Red Hat Application Migration Toolkit
package iaik.pkcs.pkcs12;
import iaik.asn1.ASN;
import iaik.asn1.ASN1Object;
import iaik.asn1.CodingException;
import iaik.asn1.DerCoder;
import iaik.asn1.INTEGER;
import iaik.asn1.OCTET_STRING;
import iaik.asn1.ObjectID;
import iaik.asn1.SEQUENCE;
import iaik.asn1.structures.AlgorithmID;
import iaik.pkcs.PKCSException;
import iaik.pkcs.PKCSParsingException;
import iaik.pkcs.pkcs12.AuthenticatedSafe;
import iaik.pkcs.pkcs12.CertificateBag;
import iaik.pkcs.pkcs12.KeyBag;
import iaik.pkcs.pkcs12.PKCS8ShroudedKeyBag;
import iaik.pkcs.pkcs12.SafeBag;
import iaik.pkcs.pkcs7.ContentInfo;
import iaik.pkcs.pkcs7.Data;
import iaik.pkcs.pkcs7.DigestInfo;
import iaik.security.cipher.PBEKeyBMP;
import iaik.security.pbe.PBEGenParameterSpec;
import iaik.security.spec.PBEKeyAndParameterSpec;
import iaik.utils.CryptoUtils;
import iaik.utils.InternalErrorException;
import iaik.utils.Util;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.AlgorithmParameterGenerator;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidParameterSpecException;
import java.util.Vector;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.PBEParameterSpec;
public class PKCS12 {
// $FF: synthetic field
static Class f;
boolean d;
PKCS8ShroudedKeyBag b;
byte[] g;
ASN1Object c;
SEQUENCE e;
private int a;
protected int mode;
protected AuthenticatedSafe[] authenticated_safes;
public static final int PASSWORD_INTEGRITY_MODE = 2;
public static final int PUBLIC_KEY_INTEGRITY_MODE = 1;
private static final boolean h = false;
private static final boolean i = false;
static Class a(String var0) {
try {
return Class.forName(var0);
} catch (ClassNotFoundException var2) {
throw new NoClassDefFoundError(var2.getMessage());
}
}
public void writeTo(OutputStream var1) throws IOException {
DerCoder.encodeTo(this.c, var1);
}
public boolean verify(char[] var1) throws PKCSException {
try {
DigestInfo var2 = new DigestInfo(this.e.getComponentAt(0));
byte[] var3 = (byte[])this.e.getComponentAt(1).getValue();
int var4 = 1;
if(this.e.countComponents() > 2) {
var4 = ((BigInteger)this.e.getComponentAt(2).getValue()).intValue();
}
PBEKeyAndParameterSpec var5 = new PBEKeyAndParameterSpec(PBEKeyBMP.getEncoded(var1), var3, var4, 20);
KeyGenerator var6 = KeyGenerator.getInstance("PKCS#12-MAC");
var6.init(var5);
SecretKey var7 = var6.generateKey();
Mac var8 = Mac.getInstance("HMAC/SHA");
var8.init(var7);
byte[] var9 = var8.doFinal(this.g);
return CryptoUtils.equalsBlock(var9, var2.getDigest());
} catch (InvalidAlgorithmParameterException var10) {
throw new PKCSException(var10.toString());
} catch (CodingException var11) {
throw new PKCSException(var11.toString());
} catch (InvalidKeyException var12) {
throw new PKCSException(var12.toString());
} catch (NoSuchAlgorithmException var13) {
throw new PKCSException(var13.toString());
}
}
public String toString() {
StringBuffer var1 = new StringBuffer();
var1.append("PKCS#12 object:\n");
var1.append("Version: " + this.a + "\n");
if(this.authenticated_safes == null) {
var1.append("No content.\n");
} else {
for(int var2 = 0; var2 < this.authenticated_safes.length; ++var2) {
var1.append("AuthenticatedSafe: " + var2 + "\n");
var1.append(this.authenticated_safes[var2].toString());
var1.append("\n");
}
}
return var1.toString();
}
public ASN1Object toASN1Object() throws PKCSException {
return this.c;
}
public KeyBag[] getKeyBags() {
Vector var1 = new Vector(2);
for(int var2 = 0; var2 < this.authenticated_safes.length; ++var2) {
SafeBag[] var3 = this.authenticated_safes[var2].getSafeBags();
for(int var4 = 0; var4 < var3.length; ++var4) {
if(var3[var4] instanceof KeyBag) {
var1.addElement(var3[var4]);
}
}
}
KeyBag[] var5 = new KeyBag[var1.size()];
var1.copyInto(var5);
return var5;
}
public KeyBag getKeyBag() {
for(int var1 = 0; var1 < this.authenticated_safes.length; ++var1) {
SafeBag[] var2 = this.authenticated_safes[var1].getSafeBags();
for(int var3 = 0; var3 < var2.length; ++var3) {
if(var2[var3] instanceof KeyBag) {
return (KeyBag)var2[var3];
}
}
}
return null;
}
public CertificateBag[] getCertificateBags() {
Vector var1 = new Vector();
for(int var2 = 0; var2 < this.authenticated_safes.length; ++var2) {
SafeBag[] var3 = this.authenticated_safes[var2].getSafeBags();
for(int var4 = 0; var4 < var3.length; ++var4) {
if(var3[var4] instanceof CertificateBag) {
var1.addElement(var3[var4]);
}
}
}
CertificateBag[] var5 = new CertificateBag[var1.size()];
var1.copyInto(var5);
return var5;
}
public AuthenticatedSafe[] getAuthenticatedSafes() {
return this.authenticated_safes;
}
public void encrypt(char[] var1, AlgorithmID var2, AlgorithmID var3) throws PKCSException {
AlgorithmID var4 = null;
AlgorithmID var5 = null;
if(var2 == null) {
var4 = (AlgorithmID)AlgorithmID.pbeWithSHAAnd40BitRC2_CBC.clone();
} else {
var4 = var2;
}
if(var3 == null) {
var5 = (AlgorithmID)AlgorithmID.pbeWithSHAAnd3_KeyTripleDES_CBC.clone();
} else {
var5 = var3;
}
Object var6 = null;
try {
int var7 = this.d?2000:1;
PBEGenParameterSpec var8 = new PBEGenParameterSpec(8, var7);
AlgorithmParameterGenerator var9 = AlgorithmParameterGenerator.getInstance("PBE");
var9.init(var8);
AlgorithmParameters var10 = var9.generateParameters();
PBEParameterSpec var10000 = (PBEParameterSpec)var10.getParameterSpec(f != null?f:(f = a("javax.crypto.spec.PBEParameterSpec")));
var4.setAlgorithmParameters(var10);
this.b.encrypt(var1, var5, var7);
this.authenticated_safes[0] = new AuthenticatedSafe(1, new SafeBag[]{this.b});
for(int var11 = 0; var11 < this.authenticated_safes.length; ++var11) {
this.authenticated_safes[var11].encrypt(var1, var4);
}
} catch (NoSuchAlgorithmException var13) {
throw new InternalErrorException(var13.toString());
} catch (InvalidParameterSpecException var14) {
throw new InternalErrorException(var14);
} catch (InvalidAlgorithmParameterException var15) {
throw new InternalErrorException(var15);
}
if(this.mode == 2) {
try {
ASN1Object var16 = ASN.createSequenceOf(this.authenticated_safes);
var16.setIndefiniteLength(true);
this.g = DerCoder.encode(var16);
Data var17 = new Data(this.g);
var17.setBlockSize(1024);
ContentInfo var18 = new ContentInfo(var17);
this.a(var1);
this.c = new SEQUENCE();
this.c.addComponent(new INTEGER(this.a));
this.c.addComponent(var18.toASN1Object());
if(this.e != null) {
this.c.addComponent(this.e);
}
this.c.setIndefiniteLength(true);
} catch (CodingException var12) {
throw new RuntimeException(var12.toString());
}
}
}
public void encrypt(char[] var1) throws PKCSException {
this.encrypt(var1, (AlgorithmID)null, (AlgorithmID)null);
}
public void decrypt(char[] var1) throws PKCSException {
try {
for(int var2 = 0; var2 < this.authenticated_safes.length; ++var2) {
this.authenticated_safes[var2].decrypt(var1);
}
} catch (NoSuchAlgorithmException var3) {
throw new PKCSException(var3.toString());
}
}
protected void decode() throws PKCSParsingException {
try {
if(this.c.getComponentAt(0).isA(ASN.CON_SPEC)) {
throw new PKCSParsingException("Key format of Netscape 4.03 and earlier not supportet!");
} else {
this.a = ((BigInteger)this.c.getComponentAt(0).getValue()).intValue();
ContentInfo var1 = new ContentInfo(this.c.getComponentAt(1));
if(this.c.countComponents() == 3) {
this.e = (SEQUENCE)this.c.getComponentAt(2);
}
if(!var1.getContentType().equals(ObjectID.pkcs7_data)) {
if(var1.getContentType().equals(ObjectID.pkcs7_signedData)) {
this.mode = 1;
} else {
throw new PKCSParsingException("PKCS#12: Unknown mode!");
}
} else {
this.mode = 2;
this.g = ((Data)var1.getContent()).getData();
ASN1Object var2 = DerCoder.decode(this.g);
this.authenticated_safes = new AuthenticatedSafe[var2.countComponents()];
for(int var3 = 0; var3 < var2.countComponents(); ++var3) {
this.authenticated_safes[var3] = new AuthenticatedSafe(var2.getComponentAt(var3));
}
}
}
} catch (PKCSException var4) {
throw new PKCSParsingException(var4.toString());
} catch (CodingException var5) {
throw new PKCSParsingException(var5.toString());
} catch (ClassCastException var6) {
throw new PKCSParsingException(var6.toString());
}
}
private void a(char[] var1) throws PKCSException {
try {
int var2 = this.d?2000:1;
PBEGenParameterSpec var3 = new PBEGenParameterSpec(8, var2);
AlgorithmParameterGenerator var4 = AlgorithmParameterGenerator.getInstance("PBE");
var4.init(var3);
AlgorithmParameters var5 = var4.generateParameters();
PBEParameterSpec var6 = (PBEParameterSpec)var5.getParameterSpec(f != null?f:(f = a("javax.crypto.spec.PBEParameterSpec")));
PBEKeyAndParameterSpec var7 = new PBEKeyAndParameterSpec(PBEKeyBMP.getEncoded(var1), var6.getSalt(), var6.getIterationCount(), 20);
KeyGenerator var8 = KeyGenerator.getInstance("PKCS#12-MAC");
var8.init(var7);
SecretKey var9 = var8.generateKey();
Mac var10 = Mac.getInstance("HMAC/SHA");
var10.init(var9);
byte[] var11 = var10.doFinal(this.g);
DigestInfo var12 = new DigestInfo(AlgorithmID.sha, var11);
this.e = new SEQUENCE();
this.e.addComponent(var12.toASN1Object());
this.e.addComponent(new OCTET_STRING(var6.getSalt()));
if(var6.getIterationCount() != 1) {
this.e.addComponent(new INTEGER(var6.getIterationCount()));
}
} catch (InvalidAlgorithmParameterException var13) {
throw new PKCSException(var13.toString());
} catch (InvalidParameterSpecException var14) {
throw new PKCSException(var14.toString());
} catch (InvalidKeyException var15) {
throw new PKCSException(var15.toString());
} catch (NoSuchAlgorithmException var16) {
throw new PKCSException(var16.toString());
}
}
public PKCS12(InputStream var1) throws PKCSParsingException, IOException {
this.a = 3;
try {
this.c = DerCoder.decode(var1);
} catch (CodingException var3) {
throw new PKCSParsingException(var3.getMessage());
}
this.decode();
}
public PKCS12(KeyBag var1, CertificateBag[] var2, boolean var3) throws PKCSException {
this(var1, var2);
this.d = var3;
}
public PKCS12(KeyBag var1, CertificateBag[] var2) throws PKCSException {
this.a = 3;
this.authenticated_safes = new AuthenticatedSafe[2];
this.b = new PKCS8ShroudedKeyBag(var1);
this.authenticated_safes[1] = new AuthenticatedSafe(2, var2);
this.mode = 2;
}
public PKCS12(ASN1Object var1) throws PKCSParsingException {
this.a = 3;
this.c = var1;
this.decode();
}
static {
Util.toString((byte[])null, -1, 1);
}
}