package oracle.security.pki;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.RSAPrivateCrtKey;
import java.util.Vector;
import oracle.security.pki.internal.asn1.ASN1Object;
import oracle.security.pki.internal.asn1.ASN1OctetString;
import oracle.security.pki.internal.cert.CertificateRequest;
import oracle.security.pki.internal.cert.X500Name;
import oracle.security.pki.internal.pkcs12.PKCS12Bag;
import oracle.security.pki.internal.pkcs12.PKCS12CertBag;
import oracle.security.pki.internal.pkcs12.PKCS12KeyBag;
import oracle.security.pki.internal.pkcs12.PKCS12SecretBag;
import oracle.security.pki.internal.pkcs12.PKCS12ShroudedKeyBag;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:oracle/security/pki/OracleKSIdentityEntry.class */
public class OracleKSIdentityEntry extends OracleKSEntry {
    private PKCS12Bag c;
    private Certificate[] d;
    private CertificateRequest e;
    int b;

    /* JADX INFO: Access modifiers changed from: package-private */
    public OracleKSIdentityEntry(PKCS12Bag pKCS12Bag, Certificate[] certificateArr) {
        this.b = -1;
        this.c = pKCS12Bag;
        this.d = certificateArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public OracleKSIdentityEntry(PKCS12Bag pKCS12Bag, Vector vector) {
        this.b = -1;
        if (!(pKCS12Bag instanceof PKCS12SecretBag)) {
            throw new IllegalArgumentException("Incorrect bag type" + pKCS12Bag);
        }
        this.c = null;
        ASN1Object f = ((PKCS12SecretBag) pKCS12Bag).f();
        if (f instanceof ASN1OctetString) {
            try {
                this.e = new CertificateRequest(((ASN1OctetString) f).b());
            } catch (IOException e) {
            }
        }
        byte[] c = pKCS12Bag.c();
        this.b = OracleLocalKeyId.l(c);
        Vector vector2 = new Vector(vector.size());
        byte[] c2 = OracleLocalKeyId.c(OracleLocalKeyId.k(c), OracleLocalKeyId.l(c));
        int i = 0;
        while (true) {
            if (i >= vector.size()) {
                break;
            }
            PKCS12CertBag pKCS12CertBag = (PKCS12CertBag) vector.elementAt(i);
            if (a(pKCS12CertBag.c(), c2)) {
                vector2.addElement(new OraclePKIX509CertImpl(pKCS12CertBag.e()));
                vector.removeElementAt(i);
                if (OraclePKIDebug.getDebugFlag()) {
                    try {
                        OraclePKIDebug.a("Found certificate " + pKCS12CertBag.e());
                    } catch (Exception e2) {
                        OraclePKIDebug.a("Found certificate - Cannot be converted to string");
                    }
                }
            } else {
                i++;
            }
        }
        if (vector2.size() == 0) {
            OraclePKIDebug.a("No certificate found for cert req " + c);
            this.d = null;
            return;
        }
        X509Certificate x509Certificate = (X509Certificate) vector2.lastElement();
        while (true) {
            if (x509Certificate.getIssuerDN().equals(x509Certificate.getSubjectDN())) {
                break;
            }
            boolean z = false;
            int i2 = 0;
            while (true) {
                if (i2 >= vector.size()) {
                    break;
                }
                PKCS12CertBag pKCS12CertBag2 = (PKCS12CertBag) vector.elementAt(i2);
                if (x509Certificate.getIssuerDN().equals(pKCS12CertBag2.e().m())) {
                    z = true;
                    vector2.addElement(new OraclePKIX509CertImpl(pKCS12CertBag2.e()));
                    x509Certificate = (X509Certificate) vector2.lastElement();
                    break;
                }
                i2++;
            }
            if (!z) {
                OraclePKIDebug.a("Cert chain incomplete for key " + this.c);
                break;
            }
        }
        OraclePKIDebug.a("Cert chain determined");
        this.d = new Certificate[vector2.size()];
        this.d = (Certificate[]) vector2.toArray(this.d);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public OracleKSIdentityEntry(PKCS12Bag pKCS12Bag, Vector vector, Vector vector2) throws IOException {
        this.b = -1;
        if (!(pKCS12Bag instanceof PKCS12KeyBag) && !(pKCS12Bag instanceof PKCS12ShroudedKeyBag)) {
            throw new IllegalArgumentException("Incorrect bag type" + pKCS12Bag);
        }
        this.c = pKCS12Bag;
        byte[] c = this.c.c();
        this.b = OracleLocalKeyId.l(c);
        byte[] bytes = "abcxyz".getBytes();
        byte[] bArr = null;
        String str = null;
        PrivateKey privateKey = null;
        if (pKCS12Bag instanceof PKCS12KeyBag) {
            privateKey = ((PKCS12KeyBag) pKCS12Bag).e();
        } else if (pKCS12Bag instanceof PKCS12ShroudedKeyBag) {
            privateKey = ((PKCS12ShroudedKeyBag) pKCS12Bag).g();
        }
        str = privateKey != null ? privateKey.getAlgorithm() : str;
        if (str != null && str.equals(PKIConstants.RSA)) {
            try {
                Signature signatureInstance = JCEUtil.getSignatureInstance(PKIConstants.SHA256_RSA);
                signatureInstance.initSign(privateKey);
                signatureInstance.update(bytes, 0, bytes.length);
                bArr = signatureInstance.sign();
            } catch (GeneralSecurityException e) {
                if (OraclePKIDebug.getDebugFlag()) {
                    e.printStackTrace();
                }
                throw new IOException(e.getLocalizedMessage());
            }
        } else if (str != null && str.equals(PKIConstants.EC)) {
            try {
                Signature signatureInstance2 = JCEUtil.getSignatureInstance(PKIConstants.SHA256_ECDSA);
                signatureInstance2.initSign(privateKey);
                signatureInstance2.update(bytes, 0, bytes.length);
                bArr = signatureInstance2.sign();
            } catch (GeneralSecurityException e2) {
                e2.printStackTrace();
            }
        }
        Vector vector3 = new Vector(vector.size());
        int i = 0;
        while (true) {
            if (i >= vector.size()) {
                break;
            }
            boolean z = false;
            PKCS12CertBag pKCS12CertBag = (PKCS12CertBag) vector.elementAt(i);
            PublicKey b = pKCS12CertBag.e().b();
            String algorithm = b.getAlgorithm();
            if (str.equals(algorithm)) {
                if (algorithm.equals(PKIConstants.RSA)) {
                    try {
                        Signature signatureInstance3 = JCEUtil.getSignatureInstance(PKIConstants.SHA256_RSA);
                        signatureInstance3.initVerify(b);
                        signatureInstance3.update(bytes, 0, bytes.length);
                        z = signatureInstance3.verify(bArr);
                    } catch (GeneralSecurityException e3) {
                        if (OraclePKIDebug.getDebugFlag()) {
                            e3.printStackTrace();
                        }
                    }
                } else if (algorithm.equals(PKIConstants.EC)) {
                    try {
                        Signature signatureInstance4 = JCEUtil.getSignatureInstance(PKIConstants.SHA256_ECDSA);
                        signatureInstance4.initVerify(b);
                        signatureInstance4.update(bytes, 0, bytes.length);
                        z = signatureInstance4.verify(bArr);
                    } catch (GeneralSecurityException e4) {
                        e4.printStackTrace();
                    }
                }
            }
            if (a(pKCS12CertBag.c(), c) && z) {
                vector3.addElement(new OraclePKIX509CertImpl(pKCS12CertBag.e()));
                vector.removeElementAt(i);
                if (OraclePKIDebug.getDebugFlag()) {
                    try {
                        OraclePKIDebug.a("Found certificate " + pKCS12CertBag.e());
                    } catch (Exception e5) {
                        OraclePKIDebug.a("Found certificate - Cannot be converted to string");
                    }
                }
            } else if (OracleLocalKeyId.j(c)) {
                if (!OracleLocalKeyId.d(pKCS12CertBag.c()) && z) {
                    vector3.addElement(new OraclePKIX509CertImpl(pKCS12CertBag.e()));
                    vector.removeElementAt(i);
                    if (OraclePKIDebug.getDebugFlag()) {
                        try {
                            OraclePKIDebug.a("Found certificate " + pKCS12CertBag.e());
                        } catch (Exception e6) {
                            OraclePKIDebug.a("Found certificate - Cannot be converted to string");
                        }
                    }
                }
                i++;
            } else if (z) {
                vector3.addElement(new OraclePKIX509CertImpl(pKCS12CertBag.e()));
                vector.removeElementAt(i);
                if (OraclePKIDebug.getDebugFlag()) {
                    try {
                        OraclePKIDebug.a("Found certificate " + pKCS12CertBag.e());
                    } catch (Exception e7) {
                        OraclePKIDebug.a("Found certificate - Cannot be converted to string");
                    }
                }
            } else {
                i++;
            }
        }
        byte[] d = OracleLocalKeyId.d(OracleLocalKeyId.k(c), OracleLocalKeyId.l(c));
        for (int i2 = 0; i2 < vector2.size(); i2++) {
            PKCS12SecretBag pKCS12SecretBag = (PKCS12SecretBag) vector2.elementAt(i2);
            if (a(pKCS12SecretBag.c(), d)) {
                ASN1Object f = pKCS12SecretBag.f();
                if (f instanceof ASN1OctetString) {
                    try {
                        this.e = new CertificateRequest(((ASN1OctetString) f).b());
                        vector2.removeElementAt(i2);
                        OraclePKIDebug.a("Found cert req " + this.e);
                        break;
                    } catch (IOException e8) {
                    }
                } else {
                    continue;
                }
            }
        }
        if (vector3.size() == 0) {
            OraclePKIDebug.a("No certificate found for key " + this.c.c());
            this.d = null;
            return;
        }
        X509Certificate x509Certificate = (X509Certificate) vector3.lastElement();
        while (true) {
            if (x509Certificate.getIssuerDN().equals(x509Certificate.getSubjectDN())) {
                break;
            }
            boolean z2 = false;
            int i3 = 0;
            while (true) {
                if (i3 >= vector.size()) {
                    break;
                }
                PKCS12CertBag pKCS12CertBag2 = (PKCS12CertBag) vector.elementAt(i3);
                if (x509Certificate.getIssuerDN().equals(pKCS12CertBag2.e().m())) {
                    z2 = true;
                    vector3.addElement(new OraclePKIX509CertImpl(pKCS12CertBag2.e()));
                    x509Certificate = (X509Certificate) vector3.lastElement();
                    break;
                }
                i3++;
            }
            if (!z2) {
                OraclePKIDebug.a("Cert chain incomplete for key " + this.c);
                break;
            }
        }
        OraclePKIDebug.a("Cert chain determined");
        this.d = new Certificate[vector3.size()];
        this.d = (Certificate[]) vector3.toArray(this.d);
    }

    String a(byte[] bArr) {
        return new String("personaNum:" + OracleLocalKeyId.k(bArr) + "  componentNum:" + OracleLocalKeyId.l(bArr));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Key g() {
        PrivateKey privateKey = null;
        if (this.c instanceof PKCS12KeyBag) {
            privateKey = ((PKCS12KeyBag) this.c).e();
        } else if (this.c instanceof PKCS12ShroudedKeyBag) {
            privateKey = ((PKCS12ShroudedKeyBag) this.c).g();
        }
        if (privateKey instanceof RSAPrivateCrtKey) {
            return new OraclePKIRSAPrivateKey((RSAPrivateCrtKey) privateKey, this.e);
        }
        if (privateKey instanceof ECPrivateKey) {
            return new OraclePKIECPrivateKey((ECPrivateKey) privateKey, this.e);
        }
        if (this.e == null || this.c != null) {
            return null;
        }
        return new OraclePKIRSAPrivateKey(null, this.e);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // oracle.security.pki.OracleKSEntry
    public Certificate f() {
        if (this.d == null) {
            return null;
        }
        return this.d[0];
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // oracle.security.pki.OracleKSEntry
    public Certificate[] e() {
        if (this.d == null) {
            return null;
        }
        return (Certificate[]) this.d.clone();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // oracle.security.pki.OracleKSEntry
    public boolean d() {
        return true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // oracle.security.pki.OracleKSEntry
    public String b() {
        Certificate f = f();
        if (!(f instanceof X509Certificate)) {
            return "";
        }
        OraclePKIDebug.a("Certificate for private key is " + f);
        X500Name x500Name = new X500Name(((X509Certificate) f).getSubjectDN().getName());
        String str = "CN=" + x500Name.f();
        if (x500Name.f() == null) {
            str = "OU=" + x500Name.e();
        }
        return str;
    }

    private boolean a(byte[] bArr, byte[] bArr2) {
        if (((bArr == null) || (bArr2 == null)) || bArr.length != bArr2.length) {
            return false;
        }
        for (int i = 0; i < bArr.length; i++) {
            if (bArr[i] != bArr2[i]) {
                return false;
            }
        }
        return true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] h() {
        if (this.c == null) {
            return null;
        }
        return this.c.c();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int i() {
        return this.b;
    }
}
