package oracle.security.pki;

import com.phaos.ASN1.ASN1OctetString;
import com.phaos.cert.CertificateRequest;
import com.phaos.cert.PKCS12Bag;
import com.phaos.cert.PKCS12CertBag;
import com.phaos.cert.PKCS12KeyBag;
import com.phaos.cert.PKCS12SecretBag;
import com.phaos.cert.PKCS12ShroudedKeyBag;
import com.phaos.crypto.DSAPrivateKey;
import com.phaos.crypto.PrivateKey;
import com.phaos.crypto.RSAPrivateKey;
import java.io.IOException;
import java.security.Key;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Vector;

/* loaded from: input_file:oracle/security/pki/C06.class */
class C06 extends C05 {
    final PKCS12Bag b;
    Certificate[] c;
    private CertificateRequest d;

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // oracle.security.pki.C05
    public boolean a() {
        return true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // oracle.security.pki.C05
    public Key g() {
        PrivateKey privateKey = null;
        if (this.b instanceof PKCS12KeyBag) {
            privateKey = this.b.getPrivateKey();
        } else if (this.b instanceof PKCS12ShroudedKeyBag) {
            privateKey = this.b.getPrivateKey();
        }
        if (privateKey instanceof RSAPrivateKey) {
            return new OraclePKIRSAPrivateKey((RSAPrivateKey) privateKey, this.d);
        }
        if (!(privateKey instanceof DSAPrivateKey)) {
            return null;
        }
        OraclePKIDebug.c("DSA Keys not supported");
        return null;
    }

    private boolean a(byte[] bArr, byte[] bArr2) {
        if (((bArr == null) || (bArr2 == null)) || bArr.length != bArr2.length) {
            return false;
        }
        for (int i = 0; i < bArr.length; i++) {
            if (bArr[i] != bArr2[i]) {
                return false;
            }
        }
        return true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // oracle.security.pki.C05
    public Certificate e() {
        if (this.c == null) {
            return null;
        }
        return this.c[0];
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // oracle.security.pki.C05
    public String c() {
        Certificate e = e();
        if (!(e instanceof X509Certificate)) {
            return "";
        }
        OraclePKIDebug.c(new StringBuffer().append("Certificate for private key is ").append(e).toString());
        return ((X509Certificate) e).getSubjectDN().getName();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public C06(PKCS12Bag pKCS12Bag, Vector vector, Vector vector2) {
        if (!(pKCS12Bag instanceof PKCS12KeyBag) && !(pKCS12Bag instanceof PKCS12ShroudedKeyBag)) {
            throw new IllegalArgumentException(new StringBuffer().append("Incorrect bag type").append(pKCS12Bag).toString());
        }
        this.b = pKCS12Bag;
        byte[] localKeyID = this.b.getLocalKeyID();
        Vector vector3 = new Vector(vector.size());
        int i = 0;
        while (true) {
            if (i >= vector.size()) {
                break;
            }
            PKCS12CertBag pKCS12CertBag = (PKCS12CertBag) vector.elementAt(i);
            if (a(pKCS12CertBag.getLocalKeyID(), localKeyID)) {
                vector3.addElement(new OraclePKIX509CertImpl(pKCS12CertBag.getCert()));
                vector.removeElementAt(i);
                OraclePKIDebug.c(new StringBuffer().append("Found certificate ").append(pKCS12CertBag.getCert()).toString());
                break;
            }
            i++;
        }
        byte[] h = OracleLocalKeyId.h(OracleLocalKeyId.g(localKeyID), OracleLocalKeyId.b(localKeyID));
        for (int i2 = 0; i2 < vector2.size(); i2++) {
            PKCS12SecretBag pKCS12SecretBag = (PKCS12SecretBag) vector2.elementAt(i2);
            if (a(pKCS12SecretBag.getLocalKeyID(), h)) {
                ASN1OctetString secretValue = pKCS12SecretBag.getSecretValue();
                if (secretValue instanceof ASN1OctetString) {
                    try {
                        this.d = new CertificateRequest(secretValue.getValue());
                        OraclePKIDebug.c(new StringBuffer().append("Found cert req ").append(this.d).toString());
                        break;
                    } catch (IOException e) {
                    }
                } else {
                    continue;
                }
            }
        }
        if (vector3.size() == 0) {
            OraclePKIDebug.c(new StringBuffer().append("No certificate found for key ").append(this.b.getLocalKeyID()).toString());
            this.c = null;
            return;
        }
        X509Certificate x509Certificate = (X509Certificate) vector3.lastElement();
        while (true) {
            if (x509Certificate.getIssuerDN().equals(x509Certificate.getSubjectDN())) {
                break;
            }
            boolean z = false;
            int i3 = 0;
            while (true) {
                if (i3 >= vector.size()) {
                    break;
                }
                PKCS12CertBag pKCS12CertBag2 = (PKCS12CertBag) vector.elementAt(i3);
                if (x509Certificate.getIssuerDN().equals(pKCS12CertBag2.getCert().getSubject())) {
                    z = true;
                    vector3.addElement(new OraclePKIX509CertImpl(pKCS12CertBag2.getCert()));
                    x509Certificate = (X509Certificate) vector3.lastElement();
                    break;
                }
                i3++;
            }
            if (!z) {
                OraclePKIDebug.c(new StringBuffer().append("Cert chain incomplete for key ").append(this.b).toString());
                break;
            }
        }
        OraclePKIDebug.c("Cert chain determined");
        this.c = new Certificate[vector3.size()];
        this.c = (Certificate[]) vector3.toArray(this.c);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // oracle.security.pki.C05
    public Certificate[] f() {
        if (this.c == null) {
            return null;
        }
        return (Certificate[]) this.c.clone();
    }
}
