package org.spongycastle.jcajce.provider.keystore.pkcs12;

import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Map;
import java.util.Set;
import java.util.Vector;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import org.spongycastle.a.al;
import org.spongycastle.a.au;
import org.spongycastle.a.bd;
import org.spongycastle.a.bh;
import org.spongycastle.a.bj;
import org.spongycastle.a.bl;
import org.spongycastle.a.e.c;
import org.spongycastle.a.f;
import org.spongycastle.a.g;
import org.spongycastle.a.o;
import org.spongycastle.a.r.h;
import org.spongycastle.a.r.i;
import org.spongycastle.a.r.l;
import org.spongycastle.a.r.n;
import org.spongycastle.a.r.q;
import org.spongycastle.a.r.r;
import org.spongycastle.a.r.s;
import org.spongycastle.a.r.y;
import org.spongycastle.a.v;
import org.spongycastle.a.w;
import org.spongycastle.a.y.ai;
import org.spongycastle.a.y.aj;
import org.spongycastle.a.y.b;
import org.spongycastle.a.y.bf;
import org.spongycastle.a.y.u;
import org.spongycastle.e.a;
import org.spongycastle.e.k;
import org.spongycastle.e.p;
import org.spongycastle.jcajce.PKCS12Key;
import org.spongycastle.jcajce.PKCS12StoreParameter;
import org.spongycastle.jcajce.spec.GOST28147ParameterSpec;
import org.spongycastle.jcajce.spec.PBKDF2KeySpec;
import org.spongycastle.jcajce.util.BCJcaJceHelper;
import org.spongycastle.jcajce.util.JcaJceHelper;
import org.spongycastle.jce.interfaces.BCKeyStore;
import org.spongycastle.jce.interfaces.PKCS12BagAttributeCarrier;
import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.spongycastle.jce.provider.JDKPKCS12StoreParameter;

/* loaded from: classes.dex */
public class PKCS12KeyStoreSpi extends KeyStoreSpi implements q, bf, BCKeyStore {
    static final int CERTIFICATE = 1;
    static final int KEY = 2;
    static final int KEY_PRIVATE = 0;
    static final int KEY_PUBLIC = 1;
    static final int KEY_SECRET = 2;
    private static final int MIN_ITERATIONS = 1024;
    static final int NULL = 0;
    static final String PKCS12_MAX_IT_COUNT_PROPERTY = "org.spongycastle.pkcs12.max_it_count";
    private static final int SALT_SIZE = 20;
    static final int SEALED = 4;
    static final int SECRET = 3;
    private static final DefaultSecretKeyProvider keySizeProvider = new DefaultSecretKeyProvider();
    private o certAlgorithm;
    private CertificateFactory certFact;
    private IgnoresCaseHashtable certs;
    private o keyAlgorithm;
    private IgnoresCaseHashtable keys;
    private final JcaJceHelper helper = new BCJcaJceHelper();
    private Hashtable localIds = new Hashtable();
    private Hashtable chainCerts = new Hashtable();
    private Hashtable keyCerts = new Hashtable();
    protected SecureRandom random = new SecureRandom();
    private b macAlgorithm = new b(org.spongycastle.a.q.b.i, bd.f3698a);
    private int itCount = 1024;
    private int saltLength = 20;

    /* loaded from: classes.dex */
    public class BCPKCS12KeyStore extends PKCS12KeyStoreSpi {
        public BCPKCS12KeyStore() {
            super(new BouncyCastleProvider(), bF, bI);
        }
    }

    /* loaded from: classes.dex */
    public class BCPKCS12KeyStore3DES extends PKCS12KeyStoreSpi {
        public BCPKCS12KeyStore3DES() {
            super(new BouncyCastleProvider(), bF, bF);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public class CertId {
        byte[] id;

        CertId(PublicKey publicKey) {
            this.id = PKCS12KeyStoreSpi.this.createSubjectKeyId(publicKey).a();
        }

        CertId(byte[] bArr) {
            this.id = bArr;
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (obj instanceof CertId) {
                return a.a(this.id, ((CertId) obj).id);
            }
            return false;
        }

        public int hashCode() {
            return a.a(this.id);
        }
    }

    /* loaded from: classes.dex */
    public class DefPKCS12KeyStore extends PKCS12KeyStoreSpi {
        public DefPKCS12KeyStore() {
            super(null, bF, bI);
        }
    }

    /* loaded from: classes.dex */
    public class DefPKCS12KeyStore3DES extends PKCS12KeyStoreSpi {
        public DefPKCS12KeyStore3DES() {
            super(null, bF, bF);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public class DefaultSecretKeyProvider {
        private final Map KEY_SIZES;

        DefaultSecretKeyProvider() {
            HashMap hashMap = new HashMap();
            hashMap.put(new o("1.2.840.113533.7.66.10"), 128);
            hashMap.put(q.D, 192);
            hashMap.put(org.spongycastle.a.n.b.u, 128);
            hashMap.put(org.spongycastle.a.n.b.C, 192);
            hashMap.put(org.spongycastle.a.n.b.K, 256);
            hashMap.put(org.spongycastle.a.p.a.f3786a, 128);
            hashMap.put(org.spongycastle.a.p.a.f3787b, 192);
            hashMap.put(org.spongycastle.a.p.a.c, 256);
            hashMap.put(org.spongycastle.a.e.a.f, 256);
            this.KEY_SIZES = Collections.unmodifiableMap(hashMap);
        }

        public int getKeySize(b bVar) {
            Integer num = (Integer) this.KEY_SIZES.get(bVar.a());
            if (num != null) {
                return num.intValue();
            }
            return -1;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public class IgnoresCaseHashtable {
        private Hashtable keys;
        private Hashtable orig;

        private IgnoresCaseHashtable() {
            this.orig = new Hashtable();
            this.keys = new Hashtable();
        }

        public Enumeration elements() {
            return this.orig.elements();
        }

        public Object get(String str) {
            String str2 = (String) this.keys.get(str == null ? null : p.c(str));
            if (str2 == null) {
                return null;
            }
            return this.orig.get(str2);
        }

        public Enumeration keys() {
            return this.orig.keys();
        }

        public void put(String str, Object obj) {
            String c = str == null ? null : p.c(str);
            String str2 = (String) this.keys.get(c);
            if (str2 != null) {
                this.orig.remove(str2);
            }
            this.keys.put(c, str);
            this.orig.put(str, obj);
        }

        public Object remove(String str) {
            String str2 = (String) this.keys.remove(str == null ? null : p.c(str));
            if (str2 == null) {
                return null;
            }
            return this.orig.remove(str2);
        }
    }

    public PKCS12KeyStoreSpi(Provider provider, o oVar, o oVar2) {
        this.keys = new IgnoresCaseHashtable();
        this.certs = new IgnoresCaseHashtable();
        this.keyAlgorithm = oVar;
        this.certAlgorithm = oVar2;
        try {
            if (provider != null) {
                this.certFact = CertificateFactory.getInstance("X.509", provider);
            } else {
                this.certFact = CertificateFactory.getInstance("X.509");
            }
        } catch (Exception e) {
            throw new IllegalArgumentException("can't create cert factory - " + e.toString());
        }
    }

    private byte[] calculatePbeMac(o oVar, byte[] bArr, int i, char[] cArr, boolean z, byte[] bArr2) {
        PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(bArr, i);
        Mac createMac = this.helper.createMac(oVar.b());
        createMac.init(new PKCS12Key(cArr, z), pBEParameterSpec);
        createMac.update(bArr2);
        return createMac.doFinal();
    }

    private Cipher createCipher(int i, char[] cArr, b bVar) {
        n a2 = n.a(bVar.b());
        org.spongycastle.a.r.o a3 = org.spongycastle.a.r.o.a(a2.a().b());
        b a4 = b.a(a2.b());
        SecretKeyFactory createSecretKeyFactory = this.helper.createSecretKeyFactory(a2.a().a().b());
        SecretKey generateSecret = a3.d() ? createSecretKeyFactory.generateSecret(new PBEKeySpec(cArr, a3.a(), validateIterationCount(a3.b()), keySizeProvider.getKeySize(a4))) : createSecretKeyFactory.generateSecret(new PBKDF2KeySpec(cArr, a3.a(), validateIterationCount(a3.b()), keySizeProvider.getKeySize(a4), a3.e()));
        Cipher cipher = Cipher.getInstance(a2.b().a().b());
        f b2 = a2.b().b();
        if (b2 instanceof org.spongycastle.a.q) {
            cipher.init(i, generateSecret, new IvParameterSpec(org.spongycastle.a.q.a(b2).c()));
        } else {
            c a5 = c.a(b2);
            cipher.init(i, generateSecret, new GOST28147ParameterSpec(a5.a(), a5.b()));
        }
        return cipher;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public ai createSubjectKeyId(PublicKey publicKey) {
        try {
            return new ai(getDigest(aj.a(publicKey.getEncoded())));
        } catch (Exception e) {
            throw new RuntimeException("error creating key");
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void doStore(OutputStream outputStream, char[] cArr, boolean z) {
        boolean z2;
        boolean z3;
        if (cArr == null) {
            throw new NullPointerException("No password supplied for PKCS#12 KeyStore.");
        }
        g gVar = new g();
        Enumeration keys = this.keys.keys();
        while (keys.hasMoreElements()) {
            byte[] bArr = new byte[20];
            this.random.nextBytes(bArr);
            String str = (String) keys.nextElement();
            PrivateKey privateKey = (PrivateKey) this.keys.get(str);
            org.spongycastle.a.r.p pVar = new org.spongycastle.a.r.p(bArr, 1024);
            i iVar = new i(new b(this.keyAlgorithm, pVar.toASN1Primitive()), wrapKey(this.keyAlgorithm.b(), privateKey, pVar, cArr));
            g gVar2 = new g();
            if (privateKey instanceof PKCS12BagAttributeCarrier) {
                PKCS12BagAttributeCarrier pKCS12BagAttributeCarrier = (PKCS12BagAttributeCarrier) privateKey;
                au auVar = (au) pKCS12BagAttributeCarrier.getBagAttribute(ak);
                if (auVar == null || !auVar.b().equals(str)) {
                    pKCS12BagAttributeCarrier.setBagAttribute(ak, new au(str));
                }
                if (pKCS12BagAttributeCarrier.getBagAttribute(al) == null) {
                    pKCS12BagAttributeCarrier.setBagAttribute(al, createSubjectKeyId(engineGetCertificate(str).getPublicKey()));
                }
                Enumeration bagAttributeKeys = pKCS12BagAttributeCarrier.getBagAttributeKeys();
                z3 = false;
                while (bagAttributeKeys.hasMoreElements()) {
                    o oVar = (o) bagAttributeKeys.nextElement();
                    g gVar3 = new g();
                    gVar3.a(oVar);
                    gVar3.a(new bl(pKCS12BagAttributeCarrier.getBagAttribute(oVar)));
                    z3 = true;
                    gVar2.a(new bj(gVar3));
                }
            } else {
                z3 = false;
            }
            if (!z3) {
                g gVar4 = new g();
                Certificate engineGetCertificate = engineGetCertificate(str);
                gVar4.a(al);
                gVar4.a(new bl(createSubjectKeyId(engineGetCertificate.getPublicKey())));
                gVar2.a(new bj(gVar4));
                g gVar5 = new g();
                gVar5.a(ak);
                gVar5.a(new bl(new au(str)));
                gVar2.a(new bj(gVar5));
            }
            gVar.a(new y(bx, iVar.toASN1Primitive(), new bl(gVar2)));
        }
        org.spongycastle.a.ai aiVar = new org.spongycastle.a.ai(new bj(gVar).getEncoded("DER"));
        byte[] bArr2 = new byte[20];
        this.random.nextBytes(bArr2);
        g gVar6 = new g();
        b bVar = new b(this.certAlgorithm, new org.spongycastle.a.r.p(bArr2, 1024).toASN1Primitive());
        Hashtable hashtable = new Hashtable();
        Enumeration keys2 = this.keys.keys();
        while (keys2.hasMoreElements()) {
            try {
                String str2 = (String) keys2.nextElement();
                Certificate engineGetCertificate2 = engineGetCertificate(str2);
                org.spongycastle.a.r.c cVar = new org.spongycastle.a.r.c(ao, new org.spongycastle.a.bf(engineGetCertificate2.getEncoded()));
                g gVar7 = new g();
                if (engineGetCertificate2 instanceof PKCS12BagAttributeCarrier) {
                    PKCS12BagAttributeCarrier pKCS12BagAttributeCarrier2 = (PKCS12BagAttributeCarrier) engineGetCertificate2;
                    au auVar2 = (au) pKCS12BagAttributeCarrier2.getBagAttribute(ak);
                    if (auVar2 == null || !auVar2.b().equals(str2)) {
                        pKCS12BagAttributeCarrier2.setBagAttribute(ak, new au(str2));
                    }
                    if (pKCS12BagAttributeCarrier2.getBagAttribute(al) == null) {
                        pKCS12BagAttributeCarrier2.setBagAttribute(al, createSubjectKeyId(engineGetCertificate2.getPublicKey()));
                    }
                    Enumeration bagAttributeKeys2 = pKCS12BagAttributeCarrier2.getBagAttributeKeys();
                    z2 = false;
                    while (bagAttributeKeys2.hasMoreElements()) {
                        o oVar2 = (o) bagAttributeKeys2.nextElement();
                        g gVar8 = new g();
                        gVar8.a(oVar2);
                        gVar8.a(new bl(pKCS12BagAttributeCarrier2.getBagAttribute(oVar2)));
                        gVar7.a(new bj(gVar8));
                        z2 = true;
                    }
                } else {
                    z2 = false;
                }
                if (!z2) {
                    g gVar9 = new g();
                    gVar9.a(al);
                    gVar9.a(new bl(createSubjectKeyId(engineGetCertificate2.getPublicKey())));
                    gVar7.a(new bj(gVar9));
                    g gVar10 = new g();
                    gVar10.a(ak);
                    gVar10.a(new bl(new au(str2)));
                    gVar7.a(new bj(gVar10));
                }
                gVar6.a(new y(by, cVar.toASN1Primitive(), new bl(gVar7)));
                hashtable.put(engineGetCertificate2, engineGetCertificate2);
            } catch (CertificateEncodingException e) {
                throw new IOException("Error encoding certificate: " + e.toString());
            }
        }
        Enumeration keys3 = this.certs.keys();
        while (keys3.hasMoreElements()) {
            try {
                String str3 = (String) keys3.nextElement();
                Certificate certificate = (Certificate) this.certs.get(str3);
                boolean z4 = false;
                if (this.keys.get(str3) == null) {
                    org.spongycastle.a.r.c cVar2 = new org.spongycastle.a.r.c(ao, new org.spongycastle.a.bf(certificate.getEncoded()));
                    g gVar11 = new g();
                    if (certificate instanceof PKCS12BagAttributeCarrier) {
                        PKCS12BagAttributeCarrier pKCS12BagAttributeCarrier3 = (PKCS12BagAttributeCarrier) certificate;
                        au auVar3 = (au) pKCS12BagAttributeCarrier3.getBagAttribute(ak);
                        if (auVar3 == null || !auVar3.b().equals(str3)) {
                            pKCS12BagAttributeCarrier3.setBagAttribute(ak, new au(str3));
                        }
                        Enumeration bagAttributeKeys3 = pKCS12BagAttributeCarrier3.getBagAttributeKeys();
                        while (bagAttributeKeys3.hasMoreElements()) {
                            o oVar3 = (o) bagAttributeKeys3.nextElement();
                            if (!oVar3.equals(q.al)) {
                                g gVar12 = new g();
                                gVar12.a(oVar3);
                                gVar12.a(new bl(pKCS12BagAttributeCarrier3.getBagAttribute(oVar3)));
                                gVar11.a(new bj(gVar12));
                                z4 = true;
                            }
                        }
                    }
                    if (!z4) {
                        g gVar13 = new g();
                        gVar13.a(ak);
                        gVar13.a(new bl(new au(str3)));
                        gVar11.a(new bj(gVar13));
                    }
                    gVar6.a(new y(by, cVar2.toASN1Primitive(), new bl(gVar11)));
                    hashtable.put(certificate, certificate);
                }
            } catch (CertificateEncodingException e2) {
                throw new IOException("Error encoding certificate: " + e2.toString());
            }
        }
        Set usedCertificateSet = getUsedCertificateSet();
        Enumeration keys4 = this.chainCerts.keys();
        while (keys4.hasMoreElements()) {
            try {
                Certificate certificate2 = (Certificate) this.chainCerts.get((CertId) keys4.nextElement());
                if (usedCertificateSet.contains(certificate2) && hashtable.get(certificate2) == null) {
                    org.spongycastle.a.r.c cVar3 = new org.spongycastle.a.r.c(ao, new org.spongycastle.a.bf(certificate2.getEncoded()));
                    g gVar14 = new g();
                    if (certificate2 instanceof PKCS12BagAttributeCarrier) {
                        PKCS12BagAttributeCarrier pKCS12BagAttributeCarrier4 = (PKCS12BagAttributeCarrier) certificate2;
                        Enumeration bagAttributeKeys4 = pKCS12BagAttributeCarrier4.getBagAttributeKeys();
                        while (bagAttributeKeys4.hasMoreElements()) {
                            o oVar4 = (o) bagAttributeKeys4.nextElement();
                            if (!oVar4.equals(q.al)) {
                                g gVar15 = new g();
                                gVar15.a(oVar4);
                                gVar15.a(new bl(pKCS12BagAttributeCarrier4.getBagAttribute(oVar4)));
                                gVar14.a(new bj(gVar15));
                            }
                        }
                    }
                    gVar6.a(new y(by, cVar3.toASN1Primitive(), new bl(gVar14)));
                }
            } catch (CertificateEncodingException e3) {
                throw new IOException("Error encoding certificate: " + e3.toString());
            }
        }
        org.spongycastle.a.r.b bVar2 = new org.spongycastle.a.r.b(new org.spongycastle.a.r.f[]{new org.spongycastle.a.r.f(Q, aiVar), new org.spongycastle.a.r.f(V, new h(Q, bVar, new org.spongycastle.a.ai(cryptData(true, bVar, cArr, false, new bj(gVar6).getEncoded("DER")))).toASN1Primitive())});
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        (z ? new bh(byteArrayOutputStream) : new al(byteArrayOutputStream)).a(bVar2);
        org.spongycastle.a.r.f fVar = new org.spongycastle.a.r.f(Q, new org.spongycastle.a.ai(byteArrayOutputStream.toByteArray()));
        byte[] bArr3 = new byte[this.saltLength];
        this.random.nextBytes(bArr3);
        try {
            (z ? new bh(outputStream) : new al(outputStream)).a(new r(fVar, new l(new org.spongycastle.a.y.r(this.macAlgorithm, calculatePbeMac(this.macAlgorithm.a(), bArr3, this.itCount, cArr, false, ((org.spongycastle.a.q) fVar.b()).c())), bArr3, this.itCount)));
        } catch (Exception e4) {
            throw new IOException("error constructing MAC: " + e4.toString());
        }
    }

    private static byte[] getDigest(aj ajVar) {
        org.spongycastle.b.b.r rVar = new org.spongycastle.b.b.r();
        byte[] bArr = new byte[rVar.getDigestSize()];
        byte[] f = ajVar.d().f();
        rVar.update(f, 0, f.length);
        rVar.doFinal(bArr, 0);
        return bArr;
    }

    private Set getUsedCertificateSet() {
        HashSet hashSet = new HashSet();
        Enumeration keys = this.keys.keys();
        while (keys.hasMoreElements()) {
            Certificate[] engineGetCertificateChain = engineGetCertificateChain((String) keys.nextElement());
            for (int i = 0; i != engineGetCertificateChain.length; i++) {
                hashSet.add(engineGetCertificateChain[i]);
            }
        }
        Enumeration keys2 = this.certs.keys();
        while (keys2.hasMoreElements()) {
            hashSet.add(engineGetCertificate((String) keys2.nextElement()));
        }
        return hashSet;
    }

    private int validateIterationCount(BigInteger bigInteger) {
        int intValue = bigInteger.intValue();
        if (intValue < 0) {
            throw new IllegalStateException("negative iteration count found");
        }
        BigInteger b2 = k.b(PKCS12_MAX_IT_COUNT_PROPERTY);
        if (b2 == null || b2.intValue() >= intValue) {
            return intValue;
        }
        throw new IllegalStateException("iteration count " + intValue + " greater than " + b2.intValue());
    }

    protected byte[] cryptData(boolean z, b bVar, char[] cArr, boolean z2, byte[] bArr) {
        o a2 = bVar.a();
        int i = z ? 1 : 2;
        if (!a2.a(q.bC)) {
            if (!a2.equals(q.A)) {
                throw new IOException("unknown PBE algorithm: " + a2);
            }
            try {
                return createCipher(i, cArr, bVar).doFinal(bArr);
            } catch (Exception e) {
                throw new IOException("exception decrypting data - " + e.toString());
            }
        }
        org.spongycastle.a.r.p a3 = org.spongycastle.a.r.p.a(bVar.b());
        try {
            PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(a3.b(), a3.a().intValue());
            PKCS12Key pKCS12Key = new PKCS12Key(cArr, z2);
            Cipher createCipher = this.helper.createCipher(a2.b());
            createCipher.init(i, pKCS12Key, pBEParameterSpec);
            return createCipher.doFinal(bArr);
        } catch (Exception e2) {
            throw new IOException("exception decrypting data - " + e2.toString());
        }
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration engineAliases() {
        Hashtable hashtable = new Hashtable();
        Enumeration keys = this.certs.keys();
        while (keys.hasMoreElements()) {
            hashtable.put(keys.nextElement(), "cert");
        }
        Enumeration keys2 = this.keys.keys();
        while (keys2.hasMoreElements()) {
            String str = (String) keys2.nextElement();
            if (hashtable.get(str) == null) {
                hashtable.put(str, "key");
            }
        }
        return hashtable.keys();
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        return (this.certs.get(str) == null && this.keys.get(str) == null) ? false : true;
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) {
        Key key = (Key) this.keys.remove(str);
        Certificate certificate = (Certificate) this.certs.remove(str);
        if (certificate != null) {
            this.chainCerts.remove(new CertId(certificate.getPublicKey()));
        }
        if (key != null) {
            String str2 = (String) this.localIds.remove(str);
            Certificate certificate2 = str2 != null ? (Certificate) this.keyCerts.remove(str2) : certificate;
            if (certificate2 != null) {
                this.chainCerts.remove(new CertId(certificate2.getPublicKey()));
            }
        }
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        if (str == null) {
            throw new IllegalArgumentException("null alias passed to getCertificate.");
        }
        Certificate certificate = (Certificate) this.certs.get(str);
        if (certificate != null) {
            return certificate;
        }
        String str2 = (String) this.localIds.get(str);
        return str2 != null ? (Certificate) this.keyCerts.get(str2) : (Certificate) this.keyCerts.get(str);
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        Enumeration elements = this.certs.elements();
        Enumeration keys = this.certs.keys();
        while (elements.hasMoreElements()) {
            Certificate certificate2 = (Certificate) elements.nextElement();
            String str = (String) keys.nextElement();
            if (certificate2.equals(certificate)) {
                return str;
            }
        }
        Enumeration elements2 = this.keyCerts.elements();
        Enumeration keys2 = this.keyCerts.keys();
        while (elements2.hasMoreElements()) {
            Certificate certificate3 = (Certificate) elements2.nextElement();
            String str2 = (String) keys2.nextElement();
            if (certificate3.equals(certificate)) {
                return str2;
            }
        }
        return null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r2v13 */
    /* JADX WARN: Type inference failed for: r2v14 */
    /* JADX WARN: Type inference failed for: r2v21, types: [java.security.cert.X509Certificate] */
    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        Certificate engineGetCertificate;
        Certificate certificate;
        ?? r2;
        Certificate[] certificateArr = null;
        if (str == null) {
            throw new IllegalArgumentException("null alias passed to getCertificateChain.");
        }
        if (engineIsKeyEntry(str) && (engineGetCertificate = engineGetCertificate(str)) != null) {
            Vector vector = new Vector();
            while (engineGetCertificate != null) {
                X509Certificate x509Certificate = (X509Certificate) engineGetCertificate;
                byte[] extensionValue = x509Certificate.getExtensionValue(u.s.b());
                if (extensionValue != null) {
                    try {
                        org.spongycastle.a.y.i iVar = org.spongycastle.a.y.i.getInstance(new org.spongycastle.a.k(((org.spongycastle.a.q) new org.spongycastle.a.k(extensionValue).b()).c()).b());
                        certificate = iVar.getKeyIdentifier() != null ? (Certificate) this.chainCerts.get(new CertId(iVar.getKeyIdentifier())) : null;
                    } catch (IOException e) {
                        throw new RuntimeException(e.toString());
                    }
                } else {
                    certificate = null;
                }
                if (certificate == null) {
                    Principal issuerDN = x509Certificate.getIssuerDN();
                    if (!issuerDN.equals(x509Certificate.getSubjectDN())) {
                        Enumeration keys = this.chainCerts.keys();
                        while (keys.hasMoreElements()) {
                            r2 = (X509Certificate) this.chainCerts.get(keys.nextElement());
                            if (r2.getSubjectDN().equals(issuerDN)) {
                                try {
                                    x509Certificate.verify(r2.getPublicKey());
                                    break;
                                } catch (Exception e2) {
                                }
                            }
                        }
                    }
                }
                r2 = certificate;
                if (!vector.contains(engineGetCertificate)) {
                    vector.addElement(engineGetCertificate);
                    if (r2 != engineGetCertificate) {
                        engineGetCertificate = r2;
                    }
                }
                engineGetCertificate = null;
            }
            certificateArr = new Certificate[vector.size()];
            int i = 0;
            while (true) {
                int i2 = i;
                if (i2 == certificateArr.length) {
                    break;
                }
                certificateArr[i2] = (Certificate) vector.elementAt(i2);
                i = i2 + 1;
            }
        }
        return certificateArr;
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        if (str == null) {
            throw new NullPointerException("alias == null");
        }
        if (this.keys.get(str) == null && this.certs.get(str) == null) {
            return null;
        }
        return new Date();
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) {
        if (str == null) {
            throw new IllegalArgumentException("null alias passed to getKey.");
        }
        return (Key) this.keys.get(str);
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        return this.certs.get(str) != null && this.keys.get(str) == null;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        return this.keys.get(str) != null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) {
        boolean z;
        String str;
        org.spongycastle.a.q qVar;
        boolean z2;
        org.spongycastle.a.q qVar2;
        v vVar;
        boolean z3;
        String str2;
        v vVar2;
        boolean z4;
        if (inputStream == null) {
            return;
        }
        if (cArr == null) {
            throw new NullPointerException("No password supplied for PKCS#12 KeyStore.");
        }
        BufferedInputStream bufferedInputStream = new BufferedInputStream(inputStream);
        bufferedInputStream.mark(10);
        if (bufferedInputStream.read() != 48) {
            throw new IOException("stream does not represent a PKCS12 key store");
        }
        bufferedInputStream.reset();
        r a2 = r.a((w) new org.spongycastle.a.k(bufferedInputStream).b());
        org.spongycastle.a.r.f a3 = a2.a();
        Vector vector = new Vector();
        boolean z5 = false;
        if (a2.b() != null) {
            l b2 = a2.b();
            org.spongycastle.a.y.r a4 = b2.a();
            this.macAlgorithm = a4.a();
            byte[] b3 = b2.b();
            this.itCount = validateIterationCount(b2.c());
            this.saltLength = b3.length;
            byte[] c = ((org.spongycastle.a.q) a3.b()).c();
            try {
                byte[] calculatePbeMac = calculatePbeMac(this.macAlgorithm.a(), b3, this.itCount, cArr, false, c);
                byte[] b4 = a4.b();
                if (a.b(calculatePbeMac, b4)) {
                    z4 = false;
                } else {
                    if (cArr.length > 0) {
                        throw new IOException("PKCS12 key store mac invalid - wrong password or corrupted file.");
                    }
                    if (!a.b(calculatePbeMac(this.macAlgorithm.a(), b3, this.itCount, cArr, true, c), b4)) {
                        throw new IOException("PKCS12 key store mac invalid - wrong password or corrupted file.");
                    }
                    z4 = true;
                }
                z = z4;
            } catch (IOException e) {
                throw e;
            } catch (Exception e2) {
                throw new IOException("error constructing MAC: " + e2.toString());
            }
        } else {
            z = false;
        }
        this.keys = new IgnoresCaseHashtable();
        this.localIds = new Hashtable();
        if (a3.a().equals(Q)) {
            org.spongycastle.a.r.f[] a5 = org.spongycastle.a.r.b.a(new org.spongycastle.a.k(((org.spongycastle.a.q) a3.b()).c()).b()).a();
            int i = 0;
            while (i != a5.length) {
                if (a5[i].a().equals(Q)) {
                    w wVar = (w) new org.spongycastle.a.k(((org.spongycastle.a.q) a5[i].b()).c()).b();
                    z2 = z5;
                    int i2 = 0;
                    while (i2 != wVar.d()) {
                        y a6 = y.a(wVar.a(i2));
                        if (a6.a().equals(bx)) {
                            i a7 = i.a(a6.b());
                            PrivateKey unwrapKey = unwrapKey(a7.a(), a7.b(), cArr, z);
                            PKCS12BagAttributeCarrier pKCS12BagAttributeCarrier = (PKCS12BagAttributeCarrier) unwrapKey;
                            org.spongycastle.a.q qVar3 = null;
                            if (a6.c() != null) {
                                Enumeration b5 = a6.c().b();
                                str2 = null;
                                while (b5.hasMoreElements()) {
                                    w wVar2 = (w) b5.nextElement();
                                    o oVar = (o) wVar2.a(0);
                                    org.spongycastle.a.y yVar = (org.spongycastle.a.y) wVar2.a(1);
                                    if (yVar.c() > 0) {
                                        vVar2 = (v) yVar.a(0);
                                        f bagAttribute = pKCS12BagAttributeCarrier.getBagAttribute(oVar);
                                        if (bagAttribute == null) {
                                            pKCS12BagAttributeCarrier.setBagAttribute(oVar, vVar2);
                                        } else if (!bagAttribute.toASN1Primitive().equals(vVar2)) {
                                            throw new IOException("attempt to add existing attribute with different value");
                                        }
                                    } else {
                                        vVar2 = null;
                                    }
                                    if (oVar.equals(ak)) {
                                        String b6 = ((au) vVar2).b();
                                        this.keys.put(b6, unwrapKey);
                                        str2 = b6;
                                    } else {
                                        qVar3 = oVar.equals(al) ? (org.spongycastle.a.q) vVar2 : qVar3;
                                    }
                                }
                            } else {
                                str2 = null;
                            }
                            if (qVar3 != null) {
                                String str3 = new String(org.spongycastle.e.a.f.b(qVar3.c()));
                                if (str2 == null) {
                                    this.keys.put(str3, unwrapKey);
                                    z3 = z2;
                                } else {
                                    this.localIds.put(str2, str3);
                                    z3 = z2;
                                }
                            } else {
                                z3 = true;
                                this.keys.put("unmarked", unwrapKey);
                            }
                        } else if (a6.a().equals(by)) {
                            vector.addElement(a6);
                            z3 = z2;
                        } else {
                            System.out.println("extra in data " + a6.a());
                            System.out.println(org.spongycastle.a.w.a.a(a6));
                            z3 = z2;
                        }
                        i2++;
                        z2 = z3;
                    }
                } else if (a5[i].a().equals(V)) {
                    h a8 = h.a(a5[i].b());
                    w wVar3 = (w) v.b(cryptData(false, a8.a(), cArr, z, a8.b().c()));
                    int i3 = 0;
                    while (true) {
                        int i4 = i3;
                        if (i4 == wVar3.d()) {
                            z2 = z5;
                            break;
                        }
                        y a9 = y.a(wVar3.a(i4));
                        if (a9.a().equals(by)) {
                            vector.addElement(a9);
                        } else if (a9.a().equals(bx)) {
                            i a10 = i.a(a9.b());
                            PrivateKey unwrapKey2 = unwrapKey(a10.a(), a10.b(), cArr, z);
                            PKCS12BagAttributeCarrier pKCS12BagAttributeCarrier2 = (PKCS12BagAttributeCarrier) unwrapKey2;
                            org.spongycastle.a.q qVar4 = null;
                            Enumeration b7 = a9.c().b();
                            String str4 = null;
                            while (b7.hasMoreElements()) {
                                w wVar4 = (w) b7.nextElement();
                                o oVar2 = (o) wVar4.a(0);
                                org.spongycastle.a.y yVar2 = (org.spongycastle.a.y) wVar4.a(1);
                                if (yVar2.c() > 0) {
                                    vVar = (v) yVar2.a(0);
                                    f bagAttribute2 = pKCS12BagAttributeCarrier2.getBagAttribute(oVar2);
                                    if (bagAttribute2 == null) {
                                        pKCS12BagAttributeCarrier2.setBagAttribute(oVar2, vVar);
                                    } else if (!bagAttribute2.toASN1Primitive().equals(vVar)) {
                                        throw new IOException("attempt to add existing attribute with different value");
                                    }
                                } else {
                                    vVar = null;
                                }
                                if (oVar2.equals(ak)) {
                                    String b8 = ((au) vVar).b();
                                    this.keys.put(b8, unwrapKey2);
                                    str4 = b8;
                                } else {
                                    qVar4 = oVar2.equals(al) ? (org.spongycastle.a.q) vVar : qVar4;
                                }
                            }
                            String str5 = new String(org.spongycastle.e.a.f.b(qVar4.c()));
                            if (str4 == null) {
                                this.keys.put(str5, unwrapKey2);
                            } else {
                                this.localIds.put(str4, str5);
                            }
                        } else if (a9.a().equals(bw)) {
                            PrivateKey privateKey = BouncyCastleProvider.getPrivateKey(s.a(a9.b()));
                            PKCS12BagAttributeCarrier pKCS12BagAttributeCarrier3 = (PKCS12BagAttributeCarrier) privateKey;
                            org.spongycastle.a.q qVar5 = null;
                            Enumeration b9 = a9.c().b();
                            String str6 = null;
                            while (b9.hasMoreElements()) {
                                w a11 = w.a(b9.nextElement());
                                o a12 = o.a(a11.a(0));
                                org.spongycastle.a.y a13 = org.spongycastle.a.y.a((Object) a11.a(1));
                                if (a13.c() > 0) {
                                    v vVar3 = (v) a13.a(0);
                                    f bagAttribute3 = pKCS12BagAttributeCarrier3.getBagAttribute(a12);
                                    if (bagAttribute3 == null) {
                                        pKCS12BagAttributeCarrier3.setBagAttribute(a12, vVar3);
                                    } else if (!bagAttribute3.toASN1Primitive().equals(vVar3)) {
                                        throw new IOException("attempt to add existing attribute with different value");
                                    }
                                    if (a12.equals(ak)) {
                                        String b10 = ((au) vVar3).b();
                                        this.keys.put(b10, privateKey);
                                        str6 = b10;
                                    } else if (a12.equals(al)) {
                                        qVar2 = (org.spongycastle.a.q) vVar3;
                                        qVar5 = qVar2;
                                    }
                                }
                                qVar2 = qVar5;
                                qVar5 = qVar2;
                            }
                            String str7 = new String(org.spongycastle.e.a.f.b(qVar5.c()));
                            if (str6 == null) {
                                this.keys.put(str7, privateKey);
                            } else {
                                this.localIds.put(str6, str7);
                            }
                        } else {
                            System.out.println("extra in encryptedData " + a9.a());
                            System.out.println(org.spongycastle.a.w.a.a(a9));
                        }
                        i3 = i4 + 1;
                    }
                } else {
                    System.out.println("extra " + a5[i].a().b());
                    System.out.println("extra " + org.spongycastle.a.w.a.a(a5[i].b()));
                    z2 = z5;
                }
                i++;
                z5 = z2;
            }
        }
        this.certs = new IgnoresCaseHashtable();
        this.chainCerts = new Hashtable();
        this.keyCerts = new Hashtable();
        int i5 = 0;
        while (true) {
            int i6 = i5;
            if (i6 == vector.size()) {
                return;
            }
            y yVar3 = (y) vector.elementAt(i6);
            org.spongycastle.a.r.c a14 = org.spongycastle.a.r.c.a(yVar3.b());
            if (!a14.a().equals(ao)) {
                throw new RuntimeException("Unsupported certificate type: " + a14.a());
            }
            try {
                Certificate generateCertificate = this.certFact.generateCertificate(new ByteArrayInputStream(((org.spongycastle.a.q) a14.b()).c()));
                org.spongycastle.a.q qVar6 = null;
                if (yVar3.c() != null) {
                    Enumeration b11 = yVar3.c().b();
                    str = null;
                    while (b11.hasMoreElements()) {
                        w a15 = w.a(b11.nextElement());
                        o a16 = o.a(a15.a(0));
                        org.spongycastle.a.y a17 = org.spongycastle.a.y.a((Object) a15.a(1));
                        if (a17.c() > 0) {
                            v vVar4 = (v) a17.a(0);
                            if (generateCertificate instanceof PKCS12BagAttributeCarrier) {
                                PKCS12BagAttributeCarrier pKCS12BagAttributeCarrier4 = (PKCS12BagAttributeCarrier) generateCertificate;
                                f bagAttribute4 = pKCS12BagAttributeCarrier4.getBagAttribute(a16);
                                if (bagAttribute4 == null) {
                                    pKCS12BagAttributeCarrier4.setBagAttribute(a16, vVar4);
                                } else if (!bagAttribute4.toASN1Primitive().equals(vVar4)) {
                                    throw new IOException("attempt to add existing attribute with different value");
                                }
                            }
                            if (a16.equals(ak)) {
                                str = ((au) vVar4).b();
                            } else if (a16.equals(al)) {
                                qVar = (org.spongycastle.a.q) vVar4;
                                qVar6 = qVar;
                            }
                        }
                        qVar = qVar6;
                        qVar6 = qVar;
                    }
                } else {
                    str = null;
                }
                this.chainCerts.put(new CertId(generateCertificate.getPublicKey()), generateCertificate);
                if (!z5) {
                    if (qVar6 != null) {
                        this.keyCerts.put(new String(org.spongycastle.e.a.f.b(qVar6.c())), generateCertificate);
                    }
                    if (str != null) {
                        this.certs.put(str, generateCertificate);
                    }
                } else if (this.keyCerts.isEmpty()) {
                    String str8 = new String(org.spongycastle.e.a.f.b(createSubjectKeyId(generateCertificate.getPublicKey()).a()));
                    this.keyCerts.put(str8, generateCertificate);
                    this.keys.put(str8, this.keys.remove("unmarked"));
                }
                i5 = i6 + 1;
            } catch (Exception e3) {
                throw new RuntimeException(e3.toString());
            }
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) {
        if (this.keys.get(str) != null) {
            throw new KeyStoreException("There is a key entry with the name " + str + ".");
        }
        this.certs.put(str, certificate);
        this.chainCerts.put(new CertId(certificate.getPublicKey()), certificate);
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) {
        if (!(key instanceof PrivateKey)) {
            throw new KeyStoreException("PKCS12 does not support non-PrivateKeys");
        }
        if ((key instanceof PrivateKey) && certificateArr == null) {
            throw new KeyStoreException("no certificate chain for private key");
        }
        if (this.keys.get(str) != null) {
            engineDeleteEntry(str);
        }
        this.keys.put(str, key);
        if (certificateArr != null) {
            this.certs.put(str, certificateArr[0]);
            for (int i = 0; i != certificateArr.length; i++) {
                this.chainCerts.put(new CertId(certificateArr[i].getPublicKey()), certificateArr[i]);
            }
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) {
        throw new RuntimeException("operation not supported");
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        Hashtable hashtable = new Hashtable();
        Enumeration keys = this.certs.keys();
        while (keys.hasMoreElements()) {
            hashtable.put(keys.nextElement(), "cert");
        }
        Enumeration keys2 = this.keys.keys();
        while (keys2.hasMoreElements()) {
            String str = (String) keys2.nextElement();
            if (hashtable.get(str) == null) {
                hashtable.put(str, "key");
            }
        }
        return hashtable.size();
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) {
        doStore(outputStream, cArr, false);
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(KeyStore.LoadStoreParameter loadStoreParameter) {
        char[] password;
        if (loadStoreParameter == null) {
            throw new IllegalArgumentException("'param' arg cannot be null");
        }
        if (!(loadStoreParameter instanceof PKCS12StoreParameter) && !(loadStoreParameter instanceof JDKPKCS12StoreParameter)) {
            throw new IllegalArgumentException("No support for 'param' of type " + loadStoreParameter.getClass().getName());
        }
        PKCS12StoreParameter pKCS12StoreParameter = loadStoreParameter instanceof PKCS12StoreParameter ? (PKCS12StoreParameter) loadStoreParameter : new PKCS12StoreParameter(((JDKPKCS12StoreParameter) loadStoreParameter).getOutputStream(), loadStoreParameter.getProtectionParameter(), ((JDKPKCS12StoreParameter) loadStoreParameter).isUseDEREncoding());
        KeyStore.ProtectionParameter protectionParameter = loadStoreParameter.getProtectionParameter();
        if (protectionParameter == null) {
            password = null;
        } else {
            if (!(protectionParameter instanceof KeyStore.PasswordProtection)) {
                throw new IllegalArgumentException("No support for protection parameter of type " + protectionParameter.getClass().getName());
            }
            password = ((KeyStore.PasswordProtection) protectionParameter).getPassword();
        }
        doStore(pKCS12StoreParameter.getOutputStream(), password, pKCS12StoreParameter.isForDEREncoding());
    }

    @Override // org.spongycastle.jce.interfaces.BCKeyStore
    public void setRandom(SecureRandom secureRandom) {
        this.random = secureRandom;
    }

    protected PrivateKey unwrapKey(b bVar, byte[] bArr, char[] cArr, boolean z) {
        o a2 = bVar.a();
        try {
            if (!a2.a(q.bC)) {
                if (a2.equals(q.A)) {
                    return (PrivateKey) createCipher(4, cArr, bVar).unwrap(bArr, "", 2);
                }
                throw new IOException("exception unwrapping private key - cannot recognise: " + a2);
            }
            org.spongycastle.a.r.p a3 = org.spongycastle.a.r.p.a(bVar.b());
            PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(a3.b(), validateIterationCount(a3.a()));
            Cipher createCipher = this.helper.createCipher(a2.b());
            createCipher.init(4, new PKCS12Key(cArr, z), pBEParameterSpec);
            return (PrivateKey) createCipher.unwrap(bArr, "", 2);
        } catch (Exception e) {
            throw new IOException("exception unwrapping private key - " + e.toString());
        }
    }

    protected byte[] wrapKey(String str, Key key, org.spongycastle.a.r.p pVar, char[] cArr) {
        PBEKeySpec pBEKeySpec = new PBEKeySpec(cArr);
        try {
            SecretKeyFactory createSecretKeyFactory = this.helper.createSecretKeyFactory(str);
            PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(pVar.b(), pVar.a().intValue());
            Cipher createCipher = this.helper.createCipher(str);
            createCipher.init(3, createSecretKeyFactory.generateSecret(pBEKeySpec), pBEParameterSpec);
            return createCipher.wrap(key);
        } catch (Exception e) {
            throw new IOException("exception encrypting data - " + e.toString());
        }
    }
}
