package com.ibm.mqe.registry;

import com.ibm.mqe.MQe;
import com.ibm.mqe.MQeException;
import com.ibm.mqe.MQeExceptionCodes;
import com.ibm.mqe.MQeFields;
import com.ibm.mqe.MQeTrace;
import com.ibm.mqe.attributes.MQeListCertificates;
import com.ibm.mqe.attributes.MQeMiniCertRequest;
import com.ibm.mqe.attributes.MQeSharedKey;
import com.ibm.mqe.attributes.MQeWTLSCertificate;
import com.ibm.mqe.sslite.CL3;
import java.math.BigInteger;

/* compiled from: DashoA8173 */
/* loaded from: input_file:MQeBundle.jar:com/ibm/mqe/registry/MQePrivateSession.class */
class MQePrivateSession extends MQeFileSession {
    private byte[] KeyRingPwdDig;
    private String EntityName = null;
    private boolean isSecure = false;
    private boolean addedPIN = false;
    public static short[] version = {2, 0, 1, 8};
    private static long perm = 2064737499334935870L;

    @Override // com.ibm.mqe.registry.MQeFileSession, com.ibm.mqe.registry.MQeRegistrySession
    public void open_sp(MQeRegistry mQeRegistry) throws MQeException {
        super.open_sp(mQeRegistry);
        this.EntityName = mQeRegistry.getRegistryName();
        MQeFields mQeFields = mQeRegistry.initParms;
        try {
            mQeFields.getAscii(MQeRegistry.PIN).trim();
            mQeFields.delete(MQeRegistry.PIN);
            if (mQeFields.contains(MQeRegistry.KeyRingPassword)) {
                String trim = mQeFields.getAscii(MQeRegistry.KeyRingPassword).trim();
                if (trim != null) {
                    this.KeyRingPwdDig = new byte[20];
                    CL3.sha(null, MQe.asciiToByte(trim), 0, trim.length(), this.KeyRingPwdDig, 0);
                }
                mQeFields.delete(MQeRegistry.KeyRingPassword);
            }
            MQeMiniCertRequest mQeMiniCertRequest = null;
            try {
                MQeTrace.trace(this, (short) -22201, MQeTrace.GROUP_INFO, this.EntityName);
                if (read_sp(MQeRegistry.MiniCert, new StringBuffer().append(this.EntityName).append(MQeListCertificates.f).toString()) != null) {
                    MQeTrace.trace(this, (short) -22202, MQeTrace.GROUP_INFO, this.EntityName);
                    MQeTrace.trace(this, (short) -22203, MQeTrace.GROUP_INFO, this.EntityName);
                    this.isSecure = true;
                } else {
                    MQeTrace.trace(this, (short) -22204, 1L, this.EntityName);
                    String str = null;
                    if (mQeFields.contains(MQeRegistry.CAIPAddrPort)) {
                        str = mQeFields.getAscii(MQeRegistry.CAIPAddrPort).trim();
                    }
                    if (str != null) {
                        MQeTrace.trace(this, (short) -22205, MQeTrace.GROUP_INFO, str);
                        String str2 = null;
                        if (mQeFields.contains(MQeRegistry.CertReqPIN)) {
                            str2 = mQeFields.getAscii(MQeRegistry.CertReqPIN).trim();
                        }
                        MQeMiniCertRequest mQeMiniCertRequest2 = new MQeMiniCertRequest();
                        mQeMiniCertRequest2.a(str);
                        mQeMiniCertRequest2.a(mQeRegistry, this.EntityName, str2, this.KeyRingPwdDig);
                        mQeMiniCertRequest2.a(mQeRegistry);
                        mQeMiniCertRequest2.a();
                        this.isSecure = true;
                        MQeTrace.trace(this, (short) -22206, MQeTrace.GROUP_INFO, this.EntityName);
                    }
                }
            } catch (Exception e) {
                if (0 != 0) {
                    mQeMiniCertRequest.a();
                }
                try {
                    if (this.addedPIN) {
                        deleteEntry_sp("EntityId", this.EntityName);
                    }
                    deleteEntry_sp(MQeRegistry.EntityCRTKey, new StringBuffer().append(this.EntityName).append("_CRTKey").toString());
                    deleteEntry_sp(MQeRegistry.MiniCert, new StringBuffer().append(this.EntityName).append(MQeListCertificates.f).toString());
                    deleteEntry_sp(MQeRegistry.MiniCert, "MiniCertificateServer_MiniCertificate");
                } catch (Exception e2) {
                }
                MQeTrace.trace(this, (short) -22207, 1L, e);
                throw new MQeException(MQeExceptionCodes.Except_PrivateReg_ActivateFailed, e instanceof NullPointerException ? "Certificate Request Failed" : new StringBuffer().append("Registration exception = ").append(e.toString()).toString());
            }
        } catch (Exception e3) {
            if (this.addedPIN) {
                try {
                    deleteEntry_sp("EntityId", this.EntityName);
                } catch (Exception e4) {
                }
            }
            MQeTrace.trace(this, (short) -22200, 32769L, e3);
            throw new MQeException(MQeExceptionCodes.Except_Reg_OpenFailed, "Registry Open Failed", new StringBuffer().append("Msg=").append(e3).toString());
        }
    }

    public static void validateKeyRingPasswd(MQeRegistry mQeRegistry, MQeFields mQeFields) throws MQeException {
        boolean z;
        try {
            byte[] bArr = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20};
            byte[] crtKeySign = mQeRegistry.crtKeySign(bArr);
            z = !CL3.rsaVerify(new MQeWTLSCertificate(mQeFields.getArrayOfByte("WTLS")).b(), CL3.RSA_ISO9796, null, bArr, 0, bArr.length, crtKeySign, 0, crtKeySign.length);
        } catch (Exception e) {
            z = true;
            MQeTrace.trace(null, (short) -22214, 32769L, e);
        }
        if (z) {
            MQeException mQeException = new MQeException(MQeExceptionCodes.Except_PrivateReg_ActivateFailed, "Possibly Bad Key Ring Password");
            MQeTrace.trace(null, (short) -22213, 32769L, mQeException);
            throw mQeException;
        }
    }

    @Override // com.ibm.mqe.registry.MQeFileSession
    void checkPin(String str, MQeFields mQeFields) throws Exception {
        String str2 = null;
        if (mQeFields.contains(MQeRegistry.PIN)) {
            str2 = mQeFields.getAscii(MQeRegistry.PIN).trim();
        }
        String str3 = null;
        if (str == null) {
            str3 = "name=null";
        }
        if (str2 == null) {
            str3 = str3 != null ? new StringBuffer().append(str3).append(", PIN=null").toString() : "PIN=null";
        }
        if (str3 != null) {
            MQeTrace.trace(this, (short) -22208, 1L, str, "BadPIN");
            throw new MQeException(MQeExceptionCodes.Except_PrivateReg_BadPIN, new StringBuffer().append("PrivateRegistry Open failed: code=350 (").append(str3).append(")").toString());
        }
        MQeFields mQeFields2 = new MQeFields();
        mQeFields2.putArrayOfByte("protpin", protectPIN(str, str2));
        MQeFields read_sp = read_sp("EntityId", str);
        if (read_sp == null) {
            createEntry_sp("EntityId", str, mQeFields2);
            this.addedPIN = true;
            MQeTrace.trace(this, (short) -22209, MQeTrace.GROUP_INFO, null);
        } else {
            if (mQeFields2.isEqualTo(read_sp)) {
                return;
            }
            MQeTrace.trace(this, (short) -22210, 1L, str, "BadPIN");
            throw new MQeException(MQeExceptionCodes.Except_PrivateReg_BadPIN, new StringBuffer().append("Activating ").append(str).append(" PrivateRegistry: code=").append(MQeExceptionCodes.Except_PrivateReg_BadPIN).append(" (bad PIN)").toString());
        }
    }

    @Override // com.ibm.mqe.registry.MQeFileSession, com.ibm.mqe.registry.MQeRegistrySession
    public void cleanUp_sp(String str) throws MQeException {
        MQeFields mQeFields = new MQeFields();
        if (str != null) {
            try {
                mQeFields.putArrayOfByte("protpin", protectPIN(this.EntityName, str));
            } catch (Exception e) {
                throw new MQeException(MQeExceptionCodes.Except_Reg_DeleteRegistryFailed, e.getMessage());
            }
        }
        if (!mQeFields.isEqualTo(read_sp("EntityId", this.EntityName))) {
            throw new Exception("Bad current PIN provided");
        }
        try {
            deleteEntry_sp("EntityId", this.EntityName);
        } catch (MQeException e2) {
        }
    }

    @Override // com.ibm.mqe.registry.MQeFileSession, com.ibm.mqe.registry.MQeRegistrySession
    public boolean hasPIN_sp() {
        return true;
    }

    @Override // com.ibm.mqe.registry.MQeFileSession, com.ibm.mqe.registry.MQeRegistrySession
    public boolean isSecure_sp() {
        return this.isSecure;
    }

    @Override // com.ibm.mqe.registry.MQeFileSession, com.ibm.mqe.registry.MQeRegistrySession
    public void resetPIN_sp(String str, String str2) throws MQeException {
        MQeFields mQeFields = new MQeFields();
        if (str != null) {
            try {
                mQeFields.putArrayOfByte("protpin", protectPIN(this.EntityName, str));
            } catch (Exception e) {
                throw new MQeException(MQeExceptionCodes.Except_Reg_ResetPINFailed, e.getMessage());
            }
        }
        if (!mQeFields.isEqualTo(read_sp("EntityId", this.EntityName))) {
            throw new Exception("Bad current PIN provided");
        }
        if (str2 == null) {
            throw new Exception("Bad new PIN provided");
        }
        mQeFields.putArrayOfByte("protpin", protectPIN(this.EntityName, str2));
        update_sp("EntityId", this.EntityName, mQeFields);
    }

    @Override // com.ibm.mqe.registry.MQeFileSession, com.ibm.mqe.registry.MQeRegistrySession
    public byte[] crtKeyDec_sp(byte[] bArr) throws MQeException {
        byte[] bArr2 = new byte[8];
        try {
            MQeFields read_sp = read_sp(MQeRegistry.MiniCert, new StringBuffer().append(this.EntityName).append(MQeListCertificates.f).toString());
            byte[][] cRTKey = getCRTKey();
            if (read_sp == null || !read_sp.contains("WTLS")) {
                throw new Exception("Mini certificate not available");
            }
            if (cRTKey == null) {
                throw new Exception("CRT key not available");
            }
            byte[][] rSAPublicKey = new MQeWTLSCertificate(read_sp.getArrayOfByte("WTLS")).getRSAPublicKey();
            cRTKey[0] = rSAPublicKey[0];
            cRTKey[1] = rSAPublicKey[1];
            cRTKey[2] = new BigInteger(cRTKey[1]).modInverse(new BigInteger(cRTKey[3]).subtract(BigInteger.valueOf(1L)).multiply(new BigInteger(cRTKey[4]).subtract(BigInteger.valueOf(1L)))).toByteArray();
            return MQeSharedKey.b(cRTKey, bArr);
        } catch (Exception e) {
            MQeTrace.trace(this, (short) -22211, 163841L, e);
            throw new MQeException(MQeExceptionCodes.Except_Reg_CRTKeyDecFailed, e.toString());
        }
    }

    @Override // com.ibm.mqe.registry.MQeFileSession, com.ibm.mqe.registry.MQeRegistrySession
    public byte[] crtKeySign_sp(byte[] bArr) throws MQeException {
        byte[] bArr2 = new byte[8];
        try {
            MQeFields read_sp = read_sp(MQeRegistry.MiniCert, new StringBuffer().append(this.EntityName).append(MQeListCertificates.f).toString());
            byte[][] cRTKey = getCRTKey();
            if (read_sp == null || !read_sp.contains("WTLS")) {
                throw new Exception("Mini certificate not available");
            }
            if (cRTKey == null) {
                throw new Exception("CRT key not available");
            }
            byte[][] rSAPublicKey = new MQeWTLSCertificate(read_sp.getArrayOfByte("WTLS")).getRSAPublicKey();
            cRTKey[0] = rSAPublicKey[0];
            cRTKey[1] = rSAPublicKey[1];
            cRTKey[2] = new BigInteger(cRTKey[1]).modInverse(new BigInteger(cRTKey[3]).subtract(BigInteger.valueOf(1L)).multiply(new BigInteger(cRTKey[4]).subtract(BigInteger.valueOf(1L)))).toByteArray();
            byte[] encodeKeyMaterial = CL3.encodeKeyMaterial(cRTKey);
            CL3 importKey = CL3.importKey(CL3.PKCS8, encodeKeyMaterial, 0, encodeKeyMaterial.length);
            byte[] bArr3 = new byte[128];
            CL3.rsaSign(importKey, CL3.RSA_ISO9796, null, bArr, 0, bArr.length, bArr3, 0);
            CL3.dispose(importKey);
            return bArr3;
        } catch (Exception e) {
            MQeTrace.trace(this, (short) -22212, 163841L, e);
            throw new MQeException(MQeExceptionCodes.Except_Reg_CRTKeySignFailed, e.toString());
        }
    }

    private byte[] protectPIN(String str, String str2) throws MQeException {
        byte[] bArr = new byte[20];
        CL3.sha(null, MQe.asciiToByte(str2), 0, str2.length(), bArr, 0);
        byte[] bArr2 = new byte[16];
        System.arraycopy(bArr, 0, bArr2, 0, 16);
        CL3 rc4Key = CL3.rc4Key(bArr2, 0, bArr2.length);
        byte[] bArr3 = new byte[str.length()];
        CL3.rc4(rc4Key, MQe.asciiToByte(str), 0, bArr3, 0, str.length());
        return bArr3;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v1, types: [byte[], byte[][]] */
    private byte[][] getCRTKey() throws Exception {
        new MQeFields();
        MQeFields read_sp = read_sp(MQeRegistry.EntityCRTKey, new StringBuffer().append(this.EntityName).append("_CRTKey").toString());
        CL3 rc4Key = CL3.rc4Key(this.KeyRingPwdDig, 0, 16);
        byte[] arrayOfByte = read_sp.getArrayOfByte("crtc");
        ?? r0 = {0, 0, 0, new byte[r0.length], new byte[r0.length], new byte[r0.length], new byte[r0.length], new byte[arrayOfByte.length]};
        CL3.rc4(rc4Key, arrayOfByte, 0, r0[7], 0, arrayOfByte.length);
        CL3 rc4Key2 = CL3.rc4Key(this.KeyRingPwdDig, 0, 16);
        byte[] arrayOfByte2 = read_sp.getArrayOfByte("exp2");
        CL3.rc4(rc4Key2, arrayOfByte2, 0, r0[6], 0, arrayOfByte2.length);
        CL3 rc4Key3 = CL3.rc4Key(this.KeyRingPwdDig, 0, 16);
        byte[] arrayOfByte3 = read_sp.getArrayOfByte("exp1");
        CL3.rc4(rc4Key3, arrayOfByte3, 0, r0[5], 0, arrayOfByte3.length);
        CL3 rc4Key4 = CL3.rc4Key(this.KeyRingPwdDig, 0, 16);
        byte[] arrayOfByte4 = read_sp.getArrayOfByte("pri2");
        CL3.rc4(rc4Key4, arrayOfByte4, 0, r0[4], 0, arrayOfByte4.length);
        CL3 rc4Key5 = CL3.rc4Key(this.KeyRingPwdDig, 0, 16);
        byte[] arrayOfByte5 = read_sp.getArrayOfByte("pri1");
        CL3.rc4(rc4Key5, arrayOfByte5, 0, r0[3], 0, arrayOfByte5.length);
        return r0;
    }
}
