package org.spongycastle.jce.provider;

import java.io.ByteArrayInputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.spec.KeySpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.spongycastle.crypto.CipherParameters;
import org.spongycastle.crypto.Digest;
import org.spongycastle.crypto.PBEParametersGenerator;
import org.spongycastle.crypto.digests.SHA1Digest;
import org.spongycastle.crypto.generators.PKCS12ParametersGenerator;
import org.spongycastle.crypto.io.DigestInputStream;
import org.spongycastle.crypto.io.DigestOutputStream;
import org.spongycastle.crypto.io.MacInputStream;
import org.spongycastle.crypto.io.MacOutputStream;
import org.spongycastle.crypto.macs.HMac;
import org.spongycastle.jce.interfaces.BCKeyStore;
import org.spongycastle.util.Arrays;
import org.spongycastle.util.io.Streams;

/* loaded from: classes.dex */
public class JDKKeyStore extends KeyStoreSpi implements BCKeyStore {

    /* renamed from: b, reason: collision with root package name */
    protected Hashtable f10971b = new Hashtable();

    /* renamed from: a1, reason: collision with root package name */
    protected SecureRandom f10970a1 = new SecureRandom();

    /* loaded from: classes.dex */
    public class BouncyCastleStore extends JDKKeyStore {
        @Override // org.spongycastle.jce.provider.JDKKeyStore, java.security.KeyStoreSpi
        public void engineLoad(InputStream inputStream, char[] cArr) {
            this.f10971b.clear();
            if (inputStream == null) {
                return;
            }
            DataInputStream dataInputStream = new DataInputStream(inputStream);
            int readInt = dataInputStream.readInt();
            if (readInt != 1 && readInt != 0) {
                throw new IOException("Wrong version of key store.");
            }
            int readInt2 = dataInputStream.readInt();
            byte[] bArr = new byte[readInt2];
            if (readInt2 != 20) {
                throw new IOException("Key store corrupted.");
            }
            dataInputStream.readFully(bArr);
            int readInt3 = dataInputStream.readInt();
            if (readInt3 < 0 || readInt3 > 4096) {
                throw new IOException("Key store corrupted.");
            }
            CipherInputStream cipherInputStream = new CipherInputStream(dataInputStream, h(readInt == 0 ? "OldPBEWithSHAAndTwofish-CBC" : "PBEWithSHAAndTwofish-CBC", 2, cArr, bArr, readInt3));
            SHA1Digest sHA1Digest = new SHA1Digest();
            g(new DigestInputStream(cipherInputStream, sHA1Digest));
            byte[] bArr2 = new byte[sHA1Digest.f()];
            sHA1Digest.b(bArr2, 0);
            byte[] bArr3 = new byte[sHA1Digest.f()];
            Streams.c(cipherInputStream, bArr3);
            if (Arrays.d(bArr2, bArr3)) {
                return;
            }
            this.f10971b.clear();
            throw new IOException("KeyStore integrity check failed.");
        }

        @Override // org.spongycastle.jce.provider.JDKKeyStore, java.security.KeyStoreSpi
        public void engineStore(OutputStream outputStream, char[] cArr) {
            DataOutputStream dataOutputStream = new DataOutputStream(outputStream);
            byte[] bArr = new byte[20];
            int nextInt = (this.f10970a1.nextInt() & 1023) + 1024;
            this.f10970a1.nextBytes(bArr);
            dataOutputStream.writeInt(1);
            dataOutputStream.writeInt(20);
            dataOutputStream.write(bArr);
            dataOutputStream.writeInt(nextInt);
            CipherOutputStream cipherOutputStream = new CipherOutputStream(dataOutputStream, h("PBEWithSHAAndTwofish-CBC", 1, cArr, bArr, nextInt));
            DigestOutputStream digestOutputStream = new DigestOutputStream(cipherOutputStream, new SHA1Digest());
            i(digestOutputStream);
            Digest a6 = digestOutputStream.a();
            byte[] bArr2 = new byte[a6.f()];
            a6.b(bArr2, 0);
            cipherOutputStream.write(bArr2);
            cipherOutputStream.close();
        }
    }

    private Certificate c(DataInputStream dataInputStream) {
        String readUTF = dataInputStream.readUTF();
        byte[] bArr = new byte[dataInputStream.readInt()];
        dataInputStream.readFully(bArr);
        try {
            return CertificateFactory.getInstance(readUTF, BouncyCastleProvider.O1).generateCertificate(new ByteArrayInputStream(bArr));
        } catch (NoSuchProviderException e6) {
            throw new IOException(e6.toString());
        } catch (CertificateException e7) {
            throw new IOException(e7.toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Key d(DataInputStream dataInputStream) {
        KeySpec pKCS8EncodedKeySpec;
        int read = dataInputStream.read();
        String readUTF = dataInputStream.readUTF();
        String readUTF2 = dataInputStream.readUTF();
        byte[] bArr = new byte[dataInputStream.readInt()];
        dataInputStream.readFully(bArr);
        if (readUTF.equals("PKCS#8") || readUTF.equals("PKCS8")) {
            pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(bArr);
        } else {
            if (!readUTF.equals("X.509") && !readUTF.equals("X509")) {
                if (readUTF.equals("RAW")) {
                    return new SecretKeySpec(bArr, readUTF2);
                }
                throw new IOException("Key format " + readUTF + " not recognised!");
            }
            pKCS8EncodedKeySpec = new X509EncodedKeySpec(bArr);
        }
        try {
            if (read == 0) {
                return KeyFactory.getInstance(readUTF2, BouncyCastleProvider.O1).generatePrivate(pKCS8EncodedKeySpec);
            }
            if (read == 1) {
                return KeyFactory.getInstance(readUTF2, BouncyCastleProvider.O1).generatePublic(pKCS8EncodedKeySpec);
            }
            if (read == 2) {
                return SecretKeyFactory.getInstance(readUTF2, BouncyCastleProvider.O1).generateSecret(pKCS8EncodedKeySpec);
            }
            throw new IOException("Key type " + read + " not recognised!");
        } catch (Exception e6) {
            throw new IOException("Exception creating key: " + e6.toString());
        }
    }

    private void e(Certificate certificate, DataOutputStream dataOutputStream) {
        try {
            byte[] encoded = certificate.getEncoded();
            dataOutputStream.writeUTF(certificate.getType());
            dataOutputStream.writeInt(encoded.length);
            dataOutputStream.write(encoded);
        } catch (CertificateEncodingException e6) {
            throw new IOException(e6.toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void f(Key key, DataOutputStream dataOutputStream) {
        byte[] encoded = key.getEncoded();
        if (key instanceof PrivateKey) {
            dataOutputStream.write(0);
        } else if (key instanceof PublicKey) {
            dataOutputStream.write(1);
        } else {
            dataOutputStream.write(2);
        }
        dataOutputStream.writeUTF(key.getFormat());
        dataOutputStream.writeUTF(key.getAlgorithm());
        dataOutputStream.writeInt(encoded.length);
        dataOutputStream.write(encoded);
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration engineAliases() {
        return this.f10971b.keys();
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        return this.f10971b.get(str) != null;
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) {
        if (this.f10971b.get(str) != null) {
            this.f10971b.remove(str);
            return;
        }
        throw new KeyStoreException("no such entry as " + str);
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        h hVar = (h) this.f10971b.get(str);
        if (hVar == null) {
            return null;
        }
        if (hVar.f() == 1) {
            return (Certificate) hVar.d();
        }
        Certificate[] b6 = hVar.b();
        if (b6 != null) {
            return b6[0];
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        Enumeration elements = this.f10971b.elements();
        while (elements.hasMoreElements()) {
            h hVar = (h) elements.nextElement();
            if (!(hVar.d() instanceof Certificate)) {
                Certificate[] b6 = hVar.b();
                if (b6 != null && b6[0].equals(certificate)) {
                    return hVar.a();
                }
            } else if (((Certificate) hVar.d()).equals(certificate)) {
                return hVar.a();
            }
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        h hVar = (h) this.f10971b.get(str);
        if (hVar != null) {
            return hVar.b();
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        h hVar = (h) this.f10971b.get(str);
        if (hVar != null) {
            return hVar.c();
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) {
        h hVar = (h) this.f10971b.get(str);
        if (hVar == null || hVar.f() == 1) {
            return null;
        }
        return (Key) hVar.e(cArr);
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        h hVar = (h) this.f10971b.get(str);
        return hVar != null && hVar.f() == 1;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        h hVar = (h) this.f10971b.get(str);
        return (hVar == null || hVar.f() == 1) ? false : true;
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) {
        this.f10971b.clear();
        if (inputStream == null) {
            return;
        }
        DataInputStream dataInputStream = new DataInputStream(inputStream);
        int readInt = dataInputStream.readInt();
        if (readInt != 1 && readInt != 0) {
            throw new IOException("Wrong version of key store.");
        }
        byte[] bArr = new byte[dataInputStream.readInt()];
        dataInputStream.readFully(bArr);
        int readInt2 = dataInputStream.readInt();
        HMac hMac = new HMac(new SHA1Digest());
        if (cArr == null || cArr.length == 0) {
            g(dataInputStream);
            dataInputStream.readFully(new byte[hMac.c()]);
            return;
        }
        byte[] a6 = PBEParametersGenerator.a(cArr);
        PKCS12ParametersGenerator pKCS12ParametersGenerator = new PKCS12ParametersGenerator(new SHA1Digest());
        pKCS12ParametersGenerator.f(a6, bArr, readInt2);
        CipherParameters c6 = pKCS12ParametersGenerator.c(hMac.c());
        Arrays.e(a6, (byte) 0);
        hMac.a(c6);
        g(new MacInputStream(dataInputStream, hMac));
        byte[] bArr2 = new byte[hMac.c()];
        hMac.b(bArr2, 0);
        byte[] bArr3 = new byte[hMac.c()];
        dataInputStream.readFully(bArr3);
        if (Arrays.d(bArr2, bArr3)) {
            return;
        }
        this.f10971b.clear();
        throw new IOException("KeyStore integrity check failed.");
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) {
        h hVar = (h) this.f10971b.get(str);
        if (hVar == null || hVar.f() == 1) {
            this.f10971b.put(str, new h(this, str, certificate));
            return;
        }
        throw new KeyStoreException("key store already has a key entry with alias " + str);
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) {
        if ((key instanceof PrivateKey) && certificateArr == null) {
            throw new KeyStoreException("no certificate chain for private key");
        }
        try {
            this.f10971b.put(str, new h(this, str, key, cArr, certificateArr));
        } catch (Exception e6) {
            throw new KeyStoreException(e6.toString());
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) {
        this.f10971b.put(str, new h(this, str, bArr, certificateArr));
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        return this.f10971b.size();
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) {
        DataOutputStream dataOutputStream = new DataOutputStream(outputStream);
        byte[] bArr = new byte[20];
        int nextInt = (this.f10970a1.nextInt() & 1023) + 1024;
        this.f10970a1.nextBytes(bArr);
        dataOutputStream.writeInt(1);
        dataOutputStream.writeInt(20);
        dataOutputStream.write(bArr);
        dataOutputStream.writeInt(nextInt);
        HMac hMac = new HMac(new SHA1Digest());
        MacOutputStream macOutputStream = new MacOutputStream(dataOutputStream, hMac);
        PKCS12ParametersGenerator pKCS12ParametersGenerator = new PKCS12ParametersGenerator(new SHA1Digest());
        byte[] a6 = PBEParametersGenerator.a(cArr);
        pKCS12ParametersGenerator.f(a6, bArr, nextInt);
        hMac.a(pKCS12ParametersGenerator.c(hMac.c()));
        for (int i6 = 0; i6 != a6.length; i6++) {
            a6[i6] = 0;
        }
        i(macOutputStream);
        byte[] bArr2 = new byte[hMac.c()];
        hMac.b(bArr2, 0);
        dataOutputStream.write(bArr2);
        dataOutputStream.close();
    }

    protected void g(InputStream inputStream) {
        DataInputStream dataInputStream = new DataInputStream(inputStream);
        for (int read = dataInputStream.read(); read > 0; read = dataInputStream.read()) {
            String readUTF = dataInputStream.readUTF();
            Date date = new Date(dataInputStream.readLong());
            int readInt = dataInputStream.readInt();
            Certificate[] certificateArr = null;
            if (readInt != 0) {
                certificateArr = new Certificate[readInt];
                for (int i6 = 0; i6 != readInt; i6++) {
                    certificateArr[i6] = c(dataInputStream);
                }
            }
            Certificate[] certificateArr2 = certificateArr;
            if (read == 1) {
                this.f10971b.put(readUTF, new h(this, readUTF, date, 1, c(dataInputStream)));
            } else if (read == 2) {
                this.f10971b.put(readUTF, new h(this, readUTF, date, 2, d(dataInputStream), certificateArr2));
            } else {
                if (read != 3 && read != 4) {
                    throw new RuntimeException("Unknown object type in store.");
                }
                byte[] bArr = new byte[dataInputStream.readInt()];
                dataInputStream.readFully(bArr);
                this.f10971b.put(readUTF, new h(this, readUTF, date, read, bArr, certificateArr2));
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Cipher h(String str, int i6, char[] cArr, byte[] bArr, int i7) {
        try {
            PBEKeySpec pBEKeySpec = new PBEKeySpec(cArr);
            SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(str, BouncyCastleProvider.O1);
            PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(bArr, i7);
            Cipher cipher = Cipher.getInstance(str, BouncyCastleProvider.O1);
            cipher.init(i6, secretKeyFactory.generateSecret(pBEKeySpec), pBEParameterSpec);
            return cipher;
        } catch (Exception e6) {
            throw new IOException("Error initialising store of key store: " + e6);
        }
    }

    protected void i(OutputStream outputStream) {
        Enumeration elements = this.f10971b.elements();
        DataOutputStream dataOutputStream = new DataOutputStream(outputStream);
        while (true) {
            if (!elements.hasMoreElements()) {
                dataOutputStream.write(0);
                return;
            }
            h hVar = (h) elements.nextElement();
            dataOutputStream.write(hVar.f());
            dataOutputStream.writeUTF(hVar.a());
            dataOutputStream.writeLong(hVar.c().getTime());
            Certificate[] b6 = hVar.b();
            if (b6 == null) {
                dataOutputStream.writeInt(0);
            } else {
                dataOutputStream.writeInt(b6.length);
                for (int i6 = 0; i6 != b6.length; i6++) {
                    e(b6[i6], dataOutputStream);
                }
            }
            int f6 = hVar.f();
            if (f6 == 1) {
                e((Certificate) hVar.d(), dataOutputStream);
            } else if (f6 == 2) {
                f((Key) hVar.d(), dataOutputStream);
            } else {
                if (f6 != 3 && f6 != 4) {
                    throw new RuntimeException("Unknown object type in store.");
                }
                byte[] bArr = (byte[]) hVar.d();
                dataOutputStream.writeInt(bArr.length);
                dataOutputStream.write(bArr);
            }
        }
    }
}
