package org.bouncycastle.jcajce.provider.keystore.bcfks;

import defpackage.InterfaceC0593x;
import defpackage.ab;
import defpackage.am5;
import defpackage.cd5;
import defpackage.dd5;
import defpackage.dd7;
import defpackage.dk7;
import defpackage.f37;
import defpackage.g37;
import defpackage.hl5;
import defpackage.jd5;
import defpackage.js1;
import defpackage.jv3;
import defpackage.kd5;
import defpackage.kl5;
import defpackage.l28;
import defpackage.ld5;
import defpackage.lm9;
import defpackage.m15;
import defpackage.me0;
import defpackage.n15;
import defpackage.nl5;
import defpackage.nt;
import defpackage.nv5;
import defpackage.o15;
import defpackage.ol3;
import defpackage.ol5;
import defpackage.ot;
import defpackage.pt;
import defpackage.px1;
import defpackage.q01;
import defpackage.q70;
import defpackage.qx1;
import defpackage.rx1;
import defpackage.so;
import defpackage.st;
import defpackage.sx1;
import defpackage.t77;
import defpackage.tl9;
import defpackage.u27;
import defpackage.ut3;
import defpackage.v77;
import defpackage.vx1;
import defpackage.wv3;
import defpackage.wv4;
import defpackage.y66;
import defpackage.yl5;
import defpackage.zc1;
import defpackage.zc5;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.DSAKey;
import java.security.interfaces.RSAKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.text.ParseException;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.asn1.i1;
import org.bouncycastle.asn1.l;
import org.bouncycastle.asn1.q;
import org.bouncycastle.crypto.a;
import org.bouncycastle.jcajce.provider.keystore.util.AdaptingKeyStoreSpi;
import org.bouncycastle.jcajce.provider.keystore.util.ParameterUtil;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes2.dex */
public class BcFKSKeyStoreSpi extends KeyStoreSpi {
    private static final BigInteger CERTIFICATE;
    private static final BigInteger PRIVATE_KEY;
    private static final BigInteger PROTECTED_PRIVATE_KEY;
    private static final BigInteger PROTECTED_SECRET_KEY;
    private static final BigInteger SECRET_KEY;
    private static final Map<String, q> oidMap;
    private static final Map<q, String> publicAlgMap;
    private Date creationDate;
    private final ol3 helper;
    private ab hmacAlgorithm;
    private jv3 hmacPkbdAlgorithm;
    private Date lastModifiedDate;
    private ab signatureAlgorithm;
    private nt.a validator;
    private PublicKey verificationKey;
    private final Map<String, cd5> entries = new HashMap();
    private final Map<String, PrivateKey> privateKeyCache = new HashMap();
    private q storeEncryptionAlgorithm = m15.T;

    /* loaded from: classes2.dex */
    public static class Def extends BcFKSKeyStoreSpi {
        public Def() {
            super(new zc1());
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Enumeration engineAliases() {
            return super.engineAliases();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineContainsAlias(String str) {
            return super.engineContainsAlias(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineDeleteEntry(String str) throws KeyStoreException {
            super.engineDeleteEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate engineGetCertificate(String str) {
            return super.engineGetCertificate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ String engineGetCertificateAlias(Certificate certificate) {
            return super.engineGetCertificateAlias(certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate[] engineGetCertificateChain(String str) {
            return super.engineGetCertificateChain(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Date engineGetCreationDate(String str) {
            return super.engineGetCreationDate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
            return super.engineGetKey(str, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsCertificateEntry(String str) {
            return super.engineIsCertificateEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsKeyEntry(String str) {
            return super.engineIsKeyEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineLoad(inputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
            super.engineLoad(loadStoreParameter);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
            super.engineSetCertificateEntry(str, certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, key, cArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, bArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ int engineSize() {
            return super.engineSize();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineStore(outputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
            super.engineStore(loadStoreParameter);
        }
    }

    /* loaded from: classes2.dex */
    public static class DefCompat extends AdaptingKeyStoreSpi {
        public DefCompat() {
            super(new zc1(), new BcFKSKeyStoreSpi(new zc1()));
        }
    }

    /* loaded from: classes2.dex */
    public static class DefShared extends SharedKeyStoreSpi {
        public DefShared() {
            super(new zc1());
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Enumeration engineAliases() {
            return super.engineAliases();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineContainsAlias(String str) {
            return super.engineContainsAlias(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineDeleteEntry(String str) throws KeyStoreException {
            super.engineDeleteEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate engineGetCertificate(String str) {
            return super.engineGetCertificate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ String engineGetCertificateAlias(Certificate certificate) {
            return super.engineGetCertificateAlias(certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate[] engineGetCertificateChain(String str) {
            return super.engineGetCertificateChain(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Date engineGetCreationDate(String str) {
            return super.engineGetCreationDate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
            return super.engineGetKey(str, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsCertificateEntry(String str) {
            return super.engineIsCertificateEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsKeyEntry(String str) {
            return super.engineIsKeyEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineLoad(inputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
            super.engineLoad(loadStoreParameter);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
            super.engineSetCertificateEntry(str, certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, key, cArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, bArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ int engineSize() {
            return super.engineSize();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineStore(outputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
            super.engineStore(loadStoreParameter);
        }
    }

    /* loaded from: classes2.dex */
    public static class DefSharedCompat extends AdaptingKeyStoreSpi {
        public DefSharedCompat() {
            super(new zc1(), new BcFKSKeyStoreSpi(new zc1()));
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public static class ExtKeyStoreException extends KeyStoreException {
        private final Throwable cause;

        ExtKeyStoreException(String str, Throwable th) {
            super(str);
            this.cause = th;
        }

        @Override // java.lang.Throwable
        public Throwable getCause() {
            return this.cause;
        }
    }

    /* loaded from: classes2.dex */
    private static class SharedKeyStoreSpi extends BcFKSKeyStoreSpi implements am5, tl9 {
        private final Map<String, byte[]> cache;
        private final byte[] seedKey;

        public SharedKeyStoreSpi(ol3 ol3Var) {
            super(ol3Var);
            try {
                byte[] bArr = new byte[32];
                this.seedKey = bArr;
                ol3Var.h("DEFAULT").nextBytes(bArr);
                this.cache = new HashMap();
            } catch (GeneralSecurityException e) {
                throw new IllegalArgumentException("can't create random - " + e.toString());
            }
        }

        private byte[] calculateMac(String str, char[] cArr) throws NoSuchAlgorithmException, InvalidKeyException {
            return u27.i(cArr != null ? so.s(l28.j(cArr), l28.i(str)) : so.s(this.seedKey, l28.i(str)), this.seedKey, 16384, 8, 1, 32);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public void engineDeleteEntry(String str) throws KeyStoreException {
            throw new KeyStoreException("delete operation not supported in shared mode");
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
            try {
                byte[] calculateMac = calculateMac(str, cArr);
                if (!this.cache.containsKey(str) || so.x(this.cache.get(str), calculateMac)) {
                    Key engineGetKey = super.engineGetKey(str, cArr);
                    if (engineGetKey != null && !this.cache.containsKey(str)) {
                        this.cache.put(str, calculateMac);
                    }
                    return engineGetKey;
                }
                throw new UnrecoverableKeyException("unable to recover key (" + str + ")");
            } catch (InvalidKeyException e) {
                throw new UnrecoverableKeyException("unable to recover key (" + str + "): " + e.getMessage());
            }
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
            throw new KeyStoreException("set operation not supported in shared mode");
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
            throw new KeyStoreException("set operation not supported in shared mode");
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
            throw new KeyStoreException("set operation not supported in shared mode");
        }
    }

    /* loaded from: classes2.dex */
    public static class Std extends BcFKSKeyStoreSpi {
        public Std() {
            super(new pt());
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Enumeration engineAliases() {
            return super.engineAliases();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineContainsAlias(String str) {
            return super.engineContainsAlias(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineDeleteEntry(String str) throws KeyStoreException {
            super.engineDeleteEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate engineGetCertificate(String str) {
            return super.engineGetCertificate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ String engineGetCertificateAlias(Certificate certificate) {
            return super.engineGetCertificateAlias(certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate[] engineGetCertificateChain(String str) {
            return super.engineGetCertificateChain(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Date engineGetCreationDate(String str) {
            return super.engineGetCreationDate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
            return super.engineGetKey(str, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsCertificateEntry(String str) {
            return super.engineIsCertificateEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsKeyEntry(String str) {
            return super.engineIsKeyEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineLoad(inputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
            super.engineLoad(loadStoreParameter);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
            super.engineSetCertificateEntry(str, certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, key, cArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, bArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ int engineSize() {
            return super.engineSize();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineStore(outputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
            super.engineStore(loadStoreParameter);
        }
    }

    /* loaded from: classes2.dex */
    public static class StdCompat extends AdaptingKeyStoreSpi {
        public StdCompat() {
            super(new zc1(), new BcFKSKeyStoreSpi(new pt()));
        }
    }

    /* loaded from: classes2.dex */
    public static class StdShared extends SharedKeyStoreSpi {
        public StdShared() {
            super(new pt());
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Enumeration engineAliases() {
            return super.engineAliases();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineContainsAlias(String str) {
            return super.engineContainsAlias(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineDeleteEntry(String str) throws KeyStoreException {
            super.engineDeleteEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate engineGetCertificate(String str) {
            return super.engineGetCertificate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ String engineGetCertificateAlias(Certificate certificate) {
            return super.engineGetCertificateAlias(certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate[] engineGetCertificateChain(String str) {
            return super.engineGetCertificateChain(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Date engineGetCreationDate(String str) {
            return super.engineGetCreationDate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
            return super.engineGetKey(str, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsCertificateEntry(String str) {
            return super.engineIsCertificateEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsKeyEntry(String str) {
            return super.engineIsKeyEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineLoad(inputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
            super.engineLoad(loadStoreParameter);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
            super.engineSetCertificateEntry(str, certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, key, cArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, bArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ int engineSize() {
            return super.engineSize();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineStore(outputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
            super.engineStore(loadStoreParameter);
        }
    }

    /* loaded from: classes2.dex */
    public static class StdSharedCompat extends AdaptingKeyStoreSpi {
        public StdSharedCompat() {
            super(new pt(), new BcFKSKeyStoreSpi(new pt()));
        }
    }

    static {
        HashMap hashMap = new HashMap();
        oidMap = hashMap;
        HashMap hashMap2 = new HashMap();
        publicAlgMap = hashMap2;
        q qVar = zc5.h;
        hashMap.put("DESEDE", qVar);
        hashMap.put("TRIPLEDES", qVar);
        hashMap.put("TDEA", qVar);
        hashMap.put("HMACSHA1", am5.F1);
        hashMap.put("HMACSHA224", am5.G1);
        hashMap.put("HMACSHA256", am5.H1);
        hashMap.put("HMACSHA384", am5.I1);
        hashMap.put("HMACSHA512", am5.J1);
        hashMap.put("SEED", ut3.a);
        hashMap.put("CAMELLIA.128", o15.a);
        hashMap.put("CAMELLIA.192", o15.b);
        hashMap.put("CAMELLIA.256", o15.c);
        hashMap.put("ARIA.128", n15.h);
        hashMap.put("ARIA.192", n15.m);
        hashMap.put("ARIA.256", n15.r);
        hashMap2.put(am5.T0, "RSA");
        hashMap2.put(lm9.H4, "EC");
        hashMap2.put(zc5.l, "DH");
        hashMap2.put(am5.m1, "DH");
        hashMap2.put(lm9.r5, "DSA");
        CERTIFICATE = BigInteger.valueOf(0L);
        PRIVATE_KEY = BigInteger.valueOf(1L);
        SECRET_KEY = BigInteger.valueOf(2L);
        PROTECTED_PRIVATE_KEY = BigInteger.valueOf(3L);
        PROTECTED_SECRET_KEY = BigInteger.valueOf(4L);
    }

    BcFKSKeyStoreSpi(ol3 ol3Var) {
        this.helper = ol3Var;
    }

    private byte[] calculateMac(byte[] bArr, ab abVar, jv3 jv3Var, char[] cArr) throws NoSuchAlgorithmException, IOException, NoSuchProviderException {
        String D = abVar.l().D();
        Mac j = this.helper.j(D);
        try {
            if (cArr == null) {
                cArr = new char[0];
            }
            j.init(new SecretKeySpec(generateKey(jv3Var, "INTEGRITY_CHECK", cArr, -1), D));
            return j.doFinal(bArr);
        } catch (InvalidKeyException e) {
            throw new IOException("Cannot set up MAC calculation: " + e.getMessage());
        }
    }

    private Cipher createCipher(String str, byte[] bArr) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, NoSuchProviderException {
        Cipher b = this.helper.b(str);
        b.init(1, new SecretKeySpec(bArr, "AES"));
        return b;
    }

    private qx1 createPrivateKeySequence(rx1 rx1Var, Certificate[] certificateArr) throws CertificateEncodingException {
        me0[] me0VarArr = new me0[certificateArr.length];
        for (int i = 0; i != certificateArr.length; i++) {
            me0VarArr[i] = me0.m(certificateArr[i].getEncoded());
        }
        return new qx1(rx1Var, me0VarArr);
    }

    private Certificate decodeCertificate(Object obj) {
        ol3 ol3Var = this.helper;
        if (ol3Var != null) {
            try {
                return ol3Var.d("X.509").generateCertificate(new ByteArrayInputStream(me0.m(obj).getEncoded()));
            } catch (Exception unused) {
                return null;
            }
        }
        try {
            return CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(me0.m(obj).getEncoded()));
        } catch (Exception unused2) {
            return null;
        }
    }

    private byte[] decryptData(String str, ab abVar, char[] cArr, byte[] bArr) throws IOException {
        Cipher b;
        AlgorithmParameters algorithmParameters;
        if (!abVar.l().r(am5.u1)) {
            throw new IOException("BCFKS KeyStore cannot recognize protection algorithm.");
        }
        hl5 m = hl5.m(abVar.o());
        vx1 l = m.l();
        try {
            if (l.l().r(m15.T)) {
                b = this.helper.b("AES/CCM/NoPadding");
                algorithmParameters = this.helper.k("CCM");
                algorithmParameters.init(q70.m(l.n()).getEncoded());
            } else {
                if (!l.l().r(m15.U)) {
                    throw new IOException("BCFKS KeyStore cannot recognize protection encryption algorithm.");
                }
                b = this.helper.b("AESKWP");
                algorithmParameters = null;
            }
            jv3 n = m.n();
            if (cArr == null) {
                cArr = new char[0];
            }
            b.init(2, new SecretKeySpec(generateKey(n, str, cArr, 32), "AES"), algorithmParameters);
            return b.doFinal(bArr);
        } catch (IOException e) {
            throw e;
        } catch (Exception e2) {
            throw new IOException(e2.toString());
        }
    }

    private Date extractCreationDate(cd5 cd5Var, Date date) {
        try {
            return cd5Var.l().C();
        } catch (ParseException unused) {
            return date;
        }
    }

    private byte[] generateKey(jv3 jv3Var, String str, char[] cArr, int i) throws IOException {
        byte[] PKCS12PasswordToBytes = a.PKCS12PasswordToBytes(cArr);
        byte[] PKCS12PasswordToBytes2 = a.PKCS12PasswordToBytes(str.toCharArray());
        if (wv4.M.r(jv3Var.l())) {
            v77 n = v77.n(jv3Var.n());
            if (n.o() != null) {
                i = n.o().intValue();
            } else if (i == -1) {
                throw new IOException("no keyLength found in ScryptParams");
            }
            return u27.i(so.s(PKCS12PasswordToBytes, PKCS12PasswordToBytes2), n.q(), n.m().intValue(), n.l().intValue(), n.l().intValue(), i);
        }
        if (!jv3Var.l().r(am5.v1)) {
            throw new IOException("BCFKS KeyStore: unrecognized MAC PBKD.");
        }
        nl5 l = nl5.l(jv3Var.n());
        if (l.n() != null) {
            i = l.n().intValue();
        } else if (i == -1) {
            throw new IOException("no keyLength found in PBKDF2Params");
        }
        if (l.o().l().r(am5.J1)) {
            yl5 yl5Var = new yl5(new g37());
            yl5Var.init(so.s(PKCS12PasswordToBytes, PKCS12PasswordToBytes2), l.p(), l.m().intValue());
            return ((wv3) yl5Var.generateDerivedParameters(i * 8)).a();
        }
        if (l.o().l().r(m15.r)) {
            yl5 yl5Var2 = new yl5(new f37(512));
            yl5Var2.init(so.s(PKCS12PasswordToBytes, PKCS12PasswordToBytes2), l.p(), l.m().intValue());
            return ((wv3) yl5Var2.generateDerivedParameters(i * 8)).a();
        }
        throw new IOException("BCFKS KeyStore: unrecognized MAC PBKD PRF: " + l.o().l());
    }

    private jv3 generatePkbdAlgorithmIdentifier(jv3 jv3Var, int i) {
        q qVar = wv4.M;
        boolean r = qVar.r(jv3Var.l());
        InterfaceC0593x n = jv3Var.n();
        if (r) {
            v77 n2 = v77.n(n);
            byte[] bArr = new byte[n2.q().length];
            getDefaultSecureRandom().nextBytes(bArr);
            return new jv3(qVar, new v77(bArr, n2.m(), n2.l(), n2.p(), BigInteger.valueOf(i)));
        }
        nl5 l = nl5.l(n);
        byte[] bArr2 = new byte[l.p().length];
        getDefaultSecureRandom().nextBytes(bArr2);
        return new jv3(am5.v1, new nl5(bArr2, l.m().intValue(), i, l.o()));
    }

    private jv3 generatePkbdAlgorithmIdentifier(ol5 ol5Var, int i) {
        q qVar = wv4.M;
        if (qVar.r(ol5Var.a())) {
            t77 t77Var = (t77) ol5Var;
            byte[] bArr = new byte[t77Var.e()];
            getDefaultSecureRandom().nextBytes(bArr);
            return new jv3(qVar, new v77(bArr, t77Var.c(), t77Var.b(), t77Var.d(), i));
        }
        kl5 kl5Var = (kl5) ol5Var;
        byte[] bArr2 = new byte[kl5Var.d()];
        getDefaultSecureRandom().nextBytes(bArr2);
        return new jv3(am5.v1, new nl5(bArr2, kl5Var.b(), i, kl5Var.c()));
    }

    private jv3 generatePkbdAlgorithmIdentifier(q qVar, int i) {
        byte[] bArr = new byte[64];
        getDefaultSecureRandom().nextBytes(bArr);
        q qVar2 = am5.v1;
        if (qVar2.r(qVar)) {
            return new jv3(qVar2, new nl5(bArr, 51200, i, new ab(am5.J1, i1.b)));
        }
        throw new IllegalStateException("unknown derivation algorithm: " + qVar);
    }

    private ab generateSignatureAlgId(Key key, nt.d dVar) throws IOException {
        if (key == null) {
            return null;
        }
        if (key instanceof js1) {
            if (dVar == nt.d.SHA512withECDSA) {
                return new ab(lm9.M4);
            }
            if (dVar == nt.d.SHA3_512withECDSA) {
                return new ab(m15.i0);
            }
        }
        if (key instanceof DSAKey) {
            if (dVar == nt.d.SHA512withDSA) {
                return new ab(m15.a0);
            }
            if (dVar == nt.d.SHA3_512withDSA) {
                return new ab(m15.e0);
            }
        }
        if (key instanceof RSAKey) {
            if (dVar == nt.d.SHA512withRSA) {
                return new ab(am5.g1, i1.b);
            }
            if (dVar == nt.d.SHA3_512withRSA) {
                return new ab(m15.m0, i1.b);
            }
        }
        throw new IOException("unknown signature algorithm");
    }

    private SecureRandom getDefaultSecureRandom() {
        return q01.b();
    }

    private px1 getEncryptedObjectStoreData(ab abVar, char[] cArr) throws IOException, NoSuchAlgorithmException {
        cd5[] cd5VarArr = (cd5[]) this.entries.values().toArray(new cd5[this.entries.size()]);
        jv3 generatePkbdAlgorithmIdentifier = generatePkbdAlgorithmIdentifier(this.hmacPkbdAlgorithm, 32);
        if (cArr == null) {
            cArr = new char[0];
        }
        byte[] generateKey = generateKey(generatePkbdAlgorithmIdentifier, "STORE_ENCRYPTION", cArr, 32);
        kd5 kd5Var = new kd5(abVar, this.creationDate, this.lastModifiedDate, new dd5(cd5VarArr), null);
        try {
            q qVar = this.storeEncryptionAlgorithm;
            q qVar2 = m15.T;
            if (!qVar.r(qVar2)) {
                return new px1(new ab(am5.u1, new hl5(generatePkbdAlgorithmIdentifier, new vx1(m15.U))), createCipher("AESKWP", generateKey).doFinal(kd5Var.getEncoded()));
            }
            Cipher createCipher = createCipher("AES/CCM/NoPadding", generateKey);
            return new px1(new ab(am5.u1, new hl5(generatePkbdAlgorithmIdentifier, new vx1(qVar2, q70.m(createCipher.getParameters().getEncoded())))), createCipher.doFinal(kd5Var.getEncoded()));
        } catch (InvalidKeyException e) {
            throw new IOException(e.toString());
        } catch (NoSuchProviderException e2) {
            throw new IOException(e2.toString());
        } catch (BadPaddingException e3) {
            throw new IOException(e3.toString());
        } catch (IllegalBlockSizeException e4) {
            throw new IOException(e4.toString());
        } catch (NoSuchPaddingException e5) {
            throw new NoSuchAlgorithmException(e5.toString());
        }
    }

    private static String getPublicKeyAlg(q qVar) {
        String str = publicAlgMap.get(qVar);
        return str != null ? str : qVar.D();
    }

    private boolean isSimilarHmacPbkd(ol5 ol5Var, jv3 jv3Var) {
        if (!ol5Var.a().r(jv3Var.l())) {
            return false;
        }
        if (wv4.M.r(jv3Var.l())) {
            if (!(ol5Var instanceof t77)) {
                return false;
            }
            t77 t77Var = (t77) ol5Var;
            v77 n = v77.n(jv3Var.n());
            return t77Var.e() == n.q().length && t77Var.b() == n.l().intValue() && t77Var.c() == n.m().intValue() && t77Var.d() == n.p().intValue();
        }
        if (!(ol5Var instanceof kl5)) {
            return false;
        }
        kl5 kl5Var = (kl5) ol5Var;
        nl5 l = nl5.l(jv3Var.n());
        return kl5Var.d() == l.p().length && kl5Var.b() == l.m().intValue();
    }

    private void verifyMac(byte[] bArr, nv5 nv5Var, char[] cArr) throws NoSuchAlgorithmException, IOException, NoSuchProviderException {
        if (!so.x(calculateMac(bArr, nv5Var.n(), nv5Var.o(), cArr), nv5Var.m())) {
            throw new IOException("BCFKS KeyStore corrupted: MAC calculation failed");
        }
    }

    private void verifySig(InterfaceC0593x interfaceC0593x, dk7 dk7Var, PublicKey publicKey) throws GeneralSecurityException, IOException {
        Signature createSignature = this.helper.createSignature(dk7Var.o().l().D());
        createSignature.initVerify(publicKey);
        createSignature.update(interfaceC0593x.g().k("DER"));
        if (!createSignature.verify(dk7Var.n().C())) {
            throw new IOException("BCFKS KeyStore corrupted: signature calculation failed");
        }
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration<String> engineAliases() {
        final Iterator it = new HashSet(this.entries.keySet()).iterator();
        return new Enumeration() { // from class: org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.1
            @Override // java.util.Enumeration
            public boolean hasMoreElements() {
                return it.hasNext();
            }

            @Override // java.util.Enumeration
            public Object nextElement() {
                return it.next();
            }
        };
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        if (str != null) {
            return this.entries.containsKey(str);
        }
        throw new NullPointerException("alias value is null");
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) throws KeyStoreException {
        if (this.entries.get(str) == null) {
            return;
        }
        this.privateKeyCache.remove(str);
        this.entries.remove(str);
        this.lastModifiedDate = new Date();
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        cd5 cd5Var = this.entries.get(str);
        if (cd5Var == null) {
            return null;
        }
        if (cd5Var.q().equals(PRIVATE_KEY) || cd5Var.q().equals(PROTECTED_PRIVATE_KEY)) {
            return decodeCertificate(qx1.n(cd5Var.m()).l()[0]);
        }
        if (cd5Var.q().equals(CERTIFICATE)) {
            return decodeCertificate(cd5Var.m());
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        if (certificate == null) {
            return null;
        }
        try {
            byte[] encoded = certificate.getEncoded();
            for (String str : this.entries.keySet()) {
                cd5 cd5Var = this.entries.get(str);
                if (cd5Var.q().equals(CERTIFICATE)) {
                    if (so.e(cd5Var.m(), encoded)) {
                        return str;
                    }
                } else if (cd5Var.q().equals(PRIVATE_KEY) || cd5Var.q().equals(PROTECTED_PRIVATE_KEY)) {
                    try {
                        if (so.e(qx1.n(cd5Var.m()).l()[0].g().getEncoded(), encoded)) {
                            return str;
                        }
                    } catch (IOException unused) {
                    }
                }
            }
        } catch (CertificateEncodingException unused2) {
        }
        return null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        cd5 cd5Var = this.entries.get(str);
        if (cd5Var == null) {
            return null;
        }
        if (!cd5Var.q().equals(PRIVATE_KEY) && !cd5Var.q().equals(PROTECTED_PRIVATE_KEY)) {
            return null;
        }
        me0[] l = qx1.n(cd5Var.m()).l();
        int length = l.length;
        X509Certificate[] x509CertificateArr = new X509Certificate[length];
        for (int i = 0; i != length; i++) {
            x509CertificateArr[i] = decodeCertificate(l[i]);
        }
        return x509CertificateArr;
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        cd5 cd5Var = this.entries.get(str);
        if (cd5Var == null) {
            return null;
        }
        try {
            return cd5Var.p().C();
        } catch (ParseException unused) {
            return new Date();
        }
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
        cd5 cd5Var = this.entries.get(str);
        if (cd5Var == null) {
            return null;
        }
        if (cd5Var.q().equals(PRIVATE_KEY) || cd5Var.q().equals(PROTECTED_PRIVATE_KEY)) {
            PrivateKey privateKey = this.privateKeyCache.get(str);
            if (privateKey != null) {
                return privateKey;
            }
            rx1 n = rx1.n(qx1.n(cd5Var.m()).m());
            try {
                y66 m = y66.m(decryptData("PRIVATE_KEY_ENCRYPTION", n.m(), cArr, n.l()));
                PrivateKey generatePrivate = this.helper.f(getPublicKeyAlg(m.o().l())).generatePrivate(new PKCS8EncodedKeySpec(m.getEncoded()));
                this.privateKeyCache.put(str, generatePrivate);
                return generatePrivate;
            } catch (Exception e) {
                throw new UnrecoverableKeyException("BCFKS KeyStore unable to recover private key (" + str + "): " + e.getMessage());
            }
        }
        if (!cd5Var.q().equals(SECRET_KEY) && !cd5Var.q().equals(PROTECTED_SECRET_KEY)) {
            throw new UnrecoverableKeyException("BCFKS KeyStore unable to recover secret key (" + str + "): type not recognized");
        }
        sx1 m2 = sx1.m(cd5Var.m());
        try {
            dd7 l = dd7.l(decryptData("SECRET_KEY_ENCRYPTION", m2.n(), cArr, m2.l()));
            return this.helper.e(l.m().D()).generateSecret(new SecretKeySpec(l.n(), l.m().D()));
        } catch (Exception e2) {
            throw new UnrecoverableKeyException("BCFKS KeyStore unable to recover secret key (" + str + "): " + e2.getMessage());
        }
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        cd5 cd5Var = this.entries.get(str);
        if (cd5Var != null) {
            return cd5Var.q().equals(CERTIFICATE);
        }
        return false;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        cd5 cd5Var = this.entries.get(str);
        if (cd5Var == null) {
            return false;
        }
        BigInteger q = cd5Var.q();
        return q.equals(PRIVATE_KEY) || q.equals(SECRET_KEY) || q.equals(PROTECTED_PRIVATE_KEY) || q.equals(PROTECTED_SECRET_KEY);
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        ab o;
        kd5 m;
        this.entries.clear();
        this.privateKeyCache.clear();
        this.creationDate = null;
        this.lastModifiedDate = null;
        this.hmacAlgorithm = null;
        if (inputStream == null) {
            Date date = new Date();
            this.creationDate = date;
            this.lastModifiedDate = date;
            this.verificationKey = null;
            this.hmacAlgorithm = new ab(am5.J1, i1.b);
            this.hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(am5.v1, 64);
            return;
        }
        try {
            jd5 l = jd5.l(new l(inputStream).A());
            ld5 m2 = l.m();
            if (m2.n() == 0) {
                nv5 l2 = nv5.l(m2.m());
                this.hmacAlgorithm = l2.n();
                this.hmacPkbdAlgorithm = l2.o();
                o = this.hmacAlgorithm;
                try {
                    verifyMac(l.n().g().getEncoded(), l2, cArr);
                } catch (NoSuchProviderException e) {
                    throw new IOException(e.getMessage());
                }
            } else {
                if (m2.n() != 1) {
                    throw new IOException("BCFKS KeyStore unable to recognize integrity check.");
                }
                dk7 m3 = dk7.m(m2.m());
                o = m3.o();
                try {
                    m3.l();
                    verifySig(l.n(), m3, this.verificationKey);
                } catch (GeneralSecurityException e2) {
                    throw new IOException("error verifying signature: " + e2.getMessage(), e2);
                }
            }
            InterfaceC0593x n = l.n();
            if (n instanceof px1) {
                px1 px1Var = (px1) n;
                m = kd5.m(decryptData("STORE_ENCRYPTION", px1Var.m(), cArr, px1Var.l().B()));
            } else {
                m = kd5.m(n);
            }
            try {
                this.creationDate = m.l().C();
                this.lastModifiedDate = m.o().C();
                if (!m.n().equals(o)) {
                    throw new IOException("BCFKS KeyStore storeData integrity algorithm does not match store integrity algorithm.");
                }
                Iterator<InterfaceC0593x> it = m.p().iterator();
                while (it.hasNext()) {
                    cd5 o2 = cd5.o(it.next());
                    this.entries.put(o2.n(), o2);
                }
            } catch (ParseException unused) {
                throw new IOException("BCFKS KeyStore unable to parse store data information.");
            }
        } catch (Exception e3) {
            throw new IOException(e3.getMessage());
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
        if (loadStoreParameter == null) {
            engineLoad(null, null);
            return;
        }
        if (!(loadStoreParameter instanceof nt)) {
            if (loadStoreParameter instanceof st) {
                engineLoad(((st) loadStoreParameter).a(), ParameterUtil.extractPassword(loadStoreParameter));
                return;
            }
            throw new IllegalArgumentException("no support for 'parameter' of type " + loadStoreParameter.getClass().getName());
        }
        nt ntVar = (nt) loadStoreParameter;
        char[] extractPassword = ParameterUtil.extractPassword(ntVar);
        this.hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(ntVar.g(), 64);
        this.storeEncryptionAlgorithm = ntVar.e() == nt.b.AES256_CCM ? m15.T : m15.U;
        this.hmacAlgorithm = ntVar.f() == nt.c.HmacSHA512 ? new ab(am5.J1, i1.b) : new ab(m15.r, i1.b);
        this.verificationKey = (PublicKey) ntVar.i();
        ntVar.c();
        this.signatureAlgorithm = generateSignatureAlgId(this.verificationKey, ntVar.h());
        q qVar = this.storeEncryptionAlgorithm;
        InputStream a = ntVar.a();
        engineLoad(a, extractPassword);
        if (a != null) {
            if (!isSimilarHmacPbkd(ntVar.g(), this.hmacPkbdAlgorithm) || !qVar.r(this.storeEncryptionAlgorithm)) {
                throw new IOException("configuration parameters do not match existing store");
            }
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
        Date date;
        cd5 cd5Var = this.entries.get(str);
        Date date2 = new Date();
        if (cd5Var == null) {
            date = date2;
        } else {
            if (!cd5Var.q().equals(CERTIFICATE)) {
                throw new KeyStoreException("BCFKS KeyStore already has a key entry with alias " + str);
            }
            date = extractCreationDate(cd5Var, date2);
        }
        try {
            this.entries.put(str, new cd5(CERTIFICATE, str, date, date2, certificate.getEncoded(), null));
            this.lastModifiedDate = date2;
        } catch (CertificateEncodingException e) {
            throw new ExtKeyStoreException("BCFKS KeyStore unable to handle certificate: " + e.getMessage(), e);
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
        dd7 dd7Var;
        sx1 sx1Var;
        rx1 rx1Var;
        Date date = new Date();
        cd5 cd5Var = this.entries.get(str);
        Date extractCreationDate = cd5Var != null ? extractCreationDate(cd5Var, date) : date;
        this.privateKeyCache.remove(str);
        if (key instanceof PrivateKey) {
            if (certificateArr == null) {
                throw new KeyStoreException("BCFKS KeyStore requires a certificate chain for private key storage.");
            }
            try {
                byte[] encoded = key.getEncoded();
                jv3 generatePkbdAlgorithmIdentifier = generatePkbdAlgorithmIdentifier(am5.v1, 32);
                if (cArr == null) {
                    cArr = new char[0];
                }
                byte[] generateKey = generateKey(generatePkbdAlgorithmIdentifier, "PRIVATE_KEY_ENCRYPTION", cArr, 32);
                q qVar = this.storeEncryptionAlgorithm;
                q qVar2 = m15.T;
                if (qVar.r(qVar2)) {
                    Cipher createCipher = createCipher("AES/CCM/NoPadding", generateKey);
                    rx1Var = new rx1(new ab(am5.u1, new hl5(generatePkbdAlgorithmIdentifier, new vx1(qVar2, q70.m(createCipher.getParameters().getEncoded())))), createCipher.doFinal(encoded));
                } else {
                    rx1Var = new rx1(new ab(am5.u1, new hl5(generatePkbdAlgorithmIdentifier, new vx1(m15.U))), createCipher("AESKWP", generateKey).doFinal(encoded));
                }
                this.entries.put(str, new cd5(PRIVATE_KEY, str, extractCreationDate, date, createPrivateKeySequence(rx1Var, certificateArr).getEncoded(), null));
            } catch (Exception e) {
                throw new ExtKeyStoreException("BCFKS KeyStore exception storing private key: " + e.toString(), e);
            }
        } else {
            if (!(key instanceof SecretKey)) {
                throw new KeyStoreException("BCFKS KeyStore unable to recognize key.");
            }
            if (certificateArr != null) {
                throw new KeyStoreException("BCFKS KeyStore cannot store certificate chain with secret key.");
            }
            try {
                byte[] encoded2 = key.getEncoded();
                jv3 generatePkbdAlgorithmIdentifier2 = generatePkbdAlgorithmIdentifier(am5.v1, 32);
                if (cArr == null) {
                    cArr = new char[0];
                }
                byte[] generateKey2 = generateKey(generatePkbdAlgorithmIdentifier2, "SECRET_KEY_ENCRYPTION", cArr, 32);
                String k = l28.k(key.getAlgorithm());
                if (k.indexOf("AES") > -1) {
                    dd7Var = new dd7(m15.w, encoded2);
                } else {
                    Map<String, q> map = oidMap;
                    q qVar3 = map.get(k);
                    if (qVar3 != null) {
                        dd7Var = new dd7(qVar3, encoded2);
                    } else {
                        q qVar4 = map.get(k + "." + (encoded2.length * 8));
                        if (qVar4 == null) {
                            throw new KeyStoreException("BCFKS KeyStore cannot recognize secret key (" + k + ") for storage.");
                        }
                        dd7Var = new dd7(qVar4, encoded2);
                    }
                }
                q qVar5 = this.storeEncryptionAlgorithm;
                q qVar6 = m15.T;
                if (qVar5.r(qVar6)) {
                    Cipher createCipher2 = createCipher("AES/CCM/NoPadding", generateKey2);
                    sx1Var = new sx1(new ab(am5.u1, new hl5(generatePkbdAlgorithmIdentifier2, new vx1(qVar6, q70.m(createCipher2.getParameters().getEncoded())))), createCipher2.doFinal(dd7Var.getEncoded()));
                } else {
                    sx1Var = new sx1(new ab(am5.u1, new hl5(generatePkbdAlgorithmIdentifier2, new vx1(m15.U))), createCipher("AESKWP", generateKey2).doFinal(dd7Var.getEncoded()));
                }
                this.entries.put(str, new cd5(SECRET_KEY, str, extractCreationDate, date, sx1Var.getEncoded(), null));
            } catch (Exception e2) {
                throw new ExtKeyStoreException("BCFKS KeyStore exception storing private key: " + e2.toString(), e2);
            }
        }
        this.lastModifiedDate = date;
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
        Date date = new Date();
        cd5 cd5Var = this.entries.get(str);
        Date extractCreationDate = cd5Var != null ? extractCreationDate(cd5Var, date) : date;
        if (certificateArr != null) {
            try {
                rx1 n = rx1.n(bArr);
                try {
                    this.privateKeyCache.remove(str);
                    this.entries.put(str, new cd5(PROTECTED_PRIVATE_KEY, str, extractCreationDate, date, createPrivateKeySequence(n, certificateArr).getEncoded(), null));
                } catch (Exception e) {
                    throw new ExtKeyStoreException("BCFKS KeyStore exception storing protected private key: " + e.toString(), e);
                }
            } catch (Exception e2) {
                throw new ExtKeyStoreException("BCFKS KeyStore private key encoding must be an EncryptedPrivateKeyInfo.", e2);
            }
        } else {
            try {
                this.entries.put(str, new cd5(PROTECTED_SECRET_KEY, str, extractCreationDate, date, bArr, null));
            } catch (Exception e3) {
                throw new ExtKeyStoreException("BCFKS KeyStore exception storing protected private key: " + e3.toString(), e3);
            }
        }
        this.lastModifiedDate = date;
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        return this.entries.size();
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        jv3 jv3Var;
        BigInteger n;
        if (this.creationDate == null) {
            throw new IOException("KeyStore not initialized");
        }
        px1 encryptedObjectStoreData = getEncryptedObjectStoreData(this.hmacAlgorithm, cArr);
        if (wv4.M.r(this.hmacPkbdAlgorithm.l())) {
            v77 n2 = v77.n(this.hmacPkbdAlgorithm.n());
            jv3Var = this.hmacPkbdAlgorithm;
            n = n2.o();
        } else {
            nl5 l = nl5.l(this.hmacPkbdAlgorithm.n());
            jv3Var = this.hmacPkbdAlgorithm;
            n = l.n();
        }
        this.hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(jv3Var, n.intValue());
        try {
            outputStream.write(new jd5(encryptedObjectStoreData, new ld5(new nv5(this.hmacAlgorithm, this.hmacPkbdAlgorithm, calculateMac(encryptedObjectStoreData.getEncoded(), this.hmacAlgorithm, this.hmacPkbdAlgorithm, cArr)))).getEncoded());
            outputStream.flush();
        } catch (NoSuchProviderException e) {
            throw new IOException("cannot calculate mac: " + e.getMessage());
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
        dk7 dk7Var;
        if (loadStoreParameter == null) {
            throw new IllegalArgumentException("'parameter' arg cannot be null");
        }
        if (loadStoreParameter instanceof ot) {
            ot otVar = (ot) loadStoreParameter;
            char[] extractPassword = ParameterUtil.extractPassword(loadStoreParameter);
            this.hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(otVar.b(), 64);
            engineStore(otVar.a(), extractPassword);
            return;
        }
        if (!(loadStoreParameter instanceof nt)) {
            if (loadStoreParameter instanceof st) {
                engineStore(((st) loadStoreParameter).b(), ParameterUtil.extractPassword(loadStoreParameter));
                return;
            }
            throw new IllegalArgumentException("no support for 'parameter' of type " + loadStoreParameter.getClass().getName());
        }
        nt ntVar = (nt) loadStoreParameter;
        if (ntVar.i() == null) {
            char[] extractPassword2 = ParameterUtil.extractPassword(ntVar);
            this.hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(ntVar.g(), 64);
            this.storeEncryptionAlgorithm = ntVar.e() == nt.b.AES256_CCM ? m15.T : m15.U;
            this.hmacAlgorithm = ntVar.f() == nt.c.HmacSHA512 ? new ab(am5.J1, i1.b) : new ab(m15.r, i1.b);
            engineStore(ntVar.b(), extractPassword2);
            return;
        }
        this.signatureAlgorithm = generateSignatureAlgId(ntVar.i(), ntVar.h());
        this.hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(ntVar.g(), 64);
        this.storeEncryptionAlgorithm = ntVar.e() == nt.b.AES256_CCM ? m15.T : m15.U;
        this.hmacAlgorithm = ntVar.f() == nt.c.HmacSHA512 ? new ab(am5.J1, i1.b) : new ab(m15.r, i1.b);
        px1 encryptedObjectStoreData = getEncryptedObjectStoreData(this.signatureAlgorithm, ParameterUtil.extractPassword(ntVar));
        try {
            Signature createSignature = this.helper.createSignature(this.signatureAlgorithm.l().D());
            createSignature.initSign((PrivateKey) ntVar.i());
            createSignature.update(encryptedObjectStoreData.getEncoded());
            X509Certificate[] d = ntVar.d();
            if (d != null) {
                int length = d.length;
                me0[] me0VarArr = new me0[length];
                for (int i = 0; i != length; i++) {
                    me0VarArr[i] = me0.m(d[i].getEncoded());
                }
                dk7Var = new dk7(this.signatureAlgorithm, me0VarArr, createSignature.sign());
            } else {
                dk7Var = new dk7(this.signatureAlgorithm, createSignature.sign());
            }
            ntVar.b().write(new jd5(encryptedObjectStoreData, new ld5(dk7Var)).getEncoded());
            ntVar.b().flush();
        } catch (GeneralSecurityException e) {
            throw new IOException("error creating signature: " + e.getMessage(), e);
        }
    }
}
