package com.ibm.security.tools;

import com.ibm.security.pkcs12.PKCS12PFX;
import com.ibm.security.pkcs8.EncryptedPrivateKeyInfo;
import com.ibm.security.pkcs8.PrivateKeyInfo;
import com.ibm.security.pkcsutil.PKCSException;
import com.ibm.security.x509.X509CertImpl;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Vector;

/* loaded from: input_file:efixes/PK67052_Linux_i386/components/prereq.jdk/update.jar:/java/jre/lib/ibmpkcs.jar:com/ibm/security/tools/parsePKCS12PFX.class */
public class parsePKCS12PFX {
    static final int CERT = 1;
    static final int KEY = 2;
    static final int PWD = 3;
    static final int MAC = 4;
    static final int INP = 5;

    public static void main(String[] strArr) {
        PrivateKeyInfo[] privateKeys;
        EncryptedPrivateKeyInfo[] shroudedKeys;
        Certificate[] certificates;
        int i = 0;
        String str = null;
        char[] cArr = null;
        Vector vector = new Vector();
        String str2 = null;
        String str3 = null;
        if (strArr.length < 2) {
            usage();
            System.exit(1);
        }
        boolean z = true;
        while (i < strArr.length) {
            try {
                String str4 = strArr[i];
                if (str4.equals("-c")) {
                    z = true;
                    i++;
                }
                if (str4.equals("-k")) {
                    z = 2;
                    i++;
                }
                if (str4.equals("-p")) {
                    z = 3;
                    i++;
                }
                if (str4.equals("-m")) {
                    z = 4;
                    i++;
                }
                if (str4.equals("-f")) {
                    z = 5;
                    i++;
                }
                switch (z) {
                    case true:
                        if (str2 != null) {
                            System.out.println("ERROR: Certificate has already been specified.");
                            usage();
                            System.exit(1);
                        }
                        str2 = strArr[i];
                        break;
                    case true:
                        if (str3 != null) {
                            System.out.println("ERROR: Private key has already been specified.");
                            usage();
                            System.exit(1);
                        }
                        str3 = strArr[i];
                        break;
                    case true:
                        System.out.println(new StringBuffer().append("adding ").append(strArr[i]).append(" to pwd vector").toString());
                        vector.addElement(strArr[i].toCharArray());
                        break;
                    case true:
                        if (cArr != null) {
                            System.out.println("ERROR: HMAC password has already been specified.");
                            usage();
                            System.exit(1);
                        }
                        cArr = strArr[i].toCharArray();
                        break;
                    case true:
                        if (str != null) {
                            System.out.println("ERROR: PFX file has already been specified.");
                            usage();
                            System.exit(1);
                        }
                        str = strArr[i];
                        break;
                }
                i++;
            } catch (Exception e) {
                System.out.println(new StringBuffer().append("ERROR: ").append(e.toString()).toString());
                e.printStackTrace();
                return;
            }
        }
        if (str == null) {
            System.out.println("ERROR: PFX file must be specified!");
            usage();
            System.exit(1);
        }
        System.out.println(new StringBuffer().append("Creating a PKCS #12 PFX from ").append(str).toString());
        FileInputStream fileInputStream = new FileInputStream(str);
        byte[] bArr = new byte[fileInputStream.available()];
        fileInputStream.read(bArr);
        fileInputStream.close();
        PKCS12PFX pkcs12pfx = new PKCS12PFX(bArr);
        X509CertImpl x509CertImpl = null;
        PrivateKey privateKey = null;
        if (str2 != null) {
            System.out.println(new StringBuffer().append("Creating certificate from ").append(str2).toString());
            x509CertImpl = new X509CertImpl(new FileInputStream(str2));
        }
        if (str3 != null) {
            System.out.println(new StringBuffer().append("Creating private key from ").append(str3).toString());
            FileInputStream fileInputStream2 = new FileInputStream(str3);
            byte[] bArr2 = new byte[fileInputStream2.available()];
            fileInputStream2.read(bArr2);
            privateKey = convertPrivateKey(bArr2);
        }
        if (pkcs12pfx.getMacData() != null) {
            System.out.println("Verifying HMAC.");
            if (pkcs12pfx.verifyMac(cArr)) {
                System.out.println("HMAC is verified.");
            } else {
                System.out.println("HMAC is not verified.");
                System.exit(2);
            }
        } else if (pkcs12pfx.hasDigitalSignature()) {
            System.out.println("Verifying digital signature.");
            if (pkcs12pfx.verifySignature(x509CertImpl)) {
                System.out.println("Signature is verified.");
            } else {
                System.out.println("Signature is not verified.");
                System.exit(2);
            }
        }
        System.out.println("Getting all certificates.");
        Vector vector2 = new Vector();
        Certificate[] certificateArr = null;
        Certificate[] certificates2 = pkcs12pfx.getCertificates(null, null, null);
        if (certificates2 != null) {
            System.out.println(new StringBuffer().append("Found ").append(certificates2.length).append(" unprotected certificates.").toString());
            for (Certificate certificate : certificates2) {
                vector2.addElement(certificate);
            }
        }
        if (vector.size() > 0) {
            for (int i2 = 0; i2 < vector.size(); i2++) {
                Certificate[] certificates3 = pkcs12pfx.getCertificates((char[]) vector.elementAt(i2), null, null);
                if (certificates3 != null) {
                    System.out.println(new StringBuffer().append("Found ").append(certificates3.length).append(" password-protected certificates.").toString());
                    for (Certificate certificate2 : certificates3) {
                        vector2.addElement(certificate2);
                    }
                }
            }
        }
        if (x509CertImpl != null && privateKey != null && (certificates = pkcs12pfx.getCertificates(null, privateKey, x509CertImpl)) != null) {
            System.out.println(new StringBuffer().append("Found ").append(certificates.length).append(" pubkey-protected certificates.").toString());
            for (Certificate certificate3 : certificates) {
                vector2.addElement(certificate3);
            }
        }
        if (vector2.size() > 0) {
            certificateArr = new Certificate[vector2.size()];
            for (int i3 = 0; i3 < vector2.size(); i3++) {
                certificateArr[i3] = (Certificate) vector2.elementAt(i3);
            }
        }
        System.out.println("Getting all shrouded keys.");
        Vector vector3 = new Vector();
        EncryptedPrivateKeyInfo[] encryptedPrivateKeyInfoArr = null;
        EncryptedPrivateKeyInfo[] shroudedKeys2 = pkcs12pfx.getShroudedKeys(null, null, null);
        if (shroudedKeys2 != null) {
            System.out.println(new StringBuffer().append("Found ").append(shroudedKeys2.length).append(" unprotected shrouded keys.").toString());
            for (EncryptedPrivateKeyInfo encryptedPrivateKeyInfo : shroudedKeys2) {
                vector3.addElement(encryptedPrivateKeyInfo);
            }
        }
        if (vector.size() > 0) {
            for (int i4 = 0; i4 < vector.size(); i4++) {
                EncryptedPrivateKeyInfo[] shroudedKeys3 = pkcs12pfx.getShroudedKeys((char[]) vector.elementAt(i4), null, null);
                if (shroudedKeys3 != null) {
                    System.out.println(new StringBuffer().append("Found ").append(shroudedKeys3.length).append(" password-protected shrouded keys.").toString());
                    for (EncryptedPrivateKeyInfo encryptedPrivateKeyInfo2 : shroudedKeys3) {
                        vector3.addElement(encryptedPrivateKeyInfo2);
                    }
                }
            }
        }
        if (x509CertImpl != null && privateKey != null && (shroudedKeys = pkcs12pfx.getShroudedKeys(null, privateKey, x509CertImpl)) != null) {
            System.out.println(new StringBuffer().append("Found ").append(shroudedKeys.length).append(" pubkey-protected shrouded keys.").toString());
            for (EncryptedPrivateKeyInfo encryptedPrivateKeyInfo3 : shroudedKeys) {
                vector3.addElement(encryptedPrivateKeyInfo3);
            }
        }
        if (vector3.size() > 0) {
            encryptedPrivateKeyInfoArr = new EncryptedPrivateKeyInfo[vector3.size()];
            for (int i5 = 0; i5 < vector3.size(); i5++) {
                encryptedPrivateKeyInfoArr[i5] = (EncryptedPrivateKeyInfo) vector3.elementAt(i5);
            }
        }
        System.out.println("Getting all private keys.");
        Vector vector4 = new Vector();
        PrivateKeyInfo[] privateKeyInfoArr = null;
        if (encryptedPrivateKeyInfoArr != null) {
            System.out.println(new StringBuffer().append("Converting ").append(encryptedPrivateKeyInfoArr.length).append(" shrouded keys to private keys.").toString());
            for (EncryptedPrivateKeyInfo encryptedPrivateKeyInfo4 : encryptedPrivateKeyInfoArr) {
                try {
                    vector4.addElement(new PrivateKeyInfo(encryptedPrivateKeyInfo4.decrypt(cArr)));
                } catch (Exception e2) {
                }
            }
        }
        PrivateKeyInfo[] privateKeys2 = pkcs12pfx.getPrivateKeys(null, null, null);
        if (privateKeys2 != null) {
            System.out.println(new StringBuffer().append("Found ").append(privateKeys2.length).append(" unprotected private keys.").toString());
            for (PrivateKeyInfo privateKeyInfo : privateKeys2) {
                vector4.addElement(privateKeyInfo);
            }
        }
        if (vector.size() > 0) {
            for (int i6 = 0; i6 < vector.size(); i6++) {
                PrivateKeyInfo[] privateKeys3 = pkcs12pfx.getPrivateKeys((char[]) vector.elementAt(i6), null, null);
                if (privateKeys3 != null) {
                    System.out.println(new StringBuffer().append("Found ").append(privateKeys3.length).append(" password-protected private keys.").toString());
                    for (PrivateKeyInfo privateKeyInfo2 : privateKeys3) {
                        vector4.addElement(privateKeyInfo2);
                    }
                }
            }
        }
        if (x509CertImpl != null && privateKey != null && (privateKeys = pkcs12pfx.getPrivateKeys(null, privateKey, x509CertImpl)) != null) {
            System.out.println(new StringBuffer().append("Found ").append(privateKeys.length).append(" pubkey-protected private keys.").toString());
            for (PrivateKeyInfo privateKeyInfo3 : privateKeys) {
                vector4.addElement(privateKeyInfo3);
            }
        }
        if (vector4.size() > 0) {
            privateKeyInfoArr = new PrivateKeyInfo[vector4.size()];
            for (int i7 = 0; i7 < vector4.size(); i7++) {
                privateKeyInfoArr[i7] = (PrivateKeyInfo) vector4.elementAt(i7);
            }
        }
        if (certificateArr != null) {
            System.out.println(new StringBuffer().append("Found ").append(certificateArr.length).append(" certificates.").toString());
            for (int i8 = 0; i8 < certificateArr.length; i8++) {
                String stringBuffer = new StringBuffer().append("p12pfx").append(i8).append(".cer").toString();
                System.out.println(new StringBuffer().append("Writing certificate to ").append(stringBuffer).toString());
                byte[] encoded = certificateArr[i8].getEncoded();
                FileOutputStream fileOutputStream = new FileOutputStream(stringBuffer);
                fileOutputStream.write(encoded);
                fileOutputStream.close();
            }
        } else {
            System.out.println("Found no certificates.");
        }
        if (encryptedPrivateKeyInfoArr != null) {
            System.out.println(new StringBuffer().append("Found ").append(encryptedPrivateKeyInfoArr.length).append(" shrouded keys.").toString());
            for (int i9 = 0; i9 < encryptedPrivateKeyInfoArr.length; i9++) {
                String stringBuffer2 = new StringBuffer().append("p12pfx").append(i9).append(".epri").toString();
                System.out.println(new StringBuffer().append("Writing shrouded key to ").append(stringBuffer2).toString());
                encryptedPrivateKeyInfoArr[i9].write(stringBuffer2, false);
            }
        } else {
            System.out.println("Found no shrouded keys.");
        }
        if (privateKeyInfoArr != null) {
            System.out.println(new StringBuffer().append("Found ").append(privateKeyInfoArr.length).append(" private keys.").toString());
            for (int i10 = 0; i10 < privateKeyInfoArr.length; i10++) {
                String stringBuffer3 = new StringBuffer().append("p12pfx").append(i10).append(".pri").toString();
                System.out.println(new StringBuffer().append("Writing private key to ").append(stringBuffer3).toString());
                privateKeyInfoArr[i10].write(stringBuffer3, false);
            }
        } else {
            System.out.println("Found no private keys.");
        }
    }

    private static void usage() {
        System.out.println("Usage: parsePKCS12PFX -f PFX_file [-m mac_pwd] [-p pwd1 pwd2...]");
        System.out.println("                      [-c cf] [-k kf]");
        System.out.println("  where PFX_file is the PFX-containing file");
        System.out.println("        mac_pwd is the password used for data integrity");
        System.out.println("        -p is followed by one or more passwords to decrypt data with ");
        System.out.println("        -c is followed by a certificate file used to decrypt data ");
        System.out.println("           or verify a digital signature");
        System.out.println("        -k is followed by a private key file corresponding to the");
        System.out.println("           certificate's public key");
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v12, types: [java.security.PrivateKey] */
    private static PrivateKey convertPrivateKey(byte[] bArr) throws PKCSException {
        PrivateKeyInfo privateKeyInfo;
        try {
            System.out.println("Trying to create the private key as a PKCS8EncodedKeySpec.");
            privateKeyInfo = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(bArr));
        } catch (Exception e) {
            try {
                System.out.println("Trying to create the private key as a PrivateKeyInfo.");
                privateKeyInfo = new PrivateKeyInfo(bArr);
            } catch (Exception e2) {
                throw new PKCSException(e2, "Couldn't create private key.");
            }
        }
        if (privateKeyInfo == null) {
            throw new PKCSException("ERROR:  Could not create private key.");
        }
        return privateKeyInfo;
    }
}
