package com.rsa.certj.crmf;

import com.documentum.fc.client.security.internal.CreateIdentityCredential;
import com.documentum.fc.expr.impl.lang.docbasic.parser.DfDocbasicParser;
import com.rsa.asn1.ASN1;
import com.rsa.asn1.ASN1Container;
import com.rsa.asn1.ASN1Lengths;
import com.rsa.asn1.ASN1Template;
import com.rsa.asn1.ASN_Exception;
import com.rsa.asn1.AlgorithmID;
import com.rsa.asn1.BitStringContainer;
import com.rsa.asn1.ChoiceContainer;
import com.rsa.asn1.EncodedContainer;
import com.rsa.asn1.EndContainer;
import com.rsa.asn1.IntegerContainer;
import com.rsa.asn1.OIDContainer;
import com.rsa.asn1.OctetStringContainer;
import com.rsa.asn1.SequenceContainer;
import com.rsa.certj.cert.NameException;
import com.rsa.certj.cert.extensions.GeneralName;
import com.rsa.jsafe.JSAFE_Exception;
import com.rsa.jsafe.JSAFE_MAC;
import com.rsa.jsafe.JSAFE_PublicKey;
import com.rsa.jsafe.JSAFE_SecretKey;
import java.io.Serializable;

/* loaded from: input_file:WEB-INF/lib/certjFIPS.jar:com/rsa/certj/crmf/POPOSigningKeyInput.class */
public class POPOSigningKeyInput implements Cloneable, Serializable {
    private ASN1Template a;
    private byte[] b;
    private int c;
    private GeneralName d;
    private byte[] e;
    private byte[] f;
    private char[] g;
    byte[] h;
    byte[] i;

    public POPOSigningKeyInput() {
        this.a = null;
        this.b = null;
        this.c = 0;
        this.d = null;
        this.f = null;
        this.g = null;
        this.h = new byte[]{42, -122, 72, -122, -10, 125, 7, 66, 13};
        this.i = new byte[]{43, 6, 1, 5, 5, 8, 1, 2};
    }

    public POPOSigningKeyInput(byte[] bArr, int i) throws CRMFException {
        this.a = null;
        this.b = null;
        this.c = 0;
        this.d = null;
        this.f = null;
        this.g = null;
        this.h = new byte[]{42, -122, 72, -122, -10, 125, 7, 66, 13};
        this.i = new byte[]{43, 6, 1, 5, 5, 8, 1, 2};
        if (bArr == null) {
            throw new CRMFException("POPOSigningKeyInput Encoding is null.");
        }
        SequenceContainer sequenceContainer = new SequenceContainer(8454144);
        ChoiceContainer choiceContainer = new ChoiceContainer(0);
        EncodedContainer encodedContainer = new EncodedContainer(10551040);
        EncodedContainer encodedContainer2 = new EncodedContainer(ASN1.SEQUENCE);
        EncodedContainer encodedContainer3 = new EncodedContainer(ASN1.SEQUENCE);
        EndContainer endContainer = new EndContainer();
        try {
            ASN1.berDecode(bArr, i, new ASN1Container[]{sequenceContainer, choiceContainer, encodedContainer, encodedContainer2, endContainer, encodedContainer3, endContainer});
            try {
                if (encodedContainer.dataPresent) {
                    this.d = new GeneralName(encodedContainer.data, encodedContainer.dataOffset, ASN1.CONTEXT_EXPLICIT);
                }
                if (encodedContainer2.dataPresent) {
                    a(encodedContainer2.data, encodedContainer2.dataOffset);
                }
                setSubjectPublicKey(encodedContainer3.data, encodedContainer3.dataOffset);
            } catch (NameException e) {
                throw new CRMFException(new StringBuffer().append("NAME ").append(e.getMessage()).toString());
            }
        } catch (ASN_Exception e2) {
            throw new CRMFException(new StringBuffer().append(DfDocbasicParser.FIRST_STR).append(e2.getMessage()).toString());
        }
    }

    private void a(byte[] bArr, int i) throws CRMFException {
        if (bArr == null) {
            throw new CRMFException("PKMACValue Encoding is null.");
        }
        SequenceContainer sequenceContainer = new SequenceContainer(0);
        EncodedContainer encodedContainer = new EncodedContainer(ASN1.SEQUENCE);
        BitStringContainer bitStringContainer = new BitStringContainer(0);
        try {
            ASN1.berDecode(bArr, i, new ASN1Container[]{sequenceContainer, encodedContainer, bitStringContainer, new EndContainer()});
            b(encodedContainer.data, encodedContainer.dataOffset);
            this.f = new byte[bitStringContainer.dataLen];
            System.arraycopy(bitStringContainer.data, bitStringContainer.dataOffset, this.f, 0, bitStringContainer.dataLen);
        } catch (ASN_Exception e) {
            throw new CRMFException(new StringBuffer().append("Could not BER decode the PKMACValue.").append(e.getMessage()).toString());
        }
    }

    public boolean verifyPKMACValue() throws CRMFException {
        if (this.g == null) {
            throw new CRMFException("Secret value is not set in POPOSigningKeyInput.");
        }
        if (this.e == null) {
            throw new CRMFException("Public Key is not set in POPOSigningKeyInput.");
        }
        try {
            JSAFE_MAC jsafe_mac = JSAFE_MAC.getInstance(new StringBuffer().append("PBE/HMAC/SHA1/PKIXPBE-").append(this.c).toString(), CreateIdentityCredential.JAVA_DEVICE);
            jsafe_mac.setSalt(this.b, 0, this.b.length);
            JSAFE_SecretKey blankKey = jsafe_mac.getBlankKey();
            blankKey.setPassword(this.g, 0, this.g.length);
            jsafe_mac.verifyInit(blankKey, null);
            jsafe_mac.verifyUpdate(this.e, 0, this.e.length);
            return jsafe_mac.verifyFinal(this.f, 0, this.f.length);
        } catch (JSAFE_Exception e) {
            throw new CRMFException(e.getMessage());
        }
    }

    private void b(byte[] bArr, int i) throws CRMFException {
        if (bArr == null) {
            throw new CRMFException("Password-Based MAC algorithm ID Encoding is null.");
        }
        SequenceContainer sequenceContainer = new SequenceContainer(0);
        EndContainer endContainer = new EndContainer();
        EncodedContainer encodedContainer = new EncodedContainer(ASN1.SEQUENCE);
        OIDContainer oIDContainer = new OIDContainer(0);
        try {
            ASN1.berDecode(bArr, i, new ASN1Container[]{sequenceContainer, oIDContainer, encodedContainer, endContainer});
            if (this.h.length != oIDContainer.dataLen) {
                throw new CRMFException("Wrong OID for Password-Based MAC.");
            }
            for (int i2 = 0; i2 < oIDContainer.dataLen; i2++) {
                if (this.h[i2] != oIDContainer.data[i2 + oIDContainer.dataOffset]) {
                    throw new CRMFException("Wrong OID for Password-Based MAC.");
                }
            }
            SequenceContainer sequenceContainer2 = new SequenceContainer(0);
            OctetStringContainer octetStringContainer = new OctetStringContainer(0);
            EncodedContainer encodedContainer2 = new EncodedContainer(ASN1.SEQUENCE);
            IntegerContainer integerContainer = new IntegerContainer(0);
            EncodedContainer encodedContainer3 = new EncodedContainer(ASN1.SEQUENCE);
            try {
                ASN1.berDecode(encodedContainer.data, encodedContainer.dataOffset, new ASN1Container[]{sequenceContainer2, octetStringContainer, encodedContainer2, integerContainer, encodedContainer3, endContainer});
                this.b = new byte[octetStringContainer.dataLen];
                System.arraycopy(octetStringContainer.data, octetStringContainer.dataOffset, this.b, 0, octetStringContainer.dataLen);
                try {
                    this.c = integerContainer.getValueAsInt();
                    String berDecodeAlgID = AlgorithmID.berDecodeAlgID(encodedContainer2.data, encodedContainer2.dataOffset, 10, null);
                    if (berDecodeAlgID == null) {
                        throw new CRMFException("Cannot recognize the digest algorithm.");
                    }
                    if (!berDecodeAlgID.equals("SHA1")) {
                        throw new CRMFException("Digest algorithm SHA1 was expected.");
                    }
                    try {
                        SequenceContainer sequenceContainer3 = new SequenceContainer(0);
                        EncodedContainer encodedContainer4 = new EncodedContainer(ASN1.ANY);
                        OIDContainer oIDContainer2 = new OIDContainer(0);
                        ASN1.berDecode(encodedContainer3.data, encodedContainer3.dataOffset, new ASN1Container[]{sequenceContainer3, oIDContainer2, encodedContainer4, endContainer});
                        if (oIDContainer2.dataLen != this.i.length) {
                            throw new CRMFException("Wrong HMAC OID.");
                        }
                        for (int i3 = 0; i3 < this.i.length; i3++) {
                            if (oIDContainer2.data[i3 + oIDContainer2.dataOffset] != this.i[i3]) {
                                throw new CRMFException("Wrong HMAC OID.");
                            }
                        }
                    } catch (ASN_Exception e) {
                        throw new CRMFException(new StringBuffer().append("Could not BER decode the HMAC algID.").append(e.getMessage()).toString());
                    }
                } catch (ASN_Exception e2) {
                    throw new CRMFException(e2.getMessage());
                }
            } catch (ASN_Exception e3) {
                throw new CRMFException(e3.getMessage());
            }
        } catch (ASN_Exception e4) {
            throw new CRMFException(new StringBuffer().append("Could not BER decode the PKMAC algID.").append(e4.getMessage()).toString());
        }
    }

    public void setSharedSecret(char[] cArr, int i, int i2) throws CRMFException {
        if (cArr == null || i2 == 0) {
            throw new CRMFException("Shared secret is null in PBMParameter.");
        }
        this.g = new char[cArr.length];
        System.arraycopy(cArr, i, this.g, 0, i2);
    }

    public void setSalt(byte[] bArr, int i, int i2) throws CRMFException {
        if (bArr == null || i2 == 0) {
            throw new CRMFException("The Salt value is null in PBMParameter.");
        }
        this.b = new byte[i2];
        System.arraycopy(bArr, i, this.b, 0, i2);
    }

    public byte[] getSalt() {
        if (this.b == null) {
            return null;
        }
        byte[] bArr = new byte[this.b.length];
        System.arraycopy(this.b, 0, bArr, 0, this.b.length);
        return bArr;
    }

    public int getIterationCount() {
        return this.c;
    }

    public void setIterationCount(int i) {
        this.c = i;
    }

    public GeneralName getSenderName() throws CRMFException {
        if (this.d == null) {
            return null;
        }
        try {
            return (GeneralName) this.d.clone();
        } catch (CloneNotSupportedException e) {
            throw new CRMFException(e.getMessage());
        }
    }

    public void setSenderName(GeneralName generalName) throws CRMFException {
        if (generalName == null) {
            throw new CRMFException("Passed in SenderName is null.");
        }
        try {
            this.d = (GeneralName) generalName.clone();
        } catch (CloneNotSupportedException e) {
            throw new CRMFException(e.getMessage());
        }
    }

    public void setSubjectPublicKey(JSAFE_PublicKey jSAFE_PublicKey) throws CRMFException {
        if (jSAFE_PublicKey == null) {
            throw new CRMFException("Public key is null in POPOSigningKeyInput.");
        }
        try {
            this.e = jSAFE_PublicKey.getKeyData(jSAFE_PublicKey.getAlgorithm().compareTo("DSA") == 0 ? "DSAPublicKeyX957BER" : new StringBuffer().append(jSAFE_PublicKey.getAlgorithm()).append("PublicKeyBER").toString())[0];
        } catch (JSAFE_Exception e) {
            throw new CRMFException(new StringBuffer().append("Could not read the public key in POPOSigningKeyInput. ").append(e.getMessage()).toString());
        }
    }

    public void setSubjectPublicKey(byte[] bArr, int i) throws CRMFException {
        if (bArr == null) {
            throw new CRMFException("Public key encoding is null in POPOSigningKeyInput.");
        }
        JSAFE_PublicKey jSAFE_PublicKey = null;
        try {
            try {
                bArr[i] = 48;
                jSAFE_PublicKey = JSAFE_PublicKey.getInstance(bArr, i, CreateIdentityCredential.JAVA_DEVICE);
                setSubjectPublicKey(jSAFE_PublicKey);
                if (jSAFE_PublicKey != null) {
                    jSAFE_PublicKey.clearSensitiveData();
                }
            } catch (JSAFE_Exception e) {
                throw new CRMFException(new StringBuffer().append("Could not read the public key in POPOSigningKeyInput. ").append(e.getMessage()).toString());
            }
        } catch (Throwable th) {
            if (jSAFE_PublicKey != null) {
                jSAFE_PublicKey.clearSensitiveData();
            }
            throw th;
        }
    }

    public JSAFE_PublicKey getSubjectPublicKey() throws CRMFException {
        if (this.e == null) {
            return null;
        }
        try {
            return JSAFE_PublicKey.getInstance(this.e, 0, CreateIdentityCredential.JAVA_DEVICE);
        } catch (JSAFE_Exception e) {
            throw new CRMFException(new StringBuffer().append("Cannot retrieve the public key in POPOSigningKeyInput: ").append(e.getMessage()).toString());
        }
    }

    public byte[] getSubjectPublicKeyBER() {
        if (this.e == null) {
            return null;
        }
        return (byte[]) this.e.clone();
    }

    public byte[] getPKMACValue() {
        if (this.f == null) {
            return null;
        }
        byte[] bArr = new byte[this.f.length];
        System.arraycopy(this.f, 0, bArr, 0, this.f.length);
        return bArr;
    }

    private void a() throws CRMFException {
        if (this.g == null) {
            throw new CRMFException("Shared Secret is not set in PKMAC value.");
        }
        if (this.b == null) {
            throw new CRMFException("Salt value is not set in PKMAC value.");
        }
        if (this.e == null) {
            throw new CRMFException("Public Key is not set in PKMAC value.");
        }
        if (this.c == 0) {
            throw new CRMFException("Iteration count is not set in PKMAC value.");
        }
        try {
            JSAFE_MAC jsafe_mac = JSAFE_MAC.getInstance(new StringBuffer().append("PBE/HMAC/SHA1/PKIXPBE-").append(this.c).toString(), CreateIdentityCredential.JAVA_DEVICE);
            jsafe_mac.setSalt(this.b, 0, this.b.length);
            JSAFE_SecretKey blankKey = jsafe_mac.getBlankKey();
            blankKey.setPassword(this.g, 0, this.g.length);
            jsafe_mac.macInit(blankKey, null);
            jsafe_mac.macUpdate(this.e, 0, this.e.length);
            this.f = jsafe_mac.macFinal();
            jsafe_mac.clearSensitiveData();
        } catch (JSAFE_Exception e) {
            throw new CRMFException(e.getMessage());
        }
    }

    public Object clone() throws CloneNotSupportedException {
        POPOSigningKeyInput pOPOSigningKeyInput = new POPOSigningKeyInput();
        pOPOSigningKeyInput.c = this.c;
        if (this.b != null) {
            pOPOSigningKeyInput.b = new byte[this.b.length];
            System.arraycopy(this.b, 0, pOPOSigningKeyInput.b, 0, this.b.length);
        }
        if (this.d != null) {
            pOPOSigningKeyInput.d = (GeneralName) this.d.clone();
        }
        if (this.e != null) {
            pOPOSigningKeyInput.e = new byte[this.e.length];
            System.arraycopy(this.e, 0, pOPOSigningKeyInput.e, 0, this.e.length);
        }
        if (this.f != null) {
            pOPOSigningKeyInput.f = new byte[this.f.length];
            System.arraycopy(this.f, 0, pOPOSigningKeyInput.f, 0, this.f.length);
        }
        if (this.g != null) {
            pOPOSigningKeyInput.g = new char[this.g.length];
            System.arraycopy(this.g, 0, pOPOSigningKeyInput.g, 0, this.g.length);
        }
        try {
            if (this.a != null) {
                pOPOSigningKeyInput.b();
            }
            return pOPOSigningKeyInput;
        } catch (CRMFException e) {
            throw new CloneNotSupportedException(e.getMessage());
        }
    }

    public boolean equals(Object obj) {
        if (obj == null || !(obj instanceof POPOSigningKeyInput)) {
            return false;
        }
        POPOSigningKeyInput pOPOSigningKeyInput = (POPOSigningKeyInput) obj;
        try {
            int dERLen = getDERLen();
            int dERLen2 = pOPOSigningKeyInput.getDERLen();
            if (dERLen != dERLen2 || dERLen == 0 || dERLen2 == 0) {
                return false;
            }
            byte[] bArr = new byte[dERLen];
            byte[] bArr2 = new byte[dERLen2];
            int dEREncoding = getDEREncoding(bArr, 0);
            if (dEREncoding != pOPOSigningKeyInput.getDEREncoding(bArr2, 0)) {
                return false;
            }
            for (int i = 0; i < dEREncoding; i++) {
                if (bArr[i] != bArr2[i]) {
                    return false;
                }
            }
            return true;
        } catch (CRMFException e) {
            return false;
        }
    }

    public static int getNextBEROffset(byte[] bArr, int i) throws CRMFException {
        if (bArr == null) {
            throw new CRMFException("POPOSigningKeyInput Encoding is null.");
        }
        try {
            return i + 1 + ASN1Lengths.determineLengthLen(bArr, i + 1) + ASN1Lengths.determineLength(bArr, i + 1);
        } catch (ASN_Exception e) {
            throw new CRMFException(new StringBuffer().append("Could not read the BER encoding.").append(e.getMessage()).toString());
        }
    }

    public int getDERLen() throws CRMFException {
        return b();
    }

    public int getDEREncoding(byte[] bArr, int i) throws CRMFException {
        if (bArr == null) {
            throw new CRMFException("Specified POPOSigningKeyInput array is null.");
        }
        try {
            if (this.a == null) {
                getDERLen();
            }
            int derEncode = this.a.derEncode(bArr, i);
            this.a = null;
            return derEncode;
        } catch (ASN_Exception e) {
            this.a = null;
            throw new CRMFException(new StringBuffer().append("Unable to encode POPOSigningKeyInput.").append(e.getMessage()).toString());
        }
    }

    private int b() throws CRMFException {
        try {
            boolean z = true;
            boolean z2 = true;
            byte[] bArr = null;
            int i = 0;
            byte[] bArr2 = null;
            int i2 = 0;
            if (this.e == null) {
                throw new CRMFException("Public key is not set.");
            }
            if (this.d != null) {
                z2 = false;
                bArr = new byte[this.d.getDERLen(ASN1.CONTEXT_EXPLICIT)];
                i = this.d.getDEREncoding(bArr, 0, ASN1.CONTEXT_EXPLICIT);
            } else {
                z = false;
                if (this.f == null) {
                    a();
                }
                byte[] bArr3 = new byte[this.i.length + 6];
                bArr3[0] = 48;
                bArr3[1] = (byte) (this.i.length + 4);
                bArr3[2] = 6;
                bArr3[3] = (byte) this.i.length;
                System.arraycopy(this.i, 0, bArr3, 4, this.i.length);
                bArr3[this.i.length + 4] = 5;
                bArr3[this.i.length + 5] = 0;
                byte[] derEncodeAlgID = AlgorithmID.derEncodeAlgID("SHA1", 10, null, 0, 0);
                SequenceContainer sequenceContainer = new SequenceContainer(0, true, 0);
                OctetStringContainer octetStringContainer = new OctetStringContainer(0, true, 0, this.b, 0, this.b.length);
                EncodedContainer encodedContainer = new EncodedContainer(ASN1.SEQUENCE, true, 0, derEncodeAlgID, 0, derEncodeAlgID.length);
                IntegerContainer integerContainer = new IntegerContainer(0, true, 0, this.c);
                EncodedContainer encodedContainer2 = new EncodedContainer(ASN1.SEQUENCE, true, 0, bArr3, 0, bArr3.length);
                EndContainer endContainer = new EndContainer();
                ASN1Template aSN1Template = new ASN1Template(new ASN1Container[]{sequenceContainer, octetStringContainer, encodedContainer, integerContainer, encodedContainer2, endContainer});
                byte[] bArr4 = new byte[aSN1Template.derEncodeInit()];
                int derEncode = aSN1Template.derEncode(bArr4, 0);
                byte[] bArr5 = new byte[this.h.length + derEncode + 4];
                bArr5[0] = 48;
                bArr5[1] = (byte) (this.h.length + derEncode + 2);
                bArr5[2] = 6;
                bArr5[3] = (byte) this.h.length;
                System.arraycopy(this.h, 0, bArr5, 4, this.h.length);
                System.arraycopy(bArr4, 0, bArr5, this.h.length + 4, bArr4.length);
                ASN1Template aSN1Template2 = new ASN1Template(new ASN1Container[]{new SequenceContainer(0, true, 0), new EncodedContainer(ASN1.SEQUENCE, true, 0, bArr5, 0, bArr5.length), new BitStringContainer(0, true, 0, this.f, 0, this.f.length), endContainer});
                bArr2 = new byte[aSN1Template2.derEncodeInit()];
                i2 = aSN1Template2.derEncode(bArr2, 0);
            }
            SequenceContainer sequenceContainer2 = new SequenceContainer(8454144, true, 0);
            EndContainer endContainer2 = new EndContainer();
            this.a = new ASN1Template(new ASN1Container[]{sequenceContainer2, new ChoiceContainer(0, 0), new EncodedContainer(ASN1.CONTEXT_EXPLICIT, z, 0, bArr, 0, i), new EncodedContainer(ASN1.SEQUENCE, z2, 0, bArr2, 0, i2), endContainer2, new EncodedContainer(ASN1.SEQUENCE, true, 0, this.e, 0, this.e.length), endContainer2});
            return this.a.derEncodeInit();
        } catch (ASN_Exception e) {
            throw new CRMFException(new StringBuffer().append("Unable to encode POPOSigningKeyInput.").append(e.getMessage()).toString());
        } catch (NameException e2) {
            throw new CRMFException(new StringBuffer().append("Unable to encode POPOSigningKeyInput.").append(e2.getMessage()).toString());
        }
    }
}
