package com.rsa.certj.pkcs12;

import com.rsa.asn1.ASN1;
import com.rsa.asn1.ASN1Container;
import com.rsa.asn1.ASN1Template;
import com.rsa.asn1.ASN_Exception;
import com.rsa.asn1.EncodedContainer;
import com.rsa.asn1.EndContainer;
import com.rsa.asn1.IntegerContainer;
import com.rsa.asn1.OIDContainer;
import com.rsa.asn1.OctetStringContainer;
import com.rsa.asn1.SequenceContainer;
import com.rsa.certj.CertJ;
import com.rsa.certj.CertJException;
import com.rsa.certj.x.d;
import com.rsa.jsafe.JSAFE_Exception;
import com.rsa.jsafe.JSAFE_InvalidKeyException;
import com.rsa.jsafe.JSAFE_InvalidParameterException;
import com.rsa.jsafe.JSAFE_InvalidUseException;
import com.rsa.jsafe.JSAFE_MAC;
import com.rsa.jsafe.JSAFE_SecretKey;
import com.rsa.jsafe.JSAFE_UnimplementedException;
import java.security.SecureRandom;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/rsa/certj/pkcs12/MacData.class */
public final class MacData {
    private static final int a = 8;
    private static final int b = 1;

    private MacData() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] a(CertJ certJ, byte[] bArr, int i, int i2, String str, int i3, char[] cArr) throws PKCS12Exception {
        JSAFE_MAC jsafe_mac = null;
        byte[] bArr2 = new byte[8];
        try {
            try {
                jsafe_mac = d.d(a(str, i3), certJ.getDevice(), certJ);
                certJ.getRandomObject().generateRandomBytes(bArr2, 0, 8);
                jsafe_mac.setSalt(bArr2, 0, bArr2.length);
                JSAFE_SecretKey blankKey = jsafe_mac.getBlankKey();
                blankKey.setPassword(cArr, 0, cArr.length);
                jsafe_mac.macInit(blankKey, (SecureRandom) null);
                byte[] bArr3 = new byte[jsafe_mac.getMACSize()];
                jsafe_mac.macUpdate(bArr, i, i2);
                jsafe_mac.macFinal(bArr3, 0);
                if (jsafe_mac != null) {
                    jsafe_mac.clearSensitiveData();
                }
                try {
                    ASN1Container sequenceContainer = new SequenceContainer(0, true, 0);
                    ASN1Container sequenceContainer2 = new SequenceContainer(0, true, 0);
                    ASN1Container endContainer = new EndContainer();
                    ASN1Template aSN1Template = new ASN1Template(new ASN1Container[]{sequenceContainer, sequenceContainer2, new OIDContainer(0, true, 0, str, 11), new EncodedContainer(77824, false, 0, (byte[]) null, 0, 0), endContainer, new OctetStringContainer(0, true, 0, bArr3, 0, bArr3.length), endContainer});
                    byte[] bArr4 = new byte[aSN1Template.derEncodeInit()];
                    aSN1Template.derEncode(bArr4, 0);
                    try {
                        ASN1Template aSN1Template2 = new ASN1Template(new ASN1Container[]{new SequenceContainer(0, true, 0), new EncodedContainer(12288, true, 0, bArr4, 0, bArr4.length), new OctetStringContainer(0, true, 0, bArr2, 0, 8), new IntegerContainer(131072, i3 != 1, 0, i3), new EndContainer()});
                        byte[] bArr5 = new byte[aSN1Template2.derEncodeInit()];
                        aSN1Template2.derEncode(bArr5, 0);
                        return bArr5;
                    } catch (ASN_Exception e) {
                        throw new PKCS12Exception("MacData.encodeMac: Encoding MacData failed.", e);
                    }
                } catch (ASN_Exception e2) {
                    throw new PKCS12Exception("MacData.encodeMac: Encoding DigestInfo failed.", e2);
                }
            } catch (Throwable th) {
                if (jsafe_mac != null) {
                    jsafe_mac.clearSensitiveData();
                }
                throw th;
            }
        } catch (CertJException e3) {
            throw new PKCS12Exception("MacData.computeMac: ", e3);
        } catch (JSAFE_Exception e4) {
            throw new PKCS12Exception("MacData.computeMac: JSAFE operation failed.", e4);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void a(CertJ certJ, char[] cArr, byte[] bArr, byte[] bArr2, int i, int i2) throws PKCS12Exception {
        if (certJ == null) {
            throw new PKCS12Exception("MacData.MacData: certJ can not be null.");
        }
        try {
            ASN1Container sequenceContainer = new SequenceContainer(i2);
            ASN1Container endContainer = new EndContainer();
            ASN1Container encodedContainer = new EncodedContainer(12288);
            ASN1Container octetStringContainer = new OctetStringContainer(0);
            ASN1Container integerContainer = new IntegerContainer(131072);
            ASN1.berDecode(bArr2, i, new ASN1Container[]{sequenceContainer, encodedContainer, octetStringContainer, integerContainer, endContainer});
            int i3 = 1;
            if (((IntegerContainer) integerContainer).dataPresent) {
                i3 = integerContainer.getValueAsInt();
            }
            ASN1Container sequenceContainer2 = new SequenceContainer(0);
            ASN1Container sequenceContainer3 = new SequenceContainer(0);
            ASN1Container oIDContainer = new OIDContainer(0, 11);
            ASN1Container encodedContainer2 = new EncodedContainer(77824);
            ASN1Container octetStringContainer2 = new OctetStringContainer(0);
            ASN1.berDecode(((EncodedContainer) encodedContainer).data, ((EncodedContainer) encodedContainer).dataOffset, new ASN1Container[]{sequenceContainer2, sequenceContainer3, oIDContainer, encodedContainer2, endContainer, octetStringContainer2, endContainer});
            JSAFE_MAC d = d.d(a(((OIDContainer) oIDContainer).transformation, i3), certJ.getDevice(), certJ);
            d.setSalt(((OctetStringContainer) octetStringContainer).data, ((OctetStringContainer) octetStringContainer).dataOffset, ((OctetStringContainer) octetStringContainer).dataLen);
            JSAFE_SecretKey blankKey = d.getBlankKey();
            blankKey.setPassword(cArr, 0, cArr.length);
            d.verifyInit(blankKey, (SecureRandom) null);
            d.verifyUpdate(bArr, 0, bArr.length);
            if (d.verifyFinal(((OctetStringContainer) octetStringContainer2).data, ((OctetStringContainer) octetStringContainer2).dataOffset, ((OctetStringContainer) octetStringContainer2).dataLen)) {
            } else {
                throw new PKCS12Exception("MacData.MacData: MAC Verification failed");
            }
        } catch (JSAFE_InvalidParameterException e) {
            throw new PKCS12Exception((Exception) e);
        } catch (ASN_Exception e2) {
            throw new PKCS12Exception("Cannot decode the BER of the MacData.");
        } catch (JSAFE_InvalidKeyException e3) {
            throw new PKCS12Exception((Exception) e3);
        } catch (JSAFE_InvalidUseException e4) {
            throw new PKCS12Exception((Exception) e4);
        } catch (JSAFE_UnimplementedException e5) {
            throw new PKCS12Exception((Exception) e5);
        }
    }

    private static String a(String str, int i) {
        return "PBE/HMAC/" + str + "/PKCS12V1PBE-" + i + "-160";
    }
}
