package org.bouncycastle.jce.provider;

import com.alipay.android.phone.mobilesdk.socketcraft.drafts.b;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.PrintStream;
import java.security.Key;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import mtopsdk.common.util.SymbolExpUtil;
import org.bouncycastle.asn1.BERConstructedOctetString;
import org.bouncycastle.asn1.BERInputStream;
import org.bouncycastle.asn1.BEROutputStream;
import org.bouncycastle.asn1.DERBMPString;
import org.bouncycastle.asn1.DERConstructedSequence;
import org.bouncycastle.asn1.DERConstructedSet;
import org.bouncycastle.asn1.DERInputStream;
import org.bouncycastle.asn1.DERObject;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DEROutputStream;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.pkcs.AuthenticatedSafe;
import org.bouncycastle.asn1.pkcs.CertBag;
import org.bouncycastle.asn1.pkcs.ContentInfo;
import org.bouncycastle.asn1.pkcs.EncryptedData;
import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
import org.bouncycastle.asn1.pkcs.MacData;
import org.bouncycastle.asn1.pkcs.PKCS12PBEParams;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.Pfx;
import org.bouncycastle.asn1.pkcs.SafeBag;
import org.bouncycastle.asn1.util.ASN1Dump;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
import org.bouncycastle.asn1.x509.DigestInfo;
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x509.X509Extensions;
import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
import org.bouncycastle.jce.interfaces.BCKeyStore;
import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
import org.bouncycastle.util.encoders.Hex;

/* loaded from: classes5.dex */
public class JDKPKCS12KeyStore extends KeyStoreSpi implements PKCSObjectIdentifiers, X509ObjectIdentifiers, BCKeyStore {
    static final int CERTIFICATE = 1;
    private static final String CERT_ALGORITHM = "1.2.840.113549.1.12.1.6";
    static final int KEY = 2;
    private static final String KEY_ALGORITHM = "1.2.840.113549.1.12.1.3";
    static final int KEY_PRIVATE = 0;
    static final int KEY_PUBLIC = 1;
    static final int KEY_SECRET = 2;
    private static final String MAC_ALGORITHM = "1.3.14.3.2.26";
    private static final int MIN_ITERATIONS = 100;
    static final int NULL = 0;
    private static final int SALT_SIZE = 20;
    static final int SEALED = 4;
    static final int SECRET = 3;
    private static final int STORE_VERSION = 1;
    private CertificateFactory certFact;
    private Hashtable keys = new Hashtable();
    private Hashtable localIds = new Hashtable();
    private Hashtable certs = new Hashtable();
    private Hashtable chainCerts = new Hashtable();
    private Hashtable keyCerts = new Hashtable();
    protected SecureRandom random = new SecureRandom();

    /* loaded from: classes5.dex */
    public static class BCPKCS12KeyStore extends JDKPKCS12KeyStore {
        public BCPKCS12KeyStore() {
            super("BC");
        }
    }

    /* loaded from: classes5.dex */
    private class CertId {
        byte[] id;
        private final JDKPKCS12KeyStore this$0;

        CertId(JDKPKCS12KeyStore jDKPKCS12KeyStore, PublicKey publicKey) {
            this.this$0 = jDKPKCS12KeyStore;
            this.id = jDKPKCS12KeyStore.createSubjectKeyId(publicKey).getKeyIdentifier();
        }

        CertId(JDKPKCS12KeyStore jDKPKCS12KeyStore, byte[] bArr) {
            this.this$0 = jDKPKCS12KeyStore;
            this.id = bArr;
        }

        public boolean equals(Object obj) {
            if (!(obj instanceof CertId)) {
                return false;
            }
            CertId certId = (CertId) obj;
            if (certId.id.length != this.id.length) {
                return false;
            }
            for (int i = 0; i != this.id.length; i++) {
                if (certId.id[i] != this.id[i]) {
                    return false;
                }
            }
            return true;
        }

        public int hashCode() {
            int i = this.id[0] & b.i;
            int i2 = 1;
            while (i2 != this.id.length - 4) {
                int i3 = i2 + 1;
                i ^= (this.id[i2 + 3] & b.i) | ((((this.id[i2] & b.i) << 24) | ((this.id[i3] & b.i) << 16)) | ((this.id[i2 + 2] & b.i) << 8));
                i2 = i3;
            }
            return i;
        }
    }

    /* loaded from: classes5.dex */
    public static class DefPKCS12KeyStore extends JDKPKCS12KeyStore {
        public DefPKCS12KeyStore() {
            super(null);
        }
    }

    public JDKPKCS12KeyStore(String str) {
        this.certFact = null;
        try {
            if (str != null) {
                this.certFact = CertificateFactory.getInstance("X.509", str);
            } else {
                this.certFact = CertificateFactory.getInstance("X.509");
            }
        } catch (Exception e) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("can't create cert factory - ");
            stringBuffer.append(e.toString());
            throw new IllegalArgumentException(stringBuffer.toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public SubjectKeyIdentifier createSubjectKeyId(PublicKey publicKey) {
        try {
            return new SubjectKeyIdentifier(new SubjectPublicKeyInfo((DERConstructedSequence) new DERInputStream(new ByteArrayInputStream(publicKey.getEncoded())).readObject()));
        } catch (Exception unused) {
            throw new RuntimeException("error creating key");
        }
    }

    protected DERConstructedSequence decryptData(AlgorithmIdentifier algorithmIdentifier, byte[] bArr, char[] cArr) throws IOException {
        String id = algorithmIdentifier.getObjectId().getId();
        PKCS12PBEParams pKCS12PBEParams = new PKCS12PBEParams((DERConstructedSequence) algorithmIdentifier.getParameters());
        PBEKeySpec pBEKeySpec = new PBEKeySpec(cArr);
        try {
            SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(id, "BC");
            PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(pKCS12PBEParams.getIV(), pKCS12PBEParams.getIterations().intValue());
            Cipher cipher = Cipher.getInstance(id, "BC");
            cipher.init(2, secretKeyFactory.generateSecret(pBEKeySpec), pBEParameterSpec);
            return (DERConstructedSequence) new BERInputStream(new ByteArrayInputStream(cipher.doFinal(bArr))).readObject();
        } catch (Exception e) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("exception decrypting data - ");
            stringBuffer.append(e.toString());
            throw new IOException(stringBuffer.toString());
        }
    }

    protected byte[] encryptData(String str, byte[] bArr, PKCS12PBEParams pKCS12PBEParams, char[] cArr) throws IOException {
        PBEKeySpec pBEKeySpec = new PBEKeySpec(cArr);
        try {
            SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(str, "BC");
            PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(pKCS12PBEParams.getIV(), pKCS12PBEParams.getIterations().intValue());
            Cipher cipher = Cipher.getInstance(str, "BC");
            cipher.init(1, secretKeyFactory.generateSecret(pBEKeySpec), pBEParameterSpec);
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("exception encrypting data - ");
            stringBuffer.append(e.toString());
            throw new IOException(stringBuffer.toString());
        }
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration engineAliases() {
        Hashtable hashtable = new Hashtable();
        Enumeration keys = this.certs.keys();
        while (keys.hasMoreElements()) {
            hashtable.put(keys.nextElement(), "cert");
        }
        Enumeration keys2 = this.keys.keys();
        while (keys2.hasMoreElements()) {
            String str = (String) keys2.nextElement();
            if (hashtable.get(str) == null) {
                hashtable.put(str, "key");
            }
        }
        return hashtable.keys();
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        return (this.certs.get(str) == null && this.keys.get(str) == null) ? false : true;
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) throws KeyStoreException {
        Key key = (Key) this.keys.remove(str);
        Certificate certificate = (Certificate) this.certs.remove(str);
        if (certificate != null) {
            this.chainCerts.remove(new CertId(this, certificate.getPublicKey()));
        }
        if (key != null) {
            String str2 = (String) this.localIds.remove(str);
            if (str2 != null) {
                certificate = (Certificate) this.keyCerts.remove(str2);
            }
            if (certificate != null) {
                this.chainCerts.remove(new CertId(this, certificate.getPublicKey()));
            }
        }
        if (certificate == null && key == null) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("no such entry as ");
            stringBuffer.append(str);
            throw new KeyStoreException(stringBuffer.toString());
        }
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        String str2;
        Certificate certificate = (Certificate) this.certs.get(str);
        return (certificate != null || (str2 = (String) this.localIds.get(str)) == null) ? certificate : (Certificate) this.keyCerts.get(str2);
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        Enumeration elements = this.certs.elements();
        Enumeration keys = this.certs.keys();
        while (elements.hasMoreElements()) {
            Certificate certificate2 = (Certificate) elements.nextElement();
            String str = (String) keys.nextElement();
            if (certificate2.equals(certificate)) {
                return str;
            }
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        Certificate certificate;
        Certificate engineGetCertificate = engineGetCertificate(str);
        if (engineGetCertificate == null) {
            return null;
        }
        Vector vector = new Vector();
        while (engineGetCertificate != null) {
            X509Certificate x509Certificate = (X509Certificate) engineGetCertificate;
            byte[] extensionValue = x509Certificate.getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId());
            if (extensionValue != null) {
                try {
                    certificate = (Certificate) this.chainCerts.get(new CertId(this, new AuthorityKeyIdentifier((DERConstructedSequence) new DERInputStream(new ByteArrayInputStream(((DEROctetString) new DERInputStream(new ByteArrayInputStream(extensionValue)).readObject()).getOctets())).readObject()).getKeyIdentifier()));
                } catch (IOException e) {
                    throw new RuntimeException(e.toString());
                }
            } else {
                Principal issuerDN = x509Certificate.getIssuerDN();
                if (!issuerDN.equals(x509Certificate.getSubjectDN())) {
                    Enumeration keys = this.chainCerts.keys();
                    while (keys.hasMoreElements()) {
                        X509Certificate x509Certificate2 = (X509Certificate) this.chainCerts.get(keys.nextElement());
                        if (x509Certificate2.getSubjectDN().equals(issuerDN)) {
                            try {
                                x509Certificate.verify(x509Certificate2.getPublicKey());
                                certificate = x509Certificate2;
                                break;
                            } catch (Exception unused) {
                                continue;
                            }
                        }
                    }
                }
                certificate = null;
            }
            if (certificate != engineGetCertificate) {
                vector.addElement(engineGetCertificate);
                engineGetCertificate = certificate;
            } else {
                if (vector.size() == 0) {
                    vector.addElement(engineGetCertificate);
                }
                engineGetCertificate = null;
            }
        }
        Certificate[] certificateArr = new Certificate[vector.size()];
        for (int i = 0; i != certificateArr.length; i++) {
            certificateArr[i] = (Certificate) vector.elementAt(i);
        }
        return certificateArr;
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        return new Date();
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
        return (Key) this.keys.get(str);
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        return this.certs.get(str) != null && this.keys.get(str) == null;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        return this.keys.get(str) != null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) throws IOException {
        String str;
        DEROctetString dEROctetString;
        if (inputStream == null) {
            return;
        }
        if (cArr == null) {
            throw new NullPointerException("No password supplied for PKCS#12 KeyStore.");
        }
        BufferedInputStream bufferedInputStream = new BufferedInputStream(inputStream);
        bufferedInputStream.mark(10);
        if (bufferedInputStream.read() != 48) {
            throw new IOException("stream does not represent a PKCS12 key store");
        }
        bufferedInputStream.reset();
        Pfx pfx = new Pfx((DERConstructedSequence) new BERInputStream(bufferedInputStream).readObject());
        ContentInfo authSafe = pfx.getAuthSafe();
        Vector vector = new Vector();
        if (pfx.getMacData() != null) {
            BEROutputStream bEROutputStream = new BEROutputStream(new ByteArrayOutputStream());
            MacData macData = pfx.getMacData();
            DigestInfo mac = macData.getMac();
            AlgorithmIdentifier algorithmId = mac.getAlgorithmId();
            byte[] salt = macData.getSalt();
            int intValue = macData.getIterationCount().intValue();
            bEROutputStream.writeObject(authSafe);
            byte[] octets = ((DEROctetString) authSafe.getContent()).getOctets();
            try {
                Mac mac2 = Mac.getInstance(algorithmId.getObjectId().getId(), "BC");
                SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(algorithmId.getObjectId().getId(), "BC");
                mac2.init(secretKeyFactory.generateSecret(new PBEKeySpec(cArr)), new PBEParameterSpec(salt, intValue));
                mac2.update(octets);
                byte[] doFinal = mac2.doFinal();
                byte[] digest = mac.getDigest();
                if (doFinal.length != mac.getDigest().length) {
                    throw new IOException("PKCS12 key store mac invalid.");
                }
                for (int i = 0; i != doFinal.length; i++) {
                    if (doFinal[i] != digest[i]) {
                        throw new IOException("PKCS12 key store mac invalid.");
                    }
                }
            } catch (Exception e) {
                StringBuffer stringBuffer = new StringBuffer();
                stringBuffer.append("error constructing MAC: ");
                stringBuffer.append(e.toString());
                throw new IOException(stringBuffer.toString());
            }
        }
        this.keys = new Hashtable();
        this.localIds = new Hashtable();
        int i2 = 1;
        if (authSafe.getContentType().equals(PKCSObjectIdentifiers.data)) {
            ContentInfo[] contentInfo = new AuthenticatedSafe((DERConstructedSequence) new BERInputStream(new ByteArrayInputStream(((DEROctetString) authSafe.getContent()).getOctets())).readObject()).getContentInfo();
            int i3 = 0;
            while (i3 != contentInfo.length) {
                if (contentInfo[i3].getContentType().equals(PKCSObjectIdentifiers.data)) {
                    DERConstructedSequence dERConstructedSequence = (DERConstructedSequence) new DERInputStream(new ByteArrayInputStream(((DEROctetString) contentInfo[i3].getContent()).getOctets())).readObject();
                    int i4 = 0;
                    while (i4 != dERConstructedSequence.getSize()) {
                        SafeBag safeBag = new SafeBag((DERConstructedSequence) dERConstructedSequence.getObjectAt(i4));
                        if (safeBag.getBagId().equals(PKCSObjectIdentifiers.pkcs8ShroudedKeyBag)) {
                            EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo((DERConstructedSequence) safeBag.getBagValue());
                            PrivateKey unwrapKey = unwrapKey(encryptedPrivateKeyInfo.getEncryptionAlgorithm(), encryptedPrivateKeyInfo.getEncryptedData(), cArr);
                            PKCS12BagAttributeCarrier pKCS12BagAttributeCarrier = (PKCS12BagAttributeCarrier) unwrapKey;
                            Enumeration objects = safeBag.getBagAttributes().getObjects();
                            DEROctetString dEROctetString2 = null;
                            String str2 = null;
                            while (objects.hasMoreElements()) {
                                DERConstructedSequence dERConstructedSequence2 = (DERConstructedSequence) objects.nextElement();
                                DERObjectIdentifier dERObjectIdentifier = (DERObjectIdentifier) dERConstructedSequence2.getObjectAt(0);
                                DERObject dERObject = (DERObject) ((DERSet) dERConstructedSequence2.getObjectAt(i2)).getObjectAt(0);
                                pKCS12BagAttributeCarrier.setBagAttribute(dERObjectIdentifier, dERObject);
                                if (dERObjectIdentifier.equals(PKCSObjectIdentifiers.pkcs_9_at_friendlyName)) {
                                    str2 = ((DERBMPString) dERObject).getString();
                                    this.keys.put(str2, unwrapKey);
                                } else if (dERObjectIdentifier.equals(PKCSObjectIdentifiers.pkcs_9_at_localKeyId)) {
                                    dEROctetString2 = (DEROctetString) dERObject;
                                }
                                i2 = 1;
                            }
                            String str3 = new String(Hex.encode(dEROctetString2.getOctets()));
                            if (str2 == null) {
                                this.keys.put(str3, unwrapKey);
                            } else {
                                this.localIds.put(str2, str3);
                            }
                        } else if (safeBag.getBagId().equals(PKCSObjectIdentifiers.certBag)) {
                            vector.addElement(safeBag);
                        } else {
                            PrintStream printStream = System.out;
                            StringBuffer stringBuffer2 = new StringBuffer();
                            stringBuffer2.append("extra ");
                            stringBuffer2.append(safeBag.getBagId());
                            printStream.println(stringBuffer2.toString());
                            PrintStream printStream2 = System.out;
                            StringBuffer stringBuffer3 = new StringBuffer();
                            stringBuffer3.append("extra ");
                            stringBuffer3.append(ASN1Dump.dumpAsString(safeBag));
                            printStream2.println(stringBuffer3.toString());
                        }
                        i4++;
                        i2 = 1;
                    }
                } else if (contentInfo[i3].getContentType().equals(PKCSObjectIdentifiers.encryptedData)) {
                    EncryptedData encryptedData = new EncryptedData((DERConstructedSequence) contentInfo[i3].getContent());
                    DERConstructedSequence decryptData = decryptData(encryptedData.getEncryptionAlgorithm(), ((DEROctetString) encryptedData.getContent()).getOctets(), cArr);
                    for (int i5 = 0; i5 != decryptData.getSize(); i5++) {
                        SafeBag safeBag2 = new SafeBag((DERConstructedSequence) decryptData.getObjectAt(i5));
                        if (safeBag2.getBagId().equals(PKCSObjectIdentifiers.certBag)) {
                            vector.addElement(safeBag2);
                        }
                    }
                } else {
                    PrintStream printStream3 = System.out;
                    StringBuffer stringBuffer4 = new StringBuffer();
                    stringBuffer4.append("extra ");
                    stringBuffer4.append(contentInfo[i3].getContentType().getId());
                    printStream3.println(stringBuffer4.toString());
                    PrintStream printStream4 = System.out;
                    StringBuffer stringBuffer5 = new StringBuffer();
                    stringBuffer5.append("extra ");
                    stringBuffer5.append(ASN1Dump.dumpAsString(contentInfo[i3].getContent()));
                    printStream4.println(stringBuffer5.toString());
                }
                i3++;
                i2 = 1;
            }
        }
        this.certs = new Hashtable();
        this.chainCerts = new Hashtable();
        this.keyCerts = new Hashtable();
        for (int i6 = 0; i6 != vector.size(); i6++) {
            SafeBag safeBag3 = (SafeBag) vector.elementAt(i6);
            try {
                Certificate generateCertificate = this.certFact.generateCertificate(new ByteArrayInputStream(((DEROctetString) new CertBag((DERConstructedSequence) safeBag3.getBagValue()).getCertValue()).getOctets()));
                if (safeBag3.getBagAttributes() != null) {
                    Enumeration objects2 = safeBag3.getBagAttributes().getObjects();
                    str = null;
                    dEROctetString = null;
                    while (objects2.hasMoreElements()) {
                        DERConstructedSequence dERConstructedSequence3 = (DERConstructedSequence) objects2.nextElement();
                        DERObjectIdentifier dERObjectIdentifier2 = (DERObjectIdentifier) dERConstructedSequence3.getObjectAt(0);
                        DERObject dERObject2 = (DERObject) ((DERSet) dERConstructedSequence3.getObjectAt(1)).getObjectAt(0);
                        if (generateCertificate instanceof PKCS12BagAttributeCarrier) {
                            ((PKCS12BagAttributeCarrier) generateCertificate).setBagAttribute(dERObjectIdentifier2, dERObject2);
                        }
                        if (dERObjectIdentifier2.equals(PKCSObjectIdentifiers.pkcs_9_at_friendlyName)) {
                            str = ((DERBMPString) dERObject2).getString();
                        } else if (dERObjectIdentifier2.equals(PKCSObjectIdentifiers.pkcs_9_at_localKeyId)) {
                            dEROctetString = (DEROctetString) dERObject2;
                        }
                    }
                } else {
                    str = null;
                    dEROctetString = null;
                }
                this.chainCerts.put(new CertId(this, generateCertificate.getPublicKey()), generateCertificate);
                if (str != null) {
                    this.certs.put(str, generateCertificate);
                } else if (dEROctetString != null) {
                    this.keyCerts.put(new String(Hex.encode(dEROctetString.getOctets())), generateCertificate);
                }
            } catch (Exception e2) {
                throw new RuntimeException(e2.toString());
            }
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
        if (this.certs.get(str) == null) {
            this.certs.put(str, certificate);
            this.chainCerts.put(new CertId(this, certificate.getPublicKey()), certificate);
        } else {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("There is already a certificate with the name ");
            stringBuffer.append(str);
            stringBuffer.append(SymbolExpUtil.SYMBOL_DOT);
            throw new KeyStoreException(stringBuffer.toString());
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
        if ((key instanceof PrivateKey) && certificateArr == null) {
            throw new KeyStoreException("no certificate chain for private key");
        }
        if (this.keys.get(str) != null && !key.equals((Key) this.keys.get(str))) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("There is already a key with the name ");
            stringBuffer.append(str);
            stringBuffer.append(SymbolExpUtil.SYMBOL_DOT);
            throw new KeyStoreException(stringBuffer.toString());
        }
        this.keys.put(str, key);
        this.certs.put(str, certificateArr[0]);
        for (int i = 0; i != certificateArr.length; i++) {
            this.chainCerts.put(new CertId(this, certificateArr[i].getPublicKey()), certificateArr[i]);
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
        throw new RuntimeException("operation not supported");
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        Hashtable hashtable = new Hashtable();
        Enumeration keys = this.certs.keys();
        while (keys.hasMoreElements()) {
            hashtable.put(keys.nextElement(), "cert");
        }
        Enumeration keys2 = this.keys.keys();
        while (keys2.hasMoreElements()) {
            String str = (String) keys2.nextElement();
            if (hashtable.get(str) == null) {
                hashtable.put(str, "key");
            }
        }
        return hashtable.size();
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) throws IOException {
        int i;
        int i2;
        char c;
        char c2;
        ByteArrayOutputStream byteArrayOutputStream;
        AlgorithmIdentifier algorithmIdentifier;
        boolean z;
        boolean z2;
        boolean z3;
        if (cArr == null) {
            throw new NullPointerException("No password supplied for PKCS#12 KeyStore.");
        }
        ContentInfo[] contentInfoArr = new ContentInfo[2];
        DERConstructedSequence dERConstructedSequence = new DERConstructedSequence();
        Enumeration keys = this.keys.keys();
        while (true) {
            i = 100;
            i2 = 20;
            c = 1;
            c2 = 0;
            if (!keys.hasMoreElements()) {
                break;
            }
            ContentInfo[] contentInfoArr2 = contentInfoArr;
            byte[] bArr = new byte[20];
            this.random.nextBytes(bArr);
            String str = (String) keys.nextElement();
            PrivateKey privateKey = (PrivateKey) this.keys.get(str);
            PKCS12PBEParams pKCS12PBEParams = new PKCS12PBEParams(bArr, 100);
            EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(new AlgorithmIdentifier(new DERObjectIdentifier(KEY_ALGORITHM), pKCS12PBEParams.getDERObject()), wrapKey(KEY_ALGORITHM, privateKey, pKCS12PBEParams, cArr));
            DERConstructedSet dERConstructedSet = new DERConstructedSet();
            if (privateKey instanceof PKCS12BagAttributeCarrier) {
                PKCS12BagAttributeCarrier pKCS12BagAttributeCarrier = (PKCS12BagAttributeCarrier) privateKey;
                Enumeration bagAttributeKeys = pKCS12BagAttributeCarrier.getBagAttributeKeys();
                boolean z4 = false;
                while (bagAttributeKeys.hasMoreElements()) {
                    DERObjectIdentifier dERObjectIdentifier = (DERObjectIdentifier) bagAttributeKeys.nextElement();
                    DERConstructedSequence dERConstructedSequence2 = new DERConstructedSequence();
                    dERConstructedSequence2.addObject(dERObjectIdentifier);
                    dERConstructedSequence2.addObject(new DERSet(pKCS12BagAttributeCarrier.getBagAttribute(dERObjectIdentifier)));
                    dERConstructedSet.addObject(dERConstructedSequence2);
                    z4 = true;
                }
                z3 = z4;
            } else {
                z3 = false;
            }
            if (!z3) {
                DERConstructedSequence dERConstructedSequence3 = new DERConstructedSequence();
                Certificate engineGetCertificate = engineGetCertificate(str);
                dERConstructedSequence3.addObject(PKCSObjectIdentifiers.pkcs_9_at_localKeyId);
                dERConstructedSequence3.addObject(new DERSet(createSubjectKeyId(engineGetCertificate.getPublicKey())));
                dERConstructedSet.addObject(dERConstructedSequence3);
                DERConstructedSequence dERConstructedSequence4 = new DERConstructedSequence();
                dERConstructedSequence4.addObject(PKCSObjectIdentifiers.pkcs_9_at_friendlyName);
                dERConstructedSequence4.addObject(new DERSet(new DERBMPString(str)));
                dERConstructedSet.addObject(dERConstructedSequence4);
            }
            dERConstructedSequence.addObject(new SafeBag(PKCSObjectIdentifiers.pkcs8ShroudedKeyBag, encryptedPrivateKeyInfo.getDERObject(), dERConstructedSet));
            contentInfoArr = contentInfoArr2;
        }
        ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
        new DEROutputStream(byteArrayOutputStream2).writeObject(dERConstructedSequence);
        BERConstructedOctetString bERConstructedOctetString = new BERConstructedOctetString(byteArrayOutputStream2.toByteArray());
        byte[] bArr2 = new byte[20];
        this.random.nextBytes(bArr2);
        DERConstructedSequence dERConstructedSequence5 = new DERConstructedSequence();
        PKCS12PBEParams pKCS12PBEParams2 = new PKCS12PBEParams(bArr2, 100);
        AlgorithmIdentifier algorithmIdentifier2 = new AlgorithmIdentifier(new DERObjectIdentifier(CERT_ALGORITHM), pKCS12PBEParams2.getDERObject());
        Hashtable hashtable = new Hashtable();
        Enumeration keys2 = this.keys.keys();
        while (keys2.hasMoreElements()) {
            ContentInfo[] contentInfoArr3 = contentInfoArr;
            BERConstructedOctetString bERConstructedOctetString2 = bERConstructedOctetString;
            ByteArrayOutputStream byteArrayOutputStream3 = byteArrayOutputStream2;
            AlgorithmIdentifier algorithmIdentifier3 = algorithmIdentifier2;
            try {
                String str2 = (String) keys2.nextElement();
                Certificate engineGetCertificate2 = engineGetCertificate(str2);
                CertBag certBag = new CertBag(PKCSObjectIdentifiers.x509certType, new DEROctetString(engineGetCertificate2.getEncoded()));
                DERConstructedSet dERConstructedSet2 = new DERConstructedSet();
                if (engineGetCertificate2 instanceof PKCS12BagAttributeCarrier) {
                    PKCS12BagAttributeCarrier pKCS12BagAttributeCarrier2 = (PKCS12BagAttributeCarrier) engineGetCertificate2;
                    Enumeration bagAttributeKeys2 = pKCS12BagAttributeCarrier2.getBagAttributeKeys();
                    z2 = false;
                    while (bagAttributeKeys2.hasMoreElements()) {
                        DERObjectIdentifier dERObjectIdentifier2 = (DERObjectIdentifier) bagAttributeKeys2.nextElement();
                        DERConstructedSequence dERConstructedSequence6 = new DERConstructedSequence();
                        dERConstructedSequence6.addObject(dERObjectIdentifier2);
                        dERConstructedSequence6.addObject(new DERSet(pKCS12BagAttributeCarrier2.getBagAttribute(dERObjectIdentifier2)));
                        dERConstructedSet2.addObject(dERConstructedSequence6);
                        z2 = true;
                    }
                } else {
                    z2 = false;
                }
                if (!z2) {
                    DERConstructedSequence dERConstructedSequence7 = new DERConstructedSequence();
                    dERConstructedSequence7.addObject(PKCSObjectIdentifiers.pkcs_9_at_localKeyId);
                    dERConstructedSequence7.addObject(new DERSet(createSubjectKeyId(engineGetCertificate2.getPublicKey())));
                    dERConstructedSet2.addObject(dERConstructedSequence7);
                    DERConstructedSequence dERConstructedSequence8 = new DERConstructedSequence();
                    dERConstructedSequence8.addObject(PKCSObjectIdentifiers.pkcs_9_at_friendlyName);
                    dERConstructedSequence8.addObject(new DERSet(new DERBMPString(str2)));
                    dERConstructedSet2.addObject(dERConstructedSequence8);
                }
                dERConstructedSequence5.addObject(new SafeBag(PKCSObjectIdentifiers.certBag, certBag.getDERObject(), dERConstructedSet2));
                hashtable.put(engineGetCertificate2, engineGetCertificate2);
                contentInfoArr = contentInfoArr3;
                bERConstructedOctetString = bERConstructedOctetString2;
                byteArrayOutputStream2 = byteArrayOutputStream3;
                algorithmIdentifier2 = algorithmIdentifier3;
                i = 100;
                i2 = 20;
                c = 1;
                c2 = 0;
            } catch (CertificateEncodingException e) {
                StringBuffer stringBuffer = new StringBuffer();
                stringBuffer.append("Error encoding certificate: ");
                stringBuffer.append(e.toString());
                throw new IOException(stringBuffer.toString());
            }
        }
        Enumeration keys3 = this.certs.keys();
        while (keys3.hasMoreElements()) {
            ContentInfo[] contentInfoArr4 = contentInfoArr;
            BERConstructedOctetString bERConstructedOctetString3 = bERConstructedOctetString;
            try {
                String str3 = (String) keys3.nextElement();
                Certificate certificate = (Certificate) this.certs.get(str3);
                if (hashtable.get(certificate) != null) {
                    contentInfoArr = contentInfoArr4;
                    bERConstructedOctetString = bERConstructedOctetString3;
                } else {
                    CertBag certBag2 = new CertBag(PKCSObjectIdentifiers.x509certType, new DEROctetString(certificate.getEncoded()));
                    DERConstructedSet dERConstructedSet3 = new DERConstructedSet();
                    if (certificate instanceof PKCS12BagAttributeCarrier) {
                        PKCS12BagAttributeCarrier pKCS12BagAttributeCarrier3 = (PKCS12BagAttributeCarrier) certificate;
                        Enumeration bagAttributeKeys3 = pKCS12BagAttributeCarrier3.getBagAttributeKeys();
                        z = false;
                        while (bagAttributeKeys3.hasMoreElements()) {
                            DERObjectIdentifier dERObjectIdentifier3 = (DERObjectIdentifier) bagAttributeKeys3.nextElement();
                            ByteArrayOutputStream byteArrayOutputStream4 = byteArrayOutputStream2;
                            DERConstructedSequence dERConstructedSequence9 = new DERConstructedSequence();
                            dERConstructedSequence9.addObject(dERObjectIdentifier3);
                            dERConstructedSequence9.addObject(new DERSet(pKCS12BagAttributeCarrier3.getBagAttribute(dERObjectIdentifier3)));
                            dERConstructedSet3.addObject(dERConstructedSequence9);
                            byteArrayOutputStream2 = byteArrayOutputStream4;
                            algorithmIdentifier2 = algorithmIdentifier2;
                            z = true;
                        }
                        byteArrayOutputStream = byteArrayOutputStream2;
                        algorithmIdentifier = algorithmIdentifier2;
                    } else {
                        byteArrayOutputStream = byteArrayOutputStream2;
                        algorithmIdentifier = algorithmIdentifier2;
                        z = false;
                    }
                    if (!z) {
                        DERConstructedSequence dERConstructedSequence10 = new DERConstructedSequence();
                        dERConstructedSequence10.addObject(PKCSObjectIdentifiers.pkcs_9_at_friendlyName);
                        dERConstructedSequence10.addObject(new DERSet(new DERBMPString(str3)));
                        dERConstructedSet3.addObject(dERConstructedSequence10);
                    }
                    dERConstructedSequence5.addObject(new SafeBag(PKCSObjectIdentifiers.certBag, certBag2.getDERObject(), dERConstructedSet3));
                    hashtable.put(certificate, certificate);
                    contentInfoArr = contentInfoArr4;
                    bERConstructedOctetString = bERConstructedOctetString3;
                    byteArrayOutputStream2 = byteArrayOutputStream;
                    algorithmIdentifier2 = algorithmIdentifier;
                }
                i = 100;
                i2 = 20;
                c = 1;
                c2 = 0;
            } catch (CertificateEncodingException e2) {
                StringBuffer stringBuffer2 = new StringBuffer();
                stringBuffer2.append("Error encoding certificate: ");
                stringBuffer2.append(e2.toString());
                throw new IOException(stringBuffer2.toString());
            }
        }
        Enumeration keys4 = this.chainCerts.keys();
        while (keys4.hasMoreElements()) {
            try {
                Certificate certificate2 = (Certificate) this.chainCerts.get((CertId) keys4.nextElement());
                if (hashtable.get(certificate2) != null) {
                    c = 1;
                } else {
                    CertBag certBag3 = new CertBag(PKCSObjectIdentifiers.x509certType, new DEROctetString(certificate2.getEncoded()));
                    DERConstructedSet dERConstructedSet4 = new DERConstructedSet();
                    if (certificate2 instanceof PKCS12BagAttributeCarrier) {
                        PKCS12BagAttributeCarrier pKCS12BagAttributeCarrier4 = (PKCS12BagAttributeCarrier) certificate2;
                        Enumeration bagAttributeKeys4 = pKCS12BagAttributeCarrier4.getBagAttributeKeys();
                        while (bagAttributeKeys4.hasMoreElements()) {
                            DERObjectIdentifier dERObjectIdentifier4 = (DERObjectIdentifier) bagAttributeKeys4.nextElement();
                            ContentInfo[] contentInfoArr5 = contentInfoArr;
                            DERConstructedSequence dERConstructedSequence11 = new DERConstructedSequence();
                            dERConstructedSequence11.addObject(dERObjectIdentifier4);
                            dERConstructedSequence11.addObject(new DERSet(pKCS12BagAttributeCarrier4.getBagAttribute(dERObjectIdentifier4)));
                            dERConstructedSet4.addObject(dERConstructedSequence11);
                            contentInfoArr = contentInfoArr5;
                            bERConstructedOctetString = bERConstructedOctetString;
                        }
                    }
                    ContentInfo[] contentInfoArr6 = contentInfoArr;
                    BERConstructedOctetString bERConstructedOctetString4 = bERConstructedOctetString;
                    dERConstructedSequence5.addObject(new SafeBag(PKCSObjectIdentifiers.certBag, certBag3.getDERObject(), dERConstructedSet4));
                    contentInfoArr = contentInfoArr6;
                    bERConstructedOctetString = bERConstructedOctetString4;
                    i = 100;
                    i2 = 20;
                    c = 1;
                    c2 = 0;
                }
            } catch (CertificateEncodingException e3) {
                StringBuffer stringBuffer3 = new StringBuffer();
                stringBuffer3.append("Error encoding certificate: ");
                stringBuffer3.append(e3.toString());
                throw new IOException(stringBuffer3.toString());
            }
        }
        byteArrayOutputStream2.reset();
        DEROutputStream dEROutputStream = new DEROutputStream(byteArrayOutputStream2);
        dEROutputStream.writeObject(dERConstructedSequence5);
        dEROutputStream.close();
        EncryptedData encryptedData = new EncryptedData(PKCSObjectIdentifiers.data, algorithmIdentifier2, new BERConstructedOctetString(encryptData(CERT_ALGORITHM, byteArrayOutputStream2.toByteArray(), pKCS12PBEParams2, cArr)));
        contentInfoArr[c2] = new ContentInfo(PKCSObjectIdentifiers.data, bERConstructedOctetString);
        contentInfoArr[c] = new ContentInfo(PKCSObjectIdentifiers.encryptedData, encryptedData.getDERObject());
        AuthenticatedSafe authenticatedSafe = new AuthenticatedSafe(contentInfoArr);
        byteArrayOutputStream2.reset();
        new BEROutputStream(byteArrayOutputStream2).writeObject(authenticatedSafe);
        ContentInfo contentInfo = new ContentInfo(PKCSObjectIdentifiers.data, new BERConstructedOctetString(byteArrayOutputStream2.toByteArray()));
        byte[] bArr3 = new byte[i2];
        this.random.nextBytes(bArr3);
        byte[] octets = ((DEROctetString) contentInfo.getContent()).getOctets();
        try {
            Mac mac = Mac.getInstance(X509ObjectIdentifiers.id_SHA1.getId(), "BC");
            SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(X509ObjectIdentifiers.id_SHA1.getId(), "BC");
            mac.init(secretKeyFactory.generateSecret(new PBEKeySpec(cArr)), new PBEParameterSpec(bArr3, i));
            mac.update(octets);
            new BEROutputStream(outputStream).writeObject(new Pfx(contentInfo, new MacData(new DigestInfo(new AlgorithmIdentifier(X509ObjectIdentifiers.id_SHA1, null), mac.doFinal()), bArr3, i)));
        } catch (Exception e4) {
            StringBuffer stringBuffer4 = new StringBuffer();
            stringBuffer4.append("error constructing MAC: ");
            stringBuffer4.append(e4.toString());
            throw new IOException(stringBuffer4.toString());
        }
    }

    @Override // org.bouncycastle.jce.interfaces.BCKeyStore
    public void setRandom(SecureRandom secureRandom) {
        this.random = secureRandom;
    }

    protected PrivateKey unwrapKey(AlgorithmIdentifier algorithmIdentifier, byte[] bArr, char[] cArr) throws IOException {
        String id = algorithmIdentifier.getObjectId().getId();
        PKCS12PBEParams pKCS12PBEParams = new PKCS12PBEParams((DERConstructedSequence) algorithmIdentifier.getParameters());
        PBEKeySpec pBEKeySpec = new PBEKeySpec(cArr);
        try {
            SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(id, "BC");
            PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(pKCS12PBEParams.getIV(), pKCS12PBEParams.getIterations().intValue());
            Cipher cipher = Cipher.getInstance(id, "BC");
            cipher.init(4, secretKeyFactory.generateSecret(pBEKeySpec), pBEParameterSpec);
            return (PrivateKey) cipher.unwrap(bArr, "", 2);
        } catch (Exception e) {
            e.printStackTrace();
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("exception unwrapping private key - ");
            stringBuffer.append(e.toString());
            throw new IOException(stringBuffer.toString());
        }
    }

    protected byte[] wrapKey(String str, Key key, PKCS12PBEParams pKCS12PBEParams, char[] cArr) throws IOException {
        PBEKeySpec pBEKeySpec = new PBEKeySpec(cArr);
        try {
            SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(str, "BC");
            PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(pKCS12PBEParams.getIV(), pKCS12PBEParams.getIterations().intValue());
            Cipher cipher = Cipher.getInstance(str, "BC");
            cipher.init(3, secretKeyFactory.generateSecret(pBEKeySpec), pBEParameterSpec);
            return cipher.wrap(key);
        } catch (Exception e) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("exception encrypting data - ");
            stringBuffer.append(e.toString());
            throw new IOException(stringBuffer.toString());
        }
    }
}
