package pl.unizeto.cmp;

import iaik.asn1.ASN;
import iaik.asn1.ASN1;
import iaik.asn1.ASN1Object;
import iaik.asn1.ASN1Type;
import iaik.asn1.CodingException;
import iaik.asn1.DerCoder;
import iaik.asn1.INTEGER;
import iaik.asn1.OCTET_STRING;
import iaik.asn1.ObjectID;
import iaik.asn1.PrintableString;
import iaik.asn1.SEQUENCE;
import iaik.asn1.structures.AlgorithmID;
import iaik.asn1.structures.Name;
import iaik.security.cipher.SecretKey;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.lang.reflect.Array;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Random;
import javax.crypto.Mac;
import pl.unizeto.pki.cryptomanager.CryptoManagerException;
import pl.unizeto.pki.cryptomanager.SecretSymmetricalKey;
import pl.unizeto.pki.util.OIDs;

/* loaded from: classes.dex */
public class IAKMessage implements ASN1Type {
    public static final String CER_SIG = "CER-SIG";
    public static final String DH = "DH";
    public static final String IR_CONFIRMED = "IR-CONFIRMED";
    public static final String IR_GET_RESPONSE = "GET-RESPONSE";
    public static final String IR_IN_RA = "IR-IN-RA";
    public static final String IR_WAIT = "WAIT";
    public static final String MES_SIG = "MES-SIG";
    public static final String NO_IR = "NO-IR";
    private AlgorithmID algorithmID;
    private SEQUENCE caCerts;
    private PrintableString irInfo;
    private Name name;
    private OCTET_STRING protection;
    private OCTET_STRING refValue;

    public IAKMessage() {
        this.caCerts = new SEQUENCE();
    }

    public IAKMessage(int i, Name name, String str, String str2) throws CodingException {
        this();
        setDefaultPasswordBaseMac(i);
        setName(name);
        setRefValue(str);
        setIrInfo(str2);
    }

    public IAKMessage(InputStream inputStream) throws IOException, CodingException {
        this();
        if (inputStream == null) {
            throw new IOException("Cannot parse IAKMessage from a null input stream!");
        }
        decode(inputStream);
    }

    public IAKMessage(byte[] bArr) throws CodingException {
        this();
        if (bArr == null) {
            throw new NullPointerException("Cannot parse IAKMessage from a null byte[]!");
        }
        decode(new ASN1(bArr).toASN1Object());
    }

    private static AlgorithmID buildDefaultPBMac(int i) throws CodingException {
        if (i < 1) {
            throw new IllegalArgumentException("iterationCount should be greater then 0");
        }
        return new AlgorithmID(new ObjectID(OIDs.getOID("PasswordBasedMac"), "PasswordBasedMac"), new PBMParameter(new OCTET_STRING(generateSalt().getBytes()), AlgorithmID.sha1, new INTEGER(i), new AlgorithmID(OIDs.getOID("HMAC-SHA1"), "HMAC-SHA1")).toASN1Object());
    }

    public static byte[] buildPasswordBaseMac(int i) throws CodingException {
        return DerCoder.encode(buildDefaultPBMac(i).toASN1Object());
    }

    private OCTET_STRING generateProtection(byte[] bArr) throws CodingException {
        if (getAlgorithmID() == null || getName() == null || getRefValue() == null || this.irInfo == null) {
            throw new CodingException("All fields of body of IAKMessage should be set.");
        }
        PBMParameter pBMParameter = getPBMParameter();
        if (pBMParameter == null) {
            throw new CodingException("pBMParameter is null");
        }
        try {
            SecretKey secretSymmetricalKey = new SecretSymmetricalKey(bArr, pBMParameter).getSecretSymmetricalKey();
            Mac mac = pBMParameter.getMac().getAlgorithm().getID().equals(OIDs.getOID("HMAC-SHA1")) ? Mac.getInstance("HMAC/SHA") : null;
            if (mac == null) {
                return null;
            }
            mac.init(secretSymmetricalKey);
            return new OCTET_STRING(mac.doFinal(DerCoder.encode(getANSObjectOfIAKData())));
        } catch (IOException e) {
            throw new CodingException(e.getMessage());
        } catch (InvalidKeyException e2) {
            throw new CodingException(e2.getMessage());
        } catch (NoSuchAlgorithmException e3) {
            throw new CodingException(e3.getMessage());
        } catch (CryptoManagerException e4) {
            throw new CodingException(e4.getMessage());
        }
    }

    private static String generateSalt() {
        String str = "";
        Random random = new Random();
        for (int i = 0; i < 20; i++) {
            int nextInt = random.nextInt("ABCDEFGHIJKLMNOPRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890".length() - 1);
            str = str + "ABCDEFGHIJKLMNOPRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890".substring(nextInt, nextInt + 1);
        }
        return str;
    }

    private ASN1Object getANSObjectOfIAKData() throws CodingException {
        try {
            if (this.algorithmID == null) {
                throw new CodingException("algorithmIdentifier is empty.");
            }
            if (this.name == null) {
                throw new CodingException("name is empty.");
            }
            if (this.refValue == null) {
                throw new CodingException("refValue is empty.");
            }
            if (this.irInfo == null) {
                throw new CodingException("irInfo is empty.");
            }
            SEQUENCE sequence = new SEQUENCE();
            sequence.addComponent(this.algorithmID.toASN1Object());
            sequence.addComponent(this.name.toASN1Object());
            sequence.addComponent(this.refValue);
            sequence.addComponent(this.irInfo);
            if (this.caCerts != null && this.caCerts.countComponents() > 0) {
                sequence.addComponent(this.caCerts);
            }
            return sequence;
        } catch (Exception e) {
            throw new CodingException(e.getMessage());
        }
    }

    public void addCACert(X509Certificate x509Certificate, String str, String str2) throws CertificateException {
        addCertificate(new CMPCertificate(new iaik.x509.X509Certificate(x509Certificate.getEncoded())), str, str2);
    }

    public void addCertificate(CMPCertificate cMPCertificate, String str, String str2) {
        if (str == null || !(str.equals(CER_SIG) || str.equals(MES_SIG) || str.equals("DH"))) {
            throw new IllegalArgumentException("parameter type=" + str + " not allowed");
        }
        SEQUENCE sequence = new SEQUENCE();
        try {
            sequence.addComponent(cMPCertificate.toASN1Object());
            sequence.addComponent(new PrintableString(str));
            sequence.addComponent(new PrintableString(str2));
            this.caCerts.addComponent(sequence);
        } catch (CodingException e) {
            throw new IllegalArgumentException("certificate can't be parsed");
        }
    }

    @Override // iaik.asn1.ASN1Type
    public void decode(ASN1Object aSN1Object) throws CodingException {
        try {
            if (aSN1Object == null) {
                throw new CodingException("Cannot parse IAKMessage from a null object!");
            }
            ASN1Object componentAt = aSN1Object.getComponentAt(0);
            if (!componentAt.isA(ASN.SEQUENCE)) {
                throw new CodingException("IAKData should be SEQUENCE!");
            }
            this.algorithmID = new AlgorithmID(componentAt.getComponentAt(0));
            this.name = new Name(componentAt.getComponentAt(1));
            this.refValue = (OCTET_STRING) componentAt.getComponentAt(2);
            this.irInfo = (PrintableString) componentAt.getComponentAt(3);
            if (componentAt.countComponents() > 4) {
                this.caCerts = (SEQUENCE) componentAt.getComponentAt(4);
            }
            if (aSN1Object.countComponents() == 2) {
                this.protection = (OCTET_STRING) aSN1Object.getComponentAt(1);
            }
        } catch (CodingException e) {
            throw e;
        } catch (Exception e2) {
            throw new CodingException(e2.getMessage());
        }
    }

    public void decode(InputStream inputStream) throws IOException, CodingException {
        if (inputStream == null) {
            throw new IOException("Cannot parse IAKMessage from a null input stream!");
        }
        decode(new ASN1(inputStream).toASN1Object());
    }

    public AlgorithmID getAlgorithmID() {
        return this.algorithmID;
    }

    public SEQUENCE getCaCerts() {
        if (this.caCerts == null || this.caCerts.countComponents() == 0) {
            return null;
        }
        return this.caCerts;
    }

    public Object[][] getCaPubsArray() {
        if (this.caCerts == null || this.caCerts.countComponents() == 0) {
            return (Object[][]) null;
        }
        Object[][] objArr = (Object[][]) Array.newInstance((Class<?>) Object.class, this.caCerts.countComponents(), 3);
        for (int i = 0; i < this.caCerts.countComponents(); i++) {
            SEQUENCE sequence = (SEQUENCE) this.caCerts.getComponentAt(i);
            objArr[i] = new Object[3];
            try {
                objArr[i][0] = new CMPCertificate(sequence.getComponentAt(0));
                objArr[i][1] = ((PrintableString) sequence.getComponentAt(1)).getValue();
                objArr[i][2] = ((PrintableString) sequence.getComponentAt(2)).getValue();
            } catch (CodingException e) {
                throw new IllegalArgumentException("certificate can't be parsed");
            }
        }
        return objArr;
    }

    public byte[] getEncoded() throws CodingException {
        return DerCoder.encode(toASN1Object());
    }

    public byte[] getIAKData() throws CodingException {
        return DerCoder.encode(getANSObjectOfIAKData());
    }

    public String getIrInfo() {
        return (String) this.irInfo.getValue();
    }

    public Name getName() {
        return this.name;
    }

    public PBMParameter getPBMParameter() throws CodingException {
        return new PBMParameter(this.algorithmID.getParameter());
    }

    public byte[] getProtection() {
        if (this.protection == null) {
            return null;
        }
        try {
            return this.protection.getWholeValue();
        } catch (IOException e) {
            throw new RuntimeException(e.toString());
        }
    }

    public String getRefValue() {
        try {
            return new String((byte[]) this.refValue.getValue(), "UTF-16");
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e.toString());
        }
    }

    public void protect(byte[] bArr) throws CodingException {
        this.protection = generateProtection(bArr);
    }

    public void setAlgorithmID(AlgorithmID algorithmID) {
        this.algorithmID = algorithmID;
    }

    public void setCaCerts(SEQUENCE sequence) {
        if (sequence == null) {
            throw new NullPointerException();
        }
        if (sequence.countComponents() == 0) {
            throw new IllegalArgumentException("aCaCerts shouldn't be empty");
        }
        this.caCerts = sequence;
    }

    public void setDefaultPasswordBaseMac(int i) throws CodingException {
        this.algorithmID = buildDefaultPBMac(i);
    }

    public void setIrInfo(String str) {
        if (str == null) {
            throw new NullPointerException();
        }
        if (!str.equals(NO_IR) && !str.equals(IR_IN_RA) && !str.equals(IR_CONFIRMED) && !str.equals(IR_GET_RESPONSE) && !str.equals(IR_WAIT)) {
            throw new IllegalArgumentException("Value=" + str + " not allowed for irInfo!");
        }
        this.irInfo = new PrintableString(str);
    }

    public void setName(Name name) {
        if (name == null) {
            throw new NullPointerException();
        }
        this.name = name;
    }

    public void setProtection(byte[] bArr) {
        this.protection = new OCTET_STRING(bArr);
    }

    public void setRefValue(String str) {
        if (str == null) {
            throw new NullPointerException();
        }
        try {
            this.refValue = new OCTET_STRING(str.getBytes("UTF-16"));
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e.toString());
        }
    }

    @Override // iaik.asn1.ASN1Type
    public ASN1Object toASN1Object() throws CodingException {
        try {
            SEQUENCE sequence = new SEQUENCE();
            sequence.addComponent(getANSObjectOfIAKData());
            if (this.protection != null) {
                sequence.addComponent(this.protection);
            }
            return sequence;
        } catch (CodingException e) {
            throw e;
        } catch (Exception e2) {
            throw new CodingException(e2.toString());
        }
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        if (this.algorithmID != null) {
            stringBuffer.append("\nalgorithmID:" + this.algorithmID.toString());
        } else {
            stringBuffer.append("\nalgorithmID is null");
        }
        if (this.name != null) {
            stringBuffer.append("\nname:" + this.name.toString());
        } else {
            stringBuffer.append("\nname is null");
        }
        if (this.refValue != null) {
            stringBuffer.append("\nrefValue:" + this.refValue.toString());
        } else {
            stringBuffer.append("\nrefValue is null");
        }
        if (this.irInfo != null) {
            stringBuffer.append("\nirInfo:" + this.irInfo.toString());
        } else {
            stringBuffer.append("\nirInfo is null");
        }
        if (this.caCerts == null || this.caCerts.countComponents() <= 0) {
            stringBuffer.append("\nCACerts not set");
        } else {
            Object[][] caPubsArray = getCaPubsArray();
            for (int i = 0; i < caPubsArray.length; i++) {
                stringBuffer.append("\nCACert " + i + ":");
                stringBuffer.append("\ncertificate:\n" + ((CMPCertificate) caPubsArray[i][0]).toString());
                stringBuffer.append("\ntype:" + caPubsArray[i][1]);
                stringBuffer.append("\npolicyOID:" + caPubsArray[i][2]);
            }
        }
        if (this.protection != null) {
            stringBuffer.append("\nprotection:" + this.protection.toString());
        } else {
            stringBuffer.append("\nprotection not set");
        }
        return stringBuffer.toString();
    }

    public boolean verify(byte[] bArr) throws CodingException {
        return this.protection.equals(generateProtection(bArr));
    }

    public void writeTo(OutputStream outputStream) throws IOException, CodingException {
        outputStream.write(getEncoded());
    }
}
