(cBCParam);
        DEROctetString dEROctetString = new DEROctetString(encrypt(cipherParams, encoded));
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        DEROctetString dEROctetString2 = new DEROctetString(bArr);
        DERInteger dERInteger = new DERInteger(2000);
        aSN1EncodableVector.add(dEROctetString2);
        aSN1EncodableVector.add(dERInteger);
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, new DERSequence(aSN1EncodableVector));
        ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
        aSN1EncodableVector2.add(algorithmIdentifier);
        aSN1EncodableVector2.add(dEROctetString);
        return new EncryptedPrivateKeyInfo(m7a(new DERSequence(aSN1EncodableVector2)));
    }

    private ASN1Sequence a(ASN1OctetString aSN1OctetString) {
        return (ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(aSN1OctetString.getOctets())).readObject();
    }

    private DERObject a(byte[] bArr) {
        try {
            return new ASN1InputStream(new ByteArrayInputStream(bArr)).readObject();
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    private EncryptedData a(DEREncodable dEREncodable) {
        byte[] bArr = new byte[8];
        new SecureRandom().nextBytes(bArr);
        PKCS12ParametersGenerator pKCS12ParametersGenerator = new PKCS12ParametersGenerator(new SHA1Digest());
        pKCS12ParametersGenerator.init(this.password, bArr, 2000);
        DEROctetString dEROctetString = new DEROctetString(a(true, pKCS12ParametersGenerator.generateDerivedParameters(40, 64), m7a((DEREncodable) dEREncodable.getDERObject())));
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        DEROctetString dEROctetString2 = new DEROctetString(bArr);
        DERInteger dERInteger = new DERInteger(2000);
        aSN1EncodableVector.add(dEROctetString2);
        aSN1EncodableVector.add(dERInteger);
        return new EncryptedData(new EncryptedContentInfo(PKCSObjectIdentifiers.data, new AlgorithmIdentifier(PKCSObjectIdentifiers.pbewithSHAAnd40BitRC2_CBC, new DERSequence(aSN1EncodableVector)), dEROctetString));
    }

    private MacData a(ContentInfo contentInfo) {
        byte[] bArr = new byte[8];
        new SecureRandom().nextBytes(bArr);
        PKCS12ParametersGenerator pKCS12ParametersGenerator = new PKCS12ParametersGenerator(new SHA1Digest());
        pKCS12ParametersGenerator.init(this.password, bArr, 2000);
        CipherParameters generateDerivedMacParameters = pKCS12ParametersGenerator.generateDerivedMacParameters(Opcodes.IF_ICMPNE);
        byte[] octets = ASN1OctetString.getInstance(contentInfo.getContent()).getOctets();
        HMac hMac = new HMac(new SHA1Digest());
        hMac.init(generateDerivedMacParameters);
        hMac.update(octets, 0, octets.length);
        byte[] bArr2 = new byte[hMac.getMacSize()];
        hMac.doFinal(bArr2, 0);
        return new MacData(new DigestInfo(new AlgorithmIdentifier(new DERObjectIdentifier(CertificateID.HASH_SHA1)), bArr2), bArr, 2000);
    }

    /* renamed from: a, reason: collision with other method in class */
    private void m6a(ContentInfo contentInfo) {
        EncryptedContentInfo encryptedContentInfo = EncryptedData.getInstance(contentInfo.getContent()).getEncryptedContentInfo();
        PKCS12PBEParams pKCS12PBEParams = PKCS12PBEParams.getInstance(encryptedContentInfo.getContentEncryptionAlgorithm().getParameters());
        byte[] iv = pKCS12PBEParams.getIV();
        int intValue = pKCS12PBEParams.getIterations().intValue();
        PKCS12ParametersGenerator pKCS12ParametersGenerator = new PKCS12ParametersGenerator(new SHA1Digest());
        pKCS12ParametersGenerator.init(this.password, iv, intValue);
        SafeBag[] safeBag = SafeContents.getInstance((ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(a(encryptedContentInfo.getContentEncryptionAlgorithm().getObjectId().getId(), pKCS12ParametersGenerator, encryptedContentInfo.getEncryptedContent().getOctets()))).readObject()).getSafeBag();
        Vector vector = new Vector();
        int i = 0;
        while (true) {
            int i2 = i;
            if (i2 >= safeBag.length) {
                this.f15a = new CertBag[vector.size()];
                vector.toArray(this.f15a);
                return;
            } else {
                if (safeBag[i2].getBagId().equals(PKCSObjectIdentifiers.certBag)) {
                    CertBag certBag = new CertBag((ASN1Sequence) safeBag[i2].getBagValue());
                    safeBag[i2].getBagAttributes();
                    vector.add(certBag);
                }
                i = i2 + 1;
            }
        }
    }

    private boolean a() {
        int i;
        PKCS12ParametersGenerator pKCS12ParametersGenerator;
        MACParams mACParams;
        MacData macData = this.f13a.getMacData();
        DigestInfo mac = macData.getMac();
        String id = mac.getAlgorithmId().getObjectId().getId();
        if (id.equals(CertificateID.HASH_SHA1)) {
            i = 160;
            pKCS12ParametersGenerator = new PKCS12ParametersGenerator(new SHA1Digest());
            mACParams = MACParams.getInstance(MACParams.HMAC_SHA1);
        } else if (id.equals("1.2.840.113549.2.2")) {
            i = 128;
            pKCS12ParametersGenerator = new PKCS12ParametersGenerator(new MD2Digest());
            mACParams = MACParams.getInstance(MACParams.HMAC_MD2);
        } else {
            if (!id.equals("1.2.840.113549.2.5")) {
                throw new Exception("not support digest algorithmIdentifier:" + id);
            }
            i = 128;
            pKCS12ParametersGenerator = new PKCS12ParametersGenerator(new MD5Digest());
            mACParams = MACParams.getInstance(MACParams.HMAC_MD5);
        }
        pKCS12ParametersGenerator.init(this.password, macData.getSalt(), macData.getIterationCount().intValue());
        KeyParameter keyParameter = (KeyParameter) pKCS12ParametersGenerator.generateDerivedMacParameters(i);
        byte[] octets = ASN1OctetString.getInstance(this.f13a.getAuthSafe().getContent()).getOctets();
        mACParams.setKey(SecretKeyFactory.getInstance("DESEDE").generateSecret(new SecretKeySpec(keyParameter.getKey(), "DESEDE")));
        byte[] bArr = (byte[]) null;
        try {
            Mac mac2 = Mac.getInstance(mACParams.getAlgorithm(), CryptoToken.SOFT_PROVDER);
            mac2.init(mACParams.getKey());
            mac2.update(octets);
            bArr = mac2.doFinal();
        } catch (InvalidKeyException e) {
            e.printStackTrace();
        } catch (NoSuchAlgorithmException e2) {
            e2.printStackTrace();
        } catch (NoSuchProviderException e3) {
            e3.printStackTrace();
        }
        return a(bArr, mac.getDigest());
    }

    private boolean a(byte[] bArr, byte[] bArr2) {
        if (bArr.length != bArr2.length) {
            return false;
        }
        for (int i = 0; i < bArr.length; i++) {
            if (bArr[i] != bArr2[i]) {
                return false;
            }
        }
        return true;
    }

    private byte[] a(CipherParams cipherParams, boolean z, byte[] bArr) {
        String algorithm = cipherParams.getKey().getAlgorithm();
        try {
            Cipher cipher = Cipher.getInstance(cipherParams.getAlgorithm(), CryptoToken.SOFT_PROVDER);
            int i = z ? 1 : 2;
            String algorithm2 = cipherParams.getAlgorithm();
            if (algorithm2.indexOf("PBE") != -1) {
                PBEParam pBEParam = (PBEParam) cipherParams.getParam();
                if (pBEParam == null) {
                    throw new PKICryptoException("PBE参数为空");
                }
                cipher.init(i, cipherParams.getKey(), new PBEParameterSpec(pBEParam.getSalt(), pBEParam.getIterations()));
            } else if (algorithm2.indexOf("CBC") != -1) {
                CBCParam cBCParam = (CBCParam) cipherParams.getParam();
                if (cBCParam == null) {
                    throw new PKICryptoException("CBC参数为空");
                }
                cipher.init(i, cipherParams.getKey(), new IvParameterSpec(cBCParam.getIv()));
            } else if (algorithm2.indexOf("IES") != -1) {
                cipher.init(i, cipherParams.getKey(), cipherParams.getAlgorithmParameterSpec());
            } else {
                cipher.init(i, cipherParams.getKey());
            }
            return cipher.doFinal(bArr);
        } catch (InvalidAlgorithmParameterException e) {
            throw new PKICryptoException(e);
        } catch (InvalidKeyException e2) {
            throw new PKICryptoException(e2);
        } catch (NoSuchAlgorithmException e3) {
            e3.printStackTrace();
            throw new PKICryptoException("The algorithm [" + algorithm + "] is not found.", e3);
        } catch (NoSuchProviderException e4) {
            throw new PKICryptoException(e4);
        } catch (BadPaddingException e5) {
            throw new PKICryptoException(e5);
        } catch (IllegalBlockSizeException e6) {
            throw new PKICryptoException(e6);
        } catch (NoSuchPaddingException e7) {
            throw new PKICryptoException(e7);
        }
    }

    private byte[] a(String str, PKCS12ParametersGenerator pKCS12ParametersGenerator, byte[] bArr) {
        if (str.equals(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC.getId()) || str.equals("pbeWithSHAAnd3-KeyTripleDES-CBC")) {
            ParametersWithIV parametersWithIV = (ParametersWithIV) pKCS12ParametersGenerator.generateDerivedParameters(192, 64);
            byte[] iv = parametersWithIV.getIV();
            KeyParameter keyParameter = (KeyParameter) parametersWithIV.getParameters();
            keyParameter.getKey();
            CipherParams cipherParams = CipherParams.getInstance(CipherParams.CIPHER_DESEDE_CBC, SecretKeyFactory.getInstance("DESEDE").generateSecret(new SecretKeySpec(keyParameter.getKey(), "DESEDE")));
            CBCParam cBCParam = new CBCParam();
            cBCParam.setIv(iv);
            cipherParams.setParam(cBCParam);
            return decrypt(cipherParams, bArr);
        }
        if (!str.equals(PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC.getId())) {
            if (str.equals(PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC2_CBC.getId())) {
                return a(false, pKCS12ParametersGenerator.generateDerivedParameters(128, 64), bArr);
            }
            if (str.equals(PKCSObjectIdentifiers.pbewithSHAAnd40BitRC2_CBC.getId())) {
                return a(false, pKCS12ParametersGenerator.generateDerivedParameters(40, 64), bArr);
            }
            throw new Exception("not support pkcs12pbe algorithm: " + str + PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC.getId());
        }
        ParametersWithIV parametersWithIV2 = (ParametersWithIV) pKCS12ParametersGenerator.generateDerivedParameters(128, 64);
        byte[] iv2 = parametersWithIV2.getIV();
        KeyParameter keyParameter2 = (KeyParameter) parametersWithIV2.getParameters();
        keyParameter2.getKey();
        CipherParams cipherParams2 = CipherParams.getInstance(CipherParams.CIPHER_DESEDE_CBC, SecretKeyFactory.getInstance("DESEDE").generateSecret(new SecretKeySpec(keyParameter2.getKey(), "DESEDE")));
        CBCParam cBCParam2 = new CBCParam();
        cBCParam2.setIv(iv2);
        cipherParams2.setParam(cBCParam2);
        return decrypt(cipherParams2, bArr);
    }

    /* renamed from: a, reason: collision with other method in class */
    private byte[] m7a(DEREncodable dEREncodable) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            new DEROutputStream(byteArrayOutputStream).writeObject(dEREncodable);
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e) {
            e.printStackTrace();
            return this.password;
        }
    }

    private byte[] a(boolean z, CipherParameters cipherParameters, byte[] bArr) {
        PaddedBlockCipher paddedBlockCipher = new PaddedBlockCipher(new CBCBlockCipher(new RC2Engine()));
        paddedBlockCipher.init(z, cipherParameters);
        byte[] bArr2 = new byte[paddedBlockCipher.getOutputSize(bArr.length)];
        int processBytes = paddedBlockCipher.processBytes(bArr, 0, bArr.length, bArr2, 0);
        int doFinal = processBytes < bArr2.length ? paddedBlockCipher.doFinal(bArr2, processBytes) : -1;
        if (z) {
            return bArr2;
        }
        byte[] bArr3 = new byte[(bArr2.length - paddedBlockCipher.getBlockSize()) + doFinal];
        System.arraycopy(bArr2, 0, bArr3, 0, bArr3.length);
        return bArr3;
    }

    private void b(ContentInfo contentInfo) {
        SafeBag safeBag = SafeContents.getInstance(a(ASN1OctetString.getInstance(contentInfo.getContent()))).getSafeBag()[0];
        if (safeBag.getBagId().equals(PKCSObjectIdentifiers.keyBag)) {
            this.a = new PrivateKeyInfo((ASN1Sequence) safeBag.getBagValue());
            return;
        }
        if (!safeBag.getBagId().equals(PKCSObjectIdentifiers.pkcs8ShroudedKeyBag)) {
            throw new Exception("handle keyBag error. bagId = " + safeBag.getBagId().getId());
        }
        EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(m7a((DEREncodable) safeBag.getBagValue()));
        PBEParameterSpec pBEParameterSpec = (PBEParameterSpec) encryptedPrivateKeyInfo.getAlgParameters().getParameterSpec(PBEParameterSpec.class);
        byte[] salt = pBEParameterSpec.getSalt();
        int iterationCount = pBEParameterSpec.getIterationCount();
        PKCS12ParametersGenerator pKCS12ParametersGenerator = new PKCS12ParametersGenerator(new SHA1Digest());
        pKCS12ParametersGenerator.init(this.password, salt, iterationCount);
        this.a = (ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(a(encryptedPrivateKeyInfo.getAlgParameters().getAlgorithm(), pKCS12ParametersGenerator, encryptedPrivateKeyInfo.getEncryptedData()))).readObject();
        Attribute.getInstance(safeBag.getBagAttributes().getObjectAt(0));
    }

    public void decrypt(char[] cArr) {
        try {
            if (this.f13a == null) {
                throw new Exception("you must load Pfx first.");
            }
            this.password = PKCS12ParametersGenerator.PKCS12PasswordToBytes(cArr);
            if (!a()) {
                throw new Exception("verifyMac faulture.");
            }
            ContentInfo[] contentInfo = new AuthenticatedSafe(a(ASN1OctetString.getInstance(this.f13a.getAuthSafe().getContent()))).getContentInfo();
            for (int i = 0; i < contentInfo.length; i++) {
                if (contentInfo[i].getContentType().equals(PKCSObjectIdentifiers.data)) {
                    this.b = contentInfo[i];
                } else if (contentInfo[i].getContentType().equals(PKCSObjectIdentifiers.encryptedData)) {
                    this.f16c = contentInfo[i];
                }
            }
            b(this.b);
            m6a(this.f16c);
            this.f14a = true;
        } catch (Exception e) {
            throw new PKCSException(e);
        }
    }

    public byte[] decrypt(CipherParams cipherParams, byte[] bArr) {
        return a(cipherParams, false, bArr);
    }

    public byte[] encrypt(CipherParams cipherParams, byte[] bArr) {
        return a(cipherParams, true, bArr);
    }

    public Pfx generatePfx(PrivateKey privateKey, X509Cert x509Cert, char[] cArr) {
        X509CertificateStructure certStructure = x509Cert.getCertStructure();
        this.password = PKCS12ParametersGenerator.PKCS12PasswordToBytes(cArr);
        try {
            EncryptedPrivateKeyInfo a = a(privateKey);
            DEROctetString dEROctetString = new DEROctetString(m7a((DEREncodable) certStructure.getSerialNumber()));
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(dEROctetString);
            Attribute attribute = new Attribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId, new DERSet(aSN1EncodableVector));
            ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
            aSN1EncodableVector2.add(attribute);
            DERSet dERSet = new DERSet(aSN1EncodableVector2);
            ContentInfo contentInfo = new ContentInfo(PKCSObjectIdentifiers.data, new DEROctetString(m7a((DEREncodable) new AuthenticatedSafe(new ContentInfo[]{new ContentInfo(PKCSObjectIdentifiers.data, new DEROctetString(m7a((DEREncodable) new SafeContents(new SafeBag[]{new SafeBag(PKCSObjectIdentifiers.pkcs8ShroudedKeyBag, a(a.getEncoded()), dERSet)}).getDERObject()))), new ContentInfo(PKCSObjectIdentifiers.encryptedData, a((DEREncodable) new SafeContents(new SafeBag[]{new SafeBag(PKCSObjectIdentifiers.certBag, new CertBag(PKCSObjectIdentifiers.x509certType, new DEROctetString(m7a((DEREncodable) certStructure.getDERObject()))).getDERObject(), dERSet)})).getDERObject())}).getDERObject())));
            return new Pfx(contentInfo, a(contentInfo));
        } catch (Exception e) {
            throw new PKCSException(e);
        }
    }

    public Pfx generatePfx(PrivateKey privateKey, X509Cert[] x509CertArr, char[] cArr) {
        int i = 0;
        X509CertificateStructure certStructure = x509CertArr[0].getCertStructure();
        this.password = PKCS12ParametersGenerator.PKCS12PasswordToBytes(cArr);
        try {
            EncryptedPrivateKeyInfo a = a(privateKey);
            DEROctetString dEROctetString = new DEROctetString(m7a((DEREncodable) certStructure.getSerialNumber()));
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(dEROctetString);
            Attribute attribute = new Attribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId, new DERSet(aSN1EncodableVector));
            ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
            aSN1EncodableVector2.add(attribute);
            DERSet dERSet = new DERSet(aSN1EncodableVector2);
            ContentInfo contentInfo = new ContentInfo(PKCSObjectIdentifiers.data, new DEROctetString(m7a((DEREncodable) new SafeContents(new SafeBag[]{new SafeBag(PKCSObjectIdentifiers.pkcs8ShroudedKeyBag, a(a.getEncoded()), dERSet)}).getDERObject())));
            ContentInfo[] contentInfoArr = new ContentInfo[2];
            contentInfoArr[0] = contentInfo;
            SafeBag[] safeBagArr = new SafeBag[x509CertArr.length];
            while (i < x509CertArr.length) {
                CertBag certBag = new CertBag(PKCSObjectIdentifiers.x509certType, new DEROctetString(m7a((DEREncodable) x509CertArr[i].getCertStructure().getDERObject())));
                safeBagArr[i] = i == 0 ? new SafeBag(PKCSObjectIdentifiers.certBag, certBag.getDERObject(), dERSet) : new SafeBag(PKCSObjectIdentifiers.certBag, certBag.getDERObject());
                i++;
            }
            contentInfoArr[1] = new ContentInfo(PKCSObjectIdentifiers.encryptedData, a((DEREncodable) new SafeContents(safeBagArr)).getDERObject());
            ContentInfo contentInfo2 = new ContentInfo(PKCSObjectIdentifiers.data, new DEROctetString(m7a((DEREncodable) new AuthenticatedSafe(contentInfoArr).getDERObject())));
            return new Pfx(contentInfo2, a(contentInfo2));
        } catch (Exception e) {
            throw new PKCSException(e);
        }
    }

    public byte[] generatePfxData(PrivateKey privateKey, X509Cert x509Cert, char[] cArr) {
        return m7a((DEREncodable) generatePfx(privateKey, x509Cert, cArr).getDERObject());
    }

    public byte[] generatePfxData(PrivateKey privateKey, X509Cert[] x509CertArr, char[] cArr) {
        return m7a((DEREncodable) generatePfx(privateKey, x509CertArr, cArr).getDERObject());
    }

    public void generatePfxFile(PrivateKey privateKey, X509Cert x509Cert, char[] cArr, String str) {
        Pfx generatePfx = generatePfx(privateKey, x509Cert, cArr);
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(str);
            DEROutputStream dEROutputStream = new DEROutputStream(fileOutputStream);
            dEROutputStream.writeObject(generatePfx);
            dEROutputStream.close();
            fileOutputStream.close();
        } catch (Exception e) {
            throw new PKCSException(e);
        }
    }

    public void generatePfxFile(PrivateKey privateKey, X509Cert[] x509CertArr, char[] cArr, String str) {
        Pfx generatePfx = generatePfx(privateKey, x509CertArr, cArr);
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(str);
            DEROutputStream dEROutputStream = new DEROutputStream(fileOutputStream);
            dEROutputStream.writeObject(generatePfx);
            dEROutputStream.close();
            fileOutputStream.close();
        } catch (Exception e) {
            throw new PKCSException(e);
        }
    }

    public X509Cert getCertificate() {
        X509Cert[] certs = getCerts();
        PrivateKey privateKey = getPrivateKey();
        if (certs == null) {
            return null;
        }
        int i = 0;
        boolean z = false;
        for (int i2 = 0; i2 < certs.length; i2++) {
            PublicKey publicKey = certs[i2].getPublicKey();
            byte[] bytes = "ABC".getBytes();
            if (publicKey instanceof RSAPublicKey) {
                try {
                    z = f109c.verifySign(VerifySignParams.getInstance("SHA1WithRSAEncryption", publicKey), bytes, f109c.sign(SignParams.getInstance("SHA1WithRSAEncryption", privateKey), bytes));
                } catch (Exception e) {
                    throw new PKCSException(e);
                }
            }
            if (z) {
                i = i2;
            }
        }
        return certs[i];
    }

    public X509Cert[] getCerts() {
        try {
            if (!this.f14a) {
                throw new Exception("pfx file hasn't been decrypted yet.");
            }
            Vector vector = new Vector();
            for (int i = 0; i < this.f15a.length; i++) {
                DERObjectIdentifier certId = this.f15a[i].getCertId();
                if (!certId.equals(PKCSObjectIdentifiers.x509certType)) {
                    throw new Exception("not support certBag type, id=" + certId.getId());
                }
                vector.add(new X509Cert(X509CertificateStructure.getInstance(a(ASN1OctetString.getInstance(this.f15a[i].getCertValue())))));
            }
            X509Cert[] x509CertArr = new X509Cert[vector.size()];
            vector.toArray(x509CertArr);
            return x509CertArr;
        } catch (Exception e) {
            throw new PKCSException(e);
        }
    }

    public Pfx getPfx() {
        return this.f13a;
    }

    public PrivateKey getPrivateKey() {
        try {
            if (!this.f14a) {
                throw new Exception("pfx file hasn't been decrypted yet.");
            }
            ASN1Sequence aSN1Sequence = (ASN1Sequence) this.a;
            PrivateKeyInfo privateKeyInfo = new PrivateKeyInfo(aSN1Sequence);
            PKCS8EncodedKeySpec pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(m7a((DEREncodable) aSN1Sequence));
            if (privateKeyInfo.getAlgorithmId().getObjectId().equals(PKCSObjectIdentifiers.rsaEncryption)) {
                return KeyFactory.getInstance("RSA").generatePrivate(pKCS8EncodedKeySpec);
            }
            return null;
        } catch (Exception e) {
            throw new PKCSException(e);
        }
    }

    public void load(InputStream inputStream) {
        try {
            ASN1InputStream aSN1InputStream = new ASN1InputStream(inputStream);
            this.f13a = new Pfx((ASN1Sequence) aSN1InputStream.readObject());
            aSN1InputStream.close();
            inputStream.close();
        } catch (Exception e) {
            throw new PKCSException(e);
        }
    }

    public void load(String str) {
        try {
            FileInputStream fileInputStream = new FileInputStream(str);
            byte[] bArr = new byte[fileInputStream.available()];
            fileInputStream.read(bArr);
            fileInputStream.close();
            load(bArr);
        } catch (Exception e) {
            throw new PKCSException(e);
        }
    }

    public void load(Pfx pfx) {
        this.f13a = pfx;
    }

    public void load(byte[] bArr) {
        if (Base64.isBase64Encode(bArr)) {
            bArr = Base64.decode(Base64.convert(bArr));
        }
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            ASN1InputStream aSN1InputStream = new ASN1InputStream(byteArrayInputStream);
            this.f13a = new Pfx((ASN1Sequence) aSN1InputStream.readObject());
            aSN1InputStream.close();
            byteArrayInputStream.close();
        } catch (Exception e) {
            throw new PKCSException(e);
        }
    }

    public void reset() {
        this.f13a = null;
        this.f15a = null;
        this.a = null;
        this.b = null;
        this.f16c = null;
        this.password = null;
        this.f14a = false;
    }
}
