package org.bouncycastle.jcajce.provider.keystore.bc;

import e.b.a.a.a;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.Key;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.spec.KeySpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.net.bsd.RCommandClient;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.CryptoServicesRegistrar;
import org.bouncycastle.crypto.PBEParametersGenerator;
import org.bouncycastle.crypto.digests.SHA1Digest;
import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator;
import org.bouncycastle.crypto.io.DigestInputStream;
import org.bouncycastle.crypto.io.DigestOutputStream;
import org.bouncycastle.crypto.io.MacInputStream;
import org.bouncycastle.crypto.io.MacOutputStream;
import org.bouncycastle.crypto.macs.HMac;
import org.bouncycastle.jcajce.io.CipherInputStream;
import org.bouncycastle.jcajce.io.CipherOutputStream;
import org.bouncycastle.jcajce.util.BCJcaJceHelper;
import org.bouncycastle.jcajce.util.JcaJceHelper;
import org.bouncycastle.jce.interfaces.BCKeyStore;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.Arrays;
import org.bouncycastle.util.io.Streams;
import org.bouncycastle.util.io.TeeOutputStream;

/* loaded from: classes3.dex */
public class BcKeyStoreSpi extends KeyStoreSpi implements BCKeyStore {
    public int i;
    public Hashtable a = new Hashtable();
    public SecureRandom b = CryptoServicesRegistrar.a();
    public final JcaJceHelper a3 = new BCJcaJceHelper();

    /* loaded from: classes3.dex */
    public static class BouncyCastleStore extends BcKeyStoreSpi {
        public BouncyCastleStore() {
            super(1);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bc.BcKeyStoreSpi, java.security.KeyStoreSpi
        public void engineLoad(InputStream inputStream, char[] cArr) throws IOException {
            this.a.clear();
            if (inputStream == null) {
                return;
            }
            DataInputStream dataInputStream = new DataInputStream(inputStream);
            int readInt = dataInputStream.readInt();
            if (readInt != 2 && readInt != 0 && readInt != 1) {
                throw new IOException("Wrong version of key store.");
            }
            int readInt2 = dataInputStream.readInt();
            byte[] bArr = new byte[readInt2];
            if (readInt2 != 20) {
                throw new IOException("Key store corrupted.");
            }
            dataInputStream.readFully(bArr);
            int readInt3 = dataInputStream.readInt();
            if (readInt3 < 0 || readInt3 > 65536) {
                throw new IOException("Key store corrupted.");
            }
            CipherInputStream cipherInputStream = new CipherInputStream(dataInputStream, f(readInt == 0 ? "OldPBEWithSHAAndTwofish-CBC" : "PBEWithSHAAndTwofish-CBC", 2, cArr, bArr, readInt3));
            SHA1Digest sHA1Digest = new SHA1Digest();
            e(new DigestInputStream(cipherInputStream, sHA1Digest));
            byte[] bArr2 = new byte[20];
            sHA1Digest.c(bArr2, 0);
            byte[] bArr3 = new byte[20];
            Streams.b(cipherInputStream, bArr3, 0, 20);
            if (Arrays.l(bArr2, bArr3)) {
                return;
            }
            this.a.clear();
            throw new IOException("KeyStore integrity check failed.");
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bc.BcKeyStoreSpi, java.security.KeyStoreSpi
        public void engineStore(OutputStream outputStream, char[] cArr) throws IOException {
            DataOutputStream dataOutputStream = new DataOutputStream(outputStream);
            byte[] bArr = new byte[20];
            int nextInt = (this.b.nextInt() & RCommandClient.MAX_CLIENT_PORT) + 1024;
            this.b.nextBytes(bArr);
            dataOutputStream.writeInt(this.i);
            dataOutputStream.writeInt(20);
            dataOutputStream.write(bArr);
            dataOutputStream.writeInt(nextInt);
            CipherOutputStream cipherOutputStream = new CipherOutputStream(dataOutputStream, f("PBEWithSHAAndTwofish-CBC", 1, cArr, bArr, nextInt));
            DigestOutputStream digestOutputStream = new DigestOutputStream(new SHA1Digest());
            g(new TeeOutputStream(cipherOutputStream, digestOutputStream));
            byte[] bArr2 = new byte[digestOutputStream.a.h()];
            digestOutputStream.a.c(bArr2, 0);
            cipherOutputStream.write(bArr2);
            cipherOutputStream.close();
        }
    }

    /* loaded from: classes3.dex */
    public static class Std extends BcKeyStoreSpi {
        public Std() {
            super(2);
        }
    }

    /* loaded from: classes3.dex */
    public class StoreEntry {
        public int a;
        public String b;
        public Object c;
        public Certificate[] d;

        /* renamed from: e, reason: collision with root package name */
        public Date f935e;

        public StoreEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws Exception {
            this.f935e = new Date();
            this.a = 4;
            this.b = str;
            this.d = certificateArr;
            byte[] bArr = new byte[20];
            BcKeyStoreSpi.this.b.setSeed(System.currentTimeMillis());
            BcKeyStoreSpi.this.b.nextBytes(bArr);
            int nextInt = (BcKeyStoreSpi.this.b.nextInt() & RCommandClient.MAX_CLIENT_PORT) + 1024;
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);
            dataOutputStream.writeInt(20);
            dataOutputStream.write(bArr);
            dataOutputStream.writeInt(nextInt);
            DataOutputStream dataOutputStream2 = new DataOutputStream(new CipherOutputStream(dataOutputStream, BcKeyStoreSpi.this.f("PBEWithSHAAnd3-KeyTripleDES-CBC", 1, cArr, bArr, nextInt)));
            BcKeyStoreSpi.this.d(key, dataOutputStream2);
            dataOutputStream2.close();
            this.c = byteArrayOutputStream.toByteArray();
        }

        public StoreEntry(String str, Certificate certificate) {
            this.f935e = new Date();
            this.a = 1;
            this.b = str;
            this.c = certificate;
            this.d = null;
        }

        public StoreEntry(String str, Date date, int i, Object obj) {
            this.f935e = new Date();
            this.b = str;
            this.f935e = date;
            this.a = i;
            this.c = obj;
        }

        public StoreEntry(String str, Date date, int i, Object obj, Certificate[] certificateArr) {
            this.f935e = new Date();
            this.b = str;
            this.f935e = date;
            this.a = i;
            this.c = obj;
            this.d = certificateArr;
        }

        public StoreEntry(String str, byte[] bArr, Certificate[] certificateArr) {
            this.f935e = new Date();
            this.a = 3;
            this.b = str;
            this.c = bArr;
            this.d = certificateArr;
        }
    }

    /* loaded from: classes3.dex */
    public static class Version1 extends BcKeyStoreSpi {
        public Version1() {
            super(1);
        }
    }

    public BcKeyStoreSpi(int i) {
        this.i = i;
    }

    public final Certificate a(DataInputStream dataInputStream) throws IOException {
        String readUTF = dataInputStream.readUTF();
        byte[] bArr = new byte[dataInputStream.readInt()];
        dataInputStream.readFully(bArr);
        try {
            return this.a3.d(readUTF).generateCertificate(new ByteArrayInputStream(bArr));
        } catch (NoSuchProviderException e2) {
            throw new IOException(e2.toString());
        } catch (CertificateException e3) {
            throw new IOException(e3.toString());
        }
    }

    public final Key b(DataInputStream dataInputStream) throws IOException {
        KeySpec pKCS8EncodedKeySpec;
        int read = dataInputStream.read();
        String readUTF = dataInputStream.readUTF();
        String readUTF2 = dataInputStream.readUTF();
        byte[] bArr = new byte[dataInputStream.readInt()];
        dataInputStream.readFully(bArr);
        if (readUTF.equals("PKCS#8") || readUTF.equals("PKCS8")) {
            pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(bArr);
        } else {
            if (!readUTF.equals("X.509") && !readUTF.equals("X509")) {
                if (readUTF.equals("RAW")) {
                    return new SecretKeySpec(bArr, readUTF2);
                }
                throw new IOException(a.M("Key format ", readUTF, " not recognised!"));
            }
            pKCS8EncodedKeySpec = new X509EncodedKeySpec(bArr);
        }
        try {
            if (read == 0) {
                return BouncyCastleProvider.f(PrivateKeyInfo.k(bArr));
            }
            if (read == 1) {
                return BouncyCastleProvider.h(SubjectPublicKeyInfo.k(bArr));
            }
            if (read == 2) {
                return this.a3.f(readUTF2).generateSecret(pKCS8EncodedKeySpec);
            }
            throw new IOException("Key type " + read + " not recognised!");
        } catch (Exception e2) {
            throw new IOException(a.t(e2, a.Y("Exception creating key: ")));
        }
    }

    public final void c(Certificate certificate, DataOutputStream dataOutputStream) throws IOException {
        try {
            byte[] encoded = certificate.getEncoded();
            dataOutputStream.writeUTF(certificate.getType());
            dataOutputStream.writeInt(encoded.length);
            dataOutputStream.write(encoded);
        } catch (CertificateEncodingException e2) {
            throw new IOException(e2.toString());
        }
    }

    public final void d(Key key, DataOutputStream dataOutputStream) throws IOException {
        byte[] encoded = key.getEncoded();
        dataOutputStream.write(key instanceof PrivateKey ? 0 : key instanceof PublicKey ? 1 : 2);
        dataOutputStream.writeUTF(key.getFormat());
        dataOutputStream.writeUTF(key.getAlgorithm());
        dataOutputStream.writeInt(encoded.length);
        dataOutputStream.write(encoded);
    }

    public void e(InputStream inputStream) throws IOException {
        Hashtable hashtable;
        StoreEntry storeEntry;
        DataInputStream dataInputStream = new DataInputStream(inputStream);
        for (int read = dataInputStream.read(); read > 0; read = dataInputStream.read()) {
            String readUTF = dataInputStream.readUTF();
            Date date = new Date(dataInputStream.readLong());
            int readInt = dataInputStream.readInt();
            Certificate[] certificateArr = null;
            if (readInt != 0) {
                certificateArr = new Certificate[readInt];
                for (int i = 0; i != readInt; i++) {
                    certificateArr[i] = a(dataInputStream);
                }
            }
            Certificate[] certificateArr2 = certificateArr;
            if (read == 1) {
                Certificate a = a(dataInputStream);
                hashtable = this.a;
                storeEntry = new StoreEntry(readUTF, date, 1, a);
            } else if (read == 2) {
                Key b = b(dataInputStream);
                hashtable = this.a;
                storeEntry = new StoreEntry(readUTF, date, 2, b, certificateArr2);
            } else {
                if (read != 3 && read != 4) {
                    throw new IOException("Unknown object type in store.");
                }
                byte[] bArr = new byte[dataInputStream.readInt()];
                dataInputStream.readFully(bArr);
                this.a.put(readUTF, new StoreEntry(readUTF, date, read, bArr, certificateArr2));
            }
            hashtable.put(readUTF, storeEntry);
        }
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration engineAliases() {
        return this.a.keys();
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        return this.a.get(str) != null;
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) throws KeyStoreException {
        if (this.a.get(str) == null) {
            return;
        }
        this.a.remove(str);
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        StoreEntry storeEntry = (StoreEntry) this.a.get(str);
        if (storeEntry == null) {
            return null;
        }
        if (storeEntry.a == 1) {
            return (Certificate) storeEntry.c;
        }
        Certificate[] certificateArr = storeEntry.d;
        if (certificateArr != null) {
            return certificateArr[0];
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        Enumeration elements = this.a.elements();
        while (elements.hasMoreElements()) {
            StoreEntry storeEntry = (StoreEntry) elements.nextElement();
            Object obj = storeEntry.c;
            if (!(obj instanceof Certificate)) {
                Certificate[] certificateArr = storeEntry.d;
                if (certificateArr != null && certificateArr[0].equals(certificate)) {
                    return storeEntry.b;
                }
            } else if (((Certificate) obj).equals(certificate)) {
                return storeEntry.b;
            }
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        StoreEntry storeEntry = (StoreEntry) this.a.get(str);
        if (storeEntry != null) {
            return storeEntry.d;
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        StoreEntry storeEntry = (StoreEntry) this.a.get(str);
        if (storeEntry != null) {
            return storeEntry.f935e;
        }
        return null;
    }

    /* JADX WARN: Code restructure failed: missing block: B:35:0x001c, code lost:
    
        if (r3 != false) goto L26;
     */
    @Override // java.security.KeyStoreSpi
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public java.security.Key engineGetKey(java.lang.String r11, char[] r12) throws java.security.NoSuchAlgorithmException, java.security.UnrecoverableKeyException {
        /*
            Method dump skipped, instructions count: 285
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.jcajce.provider.keystore.bc.BcKeyStoreSpi.engineGetKey(java.lang.String, char[]):java.security.Key");
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        StoreEntry storeEntry = (StoreEntry) this.a.get(str);
        return storeEntry != null && storeEntry.a == 1;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        StoreEntry storeEntry = (StoreEntry) this.a.get(str);
        return (storeEntry == null || storeEntry.a == 1) ? false : true;
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) throws IOException {
        this.a.clear();
        if (inputStream == null) {
            return;
        }
        DataInputStream dataInputStream = new DataInputStream(inputStream);
        int readInt = dataInputStream.readInt();
        if (readInt != 2 && readInt != 0 && readInt != 1) {
            throw new IOException("Wrong version of key store.");
        }
        int readInt2 = dataInputStream.readInt();
        if (readInt2 <= 0) {
            throw new IOException("Invalid salt detected");
        }
        byte[] bArr = new byte[readInt2];
        dataInputStream.readFully(bArr);
        int readInt3 = dataInputStream.readInt();
        HMac hMac = new HMac(new SHA1Digest());
        if (cArr == null || cArr.length == 0) {
            e(dataInputStream);
            dataInputStream.readFully(new byte[hMac.b]);
            return;
        }
        byte[] a = PBEParametersGenerator.a(cArr);
        PKCS12ParametersGenerator pKCS12ParametersGenerator = new PKCS12ParametersGenerator(new SHA1Digest());
        pKCS12ParametersGenerator.a = a;
        pKCS12ParametersGenerator.b = bArr;
        pKCS12ParametersGenerator.c = readInt3;
        CipherParameters d = pKCS12ParametersGenerator.d(readInt != 2 ? hMac.b : hMac.b * 8);
        java.util.Arrays.fill(a, (byte) 0);
        hMac.a(d);
        e(new MacInputStream(dataInputStream, hMac));
        byte[] bArr2 = new byte[hMac.b];
        hMac.c(bArr2, 0);
        byte[] bArr3 = new byte[hMac.b];
        dataInputStream.readFully(bArr3);
        if (Arrays.l(bArr2, bArr3)) {
            return;
        }
        this.a.clear();
        throw new IOException("KeyStore integrity check failed.");
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
        StoreEntry storeEntry = (StoreEntry) this.a.get(str);
        if (storeEntry != null && storeEntry.a != 1) {
            throw new KeyStoreException(a.L("key store already has a key entry with alias ", str));
        }
        this.a.put(str, new StoreEntry(str, certificate));
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
        if ((key instanceof PrivateKey) && certificateArr == null) {
            throw new KeyStoreException("no certificate chain for private key");
        }
        try {
            this.a.put(str, new StoreEntry(str, key, cArr, certificateArr));
        } catch (Exception e2) {
            throw new KeyStoreException(e2.toString());
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
        this.a.put(str, new StoreEntry(str, bArr, certificateArr));
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        return this.a.size();
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) throws IOException {
        DataOutputStream dataOutputStream = new DataOutputStream(outputStream);
        byte[] bArr = new byte[20];
        int nextInt = (this.b.nextInt() & RCommandClient.MAX_CLIENT_PORT) + 1024;
        this.b.nextBytes(bArr);
        dataOutputStream.writeInt(this.i);
        dataOutputStream.writeInt(20);
        dataOutputStream.write(bArr);
        dataOutputStream.writeInt(nextInt);
        HMac hMac = new HMac(new SHA1Digest());
        MacOutputStream macOutputStream = new MacOutputStream(hMac);
        PKCS12ParametersGenerator pKCS12ParametersGenerator = new PKCS12ParametersGenerator(new SHA1Digest());
        byte[] a = PBEParametersGenerator.a(cArr);
        pKCS12ParametersGenerator.a = a;
        pKCS12ParametersGenerator.b = bArr;
        pKCS12ParametersGenerator.c = nextInt;
        hMac.a(pKCS12ParametersGenerator.d(this.i < 2 ? hMac.b : hMac.b * 8));
        for (int i = 0; i != a.length; i++) {
            a[i] = 0;
        }
        g(new TeeOutputStream(dataOutputStream, macOutputStream));
        byte[] bArr2 = new byte[hMac.b];
        hMac.c(bArr2, 0);
        dataOutputStream.write(bArr2);
        dataOutputStream.close();
    }

    public Cipher f(String str, int i, char[] cArr, byte[] bArr, int i2) throws IOException {
        try {
            PBEKeySpec pBEKeySpec = new PBEKeySpec(cArr);
            SecretKeyFactory f = this.a3.f(str);
            PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(bArr, i2);
            Cipher b = this.a3.b(str);
            b.init(i, f.generateSecret(pBEKeySpec), pBEParameterSpec);
            return b;
        } catch (Exception e2) {
            throw new IOException("Error initialising store of key store: " + e2);
        }
    }

    public void g(OutputStream outputStream) throws IOException {
        Enumeration elements = this.a.elements();
        DataOutputStream dataOutputStream = new DataOutputStream(outputStream);
        while (true) {
            if (!elements.hasMoreElements()) {
                dataOutputStream.write(0);
                return;
            }
            StoreEntry storeEntry = (StoreEntry) elements.nextElement();
            dataOutputStream.write(storeEntry.a);
            dataOutputStream.writeUTF(storeEntry.b);
            dataOutputStream.writeLong(storeEntry.f935e.getTime());
            Certificate[] certificateArr = storeEntry.d;
            if (certificateArr == null) {
                dataOutputStream.writeInt(0);
            } else {
                dataOutputStream.writeInt(certificateArr.length);
                for (int i = 0; i != certificateArr.length; i++) {
                    c(certificateArr[i], dataOutputStream);
                }
            }
            int i2 = storeEntry.a;
            if (i2 == 1) {
                c((Certificate) storeEntry.c, dataOutputStream);
            } else if (i2 == 2) {
                d((Key) storeEntry.c, dataOutputStream);
            } else {
                if (i2 != 3 && i2 != 4) {
                    throw new IOException("Unknown object type in store.");
                }
                byte[] bArr = (byte[]) storeEntry.c;
                dataOutputStream.writeInt(bArr.length);
                dataOutputStream.write(bArr);
            }
        }
    }
}
