package com.initech.pkix.cmp;

import com.initech.cryptox.Mac;
import com.initech.pki.asn1.ASN1BitString;
import com.initech.pki.asn1.ASN1Decoder;
import com.initech.pki.asn1.ASN1Encoder;
import com.initech.pki.asn1.ASN1Exception;
import com.initech.pki.asn1.ASN1Tag;
import com.initech.pki.asn1.DERDecoder;
import com.initech.pki.asn1.DEREncoder;
import com.initech.pki.asn1.useful.ASN1Object;
import com.initech.pki.asn1.useful.AlgorithmID;
import com.initech.pki.util.ArrayComparator;
import com.initech.pki.util.Hex;
import com.initech.pki.x509.Certificates;
import com.initech.provider.pkix.mac.CMPMacKey;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.X509Certificate;
import java.security.spec.AlgorithmParameterSpec;

/* loaded from: classes.dex */
public class PKIMessage extends ASN1Object implements Cloneable {
    private PKIBody body;
    private boolean contentModified;
    private byte[] encContent;
    private Certificates extraCerts;
    private PKIHeader header;
    private ASN1BitString protection;

    public PKIMessage() {
        this.header = new PKIHeader();
        this.body = new PKIBody();
        this.extraCerts = new Certificates();
        this.encContent = null;
        this.contentModified = true;
        this.contentModified = true;
        this.modified = true;
        this.protection = null;
    }

    public PKIMessage(byte[] bArr) throws ASN1Exception {
        this.header = new PKIHeader();
        this.body = new PKIBody();
        this.extraCerts = new Certificates();
        this.encContent = null;
        this.contentModified = true;
        decode(new DERDecoder(bArr));
        this.encoded = (byte[]) bArr.clone();
        this.modified = false;
    }

    public void addExtraCertificate(X509Certificate x509Certificate) {
        this.extraCerts.add(x509Certificate);
    }

    public Object clone() {
        try {
            return new PKIMessage(getEncoded());
        } catch (Exception e) {
            try {
                return (PKIMessage) super.clone();
            } catch (CloneNotSupportedException e2) {
                return null;
            }
        }
    }

    @Override // com.initech.pki.asn1.useful.ASN1Object, com.initech.pki.asn1.ASN1Type
    public void decode(ASN1Decoder aSN1Decoder) throws ASN1Exception {
        int decodeSequence = aSN1Decoder.decodeSequence();
        this.header.decode(aSN1Decoder);
        this.body.decode(aSN1Decoder);
        if (aSN1Decoder.nextIsOptional(ASN1Tag.makeExplicitTag(0))) {
            this.protection = null;
        } else {
            int decodeExplicit = aSN1Decoder.decodeExplicit(ASN1Tag.makeContextTag(0));
            this.protection = aSN1Decoder.decodeBitString();
            aSN1Decoder.endOf(decodeExplicit);
        }
        if (aSN1Decoder.nextIsOptional(ASN1Tag.makeExplicitTag(1))) {
            this.extraCerts.clear();
        } else {
            int decodeExplicit2 = aSN1Decoder.decodeExplicit(ASN1Tag.makeContextTag(1));
            this.extraCerts.decode(aSN1Decoder);
            aSN1Decoder.endOf(decodeExplicit2);
        }
        aSN1Decoder.endOf(decodeSequence);
    }

    @Override // com.initech.pki.asn1.useful.ASN1Object, com.initech.pki.asn1.ASN1EncType
    public void encode(ASN1Encoder aSN1Encoder) throws ASN1Exception {
        int encodeSequence = aSN1Encoder.encodeSequence();
        aSN1Encoder.encodeAny(this.header.getEncoded());
        if (this.contentModified || this.encContent == null) {
            this.body.encode(aSN1Encoder);
        } else {
            aSN1Encoder.encodeAny(this.encContent);
        }
        if (this.protection != null) {
            int encodeExplicit = aSN1Encoder.encodeExplicit(ASN1Tag.makeContextTag(0));
            aSN1Encoder.encodeBitString(this.protection);
            aSN1Encoder.endOf(encodeExplicit);
        }
        if (this.extraCerts.size() > 0) {
            int encodeExplicit2 = aSN1Encoder.encodeExplicit(ASN1Tag.makeContextTag(1));
            this.extraCerts.encode(aSN1Encoder);
            aSN1Encoder.endOf(encodeExplicit2);
        }
        aSN1Encoder.endOf(encodeSequence);
    }

    public Object getContentBody() {
        return this.body.getContentBody();
    }

    public int getContentType() {
        return this.body.getContentType();
    }

    public PKIHeader getHeader() {
        return this.header;
    }

    public byte[] getProtectedBody() throws ASN1Exception {
        DEREncoder dEREncoder = new DEREncoder();
        int encodeSequence = dEREncoder.encodeSequence();
        dEREncoder.encodeAny(this.header.getEncoded());
        if (this.contentModified) {
            DEREncoder dEREncoder2 = new DEREncoder();
            this.body.encode(dEREncoder2);
            this.encContent = dEREncoder2.toByteArray();
            this.contentModified = false;
        }
        dEREncoder.encodeAny(this.encContent);
        dEREncoder.endOf(encodeSequence);
        return dEREncoder.toByteArray();
    }

    public byte[] getProtection() {
        if (this.protection == null) {
            return null;
        }
        return this.protection.getAsByteArray();
    }

    public boolean hasProtection() {
        return this.protection != null;
    }

    public void mac(byte[] bArr, AlgorithmID algorithmID) throws SignatureException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException {
        mac(bArr, algorithmID, "InitechPKIX");
    }

    public void mac(byte[] bArr, AlgorithmID algorithmID, String str) throws SignatureException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException {
        AlgorithmParameterSpec dHBMParameter;
        PBMParameter pBMParameter = null;
        try {
            if ("1.2.840.113533.7.66.13".equals(algorithmID.getAlg())) {
                pBMParameter = new PBMParameter(algorithmID.getParameter());
                dHBMParameter = pBMParameter;
            } else {
                if (!"1.2.840.113533.7.66.30".equals(algorithmID.getAlg())) {
                    throw new NoSuchAlgorithmException(algorithmID.getAlg());
                }
                dHBMParameter = new DHBMParameter(algorithmID.getParameter());
            }
            try {
                Mac mac = pBMParameter.getMACAlg().equals("1.3.14.3.2.10") ? Mac.getInstance("PasswordBasedMacETRI", str) : Mac.getInstance(algorithmID.getAlgName(), str);
                this.header.setProtectionAlg(algorithmID);
                try {
                    mac.init(new CMPMacKey(bArr), dHBMParameter);
                    mac.update(getProtectedBody());
                    if (this.protection == null) {
                        this.protection = new ASN1BitString();
                    }
                    this.protection.setByteArray(mac.doFinal());
                    this.contentModified = true;
                    this.modified = true;
                } catch (ASN1Exception e) {
                    throw new SignatureException(e.toString());
                }
            } catch (NoSuchProviderException e2) {
                throw new SignatureException(e2.toString());
            }
        } catch (ASN1Exception e3) {
            throw new SignatureException(e3.toString());
        }
    }

    public void setContent(int i, Object obj) throws ASN1Exception {
        this.modified = true;
        this.contentModified = true;
        this.body.setContent(i, obj);
    }

    public void setHeader(PKIHeader pKIHeader) {
        this.modified = true;
        this.header = pKIHeader;
    }

    public void setProtection(byte[] bArr) {
        this.modified = true;
        if (this.protection == null) {
            this.protection = new ASN1BitString(0, bArr);
        } else {
            this.protection.setByteArray(bArr);
        }
    }

    public void sign(PrivateKey privateKey, AlgorithmID algorithmID) throws InvalidKeyException, SignatureException, NoSuchAlgorithmException {
        Signature signature = Signature.getInstance(algorithmID.getAlgName());
        this.header.setProtectionAlg(algorithmID);
        try {
            signature.initSign(privateKey);
            signature.update(getProtectedBody());
            if (this.protection == null) {
                this.protection = new ASN1BitString();
            }
            this.protection.setByteArray(signature.sign());
            this.modified = true;
            this.contentModified = true;
        } catch (ASN1Exception e) {
            throw new SignatureException(e.toString());
        }
    }

    public void sign(PrivateKey privateKey, AlgorithmID algorithmID, String str) throws InvalidKeyException, SignatureException, NoSuchAlgorithmException {
        try {
            Signature signature = Signature.getInstance(algorithmID.getAlgName(), str);
            this.header.setProtectionAlg(algorithmID);
            try {
                signature.initSign(privateKey);
                signature.update(getProtectedBody());
                if (this.protection == null) {
                    this.protection = new ASN1BitString();
                }
                this.protection.setByteArray(signature.sign());
                this.modified = true;
                this.contentModified = true;
            } catch (ASN1Exception e) {
                throw new SignatureException(e.toString());
            }
        } catch (NoSuchProviderException e2) {
            throw new SignatureException(e2.toString());
        }
    }

    public boolean verify(Object obj) throws NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException, SignatureException {
        if (obj instanceof PublicKey) {
            return verifySign((PublicKey) obj);
        }
        if (obj instanceof byte[]) {
            return verifyMac((byte[]) obj, "InitechPKIX");
        }
        throw new InvalidKeyException();
    }

    public boolean verify(Object obj, String str) throws NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException, SignatureException {
        if (obj instanceof PublicKey) {
            return verifySign((PublicKey) obj, str);
        }
        if (obj instanceof byte[]) {
            return verifyMac((byte[]) obj, str);
        }
        throw new InvalidKeyException();
    }

    public boolean verifyMac(byte[] bArr) throws SignatureException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException {
        return verifyMac(bArr, "InitechPKIX");
    }

    /* JADX WARN: Multi-variable type inference failed */
    public boolean verifyMac(byte[] bArr, String str) throws SignatureException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException {
        AlgorithmID protectionAlg;
        NoSuchProviderException noSuchProviderException;
        ASN1Exception aSN1Exception;
        Mac mac;
        DHBMParameter dHBMParameter;
        PBMParameter pBMParameter;
        if (this.protection != null && (protectionAlg = this.header.getProtectionAlg()) != null) {
            try {
                if ("1.2.840.113533.7.66.13".equals(protectionAlg.getAlg())) {
                    if (protectionAlg.getParameter() == null) {
                        System.out.println("ETRI");
                        PBMParameter pBMParameter2 = new PBMParameter();
                        pBMParameter2.setETRIParam();
                        pBMParameter = pBMParameter2;
                    } else {
                        System.out.println("not ETRI");
                        pBMParameter = new PBMParameter(protectionAlg.getParameter());
                    }
                    dHBMParameter = pBMParameter;
                    if (new String(pBMParameter.getMACAlg()).equals("1.3.14.3.2.10")) {
                        System.out.println("PasswordBasedMacETRI");
                        System.out.println(protectionAlg.getAlgName());
                        mac = Mac.getInstance("PasswordBasedMacETRI", str);
                    } else {
                        System.out.println("not PasswordBasedMacETRI");
                        mac = Mac.getInstance(protectionAlg.getAlgName(), str);
                    }
                } else {
                    if (!"1.2.840.113533.7.66.30".equals(protectionAlg.getAlg())) {
                        throw new NoSuchAlgorithmException(protectionAlg.getAlg());
                    }
                    DHBMParameter dHBMParameter2 = new DHBMParameter(protectionAlg.getParameter());
                    try {
                        mac = Mac.getInstance(protectionAlg.getAlgName(), str);
                        dHBMParameter = dHBMParameter2;
                    } catch (ASN1Exception e) {
                        aSN1Exception = e;
                        throw new SignatureException(aSN1Exception.toString());
                    } catch (NoSuchProviderException e2) {
                        noSuchProviderException = e2;
                        throw new SignatureException(noSuchProviderException.toString());
                    }
                }
                try {
                    mac.init(new CMPMacKey(bArr), dHBMParameter);
                    mac.update(getProtectedBody());
                    byte[] doFinal = mac.doFinal();
                    System.out.println(new StringBuffer("newMac: ").append(Hex.dumpHex(doFinal)).toString());
                    System.out.println(new StringBuffer("protection: ").append(Hex.dumpHex(this.protection.getAsByteArray())).toString());
                    return ArrayComparator.equals(doFinal, this.protection.getAsByteArray());
                } catch (ASN1Exception e3) {
                    throw new SignatureException(e3.toString());
                }
            } catch (ASN1Exception e4) {
                aSN1Exception = e4;
            } catch (NoSuchProviderException e5) {
                noSuchProviderException = e5;
            }
        }
        return false;
    }

    public boolean verifySign(PublicKey publicKey) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        AlgorithmID protectionAlg;
        if (this.protection != null && (protectionAlg = this.header.getProtectionAlg()) != null) {
            try {
                System.out.println("verifySign");
                Signature signature = Signature.getInstance(protectionAlg.getAlgName());
                signature.initVerify(publicKey);
                signature.update(getProtectedBody());
                return signature.verify(this.protection.getAsByteArray());
            } catch (Exception e) {
                throw new SignatureException(e.toString());
            }
        }
        return false;
    }

    public boolean verifySign(PublicKey publicKey, String str) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        AlgorithmID protectionAlg;
        if (this.protection != null && (protectionAlg = this.header.getProtectionAlg()) != null) {
            try {
                Signature signature = Signature.getInstance(protectionAlg.getAlgName(), str);
                signature.initVerify(publicKey);
                signature.update(getProtectedBody());
                return signature.verify(this.protection.getAsByteArray());
            } catch (Exception e) {
                throw new SignatureException(e.toString());
            }
        }
        return false;
    }
}
